From 6e98c134c029b32ab464f772c4d67290e35933fc Mon Sep 17 00:00:00 2001
From: "7u83@mail.ru" <7u83@mail.ru@noemail.net>
Date: Sat, 21 Mar 2015 14:25:03 +0000
Subject: [PATCH] Chanegd to text version.

FossilOrigin-Name: 633e638bdd1984f92bf35f3998e0036512b47b16528483575412ad654b45cab5
---
 doc/rfc5412.pdf |  Bin 370971 -> 0 bytes
 doc/rfc5412.txt | 7003 +++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 7003 insertions(+)
 delete mode 100644 doc/rfc5412.pdf
 create mode 100644 doc/rfc5412.txt

diff --git a/doc/rfc5412.pdf b/doc/rfc5412.pdf
deleted file mode 100644
index 9a78ad19a3ff77aa4c583459b6ab03f60005203f..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 370971
zcma%?WmH^UleR;EK!D&H+}+&??(VL^-91=vcXxMpcXxMp2-3KGO`e%|emvh=Gk<8-
zmfHJN)w!=-=X4Xx3JO!x(=b6151vKlKr!Rd;aTgOL2+@>N*Y-iJDA|H09)i~g-tCS
zjO_4eg)Q_Pj0BAgtPPELc%bYZ?2Pm*p<L3+m8I-gS>W4mRL+WRe_ANVQO`<Chnx_l
za1`sC3I|HV;WZ;p|N8a$ms4EotHhH+E3}uO-CA(^?;3JUqK%Gq&(<Xwx*#O<KZUOo
zrALdU$O|;$zj&Rn!-WfN7_v5NV;Mz74vlr`)rIuXc;AtU$2ZSaw7W~ev(tKAJzztX
z=I}_PW@Oy3NCi|Cr@Ix=ntrsH!rgF`=Go7fxa={9>JccKn!S2lImZ!QEidEw^cy+Y
z1Z0{y;3yCD^eLijx1!N;;MYdBR_N~-?B5tqcMG~`VzzpMSm)mijJ#C8Y;hx%MI^{q
zPBShz@OZy}{_W>r6PMS!XG?~3YzKN%exuqfkaWWJvrMGc<;V@KSDu1cXx|I|bi5``
zN7tg=Pe(UHVvhZdY+-{ra=W~W7yMKS#+!?f?uyX`p?XuU`24-kEj+nAU_AyZ21E}#
za%a|{gf!tCv{Glp@z^@*l5T>$5B8_9eDhe@6$xty-tR$MHxBeKLAD2ND9zSt(#$Ak
z6Z`c-dScuif}yfd5EwaMKq}%W;pBV6>x$6d?Ot%K5*<1Tqt;6Z+QONI(%s=%X!8fx
z7URfO)f9Y++NTQ`>OrUB*XiUSHa;;{@ek9g*7ey5Pzw8~`K;L5S{uVuks&M;MYHs-
zOqCm7NQEjUo9AIFaq308^CdtX7e`K=wkwpXAC9NoYS=hx`yK^t<T_|@)}2X<l^M~v
zU_xs76PLWx>g``dh5d}#hV4~oSg}V`FN<D<O==-+IK>i5+aYiwoJEi|*>zV7AVHiB
z?LRe!CD~oJ<MLY-lSnF$#i}4?l{sOyuwG{8xzKD&9L^$eh8ShVFNkrk(iF?tme^K9
z&#(!gUXvriqPAA=_Bs1p5S^_yiXs2mFU{)iyeIFTeCo`k9um4Peoo3Cliy}ETE549
z<A*%TNVHc`AZB?3(E*D3C=s~}_K5d<P%AW44D8w$d%KEpBOl6Qu?E9qPDs!A?sMV*
z4`H!Ra$@sBGSLSsxI8iF{X_EL<D>?3&nW72-P@mR%|oHp1jqBI3`b<L%i|EPdwc4v
zdczz%lmVGW1@N-08jl!rX%akW;F{2s(Iq~r0MpzQntHjP)YI4vd|s^nvPo^QBP6-a
z@oGq*y3ro{$Rk3aUUx;yk2t~k`Ekwo{f}D0tTU_=QnWNQWWSC5^wNmjrH-|OE*6K@
zpk>+v)4q~>2P&zAZ@*`-yq1R>J1IyJ%!=lUkUFZ$UcNNZCMJ$4^2q*3<xrT3w`5Cp
zUxtPBy-CE>;8GoIHRK=<sqF2yUay6%FC12qH8*3sYBc;@W|%c4WT*^Ltl*Eaa{>T6
zFkvs8b9qXZ2v~!b(($0F+ulh$hW{Z~|1AlPrYIi~*9yheRMVtO3+%hkEl=>ppJ>Gi
z@NcxJ&#3CbkwaI97dxq6$Qi7nUoPrpnQK<p-^_A*IHi_jT=gr)5)y;d(a7xF1ag|J
zkPt-c<1;MXx6hlq!-<1F+36EQ@661B1@Lb(|F$m<b%&k~-Xmrc%<2yny2UpuSSgh3
z5=-fG*no?TWy8+bgUK*pOMSzrQ7d2<mqE-hbw`rHtO-0UwB=Z1L||N-wqe_W5Fs_?
z5}z=Y>AtZ<&xQkOX4<tTiMo_(_ntT^^4qJ-xC}hfiI;V_FtRfIFTn%;_aTxW()jU7
z&%n$K^<QoDO#f0)`VUe4UnMkOS;~5q4Zi(UWvrY!iY}+4y^$%^2^0*Pm3gXHA1;om
zW_~0`LZ05k!rRrDjJ>+O`*Zj{n=iTDZ;#7yOwT}BQOHNe^-@P0KveI{7sLmHgdZtC
zqx^5FV?JLyDF5ot`s&i){l*=|^I5Xd?As+8ve6etdOsnguxR4F+r&YB;VM-K>+SU&
zbG&@A5ZRs`9+&4o+h1k`g)cY28bh}f=!Bos!Q@d1!to~af@0{0yB#-aRIEZ@a4Slo
z$^)9M+#&39(<>ZUrJsN0W5g~0Kpu&@cS+tOh_A)a94H>r=XlS#i@tmkPOY~qzxWaF
zX0xRXIj;*NuXq}VNp<vFSOdDg;x}`+&aV^aUjt-?G}8E4StXTv`Hfpl7GYi%=Kf!*
zX_Nrp$Yf4+%bjEij%JD*2EWG<_PHG6+jI^}$_4q#Bn8$bBQ(d`r}9=*G_01>NjU~P
zp4K6(P*tjP+@XZKRvdk*B%(|R7LDzV>&e9?rjOJSt{$qTyVl)Y_j-f$HV@?5J?@5F
z@|`w1KSOB9`29?~c*8EhCSOV=(3rpK6u`Zdt=Tw%;O5ULMS3Ld($uQuv84nhZbS|$
z_ibF)q{641Wi#vCGb8ns-N=`gY3@$q!Q{3|FXA*9S^HNV`u!Y6T@wu_m*#7oRBLyM
z<%$_HO1=wsp%`i?oevePP|5^Xm;Vfgzue<bMO`(X)x-t4szve(I)bkh+y>tA!UWV2
z_d^~AhsTQ<95R$Qq_A-UjflzZ<FZcWTG3Qx7gej_`?Ta#Uw5y?@C_bo36cat`160H
zIrdrROPvesG8QwhjMNbe0aB7<D&jn|U);}4Xoqf?#7vt{ROutBt(s?sF;)5FFPiU`
zh3cxkR4X;i#Tb>N^rb2GJak0u$@gl5wloWNB>RTt=3-BXZ_dn(%$|&v9)lvf6Z>#(
zt8KV=)hP6x_7%J$#O=U}4b`#LFT1&NL@~|FluNA7QzXA*S{Eb9(Ebr9<duVEEXc|+
zu`I`W!nS*W#jQ4Y?mWd#!NK;(fMsR}J#3`pb^!Eoz$A$A++o2Q)!PO}7kpy2;%GOR
zk{0WnPEEfGkC3b_w^9GY^^*H^{Jg3P2hFH@c;7o^HKmG(D0_O0ojl!Ch$dwx^S#Ii
zVD>e|oPX}HYU6l}aDi6T&UOhALx^FoQkA`7cX5<iTmc_RG)9)lb=wi}_7m3C_P27b
z8X4Jw-WX|KMz_1cHcny*CTCLGRg41nM05J{_W+2qp>45L2Tk0)$@V9msI|yNPzDL%
zIi%!ZP1L~f^{WO1q0ove%XY%_TU6TS_RQG@ftt-+f8OS_D$^uwZWbvWvKEZ#5PNkS
zs08Po;%^xp{Lv!^*c73$jCP_=a_?}z<8w&39M&)NXRa@X<Mj$5Y7?m#C2AZE4<{Jw
zE!RUtifAuKCpzh|tOEC?D${IP7BWtXik_jfLR8X!&7M{kYrPzHJG?TgNcbOZa-U}U
z>U1+=5d2HS{)*FI5u;~d`)?6rVEvbfF|hq#M65qm<Kr9{unD02vtU@T4*#ipG<SED
zh|wvBP5gE07?iM^K_l2fbfoy*6J$6h;yjGd=!b^%PO_-I!ynuFR#pB@K|y)Jx5JBj
z7akY;j1W`KsGfJGSs(h~Ai{grP{!yKE~Id5P1u*x#7S?=p?u$_XXcF1M#93F&@?;x
z7Ob+ke9`qx#aKmsCfqi}N|AS%ygaJVJoI!}?et76C?pBMQ)Bm)$sf}y`PIX3d1FIl
z(Ihd7ZEi>|X$iBX7p;Kz5WlOXhH~@;qxoPx1!q80M!B|=ekV(4PBRKcO!WPONLoy^
zE6v-~Z^ZKj-V_+^@Q_MI$`c7&Rh9JemW575Q}I|)>crhV8{+5e5r&Z$je=;<I`xoS
z>p!8o*GUOzuzR9yl`RDsR0CRSD!yLZwv$s{r=j*jreR(T1J|0m#L3T{U={4WX<>-s
z`f+i6*|bWMw!UtAxd#J6;R2f>wB_kRHHf*TH7Ftg7kcMOE?c38wQli=y^Np8M&=hV
z#-~9LKTz;?end3j-bS)EG?Sm-bN6O|@<<$Iq$*kI{gOeH*W2~XE%Nn$7LMo>T3$+)
zX|f(QlUG)-HKZLaStGvrlWgrFI#I%9hZGAt=0RB;gmh_sq`{3?hz8M{{ji3Tj$+*Z
zP*QeQvGq9DC`@Fmh2vgEw%|I11scL37z5JId?%-%c<#9Fuv6DmFV*T^vRw<o8It<b
zL2zJC&ku*mF-j5CH}bKww!e>s^Xf1cf;1%6N|QA;@3EIBp;w1AZ`Zvig7*@t>FoP@
zBGJ|1RWlp;xkZhL=YB2(w8brr>}(s{E#BF5t^6CdTNIJ)+uITNlpi>a+ir{*jXPgt
z4-Pl!)n>Mc*y2p<#X)gHJKC*@PdLvk@-fepUzG?h1Rq=sk+e1#x2kTgjMjG+&nyVN
z$PF-HYsE?jq+3;1(s@4RV%`&3E!o*LDae#xUg%Rn5{(Er%^@$YTUD1ZZeiZ@-_F9n
zoo*UZt);I$8Id?tRnz9XfhpV{1~V8JHF6=u)Gv(D%E?NCo7lJ?{<tQFc8S2DE*-_+
z8SLSFY-SSUynNb^C|J*yvozFGeH8wv`!i;HoYx?Z18ZmsM;{CXxR{6OYunlD)m8Nn
zfslF{HdaWEXWi&II5*pNPUKBm4bKP_6z3bhQ!QCDRjs}Ew+!Z!Y2O_SC9Wr`e6C41
zKDZtn&tL0Q;xRVaUWyI7PXjECt=B-W16^s#FVDk&sdo&>I~i-Rq_00^pBGyn3zdFg
z?j3yF9+$s5+P>+DJ>C*2^LqTUk6l7Uk`J2AV3k}DNd~S5$J2FzMBM1<vORcWJz+WB
z;PmErXV`b0i%dl}5ySPwmcw=q$_?p$3*wYXCbnZie>!rS{AwKuHvZQIO2P-)RtL^R
zMa8c66-pw$zNrz04+o>uHiObcSZ+2w!n8=@xQ7Ry<luTDyrUw(h;&K_L4bRflT5z&
zYZjjaG0LMj0*s1G8rJd1v4ZR}cPs}OUfqs}m{tdg(m4O*pl}@Os%hhxoDUxXH^PAx
z=aJLfT*iHu`T&6o&I61!TdzVS&#>5CH8{UsBoAMpUktBE=B@8XC{yDcaE(v{xSu}V
zIL3KoA0Ps44gTJ-O#WtL_XUMr?Wd>R7r+9BmulF1J$9Pn%HtUfF3*x)?;;Im5|fE>
zWQuK2EF)Rdfw!VVf6EvTp_@$(+r2rL8!@>UXfDJ!TVE0y_~Oy4+I2yO<?*GRY<wh6
zTGg}&d%o+6Km)`!+gK7B@iG3hqw%u+oF8~U*XPRXIJ;#~H{^)kFju)4mZ3;vCs*EQ
zwW(ZSCwOI=e%|vx!InZ1k9nvg`)TBS+BtN+T$ob*>N@Zd@f24(;rt4Ct5J(zI1ni8
z=PxaTKiZ|j*T>*_v{wt3a!0p&Avi4_f=9pjKvSEgz;nYwAx7~wZlX4<@17yza<l2>
zvLYPwKv6@b(iQs2Ay#%B-MIxiAbsIhof^|v7B@C@Bd^1==t+YW7DGfMOmws0v>G|B
z*f<yU_;joLgV7q1V&6`XHUQOMDrvTxteM|iTXICbt&%43b$qh(r4N`GO!hx3^D2#f
z?72-+;8Q7(+cHmA%~kZB$5?($`6019iOMD1Apn4DSd_@xxwh`<GMK)oygL!&e)`x$
za{CzJ$fajB8@wAbiyn&-S#yg*y>ZE5uE<BWOUvK+-~g8f`iExPo9v*KG?nhC+xO=L
zjZsX@%!dph9Z<oFSB#vg$)PB$T99yzVk*ky;eX^wGAI+dz4#@~t{#1B3EKQ+k5f)k
zw9A8wO2b91Rs=4$?frxKQ6a_CWq7WP-#bWC{k;6YVEY%Me__i;_aE5OGcf*(w)6}i
zWyJqlGxVow$zX~g|GvCe8Ph^4W?x@^TxrfDkuwz)3@TMFaobJ-Z|Kq1r!9WCPp=Mt
zjmZN!9dj8k>~eFt*JEQec6uNZkI4z6O^uvYyP9oAQW@nBd8lck2&?8#+%8|Jw;5Q}
zpGHm;^0+&B&V*_v2pSJOmVDuYMW*F)rSG6xFeKM>aSSme9;n?3aAAKdjEXsFiPQH`
zZ)5XjL=+x9*@x>twY|z#oxOVmkzX*R*e=Txuk?oGl3p!6ecL4IKoglYt<?;vtw_J$
zv6u#|*R`tgo=e@_?^x9|p(&A%CSAol8Rp&Z#4{KwHN9Q+6WV#quv~eG=hfuZ*(l*v
ze#R^r;`)41+@(%|Ai8sZmF&WrEK`vZfbMwXg-~(3cUFrcf`%4q;?v<pM<ceFU<R3m
zwQIK%6&<1p-YFGvF%vT%#FWR@Kq<9C5ZPm5W^DU_)i`Q;-~2T*oi+0!#ps=Svbg-x
zw<x8!9mYFF=M{k%{e;uXMuwqVbra!hS>&a4YGHigbcaOOyw&L+=2UG?o7}sQO6;K1
z@Ahj{g`sy1m#7dkuwR!}w4{vEe>_KE*4LVi3qMCREqL)Xn{e7Pbe^HsifuaGke=Pt
zUm{l32bzm(tT+n_r06U=H(8_I?OU?y@M!&fm}q2Q8VM&+GD1J*w4%$*sQ``cn>M+8
zis^cy@wt{fZy_l6_;UFvVn;#IiLYX;GjlA1J)VRS4q@p;No-(G7H+GEN5~Ok@4aHp
zaUq^lShp1JTe2hj94K3far{%b8z1Z(lO9;Z6CEx`r_$t*@}lD49a?Y#!i2f{IRRc|
zLyX8`>|<N=@=zx8jq$CN>7D>qg$Gi_v_z(Zk)Pyfs?MT0CRofvz4_tfrQ&SKAdv;2
zK8ImYFm!8+w;u{38WbRl{v%NmK%+WLKTW_^B2zW+W6v!7CcPy?f?H6xlr^IS3yIn{
z_X*4#ORz%Zwc}Kx!!4*wxe}W^Q-J%|KkYGW=LM(V{C357*%f615SR*o3j;>_(jQ??
zK(OXXm!d`X_%K<~eabuJue3$K06s;Wuv3mh0Di$hkN=!*OteIQnyh5^0Kof{YmYSj
zn#jWGlH)!c825AIi+MmNSz?=ziGX7t=LZ{CV+RAQxR=;V)<Obpq<UZif{5rhywxUE
zB7qJy7uhgg$`P?qoIK{mnFEdK!@X>Mbm)Ao1v|n2tkDjwO;mE|Tsu_P2L9TTDzw#*
z>UnVIp$~`>v|kvNYoAvv#>&O%>h=z?LXAe=-(0`dpVPv!N$H17snw1+krEpDCt5#P
zLx<?b?_%GqBBfcv|N25=h9=PMlL+8zi<%&8T~i-q%4~@sKuL;ZlnELb-;WuCoOh+a
z?}|Bz#pVRS8r)2Whp|pTEN0Va1@;=}z3-*P5I-)zV@}aH`R9kzj(#FEuQY3h-vIB?
zQ+J@tv)B`n=O}feC+WvO!ZbBbaQ&m5yUZ=DOIb&P;vbJ7In)NhoCKN_)A|0yF;iNI
z9sAGVn7-w~#>$QKFj#jiFhY|95HcgI;=Xk%2Fnnne#kY4T9MqwXR9qDIXJPUlY0Dg
zgA}1EDf<%iXwY*_eX#L1>WVl515IG;8cd~82^pwpAd3HPIL1&5_HQE^p<R*sM_NnB
zOtjY3<0P^4V;F#0nY|XJ>NJEdXHRbHB33+&a9%U?7Ks2&&j3x&yM^f{ks_AxQ7Qd3
zGVz_zF3Z;sXhaJ=io~+}N5Q`3Mj15hXR)>nZD#@OmtJ7{Hsp*DE5k{SuC^@~L2N0%
z;yD-7ebs0u7bDL28ExvC%8Cj2M0C~AjMllX-RJq_Imn~KO+-J|ix*!qZ1~~a7gFF~
z_BkeK;5wyrvbB=6z=Twgto?;`B={M4114U1Ln5MK>8fue>=$f(`V;C~tJ8m28VFq5
zNXRk53bh;GA;uSUC>sh^aH}M-gD7)1vljsvGcvXyER#+g!m4>r8To_1w{|xUECGZW
zFdljtJh3cezeY&P0l)-wCpuM+>=LQ>+SCHZR<uW%mb-bp(w3>Y`QqY$H>3b9786m2
z$ICR)v(cnb$J5~E;l{#l9`bdOWjb(&S4T2D;a>>*hfIGN#=^+*pMsI$zn_Ku&x-?w
zzg6V_g<<xy!a#<-Qr=b2DM$nATW5&<>BixUzFyc&9|uICi1au3miZrSI;+H-FOtL9
zO<3*xp^qAiWsQt<p7eSsg(O4vc}0JtQI6fDsZ+He$*#g3*C)tF6w~!86r-pclb?=@
z9Swdxxwz3G)f0j5)#(>+OTiE)VHoK<vzv(($R4M~RzMG4HoKPO%6w(~Dj+_Khg^Fz
zTpP+t%1@$q`;s_(Y;mnOGaK>vMK38P%wHK_NbFr|%T}AZV#PZDRiTY4#I6=$wne>B
ze`U^6Yi{&ybR#Y^HMOl7Ne=!C%WkM(EKIFrTM%*a(#uQjBgnGXG|iQ*c#o=F8YDJ`
z9h$0~@HWUFQE+j&Uwnv}8;hqo$PQzESA@jHImn-fg06O#V!j&8Ourh>`rL3YiXY~!
ziEko_N%D4hUR|8+k)3;-K7(1D`?#9!ga#RK$>t#nQk>{$z@gwkICK$SHMAjlYfs)Z
zAd>=~YRr@k=5NX`?QP0S=Uy`Hbk4f!Ph17UV25FRe|gB(*VYSsYH&)IkK&+q;`_c!
zwW(DNdYQFkELE=>H=c{axu>ha+FKCl;~81MlOFdJA-a=$j9KDFJ)s>*<J57pexFFM
z&@4%|!EOvDp&)K41I9NVlt4V^nDC1+eAHqkaz8Yc#Jc>}`H@2>u5^aUGIGZ=^EWk5
zFj+8TqW}yYbLB*?KceHOJol6FPL}xs>c#%`$@QCY0mKG3MlbPWRc_!AXRJ9;o5~Jk
zwEe|YJI0bVt>Qo;2E7tiXoh@7I0LR<;ofKxB!V$6>^e&33YQH}))H6M_4eh?A3Cyu
zTr%NN1W~1Qsk`kjn)@c$HmNd5t@?O^?;FPjm>K)2cJzbWx7=-_i>*jxPy4m8q#e=t
z)b;U_Fbn_$3r{$CkmtwrNmoa!dC(ebC+&GxMzqQs7F?AVAXt7-6u8Y&2F?IgS_6=V
zxLg83<mlImaZ;*J_;cQDO+BO%hoEYHG>iaumI}Cv^hCKE-<{ItF>T-SoMg+*fYoS5
zIqm7s`TKMppnMOj)vE%63zi0%LUl_sV(m+DqS~KAukE!OA3p!l0<Kmd38=1nzLtJ=
zGc?<HS-A&5a-E&BF8&l^?ik(vD<pCjGW=YM+#f#i<R%bnqX|8@Xu(vIPA#w+L$cLk
zEl*02Qkv|1xA-$J0G3QYADF#PaRua}a=Tv#PISRT<uyRRHIAblyFR#A1rDL<B$g_7
z?(cp!e&|GsA|7UHOBZ_D-_+u7q`QS>u@!PFdzO%o%EJMnGtYT+im*&wJW<dX%vL#Y
zx%06`gPUdJ^j{ZVW>t#pDYv^B0x!h2fVNbd7`dNk4s@x+d1{fc#+qhxZ*>2#?cv(x
zFI2<G68_T(WQ>QJlYpn^O_0(D31WXCp5HN{Ca16t-FtF>zQm1(A+6nQxBx~qSU+Qk
zL{5AL2uR)CO(C7gA+IiWr^TedaR>~lOEg9OuWOZ=TQmTkfAF&BKE{@A2<gBLk#gks
zKxzVPQRNOkIHmM=%Se{rKL#@8@jc7J0SA8gp*E#F)GG(uTYiV{<1nLw5x`TR2Brak
zeR31znZCpLQ2T=8J0K<hxxDLO7DT$w8lD8?SAW|MEv&5PLI1lID>iP$?{5ZSF8~u{
z1=g5GoBC#Fbf$$@t8sj?GV==P$o@7@R1tjgbKv2ql^Ere-_v^<CE2M;C!rvdOPCjk
zBH#&+VI~<4@abZXv&kTAtm7=u{;K*3=oBCQ4W3X2slTbt2`JmQsKiNbE#V#D(cmTl
zp2Yg_?y_;Z(%ly9oMhp~Ag~pH%YFV>&eWhE82T+~ZgY0dB8US&tGADy1~(MBJ)nDR
z3Nz}{u;)N;ei##b0HS`CYkxt0PWp+kR%}dd3<2o!m{R-tcUzGPF%Yv<??qtADUGhP
zxbb*@0!4@otOS6@5F4I`maZAbKQBEv+ba5s*3?)hl)DlfM7lh~0C5+1x2_*iij$Pm
zXw9O?{i)MknBgv+8@QN%IZqH7;GcQ&fL|Ut3KU^kNr`Q}R9R<R?b|OUA_WJQYIjPJ
zUAT&`P41NzfF%ENZR4Nemmi8^J!&Tl$CvA+b}&x2yyDeC;pLFN;rD^dN+zKzX>P*R
zJM2->J(JB2BMeuk`>h5FagW?<+(o0!voQ6U>wN*Nh8H?QZmww3$Lo>~wRegU<vj_+
zd)!Wy)CQ}P9q&wZ9B-*`c>MPb;wQRCI1Rcc&wpX{A6WjyDk~e~e`A%Af&E{lAtNK*
z|D`l+PyPEw{`ch*N)vOkX#-g2CoF6YE5>@xh;nJzbR6{Hgym?_fSk3bO*A~C<9M#>
zd@3?d9VB-gTHFdJG`w3WFe0HXo<;A-Lq8p>_#_$#`KC!X4$&CJKA+ce18PP6x}uxz
z*Dg=zXMi>6GGgCT<&~xfmRbnH?=bXrIF1_RkvDmSVcD<)Kj)p-qfDQ;JV(6#BeOpj
zch{Ok)i9gyOz06`G9j?flW_6!3y6>@;*kf|;d~-X^`E9*Qd@cZmtE3m6L$(IMugYq
zloY~C)$T159~a%?=Vb_B47c=O;3>uP=ywF-WWO(;;!0%<U!11uM%Lo{#m%S|P4Ta)
zG7n>~MK9tEAQ%23yfV#@vbT+9PHr0SEWb7)JnDiQaO~$G{$`s;zFVR>G8ClP<ju;y
zlN*<V-n_sy>6s#5C9pPB`9^K5#KJDgwfV&2t4LoDahLzNBeeJ9IpMS}5U0*Mn3LVx
zq{4lwBm7q>_x#<v{M1Ax-LE;WO|4*%4ef9>ni9KYT#Afx?9XD%3avB9CY>vdqEgWi
z=NdTdi>~$#O80r5n2;K+p5TFA<<>zd`fxL>P31ScHEXdqQdk!IVv^CuhZ=e5om`@u
z*P<R6>p|NF+HZUfH|5r#dghS=A%we~nFLEK_w<8!F?~Wj6`80~a`F1Ai%OQ4y*VX1
zo!>le;Q7sxPI7<6<N>9?>4bZXA*k*|B~*=mB1O}q#Wk#d*-*Y!Nn%nA4!>%C6<n?4
z38-p?8S^@eCm_v*JlyeakUzjB0Szpa1}~^?x+|jGif*4S5}pWCsdTsndz3PhlEQ9F
zagtNmLc{9az~ouGB2UURHx2=|=?UdHgmP(j`*Wv3zC0^H;CbU(qDDVEZ?&XgMSb8B
zSS-a5J)6`*0{2y?CU{ZGYjOFj5{F;6R0bws#J(G(fMnwKS<~jzL(LYJ+$B)D5c`Ko
z3VD=~Emx@sSuCkrwSE%W4bW;Rt&Y3xMN?DhgsRb8oYC!)Je`(}6+Es1)&%CBqu{oy
z_C<nMlkZdSyO?;K_7Iw`ytU)+`)}vMQ3>=);Rx@k@&e7^ba#z)aH6faIY-Y`J39~x
zM}Svui%Kco9(NIc&U)%&>S2LM_{V4=vu;IzNE1*^pZBafNwD;E9}NhyV5L>59oX;@
zI1tx4p$F?<4tG4MCorfR6b=;}R=Xa?!>jirv<2*+9Sk%qUzO0L6z)15wHF1N0Lyc6
z`6o{fUrCHV*W6GhXrks<`*Y{y9&DVAuDqF*;*Hq`g&8W1whssR@C}bl1$5UII7tg!
zr3=mnAP;E|iH<Cj{Z(rg*qKC!`0)L%u-jv#_(H+PH(hlHYVHZ?uAgGqG??L>qO6^%
zNq6pF#9-brc@6h($3rGr;e5yrTqD^U5(^yQxKX>Lc`J{W_FJhdhluD$PF>}cYt7tj
zJ_-`Zr4s?E;A0?ZGyr8KwZNhXF>@q`yhbhcuJgc1+t@k*8(28<(NB8zF%T02sko)g
zU3ykF4>}v3aPQdRVY7a>7XNIfZX6n@e|FLDtWFKgoUG(lV_W#xyLCe!)ACwr0*8E@
zUqll(E#w!ihYH>_wT+Z*A~*0sKdlG^Nr++}(vG9a)Bx@2#|XyeV>WEa995-^<UFYR
zeMT?Y8=ggjKu6Z+@jXhp8HyiFNTuFF64}aep`I5QInq|tR4RG4<PGvI9ViIYM3RK+
z7H$rD_(`^wsE>sRYpw$3zQ*DZOpTqVlF1<hrVSC+O77`4@n&gCORCeYq{}|~0E)<@
z$nI7(LvfOaTJ0cN>E<OC7ve92FZk|M7R|#W!}gEfo(6%|IG?A-h8aQ##1Z!wx#-GW
z-^5XU=D5)u0>^mPsIRLr9WtKJF-dK>k^=ddZpL(w#l_=Kve!N>9pB3z`<POC#xj>0
zrC#Y&OuRKAB?|GlziPn%?-LLWPhC+A;4La?p3XZ<7}Yn}+A4#VQ>?z-^LE3bK?VDr
z{t=iS<6PHh--U#qm?I_4GaUPxm?MGJgv#>Ryd9^?#y-G+o@ZSHoesXiRRV@!^1#P*
zyf)&+@c^WW2iz{5c9r<dhj=5=6|#>G?j?YN<hZ$?V3xakFBJl>S)^J@Yut;EXOj!8
zhb8kj^4+vP!rAS!N%hc6b}ZgM8$^^f1S-dta(iGuGK2RKH}DJq@1u7y3w&+c=Nt)M
z;I6{bx$!9~V^PZ8=rBtCBm2+~^eJG<%ZeiNAgX3B^EW=(JKxt}({EOA{hb?eo9zJc
z{ck$8N4kNIEzWsg;vtWE@NulSm;7qBMO|5Pq_srtDtCvIDU519^isHYr({caZ=<Mi
zH~q|zv56QVS(;w^=O~2xvnit@tnvEvj$fce$5T2bbW&=9JVq)@@q3*})y-w@3gL~>
zN~6&sODghw%R|{+W|X^4q)NY2=1Mp1NiQ((?{P-B8JyQQTSV%dT{HbW4{<6fbfwwl
zzssLux@L^ylqfycRxL)2i=KJEC{v}D&<xOaRJ}c%4k-EFUP=jOLcD`Aw)Qvw3;X}T
z{4e&|nf`-)CPs#TVV{Zd<0<j~T1~g7NGYs}!hc}jb2ZQGc>c&dkC46~0gC90=CGbQ
z96yeqlVz|dgTHqt;a8hce?`H@MWSqqCY%?Z@8b^U2bfJoU6!3VoyO*ek<i~3>vOYS
zODfXo!tiX)H`#)I1d74L+a^dqUtAn+V$CCLU1>D@hO?It!|Mh+kSHXjoVts=lXIoh
z;k?{>eZdtW4>M5dewlN1w&n7nlihgUOgmm<cXnGz(#cW`%ZA{PKLUTH#jl)wc`9gT
zJ@2$hGAgLhQ$7#^tu3(_Dboa4bF!$+la%9h*~hPX4fydH6vcqSzQ7Z19%Ryf*}IdP
z%ydaZ+!r~5$l{i`;Hg51$>PO}aLA&@ClU0IJ$8VqKFyZ5X;5Q+?3QbmzWGdYZ0QzX
zd3^w4^GBZuN*`@Eh{TSWP@3~+T;$4Xd)nuj#<dAIJYCPwwP`OlpUK7o@zgddC&N%P
z(&V+I<Mn#h!_ZaHuIGeRS2*xC>u7<?o69?#PS*L-k^Ht;Nvob4oc_Ca0@q9bRoBRe
zjjz`zmxTutW!klq_dG*;4DF}r>n?B`z%@9HIXtdAgkalo_v44ZH!*Fp6b!*gj^q@N
ztV82%rT^S<izHa<z3u3CT40aejs+O+$UYtJ=GLl6j*628BhR{`XLZ6IYgielGotXQ
zZ4v~oz=aMV3q9QwYw>fA@6oqI;C%6_fw%%&OEzAQ7dMw|193Qdv$J>CP!3n?5?V=m
z8eHV#d&NU3q_SFnrun_ivxa1InPKnD(@Z**{XBdHLz7y!+?Jy?@-c?ZYJGKrYUbHS
zrmNk30{dw%gD>!+bHdn0nFc1W|MLM{<AF#bUl(xbVmoHG^xbyGFZcVlfqG||EP;F6
z5(X_p({<)Em4Z%KcN<>OepBhPXS%O+a_%-V-R<t$&nwM^Q;EB89<ff5P$T)}w56?F
ztM!x4ypsKnxX(uy2Icu%8{Cxv=j%vE6SaP^UnNUR%C>syLTRv6_E#d_N<He^KYzY}
zC{CKR;MZs^?p7b2wz?c5L#Hcu()PJ=A^vJ7(o%eSyVB)gv`}EOCDF2SRylzoyxRhY
zblYG~y*t}aKXC3RBfeK&SrO{?OMvawjV;wOvwPyEzSv87IjFU88~G+#4c+7xY1>vN
zX#`e!p~~47Qjkre6L;THc_aB`yRSiUUh65AMp>C#YC!oi@Z7*n4d8D&U;EpuGUF2h
z%{h!VQ*K^papCaN33ul@dbE;E5)hF!XY)vSJ%vuVM<rzuk}VINA|KPORrsmfrw|L2
zCMl@g0boIN<5nZAVXg=OCJYtNC?a%oH9#ED^vQ@cH#k9?We%Dgujqg>?rI8qu+cmc
zaM}v?G0^VHN_+84j`pF!p*skGDOvwQ8l0mBP+jHLQ+J|<N!0H4*<yaN(MT?}p^l1m
zymFHL^NA@#!xI_bB%1Qa?#vVORAhcZ;*R&4b})rA^O}_;%F4u6&j&Vuea)PQzEzAH
za<^Ila`8T=@F_;w)veyG+<V>6{d>eYPt~qCG@N^nVh5j$kdI#m#k<m}{D*Zn+5uU&
zbYjWUj7<eOJaSu-{Q`9QMTw#hzbN^u|4$dSt#Aw4-{o3C24+sF^wa?_86lrrzZ#o+
zkBL)eWsuw?8UJ|c>lJiJ&llXl5o?@~$LcBUb#?!fJAoD{@;opG0OrK@(uF}l1*)S=
zP#bs526s2UW{QPE{j;2P%csv5rfiX}ID?UhiapTOMkTUY1KE83!Nn;a$;PGzusnJ7
zYD<*zi|1F$8n?Z5Ru=uqi>&Jx!F6saV+J_GR|4T3fA}SmmAN}VrY-Le+KzzF&l=*~
z2u9%gqd(*@!s1gb5T<zz;IsMno^9r|=_L0%Hj=WLRiN3*^j5Dw^Zd?EaF7Wq;~o>a
z2U}c7kWi=>Q5R81v;XLIhaxODD#YqhRM&4H<<mHhn_r=+a{hT15C4x(zMcrGasz$x
zxt1G*APsr6arnbou4DEl4Yak~>Ts!frI@RPZ?FYE4gpoqPmGnRH6yiXye=NE%;s>$
zN1d6x)6F-yYVItV{{qrKnE4ANX14!)sgaqU{$D_1rvHG{{|cmdWjSl$H-fwtE1MeY
zP0G}zu{hoB{lKWVzFC#xqyOffni)RekERjp2TUbCBwj}3ATL@e`$wGf5p+IZv|dWT
zeePxQ!|&X2mLs+1mD1ghfq5`e8FumbiYDMDLt8+Hp(E9;FHhXYx%M7o2m-RBBG=oR
zCR?#Z(eB$OuD%CDa?8ptQ;V?Ycnzg}_)esjAYIrCbM1P4GJDP(Mq4v|suPpS^_Wy=
zLi;t!Xx4$tci1Q)f@TE|!kk9Myi@4SUrjE{zKTxXT~&2gN>8!%95t~4!3iQ)kHs*8
zJ2}yq^Lt^UkH{VN)M!nLW`W9K-V>5K)Sn;j<|74vW=sZf!g>p!(ZeQYhxenHXat_T
zO^7cM8fNsret%t9a_0+RHoKhIim0GWAP~`zphmBZ@9*B#>acm<Wk4wCr~Q@=3IfZW
z1T~V5T2GaQs$TY)2~vw+FDc)*WZI`FH&)z*VCS1sa`wyj{DAOyW{Hb{R%0%XqUeYt
z6l=&mP_ZwTjK$S)Qs*;}v8nQB6Oe`Fd43~H3EvECaPWfY#C@Szzh`&3iZ=#9BG<%}
z4m3b<iGp0-cp%^fW4jfwqH%I?e{cGRS`*WcA&YEz`>9j>ko+_VKvvq-8hI+K1gb0`
z8or-#k~nLLI8q^tHbl;;W{uqAz$RWxwc~%|MeXs)w4Yk9nQ;5^pmy_z1&esdC*5w#
zeA<OSWO0l(mE+2Oy8Q&o4lj-xhyg57nOc|K%%vzCxP;~Xpb{ji*ji8;Bi_|qp?HSS
zMBGy$#J1;iB<J6id{OeL{N-C&(A3U-A&ITxmK`&K_#lL{*Pfq*y<2o`HtPKN*@!Y3
zVqCMj#2p(#WY2;@n@B6Cqf`97yBfaaF{xjhm`jq3T_cFt<INDD2kzdb=}&Ll@~qsG
zBXv6uafnGh;(Pi_5=b6KD!@nft794|$HdxwLy^QfZ4#8BaF!kaX;8+is7-O~+-4qH
z<i3Z9Yv^Mcngt86t*1Y`@7)1_IVqZI)#POdKNU|qx!^#FIOQwnd@dhP*mrQjyJU$8
z(A8YXXdC9g_k};3-pZQT;kWY7A25%r;(paGCiTs`IwbVrA4`f54iRz2$%FQ2vXP(=
zLH~YG{3S5v9dGt=-J&{6+E!}(1VDKG><X{$N5eiG&L1)tejS6E;C{<A-81KyTa4WU
z6KW6`D1KS6+4G6hOrk{+ySZ>8Osrvba{H=Rf0H9#oh2fY4jZb4pBZvad~cY{Wn^K%
zz+}j3LYb@9bm464YWBPXz)uY2w9SCteDp;ColY~KXX>m4l-@}K$;U8<CM^<DvC3qo
zSNRX9AEX;)UFk7YtWgNQ`EO``kt{zJ^`IS`V+$jxZ}s@jgyC}xES6ypf*}a(W8Yg7
z+Ijrwu2<M*uzfe}z@sy=<%<UpSR*UeiKr0Hag-`BiMeEYXM+RYZ0zlk4sDIga32m$
z+A-RW-y@B4#RD~@zuDJybT@X(pjrmk$xQN07H?jkEyt44hG5!jx4qw3%H&yAXZC~F
z@PxPKLnZKv?L5|!9;Y9yiof~QX5K8{qb=!(P%gc{mu^%{SauGC88@g(eCN%mu<M@;
zJl<!*(}b>P3FiTQdL&vZ5;^4#$LNJCHD1txc3bPdy}T&A9^B(4d{%q-mxBJIi+>fA
zftl{VpX4#q|NBWEGsFMsNnXCPoc$~tyw_yq((!1wWKL*$p4bJo%1F25%I_Fh``$lU
zLv~bE)P%#|nj2enyjo+@@}g2P@xb-X&Kox`yjn{q=?uTZ9Fuy5mfWAdA~!T7etJ!^
zv}S1bzk+|C7+_42K47G)NxVO*^L}qmbO8&}$?@G>3}OgmPwnNn1m6QIcrfPB7lS%2
zxrfQ9<h_gWAOG14wlKO;`<$pkhe3LLqvN)Cx{<2Q_lyG}#$XVOT#)!xVz7I7*tobM
zU{&l14V7QiTrXegT-T^>7WmDQC5dKwYF2mAz~Lx1*Z~C=u>*VbFp@Jn|Eo&I$QR|1
z1+qp6BcH_;l$lSB;mEKKu$OVs#O!Jk3dJd$`KL!!JItFS;tLn2Sa>CrO@xAA{^?W_
zRWn>8Ff8s-I&qFA8@}^K5-tfK)!vGz?*g<N<tnH*B5a)dP<7$R0nr#w3T<_sM5*Ag
zhBcINWNr91gg%WGQ^KzSIO!3x-<pT=jC1^N57Q<daG?AtK-szG(2240FXA?Hr~t6o
zLR4ch@llQSe<0u?SP;LP+F4Qvj)YhI^5d)dotQDW1Em<ANBH@tY!0pILxCWX74%41
z3B90Ie)#e}rjq;?G9@WglH9S=ibn_?PPgeUxnc@GfoWV4Wq5}itf&&km_gaDg1yq=
zZw+JhZFNG7Hx}&b<9)jGlO~#~pk!3)c?<^A06EOOz@m3rA^&G_RBzf%YUNVzCwz1Y
ztV(i5!3_vWu~{Q>Pwn<k)p=nqq9sxgr_F@)$)zicNi&rvk}NeO0a5!gmvSTIY~&&8
ziEgczy#<bYwk(orF@kB|RuGW-LJ_;4OhL<uMVC_en3k}Rnl;y)hU<(G?*oOS-%z#S
zpEYs$2PiC$>z#K)ww3}HFo<9(IL`mjpv2vT%VB)&kZItwVtALdE9`)OE3*!_wwIyK
zk|3@EHD^NYaFk(^G<;y??_S$vcKAfua4F)J4O(P_(f}u%1Gnx-;TmkV!HVrUMk;LX
zl0n%W!Kbaq89<nmjj(G&V_eQ>o?U*^Lo2IiLNP3he}L1frBBH$)y&&qxJTrIlp>rh
zK5Y);_Ylqhy4Jn8gq`=j=7@l2M-X!?7o13O3yroKcsd%Pa#Q}{WSAC>I$?@uR0Tz^
z=X~gO(9iHY>Px;y+<x{$Ar@=-59~~8f=#`N*I)QVXK<*os^V|x8VW}xrtJcR<yO^8
z>Bd~%F;!6@g*J885KAjW*$jPXb$j+MQ-Z7tz8xGq9RN;5ly_uyMa9kvlZi%!JsZQt
zqjV-x*+|WJFFgI-N4<;tpv*ZF<JIxOrbMcr6GK_iUkvIF2N#0^#&<B&dX*Pu$bR(f
zg<FnJsprwp8Chal+LUiMZPnK(WqM>-=T_+Ed0}ypx&=KmO7;%O2sB#L5u(EfL^U#*
zL?Y~tY$qEZwsMB$)Y_vTQjbsM+Ee|GDj*3~S39VyAe!*(r2jf*os?#9%vxmZDlH`k
zj}O|BT^&|AY*p2C0t)LdZooL~Gy4EtqA|Z9hrvc`fZoI#mldC@VQl*4LH(<yRQ47r
zrhmG2XvgzLymkRqy7X&0nci0|POm=^%&FBFTEC?c=x-^tcxSMP*LhXT$dt!RpM>@<
zt>uTA(BWX2M_`$sh^jxY7^2cx;cQgUK5b)KUB2AB0#XAP?-yy09?whr?Oa_TNhj9w
z{s7i{8Pum{5l&Ao4i28~gnqTEy|^OK2%$Nb0!~|3`>zR#E@X>(ao|)ks~D@7miS=(
z_V22;Jok9DOQ-i?W(>y)Vx!bskPF2a-h)HJW52G4$jEKKBDG!SvPl<OyntO8-!kEZ
zFCCGuK>+iBKVUnx+oR|AdiirmVt|#cj0Ba?@Yd-hWgDJ(io*MqYiCaC%uBD&pVW;`
zOof@Mf9wBWRsXC1Oicfy|NoyiIn4jJH#y}ht9HN>wCAGA*<Su|*jUiq>va5SFz19|
zb^Ndchv%=M_@Fp2^j~#3B9Ei3(7)mgThnbdh8F_BV4Ws2+K)J4a?roLz+9RxyL+<+
zl%Mx^$<&^Q4<ey|JMv~p>2~1C^y%Ix7%W|Xy=-5?=W~&ecyJXWvriJSSG9D*VgF73
zDitV~)>U%W9^hPR-Od*Av-Sr}>FUO6>nV7ci0$=7;RbE##$kqt`#6X#SLnc3NmARm
zuoryNNR8(4Q|xO>%>r_DXbEbiZxXrY=_ft3tpoL@{>uUkK@b)O#$%`LQUlX{%h72d
z?GvTPL@98=077*zkyKvpEZ3-}T~L|<t9?kC7(J$Rn4qIETbpNqT{D>Jk1kY{@5%i0
zpADO$#Y?F7+#q!FyM2?@vdQxi>*q#l4Ksg->MCd@gvS&YAvo1cXsDy9&kLi0f0rnD
z10{ismutc}eN-mve>;QBBb@4TgCmAA`eD7Le0D63NT;58wD8CPBFxJC)20?I03e;p
zOSm#y?cm-cFZMHtnqw86zQ2tAcK%8bUj9cqQhc&>Dxw%qPDu#&-1mi+iLZdKVt@{Q
zV?oQI6md+uR=Egx4Lu6h7(QnAhFH|#N~KmB7h<K~C^Mnr)BSYg#5_|Z*HzFP!m0A`
z*T1<*nI2r4o5)PmY<sT888lBMef)&{XT#jnhhp`xz8TYDNah@ST=cm{7Ki@%!z;>@
z98M5(MSey|Z?C4h-v0yLKO7;i$Z|87H#o5EIA?d$JafT<U0T}t@*9+SwI<qg2ei#H
za(x-pOE;0aG;s_*#B8X~u^_<<_!Tbu9%Lt8p;81$ekd8TbY(G}@HIWBXPgM}T>z@u
z+zB00y-P(wF2}N`rBjcg;6TMV{ZBAUh?pk_j#bn?StucuG~d?N2g31ym6`@J33wEv
ziN*ODdSYZvnjECY&lAysSVF=ZkDsEQ>;8=I=u@AvdM@oVjH|VW6Fcm%#x{^lV4B{1
z>Vs{KRnPtES{qHC7?mbz%gG$iIb*w-jT_8?@EE%uLDt<<eO9t+U5)sgawM^oxG5};
z@q+kJWoR4i{Ax}978xnPa9rM|AQ-pCLL7HrUVZfBJ;yM$GjM-!K2gNl7P6*P>}1Ys
zW;s^1*?z&YP94PnmEVTMTs<)qLJY6ZMjE?fYi27{_?uLI^Ur$OfQ{_tKjK_pBC+F*
zl`b|_0`wSyg};Ukh%sSJzBQK6rA?5dP3RIPKK6EpS#zDcNf*;Hy*AunW4%WTZYaxV
z+F(mo(J3eozXhaK+HFfP;VWpXE&zXfr&;g51>4DLVqO`~(_dAssph{DxGMl3;Ry?y
z2rVDjjl2(9S#FPTXP+T^n*GP9+;LqD<Zxo$NmvV0iz7N+efM(ZQ=}TN;jJ_(xSEcv
z>gSkIYws`_WsWqnd}(4Maojdsn0LzhiwT*8Z#phk6DP~^()?yca18eAC}h+T7O`i|
zccL11t35sS9Zrm(;b`nF2a~iF&?^OYE&EX8%GmLe%}S89+{0KCD-BumJPz8Ib97o#
zt;=cK&FAOB%fBU$Q^rJS2n+W~sqFnLu88E8L9~^ho~C}{mQc&BJ)I{`ci41TpSGP}
z9>&RN7D>NuO(JtrfIx0C9nuCSp9~9IVeV22YOJ*L$~aKVr_`4Cn$fTJKG|PXxp|7^
zi8`dqS$rFZ0RtWm%TEW8dHtqP^lwY(wP~-Hl%CS3xt76&+=S?0%i&~E%`d)b##ais
z82b^07^u$D^?lm}&BXf3xsHtCtdN2ds=tX5k18en?Gy6hEPmJ8v#`u1^O{Zg9{Jeq
z_S@UR$u!&-R0X?iE1xF4xH93>b{nBo_n>cANEp*{vtWa3u~<<LNF86lM~kgHk?QkL
zgE>LsLP}e4XcIXnikCqfqMSmpy9gQ-e-lZw6E0O=>_$nsNoybVuwDkxA>t<Bdbxv9
zx^^HyIU0n%8qmdKnj*_qnBvj8pqH%147?(utVT5(LMqEDnvRBfbzIT%EsXOcH(M#<
zM%i=v7DmF&Z8N{mxjbGy$E0d<J>;G<X1aTWAVC^u{F^*~dGgP*8y1HDR341~pUQ*j
z|5kaZ{P#~%;oB{s+0;i944#t;$XWP6^U6c9LU2sXi0mnYDa43R+v__$j34kvgKPOT
zII9gp-575UuD;!bOU;H!9b;?=#lAf14O7G#hGn#fqlVfi$Xq$cS1#FAYtw%dOP(@w
ze$|L!2SeQu?A5l0HyU3!PO%*6BQ&-M<{foS8DA<8)2>lT?Tn?8P$@MXV7ZJ*#NE)Y
z5y}|XevQ_&jJXdMc~1VM)*z0?*uXV8qjupJhI46HUkk@qdBzV(_j{dUS>35LUWtF+
zYguFIB;%AjRjQVJ-z9-|R;WR{w)T;LJJaAbwFiImJj=)l;>^l^)J3BzRH9+`zRTaN
z<vSJf#R<0wq0*_cgZjF}{ns}H&JE>1N#K3?0SL<9zff;3$V#p`UtZ8ySzl3hbIvZV
z`P%C6ihg5OQZ(E6^#khb&?n_aaH<v3l{~6XTth7d^-2N~dCX<IJCv%7dNmF~!f()$
z@gTt+7~s^fAnu?kC~J0iuirY}bj20oGi0;XOO>$sIyV0#sPN%?`wJ#-L2hj^<2CFj
zMaWE(_LUKoblGG4vSP_hI&PIV6*p4cDne2{S(U}Dz!3O8;3zoL74Gx<Az$=6oq<9A
zdAW?ZsoHSD;$XkChYqE79wb9*;pojVRl~*iRZZj>`9Oq7ypax++vM-_27YWa;KC-&
z`58}rE|zhN!rLkLqVU9a;<Dg#i1T%W9Z>_{%i=gHzB{ALqwym`Z)eCFGt$Z2quS60
zD8M!f{sukOAa9Dd3}~-!4f12Maw6;beF++8A+(N`f#dVitd3Bp{Mpq`oKE?^=Wa<(
z^R*KLMSw=`mMrzVAQ&_1RW&{swT7UH2UmwuJGQC4;wNqHe8?wv=Jb3uRDpqUcwK^5
zE8@)&^_ADIwnJr0>cqO}`$=NdDt-i_iPx?@h59s;j?kfHm0uAGwQ9jIgs~ke*z!<M
z8>Eklq=QsZoprLjoxByJsv5&a;Yk#EldZ6_1vEaxHkmgtp(g?)P^SL;<oYGlTwrdn
z+j=J9%AWO{axF+o*@Bl$!8pIRf3Vgl)tB5Y<;XXP;?}&na>037ZH?Weefi-PVSN*i
z2?>3@s)I#)11>#0kFb__3wc?1sFxu#>v3Eyo7x$@W)@#zA{vfRJ?K1Ls59D-HU9cL
z$??nnPmPA##`JHm<ifAhZFNL|hOHLe0#JMju~dNW6(ltFR%jzCj!H0+pC$VDwaCqh
zaGi1J;0|#8!_-JMo%xAU82p%*-zE@;1MLK*3#%+W*|*4Ua4_3)iLz{;w)CALJ%jv;
zMcQ%AJhqVEQw~^-=$cZAd44N-#X4!`f^11nfgCDE6|kZ%F4nu*<XZ^fGI^ZZHq$bW
zVA}?!`>nnPAuUF$rcY9;(gO&4gnL^$T3VoFy8#`TpYBfG$vF!Ncer%&T&La!b!V3^
zhny11XZsP(BIlqP2W!`m)LIA=4MIb>X*BfKpSmzk=G@UP&!tU!t#~}w(%_BKjQ38c
zqiBx*sKBiDX<TQc82j~nSJ(JfNPVp&jr#Z^|3z-8Lk4P+2LW8eLl5Fd4$?@0HA(Jw
z@^?1U9$UNvbTAC%jQ(Anus3>G${V)mukK4?YdA5|`sxza&D~d^WAohS=Ws<TeB=<n
zf^i9jx~-5W#9eUMBKiy-Y!>s)B-ExopdY-b<Y=X*&?8|Zhw}&}mt^#;8=g(D|G+6l
z+&=0(7a8ZW8)Tl*l4iCau75kG#@eI{YZfT^e~i6TkfrOkwVSppZQHhOXQgf1w(YF6
zZQDkrZQIWJYtD7{ToI>s#Gbd`^%zgI{`S^duT!^g{DJM=tFbjpImz&J;a=AIqS@<s
zV#nyo`G$yKFh=xT_YS8CYMv|`vk@vz7zuGi&%p~E{Q?ogb_<D~(-%2cMOWJYf`>%n
zIClQyES{UY^PbZ<7SC6o@8&yAw$@GTOpCHtig&o`BkwExo1=~OpZx!u>VHfg%>N7j
zS^gFOt5nx*epeFwo;)Vkn`>z_BXA~$^7)snYt5B<Wj3Gk%m6d;sclH+;>}8EA9m!f
z<&#j(5=eEDy5o??m`tbR7B>1vUGxfhjb#ii-I#)%O*nFSPuDV}r}eq}bJ(8rIMdzZ
z7^!L(E(|`F9H2nRsW1olq=eJ^CbRn(YnkhTl|E!=tVV*3t#|^DCw@_n)bZFJ^xmy`
zxHxizj;+||{4(y+(YU6Gc8LHSxxEO7o_8E^8CeTcsD9;4a+UrZ04<`P&?9go)Q^Xv
zC=GjPlxmi2A>It+auAI$6ghIT-3<5Exv{fu0dvmK%{KL%wldjSJ()g^90KAMC&cI^
zVm^QjRHNR3Ow}SDU+Yaja|V8%%+8LLckPKY!eE3DMh@r7t|Xws_mW+r2xn-{Ofsg9
z#}Lm#z4Zg!oDcJd@asK3G_Yf^4S{1|TKIO^-Fu?4R2>V54mau0%Mrc!-GNE9c7P+=
zKRbNRGI}QRZCtGQY<D|wWMY?r2;LtXrq~?|q#K1tk%cSr)DBJDXPb*T`U@{^$xHhT
zHwQ|wdSaJmeL#yCP;UQ&Ij&<DPtV}ZSn`V)L7kO19h$7f@4;d+=WM!mX&&pvBr^@Z
zsTPl|o3j9?9}dt0-#j|JT8Fp)AZ%^}+XKzCy@7}KGv3wQp~p!L+&n^?X%SFy-vjv`
z5W$*qyG1@Jsm4uoC}vkghqjC63qHC)D}3HEud==MVJ-F{0jrb6xP`h+S6M*kQf5d2
zC*_fK=$z6w3p!16Z^g=P75%4|C4Q}EmvoSYhtzrqSy%f+Sdyb-^LmUd4xrGTK9;u{
zU6yJZSJ2{&&wxNq3fl`1ooKR$`y5VEi+r0oXN-;dk~17%&S2i9QR#UrCU*r8%avk%
z^sI$)6{TLkAA1(S?JU<fxG6_^bmisVPYjBbf@(Debwd{cVt+52+(ua?Qw$e*3C{Z<
zm$n75LGQWb>m+Gq&H^!K%5Ud$yf0P*Wk$SlC|e-jI~Z0>7u8R-NQ~4-S&<xZgSMu`
z7BGo8(v7qtP?fFX<I)l&>XX-j;`u!CDUt!1^ur(EBIACAVmeqU!&;Q@ioFs3<K;;V
zlXc|#Tt`GNDnP^$$~Giabfw}(l=(<SK(v=Yn27}Kd(iFCi1oVEiyJ@(9%v4jKthNJ
z6fsS%P>{<P;)C9cqpVSPenjBd5A+mj?p+Svvib5>iM%_;qJ$kNalY=PBIBpPw{P|G
zTtoIfxD7AQOLQJJv9Nz4;qO2CUr69!X8T7GviuqEXJPqQ`Ti<3slW35-M@RDrpBV8
z?_?<1maU7^?KvZ=q<@=A^^lO};)1085)v~%COQDbCG(A%eB_%83H-giUY^z$d0Gd7
z)q2`zDjj^<B=iVy;2$c~*%gq5PWF5;i{pe7kui@Zak|#HdtA8<0o!9M19VNzjDfx}
z`mb)(rSOQ~&_RYB4^%pA^}Vn1#T>^oJM*Mzb6wl;>Ifive7!RrKd0Xh)h%W3_ueZa
zy~YjV-U^)?9k(Av3Rb22gicT!D)uYiX!JEAN*d)iPVm-u6c<gw-)PS)GUx<BhIfvE
z&<2DJ0v_>AL?7}68{|Tj`z^nW@l!^)I>@5IR_RTnSr7Pag`;q>&CFC!<5QUlF%4nv
zI79)gS&>W#KnA(3(vQ(|LZz2FR=1W`HAL+Zw(ZYS*ObBn&CR<ISE2V^`|u~MJbK<U
zZ7`!5Q!I7r_!+=M4J4~mc}7yL+0Bh_IS5&rYfU)jI&X2H4^66~mux`F(pAK`{YpwD
zUE7`|2?#*9J=q7xK}m%Oh4foKiB0(+W5LK|7f(gj**2MnXNCO$J4t16*<LD!^$vGu
zUP~X#+mlR>iXGz9a@-PcGCU30Y=OD9A~vj*nmE4Yy%9tTM(ALWh!f37ZJ}m56&ai-
zb|cshGztj6!0;gk&`mX4<qxF50t2@xN7I1`KYkCV@&*87lTwbZGO`G|AhUK5k&^Ee
z{IXDvp?7Q5flEVs8<ZoE1l|LC_siq%#HOn>L%LpHbbGY=3CcG8D%towFx|&ALl#Vy
z&aUYP+3v>}CLq>x9nrK+?+kGNGZ9h<0txPIJ|aS&rJuM^!qxgFXh4c0zba!ylgPx+
zg9}gptvjRX&g{tIdJ!&LVbD}HB-SYEQ4XKr32rer1!G))s?rm9@{==SZ_E^iZb6nw
z%_+kL0p-DD#1gO4S!01ih9C3Ghbkq=C%kB-woUT#Ocga6w8<&b6{wzbmYeKl-!KbQ
z(b8k=%~``=#e+F7*+V;2Pm}n3yM9<3SIQ~mCu1*Zp`>kJnS25SKQxU8Ub-L&vJ3nW
zA0EHYkc0{hub$N&h#i!a$vPuL8}R?0ZRNPW{Hvqx%Qd>hF#pnN4?@l%1XTTYjXBA=
zuR$<}38?F+o<7rQyOLpj|KS7+vYq7<S~#U?^x3)ZEU|tBHw7C$CTmAbSIql7zF?q9
z8<fcC2yA%snBGJ@7Wii;uhM!(E{<#52YVg9epQim&r&YV%9-P41a}P+HctDKwF9p*
z4<oD7JEg3Lz4Qh`K)4*K!duAZEIc<-p=XE;javRHo!tl3phxeHC(V*W+|$aUXm(Ot
zwz;B`3~D~j{cc(;m0x4OhvZrNQGuCb`(ZXJr=}3Hu`KmF(>hhhdh<thvQr|wh-pPt
z0q>rm40SPBNL8q?n0&|D9#wUewXw5{tUHAq+J>0}R=`V5KbL~7w#3u7vsTaZ^pvgL
zld@OeZHqtyQ)S%hnTNdXvAMO{OY31izTrGliLL5z*S&7b=d#n8W#}B1&nkEI0R6%?
z=Lsoh4wHQfNi;2B8@Wa@onv4zsMaqRjvs=-M1b1(OPczYa52Gj7L_|6uLswgd*+$C
zxL8lVZZ#u`s^#7I@a82<oQ(btJxGt`R2uor3&*`T&zcf?UY~tMNU$?-xGU#16afJT
zFCAo?Xveypku0?T3t0c+<=<M1k&XEuva<c9tN!}>-xwSV+h5*^|I;VY^_#4Fq6ppR
zY7aCWDkk}Jnr$4!n)U{2b*!4ag${8=fF@|f+)VYU8#}2bnn;XDIzz0P5HS7o^YfpN
z%kZ0lQ|v1b7Txp7kNeILj@I_MsTrExcz&k)x(6Z%Z}uRP-<cu{D;_-~)i85kCDm^3
zk(&k)8qkZGDwZY*23=1WuYMb(x&oi)XHbu+Bdp-&rOr1WLm6IhUAKPeeR4MOYBV)3
zWB0lbdV%-*F^yEfbF|VPdg<eWdiT3$Kvn50j&Ae{qZErr8q+)pY?Lu7VA)yOBt{d_
z8S%y%qPOuvYd!d8T(WG-lJNmbqXk^?ABd8}nh>y<C87hyLdWmh0<t-TSD+E!#8LN+
zCd=0@3O*>XH@+Z*FAGfZgmR$MT-Dcxyo(l!qH^GOyX|2Cii&@qRp<b|b*4$4tqh3h
zV1<mrMuxCD2B2WaQxhj(ev!qei*Rl#L8<!jOXRH44I!+DV#hTK-paJ&a~e~*lcH&K
z$3{s&YP7&g<AAA56+c>Z!y~SE$bw`FN{BySB4%l4YcQ9YTe1rw<I9&!uPOpOJ<lQ9
zKcP&ow8C^(VWsIiVQV|%k*t}}_%%{}ZD}Cgy?UOiL~sxD$WqfXw}5>xR)gZ0myY$c
z2LBSY@;Cr33{9>@@&V?iAiIL8m;&fVQ!CvVcK#})mP2P62f_*<Gy^1D8#28QP`cI?
z!}dA(mICr<UK0{i9z^&(gJpa*`H>r~HC7Y4iS}|lQ90zWHK9!Kpi;ZQ$j&n0E+^nU
z_Kjie5cijl`k^RqWV?r}Gbf^OD`T8&z^IFsYn&|#kmIYLFhN3!C9_hvawSz@<f{Cx
z1Sg2Wr9c{vGMfl&jm1my0mhakH~zdgA+KbEo1z%wTU%CnL8IJ@JKZi-{>0i9GtJy$
z;KxgpW{gt#bTS(8HUHGrTnUAfDe$Y5`0O;}Opt~R<+rgX=R9dpGz!0o_4_f9>f#*y
zZ^fkYc+Hm-MSKP^z&bk&Bhj4H&T@30p%$(+rLQcFG7lO-@ruF{#1u^+BpDIK&N2#>
zmcYc`A^FI&Yz|35y5m11ttj+5UPLu5x`<4!rT`E28SG6UV?bBwWx(tCr`N#36jgw;
zQk9wKM465KO26xhdBn$Epw;<b9vsEuJTWX#P89=IL`#9E@VYspP0bsp$J4X6VuNF+
z1D0cJYe(sO249gm0y2M0Qhn|Ri}zf-WvE7DyC_*K%oN<wIoI^#dcFx*PBLIQt5110
zIB@ulNfrEJ&a*oFCFI{HNiro+xphL_OJ)JT2<fc7nPb1iC>_~e@ieg1e>-XC*}pI+
z4IXn@OAgax*f2yE*IMD~D$i3Znw#T%FB0#jH;b>QaXcat-e4@5bHY`BV4DZEveuDU
z0ypELz5^I*jXENL7N!K%j@CMPb+##oQzt~V?ey`Q(I{DKNA0YDR^n}KQPJ!BSvnAi
zfTc8>DaQ~{^1zMD)KlQTT%(wDCo^Q(PSC82w`MBZZ<9rhCLYCvuo9XA^R{fOm?=2+
zV3ybYl{M?W@m}$GQ1A$U9e`^8C-nYC+27D(VEf0d%)<U><=t=Z*uQ~ZmD)eGp)_Mr
z!4b$5id}6PCTE<d?5tcoP9A;|;=+<ZtN`QAHcxcdKpzki-h*XQtE9s~+gIJ*9pASG
zvR>$0a-OnPw&0f;teTDkKTE67M5G{&UowLr2j?gOhdQH8T|2I?dA14oJtrt%C`6J_
zDo3GyMla*PBkap{;`;!YAO2o!otn-(OC(Hsi}ShJ)@;`hKz;6PVqG6EydSWbZ5#GJ
ze?tOApz}rwijMDl^tXk+@4e7vpJ6O!(UPEr(V{RnBAqZ<_jIYSD90s8dv`qFr;d_1
zs8OZY6gFz>eVOkR<JJ8I5r?W3$htsJ9|1K5n+kN}t94;E=4hZF02-cp-y0kO{}oZ(
zC+?b4RkUKK(l?)a%z#a6G3C&4D?5fWgYhwi8=psDAC|%buz)dbIW&YS-M7=w6d<=|
z2Fc564^+eVvw|m48ohY-OsFp?uumrKA?g-qo*!$wCcQgRkg5J!##fs;wgHE5F9LHk
zjnQj>sgb#(h?RMY@nM;}{W~n(D_Tkp!4bsh_g`Qeyf^hA>AQ)&Y}3PURP@T|G@JDl
z5LD{MI0B_yLyg*s@qto^H^YneW~E?d7e}keQfLc|L1QPt?Caou<x6IAM#j<U1<_>`
zNss<ZFO~GupV-wlw5E7;OWN2!_6Lv3B!)+}ZGTe4IEXS>ZXjzXOfRRJrio^wj1(~g
zVL+YM>T!-SX)#OA$#`JCvQODDB}oa{9nVm7eQ%DXGUBJ-V~69kd43Gw{v;I{hKpM{
ze2|BO2XuxAO>k#cQ_4-DKYqxQcBaW4GH+lNF|V>bUWT=48nO!q#HRPn-F=7#6S0d=
zg~>)0!<5y18-T0NX$!Dek=LpJ2;MZ7AE@?vtRp3o9WAu3AlmyPtBXK<fyC1w@eMR;
z*;s-~hl`>2eqRx@<pQjJuFAiM82%cAqNE>Fk6df?q-DJ`8gh{^i|Q;ja=wHcmC^Qz
z45j^k?m3OnzSn>HEt7{0)5UDkgW~KgrA#1<DCxA?%e14{57!7Fa*>9mYGqlqRjpQ4
zFS+SLHaPp2rHd|8<u=(AI*eG<b*4V*gx?M|a-~82ogtgyM(yMw0jWRF@vq;_JYWov
zVy!dY3RtH{aUzX_G!4ApUVSPAGuDdpLA&OIneo|Z;lEpsXS)$yGBeA9*AbK^8kZF%
zM_5Q)%C;n_NiVt8?rV3YtkB;`gbfZ8+!ip@eO0*091&ye^Cp^9X4YJ=HFWFgFfYn<
zpfYYPM{`UacB8XNs%k$bcFVOn7SA)xmi33yU#8tkUIh{pLq^bj-}B-^dE7%epd<9E
z5f|;9X-;e+$Z2ztpA$=s#n)M#5_{bI(fJl*?82Xx?Y>4RWraOH%~}=C_NFX4Jmd#L
z`r=`*ZFe!uLIbTH$)uMSl+gR|7Hmm`@@D_?c0c}hB<Abv{(A5U9U))a`X{OW=Fi`x
zqUZRhX@`a5e<2mezarJ)?{?1p-v!6N+c{}E{H8MA>YG}aFY{?ogV|VWL-WBk@~xVY
zPU99#95+7ha1xpcrB)lwp&I!QiQ$NE?T@<H2HN~V^J?vK_FY#+x3%c>O$ni{3S1RZ
z4&!KVT$8Ky(ov{pxyy;3n|*!0DZ~Pd)YJ#tvV|$~3qY+bDDW584(1pOn!#kUdVtoj
z^@t@UELsTY-_v?He?CFgCk@xo<zKVSy_4tim;y_x5l8B$D<PHWC-yzcUOYXeboAJ%
zr);2qry`)KY^pC;mT|kJ**=Ro<qAV{+BL{3kxH1$_j6B(=kEJpOBVZrRGX<ustmU2
zqkO3|=7QU1nAmaj_ywldfCd(2oC5qckD=4|1b2}=5ITjKRymA}U+U@Mez-&FOocT>
zxs&6zs@`nP-dbgoegq;B@vVLm?be(?C+y4>_C-sh8W!lcJiKZH(O2k6h>YC;0G@Xz
zJ*&Pw#lIlW{^BI%bhH;5LhL|E;PNs-T<8_skRgYxw`|dRU#7<p<_^T@QQ3v10$cdq
zq=&DZU)?s0EuJ%nK5juObKdN74tAk?pBaM%odbJJ-#CB&k#RsZ+K@!tSKD**vwc)8
zh;#F+SZtn{K!S6yD-;!_cc*JLf!k%~xC>^{{U_%E=>aW09(f1-Y;J$r{TM;5$h?F;
z=vH-DVD=j*T6V_*6Qx&5IW?D4Y|ErV$`&inrrgS*beKlP)4_W|cG$AZ%Ly^zThWLY
z%qVse^G8v_u)3%jlzMzZ04kCCKH6x;AauZ`J%rbF#7o)(OgQo(E(%3vwL|jpP|SRP
z)m!-rcu^pF6Szm|S6LSDd#pzMhg8+c_X;8og`)ELJ}dZlzQ*E#>~!Bsj4^=~IrfTY
z!4vL!q@sqeT5N!U0M$0}*dTP;ijn;fwTRwTz;zBwX46F+QU<+Y*A;sde1+=c6qmST
zWw_L4WmL&UT+AzI--Nq1g*fS$XhrWKBJZP;uHvz$%>9g#r%$@?g5^wVQ4%hs>Ha_Q
z1-qQ<_uAVWpM0Np9lGF_>_j+L0tJW;@C-{c!ixtaMLbvI_WGtU8@2#4Y?B39ZeR9f
zK7ZAk*v9tW9&r2O9`cMBX5}Own*IcjVL-(l7vh?q(OYlp1BHX70yh7~hwVmTp}?s@
ztMziSBIhG><FPJ*77zWTy5hYP0saD+vVRSW`zZZn$_A7SYf4UJnNct}iLUY{#HGiJ
zl)@!k;&Xey3ipbh^tk&q^YJZ<_fcZC;1%_{jg_wStXGQY1Nl9-EY!Qd$OdLug`LPF
zC=@$(8b|fK4AM$?LWK>nchCBB?^VB!*d4}69YONG;nly}$SdrgL_KSNYk$KR;e^C@
zZN@ylgY5`I7RE=m)nH1;*#V54*%BhE1}~^ivcMg$$49%PTk?MUt#n&V7a-~KOyEx>
z{SBJ`Ac^fCXFV(ZpGab*|5r$=`Yz*`^}8_mp6V^7aD0id`<BK&L9)D_VkCP3xA_U5
z$w0Kj&kE$$#5P;En<l)^kAMQ4sd+>xjO^68XSu2kG*#a2vBGmk^0;LJ-DNy4SNCxm
zasUDd%{LL>pI!P}X<H(fM`N4sxqKkNrlx9tCTxCTTmmv{n_)b~;LEr7Adgy#AE`GM
z_boyc5=g22M~U}$cb^<VfR8#|c3ak2bTJ~H;~+_-#1Hr}<hMXvV>@reF7HP%=RG%^
z6RnDN1R{&QA~aa(WBqWRGd1Tai`#vUWfjYAn1jTH=1?U*;)Hn5J*!WnH8V2+te$!N
zES0;n3zdrbi1k3}#@1E*2eTI(a3I(Vsu%6O3P0hfMVO5BTMa%p+A1CDEG^+uwKhj3
z(@QW)v9iOpjBZAb0sy>HJnncb+sEPt5tGc2=^R!ht8)`zL*#FdK&sclZ2M&T;^6O3
z5T1iG`i<%>UV4r&Hhy<2)mI4*V=7$k$TE8(BnvRyq$Dtrb5z*%B2QGJ`qu|A9fYHZ
zj1VYEngIP;*N}!Sbqxo|mfIVBjFIMv3(V4LM%mcL^+Ap8;Him;>n*3rmwg$Lx8E?S
z5(~#XEthi9%A6F~y2&sfOb6W!t~G&l0Rk>ezf?0iLgNI&K--RUjxx6V$zU5f5_wva
zE<9?f?s7{CuM`3GJOOo^6Md5O1V8F>A95~@NMduRV-F`Z#UrzzgZyp7Hw}!qs0?uv
zWd>%K+*tZbccK1TgcyAvSJtW1<8Z}`XS=~-BwDtMejzsN3C3oGtB3KU=RJf$0M1sk
z8go*nXeGv#8YcCf8Pki8fHx>yPRn;vP&yxl8Khb+Uk}6!-=wAc`jo508;o}-$pcZZ
z`Z=7v*pUMM_`6o7P?^*o$P^!`&s)~TtA63c6vE3*F6Ma_)_E$ae}X)`u5|7igl$D7
zO<hbSB+(DnWm4sx_rZ}~!zsv-c8xx8)g6R;k~2p0))o}0B7d<?qaf@=w;@LJ!u5E9
ztzGg3UOoBdapknNluoM7nr}z@nucebSrQTCk$oSPT>h5oJ%?77Rq|DEYYg%BvQ|mi
zb1*{0Mp5f+erP3c(+i+ZG~6kJ?R4S&79ZfCumq`8Yrp}guqpPOIa`j@s+C84<Q60q
z-N4J^3e9+<-z&JVdC;o2TNhWY(s7i9naI4lRx@l0Y61g+xY!)bRb~#&X-O1-0HejD
z05Lr^Y6;QW1GqqVVak79>(;P}6`XmE6GO=meXew3AHBHqQq3oiFPnz>5q~8`*hNz-
zKBOaF)v+4fBg~|TrZHRwXSp-m)KTK5a{{Ulq!^B<MMP9|53r~juQP6L#pH@zu9lYP
zM?7%Sr&!OKc{7ZrlRJTj%^RT>oVP3zku!ChXc8Q+EAwbJr;d!7aFmJ)#h`W)XT9s9
zK|g9E`CS(i%kC=#2v;Bl6%&My^sWf!*KJ&iG%x3+$4m8CVkuYP(#`VUpQ%^CV}b>V
ze&;r@axPido&R!UCfS8(nFoix$?YtJ_r^ZQ2IN)MbnHxA3=jtkL_53%xSO@9p<n7H
z!>vcrpGO?|#wM}U8lD-)aP`~wRApvtSrfZ?Dky72B-UlJ%Ex(GyV1lkfw@r28j+P(
zzbLra6#N`7bm>-9QK{e4vn_>uEbnzCZAqta*lv=^a(az#Mb<=${`)r`5FT;|G14c#
zq~5{v1?wL=hhB*9^YMCW`!fq3Zo2h-@iY6_gE+io-8Up~0^w!l#@Q5^8{uc|JMCE(
zis!1qdhpm76wv&6pnP<t$kRzk*H`CkLgB6MXFw18FJSW!aIHVc{U09xO>QQ(e;l2x
ze^)gA_4U7ReXNZCirh`#Cw}i$kvGq&uBvI`?1Uqbi!K<mk(u~8#lN9w!<giaH&*%6
zkR)v6PP|PVE5c_c6tz-luZIW5aUSq+KM#@FL4vCFtX~`Lf4I=;t8*ehbbRL&eCgHx
zfOG>;3<5+RS7-Nd;rTk4#ROcdF#_%p3qukV7Ysv{4U`tx6Y~gS3}c<vbVK_*mX{3Z
zEkfAjw7uS*;kO&#>aw>XJT92e?J@zB1SUim&p{f_6p324Zr4(ok^B{MPOM-I>FS=L
zVyAYXl6`P)vgY|%v@$%zrbp}ih)dT-91udF<q`0LyM{Lfd%(9x8B!Y7;E)$V<!4s3
z<LCq~m0U(xtqf`J3%5~GQbkEsdPe~2ISVCFZF;kLu;*-~Bmrroq8K|Gas!^MY@RK^
zU#Rm;#$l38jLT&2dZ6c&hm`EY)7*9x|JLpE;9y%PvEN0BcVDSoOMW-i=i^vVL*xf3
zKn{MoXW_-quP5L)qLq)c>(@cl<Q^63v6Dc+)IITb<lWu%g=OO2ES|dgsvG^2mC;_2
z1Z%;rQ`v<vp4ez-f9^pgAB}iHl>8*vMi2j*R{r*;Q!){y5XI}|0U>YqZQ=MPOSNL@
zMU*nH0uMKJJo|?#!?sjWuPB9^ow)yw#t$)UdaNq9D7S9NO>@w(K7acvuhE`D%SR%M
zu{TGu;GZH{Oc1|0%MOkwR7E#{tDW~l=VsJ+7MQmxEkqjgjBI3xk@#LK!`$`!O*ljd
zvyzy|>j#0%jx3Y^ERkVGTlV6exKyv)H?HlZxWge*9U*mn)BrEQ*8*Ab)*)!+X{{M5
z<iX&Kq-Zz>`zP21wPY1c_G<j_7IEF8<^G1TL?cbDyo{&Jb{>ZX>jrW!kF0%B4ID!|
zIu+JsL|ZFV!fx_|qZc2YLG;c~01#5A$&0S}#2`&j9*H>6Z*C>-<r>RFd@W7>rN{Nr
zPTf8RTAkq%u&Yd_g^>(*Pn0>_-=*Hjhnda-`K>C!!5<*8-ewa;;9Xry!Q*;{5y?jw
zZ3$hbRqaCnukw~YqL(fg$*slaWrwHl#bczLY%yWj?=MMAfpVfU#gENzaU7kxZ&pzi
zHjabbg;=e|mEZ%7dOdorUmnPpiT3N;BvfA&jK<G=V~ORUJA{&0n-#IAQoTF8sb+Qs
z4ZuzJuJCQgZRq%orL%6gNE!o&jMK>|vY$GcKD0_`gtV~Og?eB^RoBgO90kzN0oecx
z7_=OCIBnW66owO*HHJjg*gle{<_lx$h+Zes*ppk}W^#(a_Hp%jEpVu;I392-wuXoH
zDni#6aaSH?k}E_<9Hghkx#k(@fBc|kObmqsz#R{O?~m~23&g3p@myIOBGn$P?VQq(
z=JU;eZ>pBk<|Yq`2Deciy?0@<p0YHEEjq5o=G$Dyo-l5Fe0>biCvfRg&aTVM%fqjS
z|H#)EUQZHbkFqSa-(5K?qB%rAf>_2v(j!S}Phzsy)f|u3u6(R$y|rwj{pxY6Gf@X<
zDWTHZ3wE$;Gji@&(#lBd?Pyo8ux!1Ov?s@%8aTE57Ff!<a-kG&?Nc)kwxqf80JB;v
zDfW|y;2O|%C~M+jR9LWI)Uy3yJN5}=9%>)WRT`!RXOuwX2`4f99oS=4N$+iE!u?cB
z(cIR!Nq%4!4?$lEsu?F3lDjoEIjMHKSG`l`aQy;E8T2-z_vX=5L)AT=R1A3PJcnxv
z6!vS=_NCySZ&%?X_fO>h4bs1n%gDj;KkF4%mOpzDSXus6FT&=3UmB}^FRml-kjA#O
zWSAa_PuU|F|9WZsZK4kWF#>A5DEORc0FX#eP+@7_NSCG1#7yYbyjX9E9Ab$|gC}}F
z^=TM?w?`e2^yFQU>$)4>hZH7ylgkI$v(Mm<-ul^4u=#E|;|ekRX@v5@O_qeLn9}cc
z+BC{L_<$BV39qN)Zo6~&K{xZPo)G1g=6ka>xh12I{o1#V*QtB7MOGu?83VX2x5Dn{
zw%34f5e-ufZ=jL}yJp)u%D8}8ofHRFZDFijJnpi>rL_QCbB&MwO4KoYPi|t!C$r0q
z-5??UHRBk{ZApv{%Cum%qr>+BLQfY2)+r#UqQ10%$qM?j6lm7~3M&tKp;o!c^X~n_
zA_rKIWDpZg5<^rNgdmcvAlFyy_t6BG4JUjdanUH23Rt$4wQnKxjL2+8(XP;0yUu}Y
z2q)Qnm(Dea`lDa>{pTaRL=L3({i5N9znDx!$sr-3s|x6%ED(mNVM1ErVRnA<FPfc~
z=uoA9Ybi#5vB0x%+Px?H#`VkV+{I_~a`#Q=h%FuRX(L9b?~>+X0K?8fc?{-<mjyMb
zZjzIdqr}(JQOCyNs#+N<$q`j$r7U!{zCUq>EW>MhvfN13BEhBwb?Rh3-y+dz`?5C`
ze+%X=#EBvR1+y86ZiR`8pDGHj0>KOwK`<%0P(|LMMk!NnRvY4m44A$Oo%^b(Mvh)k
zJFqd74gP*~F*AOSmPs42*|rl0MB8k7LPEZ1`<n~~ci8-)ofOzX1bvain~)<|<nSHH
zd4iIDo#8XX113`)a(Yv#{{=>;vr<r3MY(816n9F6>X@Jl1L*^qe9AHKVqS$<Du?;r
z7B+>L7SIw4!y1oOG*9%Hp7!7^P??9z(Bw~(p_K#&!J>MA=*c?T>&ok{;@A_z3YQ5j
zqIDSg%l(L#19=7WV=5<M8}0SJG=090pS0&8g+{_6m^^hLA$?(Uq!=U&QuCXb;_qt{
zmICM{!ozSjYOvJ4C_N}DN^KYLV&OQiEvs~y76Lxyhkk)&7UKBnpT%m;xC^5VKsayy
zI2NAX2Q9JWb_3_lxIZKb+xRz!i46o=M|LUJ#n~lX`0=y^xZr=HPq*w%Jx^pzyqa1(
zLl^?zj{hom`-F`A^cCm?-uTtwHo&ZR`jR}v1;RtPWrOAx>w07SL$hv+?bmF^m8#>;
zBf%cTH`|5)DWsA?STB*1w+Lzk=R@@lTWhFzly$HG7acBJ8Ccf3S;+KM5^AjZg_THc
zylwuNMpR9-(M@=Ra8|@MEB5-polA|`VGoN^U_N6*D7SF~sDX+iDSmI8cHnhzPvOO1
zZdGqrM12LEF-798Ms7Iy0qh1}ZmHzu5GC}<!qnj|exBtYv)!x57IELSL!^_nBH9Dq
zr*@IYGS?zHt%t;K!B;etrUX)XoAKtFZ^+j<s-&2$3v?)(c(r#~o7W*+68H%3rf0s0
z2XR5~ZYPd89w!fRemB8auTM8`y9_2I)%Wbr-nj`C6e6wylyZ5Pw*;!=olSrDMYmLQ
zGgC*Ke@=<FA17?Nqo9MP+%@G7Wz%6?>G3H7_Af8<<n{WrH(tIf@qHrvJn#l4U$Fl3
zYR7-5_a8no{L{k9%KE3Vhn4l;8GBSGeus>ZH}9#gXvd<a!aNktWL5Ud$aKhYht-|x
z{rJU&g?@+6#}!<rQ=b96gyUJ7f1=jQz(ZttUbWF}&f`a!?eJbEqV=t>r!}h}#J{Im
z)2B<DbN60baTmBT=ENiRk=m7fzQ5z&K`ijP3G|Thr_Xa|Db+(_9)uZu3>MI1Dk_51
zoXXs}B8co-v4)YiLF#Pl(3msEgxKnUUMK7b&E|ea_>*S@ClU<JlVitV5rLnJ+AzK2
zZ|G{+(UwQ3YEVj16;vH@+Qw*yH<hKY&f6itVvkJNW6S2hX3>fz+HnT_l2{|6OX)!*
zN$=$&PC_Xr%p8lLoT$tVl_pO>4X`J0%_l4lTSV<pb-)&nWnn*f*SR<~Oy|rRy5m8?
zpKK-!;vP^ymjfTT3gK#9upp8VP@T7~I<ddoya)PL7s&E6YkB7gvX2+tyN~8J*;LvZ
zls@)*5=I5cF6XjHI<!2GKKi**{TU1kt>%C-N!7wxxJ=e(UeG$gZAr@e;@g%7Dk~$^
zZQL~l3K%{G^0A4ohv76%vEt4rh(lFx@ZlZSeaRI_%i8Sz<EAU++4xTl`Sj%>Og(YX
zOLKQ=?<nPy#%a(x*Z^rR{(v9Kn!W|mQx#|Q?X|8N4NQr{RO;gEmWz~kQAXORPHhg^
zCQjbZgR93)uj)}TrKy29LO6xD3|;eO8@Mj%)Rg+Cx98ApUb3W`kOhU7@4pJ|%l(U;
zbXT`7nV>LmlQsNjhEMtnXi|PrNYpA&HBWcx6wP&4)!kE`t8Ogka~6pcaU;|y;qzVT
zLhuWf>2W8HvqYB^!(Pze8=#$f3~E>w@+j&aU=iQ;m#8;HV|Sbk+~D75ao;g*wL`VP
zHh!;)ac4c~iu{_w@ZV|E8$L#aGTjEMFaN34?gA&sdcG38S!LR49gGxmSk2vJ20W<+
zK=A#C(5cLNmE&n(megagLo?b@>tx(c^~V~_HTVgg+{v6C?(qGJ+)O-{+%E^zk$Jl-
zlS2YrWOJbS)-%ecI;VZFvX8VMFVKeV7lyM@>SP9vRTp3^BiM^1NsebN_{_vkPl#4p
zyQ|hJ&ZiezS?G<;Bi8STPHZQ3ljx_Kxc#}a!wQ?%c1z?*gTuA`O^cvswMVNWSfJpG
ziHX*x{N!GfTA?x`6v`1AB9G4-t*TJ>;#Y;6E&P`Lw&dX6!<*I}AWhGrKjfwnqOOdf
zn$O_?FMlMD{=geJ9TiK>zq#DUtC%G_qRw&`Nui!`s-lIkspl@-e=Mn_=OppH%UAcU
z@{75a&gr;#NB98lLcT!yQ&s)Vg1@N2!TwJ^gq7{Dnf3oS$FlvatB+0p6;)GX3!)G{
zVG9Zh1@@*{F$NWndGo-+g2WmL@&NQUobBvAozQXl<eKJZW|A5y;CS#Iwzs%Du{+<O
zy1n18E1$MDNaf991H4sshi*X#@%YS>1d-&F<TuvcTpG`RohXC?e5$DqtfS;h>q{2b
zuDRhb27~w}#LWVzHa$b>)O_8LlbD|=ecyDeu|abTBf{+LzS*kkgx3juN&qF7k-+9>
z%p(qK7ZII_CYQYLy|hg;##qKoQDg>7k;F_NE5~Zyv0P+)!~n{9V;v?)OEtwBG}_zi
zt&GjpNm0v4NRllf;tn|7m`RcPPO)@Sr3_ZhG0|3Ep*2^C<%<$Toc=QEdR3aHqQYn0
zA?H3(&(}8BiwwSHWL2>qfsrj#A)*8jD81BVm5V()LLxL7t<1ud+DZmhd^cWC$)+a>
zX97{R2w_HSBu!A$Y+LYsilt9cGs^O{m(SiA5<@K{9E=r(syz+U+|Rltd32?H&xIwb
z3?awOv9||g>3}DR9=}mr&>lPTzKy1lhO9c)T5FZh3c_Q8sSa_KTy~0y$fzOIg1@{o
zGtO~9g$5H2zG!q@!7t}Ki9_aS@8eYMrI*{+>^JMa@MZ*p9QjQFMQmI_5C&;{f8=61
z^K+$v<IoDGZQzBgW!Dz2*3VP1l_}TA&8g`z@j9T|u_wH;IJRJlSjEjxJ_Q`qR;J0u
zx2eym3sdj!D11^+Z3)z5L0M=+EA=`TNcQN7X|m6}_9;s8+hk*igeD<}{=qvcSCa&3
zdts*20DX&?O$~Je^0<?^H&_)SWTgDg7Rn*XE~fahKT8pm@;5lY5s+=@t8fN4{&3jb
z(K4}~!YWb9$r{p1l7{g3>eaGibu<(<n!Y-<Wkma;a%`bS`w5k2e$J9H);q8)(V<Jj
z!VRG;v8gI*HTRq(GFNLe2iwQV)ZCRb<$u^#pAva^BL7Z*u%pkxS+csG5?D9LRAo$>
zHP;brRru~VT^@!P&&;h%%-ussBwRU)y#;muXtDBXa;oOmxVZEJ4Tp9QU5m2j=)aM&
zk&Up=+1enXhsUK5mxU2x+NWd$bKHH<1-7&~cF(4Ug!@UCN+kKN0Yk;y6@q=iD_KIq
zHNb(yZ85$3E`?akATjrAKPc$arTZL?Eo_=Gja)P^0~^ry)ZI=6Qfd217Z%3F8AFNq
z7TLQ{42I|U$Q&`9R|T!Rk7)IE_E||}f7BQ`gg7RVO!>z?IpB|k7l`F>Jf?Z;E@$Y<
zj&=DOgGu7!wXl#?S%<AnrUwPQc_VoPr)H#)u<v(6Ey-rr0Mlo5sJ}!4mQpXKW~VsJ
zqvRG{EU0kuRx$}Xe;wL@T6U-ARW92s!wi#Y6Q?VG52_kOxZUdjpWW<2{7hJW0*VlV
zXFr)7rflf|UJtnIsZU@5&9CA3s_ElWD9G#JH*q|#W_}nWcIKE;R~c_^1BuF1IanpR
z(J&)I*;0_>>!GP)26}t<dG@{e0!$ipvHBBce>3WD3B<tkj{}dD{m--mE62Y|JN!Pt
z=veUo?Nidr(*QpJv2kjYGAT{R6Wypnt9VB7`ML1ji4jK}*Iy6U6M6~4*;Lf`S7HP_
zK5ung&%r@_ApG5(x7GK(+amLnbs&yNq-;5V^bz;EGD_fQ7ek7lp=7ID=lr@6j0D(J
zTk2f|Q&1HDL}m>>juQ&IrNe#K2gw|M2gzac_0&HhlR)S<IrMJt(CKwT63wCOJRE*M
z;%JOThZq>l5k;60<jY_u3bY&=m%J`}4RTLWDAJ=rU#?9NjFeumS!LNAPZ<Rk7C=YG
zi=Fo3UNbwJsl-EX;`0W4>KhH{jRkk(4FOh@#u`;f+G|i?e%e>}Yn!rO$&Bb%%hMN0
z3W;0<wMqvo-icqJ2Jbrut_5PQZg1t~RaOSxeYG?}h`G%&7FGg%kJzI%Z@ChG!f7!I
zu<UQGf3`5JjVrVwKT<{JkCO+U+b-akEvY2zEUYaWg*bHCA26|w8u0R;<57O1eOqWl
z)yWXSQ8q=hb%eQ%UQ~JyoX8uIb{4mNhC6)LA2!|Z&5@laI&Ns-z#}x!TJ|=u^?A3w
zI>t_j5AV=xoQ`M6D<$YIBK;;zq3U2H0G&%*k(-piiBbH9UHT2kY}9pFsy7(q)y9Qo
zap7dhRT1k26e`h*h9xL5;YhnYItW*ND*>}f4Fd8Z-XNXeQuhd&IAjcN!ad>(Mj$qd
zAzNbY)NID-&|t^Oc9AP;FUZnU!i8LEPXDv;_jKt*b{xW8S8UA*P8qPruxFJlg*t&4
zi~>IC$Mh(<GQ4x9->uVer+8^YR;Ws9+REjj1J1=9)`RJhy;eN>ZuL>w{9@GvizvgK
zl-lmmGZw@|)wD)?`MXPv;HG)ipmTKcNe>gk@vxgTR3mPKFOLQI+)rLO$&^qGC=ND2
z>qfQ{4#m6EUVD<{%h`S3#C;`CS?jUK4k=i<g~M5P`d+M`X;8ZzN7}A+c_k+7;;{pP
zhE1|AUsH=lw1s@#_h{mM&cOa1+Q#-KH6QtluV~-wNRBXVlGKM;mKySzxuHAAAMZ!s
z6?=4iH$iPxuc)}iDoaZI77@I=nni0V!LYyXmwSO7(yp0oVu5mELlLL2Fb2MQyNZh+
zcjb}p^)?y}lk^qwA}f1=3>OtA4PH|V3r}P!QBwg1)%OsWD>H#Z$SH$hEF5!*Rz_p^
zqx~=$Px4Hc0L+9&Rx$*chKNXwq-GMh5JlUcoNhXq=yHa>*u2NQJY3I0!jlqe<JU#l
ziSGF<%1H;sC>dEd)j^K=kj!aV*f@Uh7n|Q8+4zy*tv7#4371*cjUa8|Qn!Nk>yt5x
z#taCm2|sI2Pgn$zB!}3iE;>dqNqi7X&!dH<E%GJJO-wno1rdjRFr@heYR?v#&;LFf
z!xM!wI5t>O9jaF|LA-7-QZeYW!u)<uS3UI0UevG|1kQA)v|G%B@KwqY<UqND!USwP
ztH-7<WC`qd<_Obr>cw{1mC^O0hh%#90m-hSUHvL$jnlxGD)w05xakMNLwMS}gs$rn
zek*VB2KjboLmpFqyC&(Hz%6Wo54BlA3VqtExlv**zH>0}F4AOt+tcpjBbSnfcuJT1
zPBq^$X*2m-#qti@wXSnVf#08u{F{9L850@**<7&E|9NnV?e9JG|LIcxedqgsj?~i7
zAUQtjYyQ-S*BKFjCicsOf<P64ZxmnE63-V>9K$?`-OeMYs82LtdsO`L8=cEcXR{UO
z36KN2xm^4_PJUkZhS9tP)uU^AG-=?F_WmH92ia54@Y~bbRX=z6oP*W?Ir+MS`Wi(b
z2~H}EL&+9`!ylHzj>iwGyyNX1xuBzi5KnjkG-}xjea|GBEEagV?bkHkLYv9!8WBJs
zHbNETh8JgdmKEJswQ@a5U)TM9z_E<Eq__aK^jq;w{7m1xiMA-^<UaxLj<#ov9-|gl
zN)u*cjHUk-^*Gw{(2Eje_g?$GW;X*9iY-F*gPG0Lo8$G-KD^P1o^QvdE=Vqm@!_-J
zesj}D^XtlYWDKh;yUZY~Ef<1dvw@EOSoE7HarXNzd5<A$N<Ax-x^s}$hn&}kD=yH4
z5Z)k8N~X<g+bf>uHN6^1jhnU8#9a?pD>n4UCJwU{;hvaz#Z_1kajoL}qR*{25*|Um
zq*a@6mvu5;aVswd)TPlc6;{gQT0Ln3z@;l;$jD~eg{py&)cP$#LUc%z5kSqDiU304
zJR{H<uJ~&^0kcw0!C)U6v}hPZryS_gjGtlNV*(xgoMKwQD%cL{Xa?)#%H5UzOLSM&
z?c;hd&RAiUb6#YK7(4-`Pt`FC5bAR1+xHpjB{fApQ%#7@mTa?jx7`c&dsBn<yUtfw
zTO~Q_maGoj9qpPQ=2NZwY~w{!gNb^uG##@ZQsEOZ16daHa=QNfCL~B^E-#HmCI`iV
zZjjq|!EE9Po`E^Zu>IIiou0G<3!xn3Aav;>vm4)WKY9|48VF3CMVKQckcoxVf=pe9
z&=JE&%5|WBOpsN>@!3X$Q_(Eq`<j90s8yg4`-taP*f^e@T_lYMu}WHD1}chRo?w}V
zY~5=i6SkCRBz=UZ)+!{_H#<nHDlZJqMc&r&@;W6NA_iCI&Sg1^xQUvxH(`iacBPK5
z5F%IM;?_G?D0C=7Di29D+s)u%B?*GhOD&3W!<iJ0DL})_nLp^Jyd1?j-VTP!Vw>kI
z!K6MP0<tQ1T#1Z9fO@J&eAs34_H$Se#(;YZo1Pm+g{il{J&_5zLhKS~DL7Jwq~uiA
z^vw)4@^>4}U13>IG)CtX7{p;K3@CtI6A?!VB}@}U-8fU&QFtA?Yj&Je0+R?1o<Ovy
zw5t%<xUOKukajN9UURTwNP{gl_yqD6S;kSDcMRqvE?lxoX<Qj8=>lGnG!ol!^6Do_
z1miqBy)-u;LKR$hwRgMy0+1p7`6nv=1AxD0LpFy0d2na@U#?lR{kwD4L#i@L`@hxH
zyV^r^Iw3>zz4r<*R&GeSe6qfbeOgAK!9*RZI#hym2qo>!L<<R(EYQHT$!fU@0GGJO
z=4bo6#4|!LgYeUSjyg(~R;*rGAo_(EO<<oM#3zLB$R|S-SRw;CCbGZw<<WKE3W1;R
z@8|Yx!f_DNU67xIW^sn-yECO|!;pn4H;}v~zF_v)F(V2vr_?V_-VDJ4e6qZFpvUGn
zEM~KC3<x9pc5%IC=%Erl4E0PVR_YlnO}@L#6QxV^snY0aRKLBw?hO|Kw8}CIM8pc%
z>Uf%_aIvfyK|;r3bkhA_xGVngA`0wleb94qA}J^+A?Tz-V=N>Z^A>%0RmnDteTSQc
zXfYv(KYwtMKDhue=t)AUl_>2T#8c{FQWB0P9LZafrr5mY12@1S#CL4kxj%7QhH27|
zJHpo6ahbG~+;b?4(+LVlNXVkJXErNUz-}tuh~Z~VG=T-Ew|rlsFR3M5#SsA~p(aP(
zvUP%)Cm}fPZ8uUk=UH-AsEyjCMpkU1Z!O9{fdiB9HA>3&R6B(|U};K=##1&jDzdyf
z;fJ@CqNI0dtT!os;Aaw(0h&2R&qP}2^ivQ%NmecfhBhBx;$gPG7mJ`Z>6|`IfsQ>$
zU#YqZgtiC+<;9j+OThGMEp$PQ53I<*YTkPQFW&tWw0M~)q=%Y6QL55TJ{XMq@rxXa
zV;*eIqFAcX<@O|uBLnxdFb;JR-}_o^F0>U3hE)Hj!}2?T<Gww63|S(N@WItE%hch=
z!I2f5@H@g!nI?A5eT9ZcmI8Bg%XE`!CPxi=|BGaYu3i6)UDryPb)zjo&5#vBa!cip
zAo+;{Yfjhny6cj8nIBk|cF=v;9$W52klk+H)vv69sgAQ?9gPiuBg*Se9c)%2P=WzE
zb5V#kh#k0PfT|DOCK2t;w|ny96(A}70W_8yv7EQP4r*#EgN6O|510+h2WAz7qVLm9
zbu3x0as0fwUBmm{TeDY(#T?q?n2gN90Yd4~K&E(a_?wQut6ip6tsHBa&t~sYXRI!D
zzn9qER!Hx#U*XcnbQ!W|YYBF@qW02>e|%fv&+b&`ySIMRe89<We*bFff-YMUJ{<iK
zNe(lh+lTuL*riy9_De2c?^j4JYYJ73oZRI)hi$~$a%Gp{=Zg?wYE-EH0+zKfZ4{pu
z{{<myOU#+=Oh{Q}xkhben~|IO+Bd>Ulqb@m6wR9>d3<$Jm8)v(pO4R)Bm;|tBl%9@
zQ>{EVa?C2tEmY}BS0W(Jl5Qv>Skm+ZVdf$eB?Fvy8+x5?k+sEHuGc|Y(58Li`8~6_
zJu}f|siF$<_D{xjJU4<h2Q)#Y6`<{{BK>3ReY-YP9m~M3b{ZZRPPSZ|YjzeTRd6z3
zX^5R6nij=Dsr9Hhz3WJI)SZ~RHxJ1X#<rvxx7Ie1tf#))%A3nObU&;}kN%J||3S~+
za)zGcpZo#aKfA*J8Zp@ZzDM?d%9$ZmslVjR@6Z*DgE{m{If=T@!4WCeAiqXyc%WY0
z3NTHywGGKnf>ZWY&G!jcafSLUG5_AsWP{B3QQM>UBY`a;x~N=J+h3W<eaGhnl}-r$
zU5k|B^MDVY4;YVP^wJ|l^61pST<cvu@PwfNUu0Cf6It@Z^l&5ex?m^{AVP0gr25DM
zoiM!pC9iw}$iW2)bOEm_H@9zlFh6~eecup17~s3XQPw<Rgy+bm4bkE9>95p8HI`9y
ztES*C*`(`XnnKbK`g^4%h?vxs=V|Tonx%OJHX=QiMuyX$8=~j!c0R=WiKF0qx5g@$
zp+jjp5%e6uj<rnh02dQQu7(XWenuzSv7f{bwi)`ihytp)Ca%J?f;FM&q4_0f269N7
z;?G_bzU6W0EkU^6W6;NUFkp<5K$vHPN9ck6v>>AR#yo@AYDdLPHD_>k8KAd&EGUs;
zDvbq1iGkKLdMVW=beAh+Nj{4@QC%p848gUAPpQ2x35dxi%@By&c&9{=q!}<ICc8Ze
zoSasbzSAC5qzsF5$N0?Yu0b$mYgGOs{gB<w@ZBb=8Cn6WnY>j;h;+h%%54~iti)xb
zk_R1;;h=DoC68BWY}(8KWZA8Ugx^8QvRSaCp&#ZISapf1EbLh{A}bO_StuH|&0<k;
zto{g){#llbr4p^DMV(4^vNd^biq>t+n(?AQguuwX+A8=XYM$B3+sE0j4=%D_=o7(#
zY}8A?Rr74wxmT>$+y#On)$^Bac)pl}qLuXLn&(EDQoN;%^r%~=R*`%`bbM8k$2ueA
z5`iOC@m)XPR@L0;T)?w@Qvg?SRqx;|=bYK%s-tU`WyMyJn&RbjX8FB!1x^(w)WMbI
zj`hXqg>m^Ja@nYR8$~U#ns&8|<A%J>Y){P#W06a)gTpW?OvS_yIVrRIz4V17xW|lz
z+?JE!wzQT3ZCgDIYRIeTtthLsa8-Nrw5c+p!I+w+iVBX5ae#@>EI2?u18LY*Ahnr`
zKWv;bD~nHwR0Rbhd5f(&;A^5D$&5vom5e2Y{DKFoqGdPv&B9nn>?BZ5xAODHot2AZ
zrPjTk(d<YoaAIb|X=5Z|B1dp%txVLYLdvy!Ui6`q|7Y+akYh&*^fGxm6WD@?V_CaL
zAck&&kHdb@IoUyxKnA7A3FNCKp#_jL@pqGE;hfUs%Ch0(UaTi&`2<`8b(Z3W&~B9V
zng((^q`A}nEu5QzmxE-ZpnF@k5*4WeM2L>`tk$XuE{=0qN_E+t^8>l>xz@4uZn;-h
z6WIxVA8NMaDw2m8;sw?#yhfd#x^fA>2Rr?S1~Reh3v1!=5sQJZv-LF+M$G~=UP2e5
z%xT{3>=`{9Drcf(_jdq#iU?A4>_{!47)~Xx-30I$_MO22c5Hb3)A&{U!#7wH+TD{l
z*C1jEMyNz!Ej5<~a>w=3^ZO|4ER^fMxFgrh+2bi(y@okR72~7cXc-y})1Fv5V};Ql
zn=ZEuLTW5YL}EB!d-{A)YZ4AgqzcHPrzZeOcLzY-H<VAGVLIPlk9Tuw%Ft6mHC5(X
ziX_N5YmA4oahr(iN)l>X*c>$tF|B)i4_}_?DBZOnhZOj*aZ4Q+ZdWSiftpkv_$m@(
z2D&|6h9jCbBH(7BRD*6l+7DbZ^PAt^9+xLw{MkP{R6jg#@Z@$Tc>jdzKc^cR7+L?Z
zTCg$wxk_YX`d6#OqW^9Meuuh-;@)x#3oO{axn9KVjqaZsIrxc-3rZov0II9lT+&@@
z`W2cDjV;6*Y2qTSc)PuC(LM&}(-((rKbp3~Zf!-ITL+}QXjcW!k>}|LZI9Ur?$0?1
zCc~%#*0?<PfYe3uKZ>;%>7s@)7MZgb4N>028)EL8azpI%(lqy3di+1e&M~+WZR^?{
z+qP}nM#oks>Daby+qP}nww+GWvGwKjt?%5o>fEY(|LoeeYyTZ%%{AAU&#Zr93fZ?|
z4As}z0It5=(w;Lxf86eX^wI{#1H`)^f!K3FjCx^~*{k8Zli;kzYTR1sJm_YYQZ$90
zY^0=~q_T7@v+q97)KcM+$0@-ZMEGgZ+ws=$E}z1V?LX6*9pHYt`m$>>2Y~@-MzZAK
zIVkVmkKWvCP|XKEECC$F<oq@$ilIS~Y8>DVX=!R~AnI<&X7HR<DXb@{y$XdWBHH|j
zht`l_P(V_CT3+Gcf(te3f+!lF6tv4hEG*Cd8?-`VWvmaf+~N8`2J+{DQ!1WGAyr!z
zUz<ng2QrpytLw^$pB1jrEr)%6lOZh!;t4{M6(}0MIPP<<7Pi6Q9mW8UGF@L~n|Mmc
zksnc$S<EQsAu1%YIdDBz0a9YX6^C?HILpnB+3vRu+TWuk)pKZ8uK1yAtsrr@sP=sf
z#>oV#8VaP9a;>FArzk#IJ%YHB_xTm@QYd$&XHCh8PVo2r#JRvlQbUTWQKJ}*IKm;f
z#B0YjwDPL8bw{|3*grk1D}Cuq#U|T)z+L(!m4|S{YnQoLg<_A|rQ1NdaIq*D)iWs`
zW)0v){Y}dsW>?KFMc?r3WV`5`yQETs_S6(o8D+r07+;i#WU4w@8?3RX$-81UL|fJE
z9$w2i5((d>G>|?zDpG{M$#N2t9>=eQf+Jcxw<_DbZkMTfXICSo7qz)0fPK`U1O-ys
z995E8P%x<BD>V_tv$YE|u{0#Ren6YI)GLVuZ5T+VmL*D3AgS1(#6-fpPrg@@fAf=4
za$m0=R5uEmpxxBU=%XQ)_9qR{>9UME<AEDp7KrMcJWt};-bVk7<C3WINalxTl~6xL
zY>w1f<zYkMmsc4rT7GJ2NlWBbf?>;cOUJ6>f6=)l5qxQS`E`RLW2&w>RL1R0YOQNp
zV&5p}bO5i?^v0QluB#Z326Aq0e$3HDOO7JS7>4Cs0dVQ7)2f3eCYoZv4}U5OkZxYh
z)eJ)*JGLZvBM4?bG}_hM*Mi-%26Pu48|SqJ-fuF7<c$u~KiU)B9*xUaOR>i!&5%L7
zJ3sOnbgwu7&L$K2Ei@63uvF>=3v$BoyJ1uLfe2Sf#|^<E&_MH2mjjLYG&(@PX_6rd
zG8Io^R2OVvWXjoT(0yOEn0sA&nF)$wxixFCrg1_T?HT+q_IKtuuL=9jO@rFD$i5`2
z>G@Q4OC53hZu!$7{LKs4pM(6@#5voTx1~I2vU=Lr5Z*qgP7h!UI$#vF0d#E=McmK$
zF8-i|oOb7Z`(mM>e0&=$Vn5}9+J(w<z7IECqVwIv)ZY=2aZoTie<R9;)ax_{e&^NH
z!sh5-v!-caI&ZF1h^CH&wE~*vm*~Q~a?+x4)LT$E9K*#tBp9p}c}fz`JD5`9sAU-%
z=&TbiyB(7A_Nhj?UU}ZnC|<HflmUBMTZlws-8cN52BJNhNQs=j&Q27yk+gdoeOqJ&
zM9q;4Ih}IJX#htuF`#_2Uz(I7^$-D){xH#DJXhj4D--F&emBrIV=_mvyeeDZU!Fg{
z0={K<%c^4*vV%%l3Wk~A%FBzDlgk{v$#Rk)WodETs?1D<dJ%Ht*|D{Yw-iG&&7j-?
zct+zGv!+h%yNli-Tl{+>nQ;3ANA#N?c$Oqt^<z&iRmT1EaxsT_Rknv!!aczg+=C?h
z@jos7k5T`rlbJaF9yMWO`R5V`wm*rw|5_)1A!z?U2uf2Ee^#T(V?2F%RUe9ZrNI_~
z8ugW5v0+k$P&qDa*}I#mfLJU{1K%_w97&#=$$si<I{}WUEg;cL*|saf`-3a2I~EE5
z4<o$q#Z2O2Pxazx^x3p%y21_NCsy4bJd)gi3)USz+iW3q0frp`leCZ{5EIw#yrJ<7
z7GWne9qS&Eal|^*q7W9mqSk!fKl+)!4_$5vdt2nm%JaL+_z<fP%ri_FOK{5w#fVi$
z+j-lF33TfXw$`9pH7dbcMLMOOac?~6SbQIxfEda*5a!S+x^+pTPPXAl9jb>|>K^63
z8KO6ovcxv%V@TE9k?vLLkx``tD)k7pq?sl%@4z0kKX8v=@T73|<0?gw=FFKUGKni1
zn80BE2!xiHLimN2BC~&hhNwxs2O|FlPA@w6TeZ2_W)j;UD<S+M@ZOL3*5>ih1##Lq
z-<D`Za#53UO(B2=pN2kR06TS57*xzuSZ41MnhIF7l@ENeLaOm{9nrR3^Bknb{~MJO
zDYTk;!ZSp`UPXiQR7Q<gYdhGaPZKHi(rB&0Te=OJoO;ChV{ILC8#AJBPa`N3ihk~-
zlR{{PD4}<!YpKhq3F@>$O5r|xCiRa=-O&ip(Vt3}HRFSbbdQHGIUa+10=h_TK=!-a
zO!4a9x8zk_LHGD*uMjuq5t;B+reyj$YHjMD=MW$*b%CuERKEIc^82a`eO*1kDb?DS
zC;H!O;Jg4P{AfUuxhOmooe^6qlG%fHVFtzxC5CU=15X(vlSj`=<7h>%^_P5M>I(8n
zXzl`6W8hlL)nu4a$fb7*%O{DjmT|@M$}Uu;(KB%6g5WttgT|=#Ma)brUWXvO<T#gK
zkt_=HrXqe!QB9Rm$XuFg^T_n7qN_wBteZA2jbU(0rTKz*^MK#t4_+6?hofKqrb`!s
z_;iU$%^?^%WAW0J48@Md<enC`Ie0&E^06xt?5|j|1)mF!Y5I*o!~i_Du_4C{#C9i0
zmjI?yS;|pyH22lT-2{klXo-b>-Cf(h`<}6f`E%1B)Ckxht}K7Zj+41y%HFfUHbvsB
zK#*+_%M9I_GO)AHTLV_8a(T`!(jdEPEk3_>4n|!alL(W(%FfQ&Pl4+t{1AMNC`KmH
zG39BFze@e6ypL5^GgT_MVo+Amlu~<{dYe9Q)^tMGs*>q#WWARAap8HC@In`oTP&-T
zr!T=Q+$2bC2{jB-zpI9aMN)4xGRPtB3rp*F)W_L0S;!-&(^ck|3n|Dj2m;V3rhE~~
zBz=+PJ2r}?_Ac|AYCpacvdi7hlRu90bkQva2)Ux7!dZ=p$_1?EA-a0i{n{nw?b}>0
z0F_a6-Q@%SMlvxHwKyValFbShoQuTe6nYXYbOTv2kPg~$*GMI7+LBwIa>k0eJtqE{
zXnrv8#v;zV<7o5}=Ku`jB1t_-RbeIgOyLwsaTOmDTg<+@X&8|N^ZBk<B9Pgf9({sQ
zWf7v-3X6b&fUHF-Z&|kSqIpet@kiTL)CWPhEK}RFU2|@*vs>0}a|ksqHJ+7<_oKB(
z8UgP{4Rt(0;;p)qmre;BOSrak-l?&JirzK?&av0o;fl0nRXE_d`MU<Ahp2_;NE18M
zH?DPgoylS}KehTdpX~3n{JQ<|*Y4GPw$ZF98&_x9nhM6;pUoU0d?H_yAj#nW#A*G@
zF8>%S<G%q2Y^?v`J%#nJxxW8utX~Nl#eDuhGki@N=0>RifG+m=OKqZ5lvQBkUrSK*
znw~=VrPU7&ACs-&bOT0oMaH8@gRXSEJAP-mz;Wj0jElWv4y-jxVI8%K3h>so8mSA>
zJH9zegISC_;_t6X$2%uyZ<{w5_`HyW?6wC})3ywNSQjZzAX~iE!U$rx)HVUNZ{bBM
z?6Gr#SXW$V;YRl`Qmnt{;kd2^s?=KU`zQpfL7x+lOjKkrTTmbA)$ZM3!20<db4V-1
zBGZq~5yH%sv|XfpP9=FgfJ+y*McCp@JghQ?Lyxmd_kml+TBfE}A+`64eG@fRFhIY<
zAl;khz%EulN1Ge=X?3~v!5F~(rFL$r9_&x<cRkr_04NX{L1h5@wK(Zm4I&HpgYbu_
zS8s6*q6j%6xuDK2>%HJq%&THn?{<d0$yk$i;fb8n_Dt`%vXd$|xp11#b#59%MUpA2
z>!;qT%wCEt2q`*GA9ZA&14*1~szGMN$YFb3)B+<(ziy_Z@~9IE)e3HfAVL8A3rU9n
z50&F;a)7zW(Am_&ZsTl}dBuL3FUdB1LEgYd?>8iBbUzr_mUS(mxwO->9sg*wGBUNt
z(#Mva8=fAN?%-QPEpOTj>g;~`fuF14KeHynYo<<5>+=-WP=cu3uMXrqr;9}wD+ViN
zMxHmhI=Z~cZ9Ub4M5uptQP)IQ(vO84Hi%2KQ;nrEQEUambhdVJW0$EwO#(+3;TNgl
z`Fbz^Y?dxtjGfX!UA`@GqONfRi3|JejUG_qrHh3<Mty6NY9-U`?~J~`K>rnlbHhC{
zkQY(9?j_;88NYFW;2Ohg!<|I?%oC*QAkSi?8aRn&8g~mzeKzzlfK)eaXevsla$3h+
z59UtKsr-^)^o1IA$q1!Z(GT8SIWtJzUtKnS=(!k5qCJ+fKy>WAq8dzBQ|>Jh+%~TG
z;k0_MA6C3>1g?}@4Y&^JOL^CMO=@$8|EMV21?ictX883fmYcmJu7kp;BJxcs*P6_U
z=$l!0JzEKrE@WhsAHAn}REl6e<~o;{bndJKb@OuWk0-NB>0EiJ@~bIiOah<Bdy!CO
zle>rusgzDtq99C)qsIh3%A(^z=)t$9ny?-i5o>8igmG{77pD#a_x^^%+0!JkfsyDw
zhtzX`q_OA`syRGDx;bg!Fvbm;f~JX9_m3c(+;^~G>=)#JR!@JV`<KW$=>Po^!uB6D
z&h|fPyi#@Be(h_2%j1t)YfEFlUq5u;Mq&+UnIwWpHx6>=!StYJGHK)`0_K_@=(-aP
zknn$#P=FEmbhc|;Jf5x}QUwtE&G4o_=E3rA8P?1Q06&zX3Uu@NFb^!#;|MNI2j{5K
z!&Nl4f3k#V0h?@vVSc3OCt%yf^*i7`jUX62C6f?`>1lvn?)KkZ;)jjcpo`LX!ftJA
zN9AUVUI#n(4l+L>Kbcso<A((m;0dvYh-bWrJm4;S)G}ikefF1-r!3LOYN4l)n;H;M
zSv!pynSEbG-J^%JjOt`2dMBUGO}-n&?|qjY?;rVKknd>nI@UtFiQO&cDpFN2c`%44
z9&Y!-J<h;{R1^u!VhUvFs!C-QW0eR~b_=|`ewk|CzTm1tSEf(WpF*=Ck<^jvFJ!;N
zad_p`inh{R{v9#P<{oLSI&{Ky{?HlAq*ME;!!i2fc)igM^LPFAqyrv40hsz%@-8j~
zpN{6E`}<|eT`-scL{H~t13CIe)ft9jRxJW1VXvF5V4VPZb3`WXYAw$MN4ew<X2~}l
zMm=^N`77~q79gVBq9V1uSm(m`6@ed%Dpn%l-YEbNm1+vLx|s3qYK(e7Klma@<Ck>%
zClO7s>Hvy|ZpG1B_M8SSSi?{v`08$;p-C_5W9=UgRk=(EQS1gWywFlQSm+9FD3Y|O
zqv}ac8mQv7r}d@+kwtS^Cr~Q2^)aO!KsQX<0TumJTuLRxUBI_+l1pOD&CNHzx^R}j
zxK(9q`XPd~m_%!ljJeBWM<z)NK0W7bb(IS3tthwaYI9;oPQ{iQVi54*%vFa_^}EU-
zSR$(Q{WL@c-%Bo~CF~G8=Pmf<>>p1uGh{B`b6R54gV4|t%aOF0YU#(()O9%OlQ4BA
zQk+n3S?UbZEH4^cD=1s99h(p4FqNzQk5!L(u}K{dLtT2zD%b>bnyBXEocMx^jzXLp
zY14&8(H=XmpFpjuhOUH|K)c~YxktcJ@gr*ij=G#4D{O9X0?9&U;-Dq$;L)LqVum1P
z{d=Mt&k*@Wdoitx6;k5#>SPP=ymRJs<cbquHGpqW2v^fM4FiaOPqz3r&Ug@XwA6sa
zjbth{sF`<!xXpu~H2L%XuBii*ZCT}1*4vJtI*ekG9fM#BiiaGFadb<Ok&BXiZPlAK
ziD++440^slt#`2fMsB!i*3#JeeC8D<ZwrQ9m=`)<C8+1CKt*4r84_km)!5SX;MS>b
zX91+<pJp{{Tioc_iE5<)A3i@o3}GL4xQYw(Qp}{wXA+#^0SnRkenW`0wl&bP4)=}(
zS!UByPqM}ZTrvd-rAI`BhCb-`%;_|fdqMT;Iqft7#m0fVeV7E<^jx9l`@Sk`1OqzB
zVh}leLauoLgsVJJaRe&igelHYCcx(gcv@gf3N7ITUkj8grK%Y$7a`XLn)QBrqW3}~
zd}pZZ6ys1)hm|a8K@tV6C|v71IQoI1Pw2RAZxKDaLc4)2ujsog>2iQvCEA>?sL3Cu
zBsL`GDt_Z(vjPZ8){_7mM9dd)HrSPXklH!Fj&cQoNCYz_@*T*c;Q)iq5+r>}%PpuL
z^%GVL7R;vz<!9^K591{Z>2i`N4R*;~N|l4vkx#N^QA!=|Plg@bY%<obIoY|qD~czy
zuT{fB|8&nkrueTC>EFmvHunF}PGtX|+KFG}75g>uzsM^Nhj9f<6J~b+eah|170X+4
zhV9~ccCe+`pr$^niOdF~DS2jeQ*_%|aP;_gHY1iKKYfc_H*a6=k$w;mBMaKUn9GB8
zd!hGefgw+n9tos95I|ffl3+m3>4AoU)%OUm-&X@Pg746Yz<3{oFa{7{2=YQ<GX?^D
zz~~DSjhyYkbWDE2l9Q;TDvVhBv*B4);eR)|dvLVL1iJ+K${7PE7!gP6&J+_%YQ=T#
zt4yF>q@{n-Q$kj;NEeuBq>!(U398VZ2gxpmmBI)Uz<iJFG~id@#1^EJk>DG8KQ0u(
zRYn=XXn=xc$*bi6)45I~G8i?^L#T|21fA6lnUNdQH$+oS1M*j>Y1O}HfC?!Wp`k3w
zNkr9T#V+cIGxsM}9=(tpP0lm<?juJZUuINE`t7mq&?UZcB(Hbv6LOE1iebIQ?k)~Z
zpA^!ltb?9kEs1Un87k5Pl%h;|)RF~i3VK8Os%+sZ!8)lWwJ1PyYhrznje0jz>sG9a
zR@!PRED-Eep#X{`sr?-HxzTCmYNQNhxdwIQCczzkoQe*@D?*>~BzQKdVROhgvCuF}
zd6<J`!NOlx6J0U)NU8|k%h@Ay8~<FMuIc+cnZl7;!_Tb|A4jJU&m|}0=Zk(;Il6<k
z-bzZZ(`JJx_%<*eTRKi#y5Fc5_!L3IG5nC8==`Al$s6vpzmvC8kC_&_f9tc<Ke}>d
zs|dV0PrUfY0>BGS9A|4T%5yCjQB}1RLl@;OZu2Lsh-V;fkLdeqP-rZ4XS>g~bmeWd
zS(2wH^p#Ewv}Ll}^2tJT&wj9~E2i1rwWcZa9FAS0&wpn#DhwBSc)uA8%D6*9986`A
z@(3nliMs0t#g1j>`Zn10K8RH%4B+g=TlLP&X<zsRb5PNICVCn??t)AQ-KYsPx9RJI
z6zwV0>{qHqP<`TXo>1=A?Jvk$8OLSM9^Xw*uu9;4%z#cpe2UjY=nvOHQRo-#1(npo
zJj8!cE`|Mg-D$}!y;2khomdh{p&kaQzFa=^3kFxaWy_zB&|3ERB>M^ZP$oG0CUmjR
zm9LGEw%yT6iU}zarC#+~TIC5HX>y}|*U%aK)7xr=!=rv!^Gtp_^mWu~rE+YVBI0vn
z8geT>lO$VtFjS1P?Xu9+IR!n^A>h)E<CxjD`x6w%yIv?=9ZvxJenuOP#T3~DnG1I_
z+D+P=fsGGT$Fl<~TWOjHQm4#&CyM0+Eh#P(G1|zk3d;kXI`J#Gsfq~m3&rEZmMauY
zNE!y24jB*9=)u$@D0x6A>;QMilVFK!kDQsR(?J~Z3`?~_Bga+en;2WAxS086fK}o3
z)%@^rD8nK9TV45s=M`SOJxIhqo#u~!{Bauke+PisIR1mvaQshB^H%`)3vS%`1vmbh
z5e*1?$xBG5;y{{akF=ng{A--Sk5D5n2SBdQP0GvF86Yl>rZID10gMFE<@MpB-!Gb8
zmjL=?F=L<b>6zEB5<)O1c?&dt6nO~fZDNQig!C4}1fc*R(&-V;e};hHJ`C!~F!F27
zQawk-d=F7D{4N(}tqu4Yp$m}pvNx#S$k&!7@U!)u$@f<f>7m`L3)$X#&K4-{wMSs^
zevEWzg0vtD_6Gr(sIMhU=Q=ZNT7$Lppem9{s45!jDCHY)?sTkeM=#&{1=#VU-fag+
zcRgU=X9K>ArF?SQjx4v515b6UclCR#!ppp3nMNlgy(N_*V_FQ+hy#JpJ*yDcaO{v=
zD}2NACL0qr4Wfh=qfUbjy6D_?(SZtUm;ydOfwTFkMBOSf(%FFF%X<4-gvbCIE#Sg=
zuC#PnweG-a*k$pP)qqI<BcBBmTFt?4_}g!@EGhSIiGBVvTo_!2FZ~>_=gx#Klhzqg
z8UtlL6^POsrtYtYW{rMoi7G#Fpeks7S?Ch=$Wh2$Mw;EVYG}=5CWp2^8+P7E-XOXt
zn<|^eH5aa^ns(=cqr}0h?X^&d!hw*I%cp6K+nt3HkPzz^QVJx|3R9fxoOb8L6jC2-
zk0=b<R<aQ6UN-o;X31w<*CBHd&+QZ{3@p(b1JfuJioiXAguO>0Y#)>)1WO0xTQe#j
zLoA4Pa5b-4&>QTQ-LH*Hm&ze<e{lewog@&6MElaz#)C!JtSRP^A@&GuU@g@!)JlYz
zr7o!=KS7hMqi6Oh^fRlWoHM}QZDnQYL7SM4`$nm-alWr+wDnQonnSe|_+0=u#mgqn
zWJKs@w3AuQJx%QBv^Xgo8&r9Y85sVyFhfb2gN)=wteG~*$Zg#0k^0!OO^t^#!CZ4A
zL(;&k!Z*PMa*sWBAPpYs*ux4nibF<M6|Hiyb13>DeB`(nJq*MeWu)VQ+9mk08ZlYI
zl}(uUCI)jk_%l*!rW9Ay>&m-)Ya&Nx-fW8%EFpSX1x0N%<@mX`T0Fy1;7(HA_+taD
zh^qHiw8!KO|0HiHM&))6xg~r>I!)B(m!lG>ZzYZaqzhZWf-QYhzOObx;<^UWdU;@Z
ziNl+#e=Y-wgmWZ{@_3JCf*i2bciSMDwwlX~Q~jO&<KTN!`}-&hx%F!pdfC~6V=A}l
z*&iz;wVt~U6P)rOn4HI8Bc|p<qCPMU0nu-zL^g_q$Pb}eU>9-uJEaRjYcy5pB~<)M
z6CdTM+clF4Fg5d}nF~>Tak4o|a=Jhl72iGa8eQT<wBdu}uNpAp_Aj>vkuh`Pg+ExJ
zkm2#fY6<`g!4%uY5L?Y#8**XMB<n=&<-DvI;%TTY)%Hrq5_2m-Llx7=CMX;+d&4Qw
zylA?~!7-{<!^lfJ*Kt`FG-3!}F8O1+5R}d6Mx@X~HC65V!)1ijJH|w4agz=?r;wvq
zP@JT<zfE(@4+VsgQ~`I-<!_3f7VbzCU!M+D1y(wqD&<SDNo?6U$#gC-dvrzRG;b8*
z^Z0Qw%T34K*ndp_I)Kl>*;O=8U-vt1;Y;R$2ajWNarKB9qKuSvPLAGIZ87a3f6Kp^
zb?)V}N3{6<Pk;R5djG1#{yihgPXAATWT*e1{4rDc?^l5Jrj-;F!|}M6BctXOK#Cnw
z$}o}HzaV%{By+nYRlZ(tuoUAG295kut8H@qU#|erVvq1hkhOd=%Vps@n?^M(2q4}k
zmI*~tY6DNxXdDKnvHnN$NUmpBAG~=005ZvC{%j<9$Z|1&W2C=gDGZ**j{->LoMxe1
z)V(6fNnCLi$*uFynysq|v}X<u@n*LT?+AX)dJO^;a!4SJBqb1sZ;i&=5;bwT?|eX)
zm+cMpXh4|iRVFGYnz`3Ed*tKHi;3%FzM>n4M-()W>$1v@+C{yMbK-X!Z+{>bDZpvr
zZA*;b1DQkgK=LM<yL7*xK_|1c@Th@6b3S}`r~+Dy2;~b#+~9wA@dg1St%%VyNf1S!
zG^pe(aUGAEaYJ+(CN_J>57F(9Wl8Q)Zv@&0w7>3|mWcvZC9{vC**6F|*7mQOlCv3~
z)RE{HK#v*I2T;N$Fw=$Mgy8lJa2f_n1Lw#i*KQWjT;%TWbly-SK23I8ZHZnB80K33
zIF^t6;_%JkihFfX`IC1NA`bK*&t65CZHJ=zW|8|Od4S&n&$CDB+zB%yxh0@a2NF1x
z5U;yUiQVm9)6n~maZpeiougPZ=sS9s-xZQ(np@Uj=a6c73m?k*xwEVoVt2Zgo3n>B
zi6~~5W8$5|t`ts(Rs{9Pv%>ZN(s(UHWaP#?bhu{^U+rIw_dBL+2{{3SWG%B?Bsf^G
zgs!gOe^eWbjOn1uiqGjd#2G?1TYrGqzLKI8RH-ay@PVgZI+`qAbb~RQX1QHCFr|7v
z)M+G#j58KFA)?3)c=3E~&!mWwcz}-Oo)mW7xScVJ1DrH6KK&KChh=)uT)<QUa8#{O
zhoBi;IMrv=SE>WWJ8LJ$1Zp%*H5&rSsVs|<jdxvmrH5%sLLUrLP!n*jgv9=l5g9eC
zx-FK`{pqpT5@0iE-cjVb@=WyXR)9s@>~vgtVtUk?>RlffGtIifSHs4BZn}a(iK=lf
zgEQqGnkum+w0yvVf#&Gbe{rc9xqg}0)ZxWbY6{Kd!zN_yg6#Y9d`1x7wL2>!c=dXg
ztW)n)oY4Uor9I?rBD#;KS233|etPYCQErswfx$W$eB#|#&c6B&!Tw8ze+ibI`R^bG
z`=7Y&UqAjk-Nw%FKaFQjs(dYLV2A!nx9uc3I8}z-xLcd9NjsBr#dEG*<ko{}_)#|@
zmc}J$JG+^By9&tHYKw6UWb%@)=Sf`kgT;J%!p(~jILP{)snR<?h^#`YyMx;a`31a)
zAbgn;WlD)UW|~1i@Qt@R-Uh1>@%f#oaz#y$z%kL!LF~E{iy?i=gcC#^Q~)`(D{;fB
zOPw)E2s-L$)78=za2+xzJLQKaaYcD$5-s1eLXAC4pIJkX>q-K4p-}<ZF7OD2W*Ros
z6Nxz27pbCBSazqc+Ohz%tQkUt$`QrI7~RZ@8yufB%uX!1?ZY!yM-EvG=0ebOb^w}{
zFVR?1IS1<wKP_Pb57&Q6Oh{&2`7YrrRwoyG;SuOVq9P6p4~prJLEWs&Wm=A}th^{5
zYZpGODN@siDUMaS`QmqG(a*v=8Caziyfmg&fjL<z$9PA))M2rPF&@Y)gLKj0Kc=i+
z78ye|0+N&pVd`N#aBqb~)UvHMt+v6$N<2aY#7#_eO%S0Ajg-;{eH4vx_N4gw^D1*1
z_m?7^rx_g=p5i0lLeRz<9ay#(X}M<N`gU}p`ScevAZC&84T#!>G{N?>Ju8NGiu(+W
zadCYu5KQYPjZTE3g8vps4JS~cuJW4B4UXdXoh|BhShakW#cse#0oEE$_f)Rc4Pel<
zE(N)_csSL95}H|L5TjrCA#Hp{s<zunWUphhKwW84iMyb;^MK5Z$KqlBJae<y32>!U
zbCnXekf)K1VkaMOr9MQxO08_}<ANKy9EXYb46ik$M~~To>F%J`8d|D<ZbN#n#uci?
z^`m`uaJP@?FAdYz?}jG??R=Y`nB0NZbhB2G{+??0K=KFT#2~A~q%_e>Ss#qc<*zw+
z&w|eAxk{LuH{nuc=FNgd;E9Y&y{TN$7eFn@H=8*Jnv7`9TA%0Na`rS|y82mZVz^9F
zI6?0<X5NW6`iZUhdPRB_Mk3zWM`}b*oi4vQPsgLS->#*pT><f?5<(T&vABQtv0HE7
zNNtsed7j820lvv_);p_){Y7L3lATXiVCu_(vBEL5kTMr5d0EordSui012SVjUxNM7
z-F0+akmUelZg~7kr^t%}`j8Cp!rIzu!_$cU?eq7|6Xg?R?Pv$dKXv;@j(>E^!uJ28
z^X!cOY#6iuL5BU;N1;MxZR;-<gXeN}i?w-e3d$jzgsap%3RMh%X%RkLKd#B?m_9))
zti&+W3|_aCL{j32rk+wAjT$fa@y$m0zA-pP@J#kQi?tsd9D{{LPj9vn5_K|_TEN$;
zNQi-PW&nQy3>SyjSNk4K&=WdWAUr002?9e31H%~x`;b$VX^d!mb3f-R-d9wcsW{?;
zm`#vNT;A<IyWae-z*V<l?{d!1c442}02-nY)eMnv83Tun(eH;3Cw#l4)3X{a%L*JV
zY-^`l%Q)vuRg*F)K*9uYo{>Tf$(O7eb;_E<aki}9B2K$geKCVXyr5SJoBjUe1wnLW
z3q=SrW``t3@{%j+%*NN0#MR+TK^1+sQaJ=<1E2ur7BS~Bs7|O*Hkfvs%v>b)yYO0p
z)?A_uMTPN1oTdCeoBFg;ss5FXKQmv*Ozq$O4$gsiFK0NP_OGWS+AdrR#?G{Tb5Q&?
z4;Kr{Xwn2GmiO4^k(xEr?uA$N!sR3@!u5#GgxYtGmgp9X@JZJ+ePO>7Nm&1oKy*k^
zm0WhSXIFqpSCdi}Z@dm@u!+RE&}lO(2}ptt+J*`04si=U$g>lq)aY2&Hhq8$0MR_{
zZ2LX<hR}DnbN7lh%|#vzepKT_Qh^@?Ja^rRbXr}HmqB*o?Dn{SeR}`6r1a#4ai+-^
zvY%E3m81R~eR}b9DQBs5SS#;+thUG!!3p~V5);}CK8?yIm?qLx8;?9g@(V~(VHKkx
zV@WF#W$alnw8zKn@Hsym4<zPzyg6gY7p3W+^y|d9cEPdo(MxS@OB4R6qi)l(d5xXA
zsyMFeg5IAv0{!?ba=BB!e_19uGYtVo?HZDjbmSSK6%$AmX~WMZx{(Pm%fQz>Hw+an
zS{9E?EesQXpJ%5wI`Vff$J08_MikzfZPyR%QhCh!gkjGTQ9guHi9W=vqH6Tg(EWru
z%}R@OHzr)?6Z=|D?Y($Gxq!n&xj9x|-?kWpvEdkU@QZ@N>zJu53FYu3kvYBuws{A=
zQ?am(dSg<Dvh66Gr`o%@PLorQ0R5<&!T8Ymwo{)6h>Jm&7JbuVN2*_vmkTI4`CD}o
zD(|$F^Fe^OZ`aG6aCgspm;1mTFdrbjOth5$6zkvEK6d86!71!a{{&01GyNst|0>pt
zuS0f?9=_}KuciUBJdHoYRAijd9Be8<sOHy3q<~IP#|RN>4(80arz#61@E9YLw9`UH
zI`idiuUBNY9Y)xy&a_LHqmFh+-8>xF2TIbYOXr-6x%Tznf;++5<TDaD<=Ugx*g6FK
zw<yy)p2Fk=0n`EHj%Eh10G)oQ`?$hP$KPP{FJX@>)*U&7fsS{6Rls?ry9Zlmz{T31
zE||Qc?{tiN!1=)%>$J1hHG$eOvOqOt&xHS6zzmW+0u2geq*PI_bPC$fLmtF&p>?Ji
z-goNpzzwq5xKS?_`4E!`<WAFv1r(i)Aw<mY5c%F*tT6lw6=DbSUh5Dunjf>}$pfcX
zaHd)b1^?#zB}8<Kt}PYgNTTn=4U=MQ^*27+L)6?lcD5V^cnQKtrPdL02UL@EKcjD*
z3Akk98@?f_De+74B&5NZ_zia2mR@;sqaJ{3;Qj-AzJU{rGbwt~)OHQh75ddbu33rm
zR>H_Al+g>~<tC`vA*>`9KqJbsFYhsU&KuQcY&#7j2<u|Xs1?J*q&b!hvOJb!bSXmv
z3+eM$LLuT**@+NgvMGUn5>HgN46CQ=3i637nxRLy^%InEp!Vt4--m6qA8;upWa3wh
z%^KtGv)+1Z>{N~WiG{FMd!CR;2=J;d{t7IxdxLK}Ah4k7ocspxtYrrIEs$5GUOjbu
z#b|X%fwTaB5~t8vY;+02xDkM|01*P8O;AB_LQsH`L8_!80F*~L{LO$X->J2x^C^nQ
zdRWJtE0=|s>>jnDHy9RpCeS9kv&h1<lgDef(XXwTEs?Jgd$6r_TMf-zeNE%BddLh8
zkxsuhKlk#;MWJv>rm<0@DiWGLJEc?^JT24k+l9{j9J6Ry?KKkAqDf_|E{dh=8qKWB
zJ$<>(!rIr%a|;h#+R}s0#@bnkqj`2-6cpxNnM+f<YMCtS(^J*8d;X$xrYJMpejWMw
z{^E>x-Z&o2LEHAH^Ydl<n-=n@ATsz>V3aDSo)5!=>dRRxEgznGe7m}K`NA8P%JSD2
zEP1?(a^-O_JJHX4o%F@DL`M}>!q{KeS`9Z)*ZHWOl;vV7W#|O=B|KS=^^#@d-i=M^
zFNEo3jC_D;`Gh}fTBiz&N(uLA1UkE5FDgu*x0B}Y=AJ>mA<eG*Q^<ex`RCOA_W~Yv
z=6`0~*qQ$l_kR^~q4M|Wzq)^4gm+7%27O^q4G!QH$M%(P=?m)RmOl7k8o28gB(nsk
zn=K<G?}s=FcFVRIgI;n;Bq9B-)<Mxs+4%a{gw8P2Z7@1oC^gIgV9uw8F@_uk2%Gs1
zz#=M9{6A~JGa9o$k!>ykg2Xoa)J1e8$<-ki2~T+J$xl>?BZlP~dzoBx-cf9(MDs(0
z95J}tIq`&&Zl0bcuFO$7pxmtC0CqeE>d?b7>e(*@9)=3Fs?K5ByxA+wnL$Y<olr?N
z)RoJN*tmvMx4=6C+4o}i(ThOFUDO3r45($vKg@pfsIIeg6&S-p74AAfcjuHgYH1d3
zwz2Dp;12S#f<<r6Rb}wdkqbYbLc;tq&uEXf_R3bF7os=$BEf?-Vph-wWNm{-UV)hr
zDIZtJ5`^}rHt@gMhNd+cRE}yI8#V*C3+CDD>#|Uj$iAlj2I~C1DbQ?cT!OKRO`la3
z=t+Flx^RKyQ(0r6>&Bn84YSe?(CDKwX<&~%4^5l9W%4~dod*1;5>4PB$A)-2<_KP{
zJ%y&}<!~WNwqd*JBm0F<bp2YzvLqL1{YCV3^?+6x7}@@`SsmJiyo+9CiE4n1-z&ij
z)^)4#)e1B_p=^j(7;->^Cfs)KNdNpM<SknY%aUE~rf+&LDs<rD-n-r@{rp$O7ujYz
zRV7j{03`F)eDnim&xX|WJh?P@Q2_UlT9)9DgX(EynF4aI6!<0VcI77dnEGYuvYXBm
zgo+8ZwGZVZd;OUf8kV5PJxPQlLSC~qh6N||>MOm5SE|pf->jd<kfGq3+W_wz`EY%j
z(-c#HAr+rxH>97$O#&r95N6Fi_glf%i%R2eG(;+mZ$kLcaVOFz;O77$0M;D*eXxe3
zig+1Lp8x#m)BTy|;%ohdunZ^Xxv@-j73x?k7p@am$b=LWv1`66&0s}u&2^{mor#3C
zN<5(ZzJTRBS@Y3_b)q$lu6%Qy{ovV1tSu2|nP+w`I-)p1ewXsb*mLpKPFv>7TyY?S
zQ}Z)GxVF3WQx)F}4Liq4P&M~rg+b{LcGO8p%eHLammCvx>?kPHlJ2pW_E0a6l$K1X
zn`kbcE~pP6_uB7e{}kvS-Te{hzuWWde=j8bKiAnm!PNgM&<o|SVJ-T<uCrH5sOHS$
z*Y?d5YPH{1W1K*p(4FMIw5h9EYGDjMgZE>sy2vt&@WN?Dj-nP?@=e^U;KaO!9B6#P
z>bu>|$5^nk1bRxT>VPAU4fPwC%(pHq&>RqTMEkbYZqf<?A1evFCv+l7Z~_<tojBA~
z-)KH>=~Nh78JS(`4-xcy0bPa=<Ab|jgn-L>533N*$njEhc{o3PYJJ*RpK$Y=<}p{X
zm|8Vdy8~VOh$V#8`?N;${908KC6$(N+u@<K?K^?i^^>k`51tkb^}zFMr8*gg@QPt>
zRI|e2T4Z#`8xO*zBN*i?%2=ekMCK_H5|aiY5tWs+P>&ilpi+d%NRUe;VV>Ymuaz`L
zw6O}MEPrhXamBHX=Y8<vgFN9*??TZ%Nt%Sv14h0{A8Ue<nwG`32VrmtcgFG*bs4Yn
z&@g~LXRsc8;ez2)M?jAFljPDIYnh07s9}WcfD_HYnO96J-FX$&NzJI}^{^__DsBi_
zTpTIpV5=90`WVGsET|M`M;P7(={U*&w(U|=iTx-!GjBm5w+n*`me$x)D6-~YDRjpD
zV{;A-GkX<Id-d)-{gV==uz=OBBG4d)W(2N<sf465mF?m$xQrrTpr?c4ns%;r!3-V%
zR?!LYX4VB6xp_gsw61!BzxDkz&?aWziqzq_%&~%P*^WN-ATK5xp8WARX27PvV)S9C
zf>+G8WtrCHM>Cu-Q_oi0$YQP$J$uVJio+*rRz)J|GMu8JZ@ZnS{$oyvxl>a97>YS!
z*tYz<TA+!^vJze*(7B>L`LRZ4YZ?1UJ{v^nr~Qx3l?R0E-xgctoav8Ct6QAw-d~>`
zFUy@TK-;8j1v2)Dgjtmczp#Ztxbvg)o~g$rO;fqQwj8&blKlKM{<Li&ZYCI+xB90d
z{!U=Ca{QevVrTg$v4)-Xe<IfWAO6<YgO&e{5OV335=pAtP^vt(k=@DNx7e5f*sty5
z<k3-IlQy*ClrPf5DpadU-vO<+yP5~8vhfWN0`7kEjgvk-Gx#UM5au+igP3v#$%kw|
zlLu309_R|!K$|pne<BOx0=z`m`Tl?sPVEW!o}&heV+V}kWe5?jPoDPmE>80SofmTG
ziY{;s-{Jbk?(cv+XzdNji`;vhBjhgOLq4XCDa0D3#{J6=y94*Y>>>-~J-}2Q(p;~q
z(2oA=vZ%1USr@IZr(xv;A1p79y&cJzBpMIVA*H}7L;sm~GcssJ<kdS(KB`*^<3V+F
z6-w2G2x_Fk;UDvOdx2i0Y)FsoI|wm8q<4-)DkE6Ak;Xri!m8bx4L5#jR*UKo=&Z_5
z=S#&u)kp10q1GJ?IPFlrQ6thg2`I5+*I}4z5s5Ii$VJ|$kmryGSlqiiMpV&xPWRxL
z5kUQ&Oy@R%B;k~bXTm-yekC{rdWL8<hT^i2=3ZsTI(n}ZWyv)-uVVeqiq85H-pIv~
zOdJZ;(06c3N`O)lWKD@YbH4a6)FzR?7PAzXyBfrb0Y5V^5<$urQ1uE8wYLcBkxkkd
z*~hxI;yLf(B`d`{5yOf}e>&3L2pu8Qx#q~lImAx@{vm+Gts|iv6=GAbQE6ar#Hp&`
zm^YI_0o=Me05ND;4X<rLqxV}=HFeZ<o2B_N6<ksZ6vF0y6Dk4R!R-cSZ(<?8a<*#p
zqOmUANWWl08$vK6fHVX!h9;s=;vVeoAwM{prbiEXi;DPDowy5HCb3F%CE!_0djX&F
z@SKCZQ$p^me5-D4g`?)rt|t#ulLmz2wX;Gb<P_)GSZ$I;vz`yRs{5{&7irq7m$q3*
zN4mg`IU}#B!>RsUuj#s~QNj)RT|6t8w~U3t1e4$k^9nx5AfY1Fsb5P8ujQR@o`g6Y
zcOPF|>4PQ5%4`a%bz17A0%6Q2Et=C@!h_x)^5LMZ>T`3w#nnF`7v8y9O2^tNV?xLx
zoA^A^r;c;j)TRSG*GrQQ5TNQk*ca6t`dd*03C5$~YZto5MLP%Z46lKcwK<2Qma`y5
zNVZ2$8rcb7>N?^r{1AoWjHp97i+*tC;~UO?$Bcky;uJJugD3Hi15OuiVk7U`%mET!
za$I`sOA@upVC7>yak==kmJ1OkT}>5eHkrY4@bSnOu;n$<`|4e3lKM~O2n}rIi0Mec
zJVF}R4DsDBd#34Z*%+zJ??FU@@jN(r3(vWbo$R*Lqo7AGWv7AjIV^fp_^9GZ6E%=c
z637T8X<dDyhKiB@X1J;R82*W!3ic`X*{kIe;$ld9?zUbI+TTSpW)($I8!fdy<8j@Q
zbeI-oozXHS<)hlNEfF3M4a5G<Ok{rQ<fT;CXF>8YEKs@R02AkygE!^rzwed8p0#Ci
zon}2abJog}npM(Th{SqBZPYPzExhT=-;maOdd6mYt@M?Aiu`^5njy(D`icJQ#{LR!
zM6J8_pLX`grT#kL85o%UeV6__0Q7%O_&<!n|9ZlAs{WtGmv6%S<8b~lty-{w4H8N(
z{kd<FNqRalC$S;h>wP=1p=xa=U}@W^lZ9|{aPlLz4i4{MY?(>(rz(xh;dbbyF{qx7
zgEgr*WPLn7*9@T~WDfD8N^T^}OFlPW5ue?1v)y7uc}Q|`fWtBS5dedyDMG{mxuz{F
z7tN1D5P(s8KA)Q*cY9}^U}D(5W<D3b<Snr;wv3S<{)hykU=k>C#3ph6Sx_~b+w{bb
z6lD}eNK`*(OjHFE`Ou+2?fSy=QV+iwIFI=Kc6K5OIpix^NpZ~Gm+>`1I%4bZJMLAK
zwLhQEqDm`IkQMn!fCk|`o`D<uSFukdnL-Q8(YLRyVD22=>F{|Uq)q)qAc*1$y<9>(
zS88C%xf8+x7A9U2Gpc;dO-_+QDnV)BuMF%mf@ra-SV?!&gIDzd5>Gf)Oldi>efLo;
zz}{BhAd{48F(*1<gxLLkfmA#;rObvy5?c)wJBq&77c6euRG0onX;AZOGwQ)yN@L_e
zMsm|DCD~FBEkbZtWM8C9l#&#fRO$HXbOMpr=dA$Koc&u$t?qX5rpoLE^Y+-ts4560
zoW_1Mz83mN<?Vv3L{J<9rnI;;pwL5e+1le@Z#g~)3+_dfqs<!P<#RPXCC<ZRi^F4{
zv4YPHJmpANLMWCLS%=SUhGOczC_%*0A$YCAmtfb##KgM+hyxNq@1_ybq{Lxw#1aC1
z=TLl#arSQ!2snJ*vq_$rsRSo{1;k?#zz`2K7P`g}!iwk+i1TK{Gl~?wFk!OEL?nuJ
zSmYQ4gd{~Un{%*GG<vk0G`0KQYUlbXi;cpdI!9(k!&|dyP){?J0T$ZcT!$A<4_ptJ
z=dlw_UeLfstXqLHbTsIEPCUz%F<&DzjlH}Ry2GWD(de~Tw@IUmGY-QV&qqZl#4CkY
z1lfB=Ava8w14t|2`9Amu=x%u`dn;tNNqCKnBwWRb4141m65ZJ<YdWWwbV+yKC{juR
z1>#eKanfkxU;kChYrq%S&6$HpHKd@3c*WY+YlXW>u_jL|G>VC&XhV_E2OC6t{Tvs9
zd*dKl#mWv8z2WD(FuOhHM{=%8gk;H0g)yc0qVVL<R0Ltn#46`mzDB9~i=63p?=FHm
zDcSiBN$(KfoE)v8`X)3+mMGJh7Hd?olvmFL?UI*eX?9Vm*{=S!oLk34YQ@Y+sVd?q
zqnEwj&E`NQdoJZBYpuQgDSU9P$_<5m{xxknqP0PCG}LQEgo|$Hwc%peeh+qb*;F3H
zlV)CUM`*1{;ncwz4BEP%7`i4tTg}G)+m8r$+S_iW1_QdYFF<{~qLMT#n}3R@mY*up
zvIHegn{y#%+`KpvvFck1=o(DGc2af@uYSV>c}%$z@jk#*QMr<JG~Kkg4ZnMpys=!`
zs!SUut^hIZK*fx%S*|Hi*k?a1Su}wczo5p-ahP6SN(Kd`M$<}_r%Za}iF~K@z8!dm
zPPa`UYr3j2+s6HHA2AAwH!kwW>?_*4;d8@3-R*BKDgy({-|Q@Qj{neL;P{^!4F9KE
z`<jam{HoRp^Us*)8$!#8C!S_b0SE~oV7`hq6OmSy?v8eR6HnJP3FgF~T!_BS?U$W{
zeUI?<!1^zc-Q}z=r=9>*f2QbA4xfRC7`$YM70GW_kt0Hq5Go(0FY^b8_@9&;uk1s~
znNn&o62?o!WO91EMTX*#$5`E9>BhSAiS_19Gx(oL-9A1RVGj0*J+G->3L~~ec)s#Q
z;&Bw?isYmaQp27x{>xac8ts)i**4nBeHtm|rPvdZPHl7FyU!EVQlipv3TzP-qw;Ng
zZwy%d<&)|qg6@+W#k@L!n^AY5Rh{x9{inh(&1k5}FLZz2`B#8+(D3yIwX-bDsk{iJ
zY@%Fn(cl3T#>w1(di6K#bhcauIO5a%t}++ik_65TA@SVO2k;=_XU;=W3!INRsE4Q%
zlMBy8N_xhA_6e4tqynD_ksJY&e-+-T$`Bevp>ABYQ|zC!0fys8R&s`I-f*51Zv?Dz
zYA_IyZ;jWu*Gu3HN5X%YB~JWVOD#PXCRzT{vQ!KSgOAl^&Rkt89mR(|SCFh`i_N#B
z0o!PDSdd5F(z2!;+2i4e<%4Mz)94*iUfs~s)M0w!iS0c|zDTx9?GQ4P!O(n!iYi!A
z-_`)Zg^I}phd<pjMwc>>#s}UF!{$=mFvn5B2t_Z`<gcW3o2qtDNPv7*h%{7f{%pMJ
zL{n0w4USY36E}>%l*j5scfB5sC%FSvWmfqXyv$Z&7>QM}f1-0^5Pf5!w4yuew>xY)
z6ef`YE7Pg@lfwif0K9aSM^i_N?m>mHacCJ)=>m;lC-gqp?~z-nkG(Yk#aX{$XF>fW
zWlFqR=uFkTs=zW7*Q~AF|A3(oY-<Gbaa9q&!6i6#q|0mGcrEzOy$X;Hz>Fk;9yj>>
z*K>fZesH);i6y~H5gDGmQ(klkD03SGxhEF_&K}cYXCGTMteBo!4wE<{ra_J1H;g9?
z#(=Sq7z`1lY@EhwZ*~JW<bAC^{@bCDSZ(|L=gs6Nm@4-u8RmvJ0^%ry>{wgnKnOfr
zFJ~#dEL<H`g8{iyxs(Cc1x=P5i{(0vS0G{K@2c~D{HqB1-ymAVFQ`gux}A+XX4jvC
zx5cb~Y;*f*9@K3*tYiQb)qnJ?het`7>3NXN#WLn_3tZk`k1k!}Dm)GY<BjBy9@yCH
z&U-SDA;SfCULFQIrww8V{gODOc@w6j3*4_0V0G^+N!hVbz$)C9a$tAwwr(-rXMowX
zNUBrkz3+eYFYyTQiul-(#v8^+$KGe;ORT3Z1j`@Rf6bK^(k)FFwU*#qr?JQefoM)B
zvz|eEUDe6r{}u1Q3WcT>LF)2VMP&PL0VA$P-v%Y;QID%-p>;JuNU7NYXiH$%?}5ig
zp>e<efYiijwOw<0n8ToT4{P6VG;W6GxLR31q@TUKlVT7GBM4`RRkuAz#^w;GtCiN-
zv3!6})s7*DOpqa?o_YY(j?<!>At1bEI%})4m0SBnHSYfHjZB(7gTj+pKusePC_%?~
zjBc448J$C?Oxlm-U8hRgu9XV(#UyEF@9y4YZuljQ!X3xu9lHPYgXlRAAz!ov1^3gz
z9OUdoax#nE4!p@*a^3oqd^emP^Xg%FPq-gJ#CQt%GcAvA#AF)A`YNxgil2Q4#(#df
zdQM+x{MWg_=Zn3JYxI71Q2x309bJd^uhxIs>>u;|Q$#Yd|NVN(@gLUWar}>K@shNy
z=joAyE^n!#S}?%%_t>+w@DqE1=a|Pr8lVOOle3(H20({#sP;g;IGlLf9L|E4;u^l2
zWp^}9zph+6gM$b5WWG06bRHK|P-8~>aozWY?*r%cc-52pGfy$ioJ{hdZ7z8~nv{Qg
zFRa*A)>F0{k$@fCI7^@?c!*~d6e2gfWZ<Uga!H7zh9XBE-rAqf7y2Sn^Kx8mA#Z_I
zE4qsVeI><V3BER4=2yke+ESyU9f7s|NJ$`Jg^^B-0WH$NP%bNj;_9>SJa7Zi;|E$6
z<CBz-zQy)HjSpD8MyqeMv$01OYQ2yFhb9am@Lh;1t#<vj&0byZ)eBLL08a2292`*~
z0S`NgQf~d!r}Hy~3dVS_A@P(XN}hHiu-wb^buF>gOqCI!wBQq|@doCXhPagtXymLQ
zZI05M4Z&t*D?ge0j8B7XTrD3QDE<^WgxXeGJiH`fa<}#cEMS}!IU<*?vK>)E!1Bh`
zQWt%*{0FCLrgI?9yeRnsDtH%v52Sg6QV1x!mL1KLYoOQS5yF%z=qt1(gI7Ymq5oR;
zu9kTEoSBKZxVil1=BH>K{`Af)gboIM+2fIT_$naYJApQuJCnr^nJu)P3P1Dm5ld7~
zVz>{y*fZ=4Ns_agjfO)j*5H=Rrwz_4g6CJ;@x284w93}V$0Mf-lTD}FhlJ?>Kj-C`
zjmb-cSD<F{s^myt`v7Z9tjBFv-{cZi&8x-Av=|{lO;8#)O`{?HCYUXrO8J<0b|6%R
zxB}DkkZ850{t(NsRa}awx&RBxc$h}8SG*&NQPZ{uzSZ^5+Puj-0yCnczPhl-YK{CJ
z%_*%Lv(U{k7LC#&`#|gK_xp53Ji}6>r5P$juxAqgo3=!Edbv7{dnDD7It@+`2J2@I
z-gN2W8Qs=}zKWie!ycM2Ca8Q*h<!}P9lND1Sy=bNH1ENoLBF)<*V&#+P+PdIK4xN9
zK!W;q;I>iC$D-|7*&)F`R>yT$6{^U6l25qPjK*~&EU)?X&+c^e*qiA^_m%w?Q8-t}
z+@u?f8~`1J7S|4xNO_HfX3Dnx`2~5z*=c`8ypHb8v_P|eX!2i5`_sAoH#L;w@07#8
z?{ypue}xJE>%Fd0W&1180PnT@!`9lgHUx>{*D@}s!D<+c30U*u46Fzq@+ozF{YXNb
zqRR<hH&NkA*gmj0_gIs`ue;dCO=ss9NQ8a()}Nfq+E@GS&}+OqJFx4Z5^;VJC+XwZ
zbp<26`ZdrQUu`Ou9bAAS#m!zil3ZlD8o)6_dP4h=llZ|1DDw6lkPhl@;Ea0iX!e9^
zf3!;-Z9&3T7gy9b6;Nw`gbNBNo2+_a{v<ongO(AC4wVbDr=Z_xw7)Q4aZyE20Z^Bq
zi&)S8A7k$rooTkM4OeX2wr$%sDyi7EZQHhO+qO|*#ZD^8m+teP-g|uAW1Rl?JnQ#;
z&9&y77v_GU=&s2awcr!tw($fr8bHuNf*%AHF}!?d#ckWvJ&<!uMob>=Cs`MuQPF`p
z!9`-2m=||l**q)V(EmB<6CA4T=+Hp683i>f8uFRXvgg~ZlzxPD0#@M&)iftm)YyTo
z3J$YfiaFyhnC`&dE`MdWmN`WhLY3q{)_Sd69N93*@wmAwj4*MD&*=Mv3}VFm`=-J~
z6WI{)GBv}L)aA)}cFt&ta2J!S@MKH*9A<ldK?tOIKI(K?%T%Gj2^*I(il2`sCq*!N
zL#iOrXy_!IJ1Z4q-DLGdw<$dzFXCDfhM#c=mBu5LgpIJ3?>Uac&XAT@a6WWwj29FF
zqA*qfc1Y=nv}oa(fcs`u$cwN3bAv%?JmBE%v!fzFdM7DpFeNB$a0ZsrFVpyu)Y=*H
zh1}qz#G{;`PDzmqAv1nnQB>Oag|_G}A&E<@Fp;(n4_D6E#EvdX1ui2S`1^yc4og&x
z18DUeVhBzr#izgMLsOeT2M-^i3L#WzBO98}PBLKndi2m9_T>DhmdDZBd#qa?9!*h5
zySFfh%Y9p_r(Pt_$0*SLUK?5r*_}M=8z^HHBWp~?c=?%m)ZR&P!3}d+XzDt}jI$zz
zZ1OmET;c7FT!DqBHg&<2EUuc?&IfNI6j{u=<Cf@~sMy?<jf3c$SbCI2rdZ?tw{H1k
zFv8V+zSf{~m8Ak3G4PoZ=|YTxsR;2}ZmcZNn1|hZ7taJ&QkOdMw9bh0p*ajGYl{^8
zBrT&eSc(10fz0j3_*0{w^_n%4qB%gY@>OeH{?8p}U<NAh{9V5rZPO@+j<b+#0zSW0
z{7~ZlJ1YMK+y9{QFY`MN#y_aLe;oc7DjENnDF2_RyioZsxx=C%h?inlSvZs3L1FlS
zH0Q!sKaxVoNK62ft1@*s;(|tOq@lQBw_zZ@w)m~0#b!r~`br-j0{wc6XMys0&l(g9
z3w(FO(tpel@&Mp{=m6a~!3`QTfP2@p#|IBQ=Gzug)ow|k{1JW3QS6~W1ht-M&KfzQ
zka+nQE~UGH1%>Un;bS*J=`MBY^chhHQg%RAB(4ce=du&{L)p`z^;uEoY&S_c+O3z0
zZMhCVYsHlszmyJ3u&Sb5S!eYy9#Iwx;te5t{Lrai#)=|H3^_vV>B0*LOF4#MhX9%1
z_xsnc``1sD{eX&dpAjPU0hLk(pzn?=<GgX^pZ0t@@$$NLcRyXbR-D3pux=i(Dr_pF
zHDJW%EIH91y>foFJQMK*!N*zv^|%Y_jB8c0RbOu`SdZDfp=d%moz42iITcftx>0dv
z6VBi&A#o-#pZ*3<6BXhu`Lrh<vO~W6#V#88&AYe{$i=j!z4;_0GPTKXPaxHKlo*6J
z3e>2NFskYS7u$+9d6&7AQ>n~xbce)KR<)KYwi$-pMSl`rl(NNMhcMQ(R>`RB4Cd3-
z;yz$JRxuSU$({RWzQaJaZ9P6rc71$X!9A#wG8{DR+s-DNDbFE9+4okEEsd_A##+%z
zo{uCr*MRv}7D+H!743qHb-|@^ig<!MnZZ2aX-XXjoE5V?8*{=3e5u>r*O)5C`J3Wt
zuS&4<San1~n~Zq`N<;O1yOSRn^`kiMi?5D?!+NscK;q0w<5k0|&Jj|l>d?tvw-0gN
z8yUtg@(9^j2sHc+o@UvTJSGO33WumzJ1;wJM8rI*>pUqhQPQAB(^ms-6MH$WNiHLG
z<)KPFxyGtni>e)(%tjxpLGk-+DBA>FNwN&P@H!mSN*i~T2RoO!p7$4oaTdu`M-r}i
zTm=i9GAlF>M3<6P9xs%U+Lk9_LtIDW7rKs9ersl^kvI6T{$4#3!fM)JR<JBu2Yvl+
zxq%67B@jXaMKPGm#dfvXusx-8N1kwaBt1cT*YOprruT4T^?Ye8QC3C5<!&cg`TK<c
zEfQ>$TIDhv*Qw5P18{ua-1X_yU|vW`xJ*eS`3;t8X{mWn$T_}T&RzhG7q^X8s>|TY
zvZ45P4MK{Himai_oQ%Ht=RsNJjdn`3?((|G*|xWCrD|@=YWpv-Nj=OdEmSED)b_HP
zZ*9XTzd)WuHA<o+Klk6CHp0uI#Co1=lHvMtrh^v#9&yj{C(8doJ_qw(@dq4Ce=vjp
zf92p$E4Tl%98{@j*<{codmpQ1wlrxT==aljo#(48Bubb~EQXlD!KQu<wU8&v#XZ)%
zU!waY%xJgrr-=np53aO(=-_q{A*<Vd@z7+sv>;Gph4{Cf6(Io=Jkxp`@CB2n4$3=_
zxkNfWee~tw0Iq6j_P+rukkS(%iQAWm6~ph5VIrLgC~}(EW_!Ajli2-I6gQq;yLdnb
z%yB>dqA`Uz9Ne3hu;((9`hh8khaEr3f__=%QoWB((P<Y^*kGno5wJ{J6seSlZ~scC
zJ4;@&xYj;P|FU7r%&tO<t&Jce#?71Qm7Sb)l3?y7`qt8E1_h&(WCz53OKQq+J4_6z
zQ)#<Ql2iFS3okjDPQ!8SpMtIQ*%zK1VCvhqibWF$N)7(~w%x~}Zi6TgnGuO%L6BB}
z$bGAzVw0Drv9oU^e8seYxUgI_L2{46K@fxKSFM0~WSum}XtQ>%6ag1B7SUP^?g26*
z&3dHCaH^H<dUb}IRxg=lDTn_DrtI~5Gj78LeQRyci675Z?>0Jt%h{ZeA~Rk996%tv
z0Ca-Vqa|+ZcC@Y=kH9-OymwD92~W58$4;p;W?Ute_ZkX^+CziJW!H48_E}Qh^~H4W
zuw};DsER_V7?avo<392VHe)u_Si?lgb={uJdnosX{y<F{xhD7Zxq0}yuTY0n^vw55
zM0MLzTi=_PC;3#_Wk9~`QTEUl^W82@nBY+HWUeX4jZSKit|{I8QK|%d>SY{&I$R#P
zJ>E1IVW6_Z6JJzpgKZ|*h=4zyWtB-6p(rTUB7rQW*v9me2G(zbhM-fDO(LL@s1^$t
z$;IWBsmR<7{4s(x^xG-Say6;joXq1UIM@jhKKZ|)4A=4sFZy=KoiiEpHj;)PJyK|~
z7*4<2r2fb{@<&_4f66jvf@pZFc=1$^dtZ!UtTC&QTxvhgexZx*P*PIWTR8-=g{j2%
z5WGWZD>0A5oy)6nSm56IY|h(>x&ymMBv}6Y#rl`mA=`fx%N)#qk455O{#U&Fi!UAF
z0{tJ>*S}!ULu;vh?5QYl7?IGGHc$Qba@XyD*cK|Qu8%?UWhY&DHc6y0PudE|?h9-3
zTy%SNOw+Um`did|WY1)_q##IRhWK~g4?_6Ed!p^s;RzuVGnnorMmJfn*x;-a^7~Af
zT=NPg0wc!rt8#utB7uKLAX*HtJn9ToTZ0QxL>!?Fvi#NA*@-T=t8}#lbu4t`X~)@U
z0Q(n~TtY0P>{!y$J@onZsAohL_{%BH@R!C*wU@Hif?DUGs#A8`7Mplse}@7yOX&3i
zA~HtuQK^n1gMLfNM|hP*e(sXTPx2EX`Xw6^NAB3g+CIH~ez7EY3^+a1iCV0PD0B&v
z%F-IoSJa+z-Ndp%{pxH->`>G+3X|zD&@#r!iACTb0Z&Y$L~sM%Aj_BHu|hHjO9+4t
zX;of7-e&fK?h3IEz1--?Y^+pg1<o`HodXWvlnNm&x5Q5{E=kyz6o`Ws6OkH(D}WPX
zEuLR^cSCg>`ddhx96~O1+XUifAIB8>v*GN(Sl==Q%%aUDE`wsYnM|AHoMbqCC88fx
zCqK{koEn5S;_+<_-uQQk`l)3{IJ|07tj#m_<~67SW*nWPQF5=#sb{mdx-Sn=Fuw7i
zQHQ0o)15ZuRv>Uk>tSGF!K6a$U<51UlU(u(E8)>v@exu=s>l{9N#r~i-gLO2fpre*
zM}pQ@Hi|XH5esEuUm4G7k481~k3~%m5Yq3m>p6V2r+uE`<@_sRB$GGf!tM*S(evF~
zmD;08%$`NbLjFx$Zaw-=KbG#rPe9I)FG~b9Q=rblQlzLB#+m86d8Ov~usq5*{E;@F
zavjzM1@)}6Y16oL)kIw6L&A@nVF~tu;zdt4D(;YnJ;Mf>=+h^Rs~guGT5)K(aUH+D
zGLvW?-mZW`)9KnWF!-<BC*qMwt8B;`Ffv`N((fLd-=h@Tmk0Z9&ad1b@DbMRX}2}@
zHK2>;eaJhe6Y64-n3_6%dmAH#WKC&K)eJ?XA0j4M2hzIHj!ML+(S?bB-O@V{vX@*N
zp<u7F&%e8oKCZYv8?SbeV%B?BmK{gW%QQ#X@S(5Mxyu`4R16ZUZ-IiIX_~xW`<{|~
zd)Rvb_DjCPk*y6K9PN$ttsuXC{m+&6zxNzF%U?-m94vpAwsElhD{0$>>Yqa+uct4{
z{RS{g-CY#0B89XsYZ;aRx3tGKVhMv})|6ct>BWdcR-sOdGh6{8xS8yN_~XM(8`)F#
zBPjQHufxjq<niH@8+1c5y=_Wb9DOAI^|h=&@IJjvuec&2+E&#L{4zoB_2}_6fzVel
zY`UOoJZ_pmWX@_yq!24vh;8CKapWBF4Z0!O;q`A<K>gn5Ie?eMIHvgmp5t%Bh?w@F
zM51o9c=Zgji<R|Kr``IQ$MshF>*QAY=9n9YGFu@y6I2cGN2skM+#`0#gUp6zkVJfi
zaWO9@Lzrs;7k$o?UxCUW1|Z9+&<9@N_<`U*#PPkRvCr7>yD%@@wuH7Wc6%_t7t_;1
z9sqmUZ+6wX>o<*szcEL1cbC8YderP5BD+%}#{%N3r^tk)F`n-g(+5%fjZ!5JD=k}?
zy*7RU8JzaUy=kc`!A2B3nT{9;YUyew87I|#$~41T5C4YRRm+qXYLD5b`=PXP%Z<s$
zU-<1HOp1el#oX#xkb5Zi%UE#RUppNA)L$=JB3~EZf+NM$qC7~13aS?7Fp74`QlB_f
zcCDx$WmWQ$K37vcOs`2ucxX5Qm1Mxmt;<w_<7`^^a3mzl`!l&O341$W9$j~Lt=w^>
zSM6SdJ>|lwKr4(7&spCwBDYAs$)LzF&t5+%TfemyrwJD#VIpWbDoFAqKN%-eDlbBi
zP<8631-#Q1_1nceBdHD{W%mt$_~NLpfjumuT1wJ*g#Z?fgH(&feAN5z_g$Zsr)o$w
z9w)n(m??r^UHatDG-$4$)>go9t{qJb%e4&q%S(+jVrt{gvc8Y=?U1#CW@@~q@CRc8
z8%^8OEo}UkCb-=Di6b}b-1}Wq21s^RxN{M1zeVmsZ{&_8!^27|jPt$+G`6N#H%*uz
zmoiZL<Y&+p%Vyz!1+%YVyucjJrD^^hB!7PUf53%};jaZ22kZYL=f4`pKXXI>&llpw
zmoDXNvic`TEPs4~L>~;IkdeVpInVmgYCRyM)lAgDCK{}KFy@$Zti1--Oh{0C()xV(
z>2>oQ>1|Uglstg^-i})9_DGn23js8*BfZcJR3h+unmD`}ZJ${^abHKvcf@6)UiL&9
zPjYyYkjx`_>M`F*{#~)bL_2cLda$=44*f_;3<h#z!>hv+`1!z_ceO(Uf#@;c$HZ@u
z66yBv7zNxI{+s3v#kwzeoWJ`Ushw8(Hd%)UHZ^RdI&e3m@B4KqS^#kC$Pd{ifMqnY
z2Z&|OP!B#L%p<V-28RDc$c-0hb1L+^fjE8;G_d$+4r9pgDDfIHpH-V&@5@oX#!~{%
z?19E|>{~bY$56CtpRqHNiVcmM)NtzkmE-PJ?UNSv`oO;V_SmJ$)8FV0#WELaeIFk<
z#0Q62g8^3N{2V2$dMWUCWBE6}D_Se-PV$-uDh8NJ0gSEpDj^X)Cg2a(fYGt{&G0-L
zr}5k+iicg0Mu|!ov~LbhG~uPK0pbi3bjykDXyn-iZuLfv@+Cit#PCe**vgl4SK61z
zU1h*@(9tsdpi8T@^@b1P9TJ6m(RT0Iy4DEf(WsWpID5eq5lWx}-!g2+^~sgmr-D{c
zN?|FtlBzX!g$#yMo;<CK3K>i7;_Wd@>PrqPXuS+zp#9&qlaVAidIC1^hL-oeF#~+G
zQ1WN99SF#;BKmpOh2C}|`e%a&t~(xGf-Xrae0VEH!Uc&#^6AC5-_v{R?aJ9=lJuzf
z!Ax^j=Plr5)5e?i{IM>I@R|zYoJ*IfJd9w!buFgzt{#(BiY&AIBx25-4(KG^|E0Mc
zJw^xZz#j4UkNdBzTUI9azpjP9cDDcZasRt4%PKV~hYWG}?mMd2W{E1634Hk20aY`d
zjBqw*$*{z6f+V2eWIY(@Gytyk^@#V078BQ#AUIu+7XT(1IXRylN1s<%)&sqBxhFo_
z${pU9S_M?F_c*MHJLBE;d#qM~XI*q(VGAoW3#QMl{b3--&waoT^|%yxLDYV8tEOy@
z=lcUW3>Q5W^_ty>Gn)tpRAAPSrKX3og$=1|?aR)Op;reZuSQK9It|}DUpLrirfKXJ
z9mA{kX;!m$-&eZH1N0>SpwaO!0?HyGs++|ls*MrS7!5mXi&LZ!J>5>#L0wvy!7w%|
zF1yFxv}MMN#|L`vj~8!y2dA<u+00mDvgyPZri}WG)TkQ8Us1WaTcTLNlXd*-_Nv2f
z3Az5Jsrk~oqQ(!X`^X0!P_E)Z{RXk4HcO-7#`sEK&3j?%3}T>q;<+@cLROe!%u1ts
z5cw%-`BXwbW8N{dVqmSap>$!Xsk{RG>k!u_BM!$4FNB64`JEM>JK&n8$B8FJBo>mV
zpA#jbDYC{U;a*gc#>s>^fI?d8+e;C|HgybAk|<(A7G4;OTi8PBq_V&qHG+Ol0$qWh
zP-+|PBzKC8);=8rs|4qdl?m`YU|J~H&3;XB^1wy$d8-Iui_^Z6_2*Rl?~3CvM!vpf
zbkdyJ1rt-pKf~+IEN{h^y86JmoS~VPvj{9sOTCni3>1`QWWI%Y2*EQGaV&$cd_Rg1
z2@ydVauJWKDk6_eN?ZJLN6K18CYmY{7w|u?T#O{2`DTv!>KJPL82O^_`Yll^Bqhf$
z>AZv55mtKvf?>4vQCUtVn3!~6EO!C$$5#C!F(5A9JhkjoZ>}<Lz$y}!U$K~8mVS2Q
zx2Vj9k67v(j{u{{>pTi;ikYJ-*fiKp1@6~tWD#knUA#p9Gieg0d@`PvRg<5_HQ@5{
zI0E+6Y)<WXdrTF`Fm?3fBs^9jxzhURJ4>gp1LOCvw)E8@$@&AQLt?|3adi}J+~Z#7
z@zXTYeIRhgyF%agq=wtA<{!=vCugRYdUPx&hETAhv9;4#BkOXo`W2SdHXwISs5kP;
zjJyIYRytWHXYYF8%5rme96NO%AAAtTLfyY99EPt?!MPF_ltjyy_p=vhEwMx^MgC~3
zGOvqM5D|-dZbCR@rdfB+UlR(fu<NP6cs-)!DE4!X)Q#XqgG;x0QrJF;mO{~FQ6V8#
z>18W8Y|sb%5(`9JX4><7&11YdG`ch7*txUk5-fA3LiHCY?znf5iD|mAtvikziDwKp
zd9ES9&%n!1PntaHCvI|)@$%*RdAaOluRn^Pg3GlNDaa*Q$gZV_wicT^FA#XMkQYe-
z-MbOaK^RYFzh+5iX4m!M>j9L2HeAK2Kcj_d$8%pz>9*~xM}`e;+lpBgiD<#JYzPRl
zps)ysF&ICkFT}Z-6|Q&+iX=leMJ~!jDC1!)AdJQzyDx(XSK&rU#=D>E0;7ACtq@wV
zmopxF-J$Pa73Fg@A#YbN3?e|Rgdmf^a#7}UaV8mZI&KIcrITztDuouNq{p053#@uc
z*tJgljt=1yL9pLhQT(xURZ47G)EAh5IX8X~3WgU*VUuM@mRG4bCx1$<Ak~EWT!6Zf
z*!DqNBy~ms_Yp$7^V4U({6-?>SqqSEj%V~Ctwf@7r8Uw%yteb(qPuUFW3@|Kd0FU)
zflgF)4OABh+w(He>)b1xuHEYS-z)8Zf;JidLtEzfhoDW4e;2fQ@t=Tzsxf6j2=4|q
z6|-XNuhig%1ECVI@IYc>LVTcDp7gPz_n$i75@om|O)QIAe4E7qCR!p|BDR)T0s{q2
zYd*Fe`{d9#DxLWIbj@-8cuRzSiYW4DCxeiqRsvF8EY|>?!RPj{;QUr3kc1$i$kPPD
zO%sgvag#O$Rzd6ZUs)RQRa8VK2s-0-b-HneH4`jY;REhb?F;EG;1L5T0+ApZWs=Mv
zq{4`F=-y7%GUn4?W|p>47pH}$PGqi+)1rG!rdjG%1q&6#)Wj;0kX6)7rjJsJA8P$9
zcN$#^?vu1`xlN8>IeAxX7`CNgZnPW%0SW-bIV)R%UQKqAMvqEp@_X{pRjoCQq2QON
zO~2?iqT$UYU$OOO(W2(ROf9Ej$C$sf{Ad6?W)zbVokdypO^L?|CdLCq^p)DAUI#a^
z!M0NfLtG#ybwd>uTE6^=dk6G;G}~a;&ueDGD$|&Cv7VZUcbB%y<y(n_cmHq#JE<Mx
zH&QZnGp~4I;;;#>65$dqBi~TnwpXF>V4e#EI;JBStE&m1MOzh`+$}1sU##_f`+ERo
z^jMxhLgK`?t<0xFLu?A^X<vVicX8dFnFo~%7r=4_d{kGRI~6?7bKn7O^>=b_NBAQ@
zZWbE}N^0_g1Nt<6AGcSGC3p9Y2;&zZv*Xj=HCV|}nQ+Ta7%hqsYurHSPYH;g6d`iB
z0YAn~$oGW)bJYZrIFoj6Hga=tKX{INb{G2oGypcBba3ZV(XGYOcy>ws(pm${^~khs
zmfDf9TEbm(n;F)$*7~zD$9}@unDi297I>wko?+6rT!e}XUiDXFI93Tqn3-M5)<HtU
z8$80o`Tp(J{rlSQ)BA0x_n0MCTJgvn28o5=3T;v1Zjx<9Wmadwvt+27?852eoh}mg
z{#GN9Ov1t`zpbebw8K%<vhJX!x;9fSg8N-QFcx*xXpd`m2vWjXB6n5+wcnnM?_3h%
z7;QWDra)^y@;7C=eqO8q>H*3Y8#LKAxs@Ek*eD42$kx_xtXo+*puj{rg6dQ8i%yC)
z6s_Xw)x^O3x`Ae0{gMMq*B!jgF6E>)=Z_TYm8>e;)RLKI>Fzu`*Bf2O82`#>0zwEj
zm%OvthK05h+wk+rxdfZ$hI%Ff^q_X&FG-EE^q_t4&7!Dh(jm-Ct&3IM(`tyLzuxP=
zXV7$KlkvrxbPuMuU|wfg%#*RIB|%zt*tGqf?=g)b#t=jftJgJRrBi#(voQSVW0D0^
z%GOjCGv~J#F2@VrCdDYYO{f~(GZB3>b$%gwIRs3<v8;6~()Ao=L4;z{ttk7Usa_=U
z^2C743;YQ{>0?;-_u}%Ogi3nGzcdjH^#8#B_&WS!B=>)|DNSk<&ikV9Tjx~fDQOP2
zF}UDiMF%5wNHc+TH#dZ25u%j2CV_z+TBN$9-+7nd3^7uPVZ&+xq?TH&R}NI)5Cl;L
zOm#mR)Isp9nbb@10q^1?@MXm4p-<WHj$(@ru!%wMdet|MV+0HldVP?op6w*b4bU4H
zq>ufCqVWrIsPz?~7gVlcx8-_(6$Wp)BlX;oIy<_!102zZu6)30i~Ejy^SXuvkbhD~
z5nzc><8qR9or_W@y9XTM$VLDr`AZO)!yv7l6q{0-IEOK<*}p*Bp$7#YjL{pIG2;$M
z#MdhbzU3sNzCcwC#{+EEWMI}VlZ$kH>k@t*;{_~g8}{qEqtEJvM$1>t9U5P~ac2Vz
zq<|hrs`-Ye<-P*r$rx!8#Vw|*`&M#zxBt`>s||I#IavkvMKZ=xP(c<5AW>*aA{Bp9
zztyY?RO})_8>;uyvJaAE(nKMn#tOPgo^+%@t|XWD^yB|-;YkRG2!$-C4x1a7Yq|ln
zN<GJ+px&r>Vlq2p5vZy!QOc#2Nnq5skx_cx-nb(-6Bz?ogzBImzdN3QK^7P=2!AA_
z!h(e)zBD~r0}<qpc#P~8(Lxf9QXNV%<Tb|P+1ZnU804jyPg~wxSh(hjkdP6wFb15?
z(oWytt<&9hEw&eGq%2fSE@nAOnDFMKb)-L9uNJBd=W@d6;bm>XikmPdf!16PwGpvp
z?JIq+^K1#Ni{QE8o#1HL&OL>MN*cYFB?UhVl#EmNq#s{v_zanj)0fDYP;7u|LYEd6
zGcAo5$H>(7_Huaeu=c%V2<ttDL&83pUlLJNvpFF?H7Z6zA`x@xLI^Jd(Od?TnU~}g
zVe>Zgr)c|Is3^BbyU87*(e$Of`RlM3%i%SO-4xZlV7m^r8_i<4p@il`-I*Q#Zbb2N
zym1s5C%(0p&!I>@iUvLoqKrhpy2=c_2kDb2cUS99a}yTpbx1$ZzB2_X4Zx63dYB@i
zOx%(x=@ug&e5lUF#1FCJcWE~S3uk;zWR!`d6RV{zEEu)XqHKZ{+_5MsW&`M@UO*_i
z8DR-T^ox(#YX_<xCKTN{iq=FxGiw%)0be&%xM19xsp}gDnKZsPdZ2*__W4*klqt2Y
zP0e2;FU#o^+}7&E#P(+CFRys-U=KTDo@G8G4>_#94WPQ7RT(m0=}$}B1pUVf0!m6r
z_MAplX3==20aJ>~uC4Ch!yn$J_FC`T2bcq=2y@OaBll%BJW4WgC`+7!_;A1E&i!4t
z%&Xb*i}hv|^NB#~kPk+SC@pjrXN+oV8#Ibr&COj$&JIOO5C{2O^KOOb917N^VII=i
z?aTQaTYDB8KZMK9>Ce{(9KC)<T~>Ry^>DBOCz2~TUq}d-ag`VA&Q4(<@{*BcsDuQX
z^`L$f_nC@|9esi{d_<}tx4VBsX7ljfYO4;Mk3t^W26B1lWY{%(-e|7l1>5;{hia?+
zx1#m`D$yU46$S?SzesBg^nY#W|I>bc9sa8c<kXi-bcQIr_i@c?3n|lb&;eUad4e>z
z9b>r6aMsv8K%ZngD8NxH4o|a>+Y@^%LVwmedlunFJ^N+H*1PkQ)|USmd+OOzH<{MK
zR1%zpnXP<{xm9a5ShPfsACm7?Fo3dYCG>-1gSW*sD8PD)AykiOAfn)?V5n-a=+W*%
zj17~uKqHH8-}wn#z*qN48ger4>h$n|tsSCO<HN8mGK?lv!1MFlG|-Xeu1BUuG;g7c
zPWVG{x7Y*Pk%Yfue?Gh$OhkEUMB(VY!IhoH#lAUQ@|cX#!Q@Ta!~nc;^8|Os@0fYe
z7vlhqL0cpmazco3u0;6bYuYtr+n{=C`!Ia-SSJO^Qa1McRC->jFE#B0>cKr>O<j8g
zQ|S<D1yjGInT__+l<~9g{T1SYW{r@Jd?9i$XYIzsNwyKw4pY@-XoO0``%S_(pTvB^
zg9%Aw$QCED!}Do8K^*jL4%cPh3iMpSrDEMe49W!yLoe2xOxkP%h7njSN}i*NXC5XN
ze_xRB0bW9&=TMJl&0<4x4#y554Yo*!?|eL5fr?DHaW*Ad{Nk$;()w+Dzybc`_6krB
zsqJceE}KgHVv4z&gNSK>WSKNYMxCM{6co9TiYBXFlB{uTdTJfoVl5JJa^GtTSdoOY
z4LcI8g`%HoCqUM~R)8tOGsOw`>k!pp;FQ4OP3qbG%m{7?<!ZU!TV|$8teK2kNp_j)
z<%u(BQE3o^@(R!T3xi#8A~O9|^wWk8RdhziTp)ZTg<ZYlSChv|Y1(*AHkTT87tF@L
z>vYXbqHVy16%uXss3%}GW0WS<EvlnvsBTu&$8{7f8jFkDk=SQ}1f-Vz$g{WZ@4-HY
zr9miz<q3McHSSjDSNMTKb#1ovbKb1mqm*`-Y%n5&^ezUTVhlFzsW~hYWuC~u&coFj
zoghh;(_02Q8rt(mervWOF4?t4sirHPf~mfujosHSavFg-Lyv;tz!kRP*KThlOIjK)
zAwz-1bB+c^%^jNIU~{UBL68v2uN+21S^YuiG%RcZIio-%xK0CNR{)YTBG@Exsq=-x
z(hN4-Kq05hm$n~eXR2j*7A%~mTe$~~mgjo~R(w;+0d9&H6Y1(XY;FuEPmml#;l{bm
zcT@oJRyqmyV+vDl@aal%=60fn#rR^Tu50=$90JT8h%B?FU=i9*2Ra8rWFiIYJdAWA
zoR&a9Xe)RoIkeMw2|S8zTzP^^)j6=z%x3%Th!42oTr6F46o-<|<h5edX{8iI#=oT{
z>a-Kq@^+HOpu{EdZayg}l7G&v0DhW${d4~T)F2%J@&UxOKvEPVJ~{arR5<yGC9%ic
zX?F>OUPsz=p{n>gd%<lAX0Cq}JZa|16Vm|Gl+DDC>COZ?a2}9L7nme2i+cZHl_z*`
zy8}1u&F}&GcJiL}4`u1kQuAk7qG$U{ki|gH^!HWf*Wtg~W&Tu?u{rpEt_UuEfk~xT
z1s0BTBK1LRbF3lxU>e0n&Gjd-j?h<DZxdX|BqH{mG};6re(QGF83QF4-DyvWVzyym
z)o#sKL(4Chw84rTxTz)7Szo&m+nXd{h(Y~yU&HBjhPkQNf&&)t*=`iA=dXn(vSPeo
zvom!)7{kXP?+v-3)-g@zgtr5C3~|`Gfb)50mj_=6{q;!)+caF--B_JzigxcEBBEj_
zQOs<wuHkj-&!3`rsV^`M`FfIlg4db@f{-+j3Tw4bmK0BI+<;CzD~GFO4sK1%#0m*w
z!if7Zy|k5I>;UdBc0j~i#(50h5$Jt-ajUzG7or$#_GLK*_eL!(c(b~dE~6gG1|xME
zm3kdZ%^IXD3{v^M7d7+`G`B`F?-|G`5g3F#;w*W)-5{8hnNdSb424X1HnX+Vc#Zhj
zL8%1-{CT^9=xeu@ah8C!-^Kbv5mvh#KZf^$;f!20a0L#|gqnRjSvQfFyoZpzzp0|#
zwk}vYak7Oz4;C_p&@OL1vO$_Fp#6e`#nQE$1bG~<w<7c&nW#xUlxrh^BAd?rRY<QS
zU>OYg$()K_Zb@xDL&EfC0hN3pvI=00XB+{7oWHE7OryGE%X*G`Qt<;i7|9zW23ZVi
zhPz)NX5VqqmTbTsqlDK<f`0ftV08{svB5rCXkdP1=1D^g>2N2#B^rc#k1X0VJFj-b
z&wo&I>;VC|em&M{H8k7_02r=j=4bPa5ly)ywyTc+I$aV^y!9|vY(gZmcbY}UM?Ari
z1gDjR)qviUdi+rISh3M4-!Z%i!yqIf-$ihoYeJD-Xei9@>jblpo@G(2yYzYSu$bnw
zVq%WdrO@X<Sp+dQ5`9Mh?9ylfY=p*{>^O=w4bkAxPlgUiK|@k$-GQ3mFUeP)D_eqd
zqI7%<bFCOpAhyS{_M!!COLBH{YR^rTGZb<Xe~qcIC?m2Pkzf*hN5yczeSuVYLlIMd
z35Ye7u*MzTWO#g7)|7t0qd(OoCY)f?M_|r9c|zS!^v`rNDorj2AD1Pqvu+5r-X_fT
zj8lr=<w0h@C3EePR&AO=8~D^Dk+EB9c7>)`W~e@j6a=3!xWq@PHuD}4BW&!_6>Htq
zuO4u%91i1alV6sf+YM)iVZo}|riNx!DhwhPG_F=9dh~&is854He%D}!1=HRvwBj{~
zB_qd?qw8mr=i*_uaQbN7(1qa_r557#1cSrok%i+sQD|z<OdzXrB47(fi_j-@Qm1ta
z18>m0zdLyV#oR8PtRG}kY)SUX*XfS$>R@#+1DV{5@D=PSXI#SmKurH6n~ZkTwHoXe
zU1A^<+P%LaQX`k_bgk3F>!Fr53A$ggHs$5;0hG=Jo&1NA^B3WWfu8xVB@+WZ%OBAg
ze^jFXehIPstNyJ>RmWjn^iTV<gcM??S`lCP`zfb%iQ?(N)$!-Ng%A-<J+67$?WEq{
zZ`&PI5Wwap+P$pm>u+w;JZg0GKL{dEbbN|Mt|ttjv9JR9Z5kl*O+gnBKBh|?LJNkl
zBf*yevYem3`_H=hz7o;wwg7ig>-C|=Rsvmd1fu)wLqLthBKLtkr~bwXB*>T%BOr$B
z3;BWoyv)GO$Wz~y#5K|N_BJ9u^f5K25I5AC>sdf%7w)047B296PzN*0a=)UKO8@+c
zVhQKd2yaAESu01sD{?gX$R4w?LaTbOEn?jo@VOl0@e7<?U`|J53Lqj88<sw`Em1F|
zV>>6Hnym|*qCgwUwK_#DNfr%@u9k(;?85|U?#8j<>CC9&yqh=fi9)Axf3m#Zt0xgU
zs|C0IjU}`7REuC9j2pvO_ynEhib&S^H$w=lyuiMQEuxcq!V*qPxmI8ct#j@burgM?
ziX;>>il+M5uqNexl<y``glHhFBl{w{{Vh3i5S8xv5=loYq>MXUW_x=t)@{ID1=@3L
zTqUC!9PC2LllwsjBa!+ivHZ_HiC9ysmg_fT-?D3UCy~0n?Sai*nJhh0n!31fx_%*!
z7Kc<LWD)PE-V>+KEs8`?Xa(|)k;NeH!l3TRe>yViCzy?}bPy;7l7%D0jdrw?G`J3<
zF5Wx%Ov<fvsamv^ai{HKsjWJlwE|Ju8!zbAW)}(A%CjTtLzZ=Rp~Y3tU`p12C5Zq_
zZ84qgvuxQ1#g^clC-G+?>axiTw2p78Nx!omiJ|jaYkDAE96PX*NpL@fPF=79d^XG{
z3l@p3tkFM;dSyKzbz3B&_xv&ne%CtQSE)9nogjkgQ^mvf-}08&SlH<AOV?Ko3)WGI
z-_+3fb$gJTJVMiwtB`k(IUXSDX4n33-ZUIES#U+%bci@4a~gpSPJD&?JYE!y<qP~F
zxplq7QWY^}4i(rbW-_wEF}qexR%ti_LnkcJak6e>!zddORw7wJ00~=ji}=Vb)^{~_
zaNfR0$TB%!T<__VCSI+StyD5WWm)5JZBe&-n*11)!u@@#BUpYvi;u;3K($yaUX)Em
z!^rgFnfGl;K#M6PNf~3Sk2{22kZZ7=<*2bLR&(94p<0JoC~Wd&v310?)w6IK)as%2
zCsRaWeXQzmth?(Sl<;Fex)_+HGS7_1*w#vOYj>4w_2tJ9M$(L&xCd|%4;XyHXSJ{v
zg4hpECLiU8-F+&H>to1c)tl{fa?Xz-B+(nsQYey)JM_m0-cTMM-DiRVUl~k9BJ{5X
zTFYZp8IJEGn_8jQzEjGCaxx%TIRst(x{{RX86_fs+;{eXfa=>xzeD=h8h2S@P7!nT
zfef+?rOqUAr@6*tJX3o|F61jMPRD?I>3Nr=@MIZf7p|IU<t${aTj+FQ?DuLDiUqKr
zzfK!603c`tj@Nd8o#oQOp~?@;!mEp{N+4ha{N0Kb?jWj`+n~H>?y9O6zX8{inb^L(
z`d9E{rRi>6*YKs>pCHM6n6qxi?BcB_rJ(*pvHP=t{ZHG+`WNklfu8lB-dBI_+5gXB
zRgvmO^jErt*OS_!79vDvsviS)eSz>8<(w?3@SJ%QT+~+Z_Uaa{3)bMyRhf0h-hL7*
z7CPu$O1V-=x$H|CshuE_x66(O%KL5N{IV#-O~;z(-3!kY=`*!4l;rUQ2n!=6A@9Xg
zPQjp7?j=>l$qGv)wHXGTnT~Luy&%QMd<T2le0#X=LdL_6Li}LF5OLna$jQS(2Uz+{
z{Aq^T+=kOV2jsH%pg=tJ{!8Ng8*%oue?r5GSkqQpz~N`(IHMU24`vY#59@H+Wa8c`
zSDTsU9JU#!1Zkulx72}Kz4rXGHSW$1!H3f&O%1cx?`C(;!X+RTz~t*XVsfU3IB5Yz
zLoUQLB@c<6<(L|3XUDu|E22zB&Ti6gq$^x&;)=<Q1T;pnL1w0OSP^%UHV{3L0~qCn
zzH}zyKNY!Du=_BvTCe%nWKXIZ8RkL&d%yX!GBPDK7CQ2?60RPA^HzQ2YA4T+O(WNQ
zPe)o#mxch-2K(t;xY_m-NC+%nu+&~y@R%;PaT41G0@%s70ik-nuhB@>$>1>*04f=p
z&`LQvlorP&*!;^{_!$%G&d3aQ61)IfbgfS`o*jJm+k5AM8D2i=@cuom>=oHU_M6IR
zR`YFJ66f6{K2j0@RbS4-scE4~QGeJ$C~RiU6oRGVSP)2s8U_e_9tO_BJZpR!1jV4H
zvw&aHl&(?s04&!+h1}^k^b83aOe4`_J1|0y`{gvqJtKaP!scnOa(27+nwWL<3f7_)
zUTtb-+yrWsAV51hV3(q2fq)M?lL;_+m8xJN8vrm`Ss+l@HNQb<RVt+*EdJr2Yiagi
z3!ZqR%U9`X{c*GYPCEnf2%0^2i{|yP*pcqMG`5y&jcqcEDyaPL9uBdk;@>NGKiX7e
zUqk(tLQ(>Vjc|6coXy%xF_B~Ubyp#t=&%E#C41NOOC;TJDX^VXrD+C86o#|td(F@$
z27;Dqco*&mgDiMdp)gGyxX%w~@o?azYs~DC36?2uwuEYLf#F&+RAaKr4LxZ`_$r?o
z?s<bLJ!oVPD5$nS7axZRb!)+Mw1DY&5K2zEevp~5bMvCeY)_nDz?hab{h*q0Jx7K)
z)FXIWPi&G2m;#vUo}`yzjIO~2HGdptNwq#qQc}qERS-&3_PFHxN&uDI3$D`05N%1q
z3NJlRMZ@d92a|_Rh=mZRQ!Ae5*o?NKVNxmmH3%yz1d_|z4RTHVWeEz+zj#vEzQ-_!
zb+^^;(MCPX;MLHO?}QRgYR&}44dmK$QFzJBT-y)gjwO&v0SV~e2YSQQo}(9i$4Wfe
z`90!Sha-2j`l=lj-xU(y5p7lw^KTQ~r0H>1u)}hitn#?hr3lOGgg!J`rI}lrNu&!C
zI51J74jNqAYI}!$jM;bKBfR(DyHYG_$)ic96+tGGw!}fFWR+HIsCQTr4FrAywbkc@
zqg!9LD9iFK8|<98x4Reuz+1d!n=_}A%xOcX+!s!yvfhGb@ngiYbkzQDd4+CeX|#5(
z;wIJBom&q6)kvVYnp9q6U6G12SH82)!H-JuctP|>8;XuE&`Say3e9<k?**k?GX`p)
zLGebH8Ld8*M(1$(n`x>sp;~^&Q%mPOfDAB;de0BXL|`mA?@MGi4)<^;-j#okPW-Bp
z|4Te#U}XNU;`tADAzw4KfAvyqQkAjUVE@yyuZm{*DEzgy@Eeco7Ah9LdSRF^4>Hdz
zB8eS=0<6RkOl`_z%9T7`Gm=H!RB@6eRK948&5<3h7Z`2c?z%&#an#+p3~-S%`KnTq
zEPC}<bBYDVAgqrVurIr}dh+p-CFB8&PNxCXQxqD{FNi1(Wy1dlas3wJ0pBWf<(l+;
zA}?{UPKuz*UU$cHl^<RHYKrRE>&(*;wDDM)-%MH%E+2(NmtNZ5UOTLw(ZkwDKg&ql
zqSZQx*|th^!Ptr?&}&y~iQ(Z}wv^6<9fmM*p#-25A2Ai)o!lKzJ=8InSNa-3vOgFv
zFnmAcm*|rNXP|Rr^n3EB9j?%4Ganl@8jW^0*5!&D5%DIbG5a<j+|r#yqkUJH(`)Sk
zn(G50xh4xfloc}5em0y^<g=P~a`BnLNL*MVj+RttikALv_7cv>LxYmGgIOSTpECRG
zNIGi0Dr){OWHNR)qrRDQ*U@J9&gndTxL)%u|5%N!pPgXXM`lpAJ;+0Vk4dAH@R*!a
zcLpN1f^k}yLqea+Ij1b(1#UXf3slh>cOapFseuomkAiC2Pr_8BQr>_;H4P&_=eht#
z{WSE18ES2~47m}SHm`@fJ%HUaaX3~Eg}1LLF0jki>IvrpkcD1L-E>+!A{GNI^dJ%1
zx2jcwkI{}df9;2m^m>dnKbRHqaJ|Z&m_5(#&N#>7--qH2d%1`W5@lO8f1aaNOXZ7&
zrm~O!2D5P8dC~QsNeLkiX>Liv2*?#c(<cGby#tM~PEntRB4|^=z*X?jE$+rcas+{c
zp}{EKx}6MF6%3VlqZ8-M&0`r;GQ9=NS4CvQuk%SfB>5#OAqyW9ulJS)NozFS<C()b
z^30KEnbPZg;^_&L;ePLn@y6Rk+6zn7s#tpCUNE8>r_=CroHZ_X)c~;t%@M~D9vH>l
zGO&aglxy`d)ZK9Cic?k2FuIg|0o;B!PKb(ZoQe15s$)U>>9cdn3|X%ouZbY=cWf4g
zT}alcXAt*RN-^?l3EF`q0#D1_YjnGL^<~}VcMgg%z>|$EM3@f}^~vOEj|z_Pc!S;+
zjvn072i+*%^1z2)qpdsthl`_IL>Uc@1QGaw*-EivT^n7q*k)C5&Udi7Tr5>JD>AfR
zm`l$?>Ajt~OD&RmjGK#_)Ai~;`rq6y*J8(bIwvkh|L{ioi-N^L|6lze`#<%A?Eebo
zUvzq#^{<T7H?>KcFwN%XKD>KT@qE>M6oP8^Qg`)V0NQK1^|}d)Kj%Mgr`Ly5W0VCI
z_+Xp-g0{Y7YSWcFws52ky^Ahe!DTn*`+eMO)Uz#_SkVW9GleZXcYO}8yyDEp!J;V#
zPr)jT{9Az(+Mt8;A-v~8^h}h-P~7frI>u}8g~J@$z~7-KestSt!be8ljZML4W*dFa
z#8~mOvrx7yq1Myjb+EkFj#%q5k6UI5KZbhneMJJ*4|RhzKrn$ERwPFVFZAEqRYujW
z?qj7<valS??AF@Qw=NqnU_HNx&1z*@Fw~8R0q}(WVhXfI?uJuUw{bb=@Z)q$aIX~N
zi~alv0J+pBDC)Z703=N%1i_ysSh;Y7DHo+u@Wz4mGnw-)4rM`3+qX*=%A5+6ZVMLy
z^`wMUnbw-sgwrOZCNVb`m9TP*O7Bdyb=44i{YB)ZlfQ|iqM!+UB?yOY+XsaAT5^wI
zHg%tWH|Zhuu)55%Xy)p%bm_i{letSd?ZlmNvr}XKG*7mh6-w`hdHY?Z>IBwk63O*@
zp;BTm`rCQ=xP{<MmbU(V&EQ$OrGRniE{@wcet6;I4qwfg1V%}vyQy)Xdst1GlQcfp
z=F?HQTi}{D4fDA3dG$J!<Br~Wnw@Yo#>|hz%BYQ1f6*t-g{J;0rBDsC4uU;ahx8JW
zgLlXtFaPp`_2J9R14SbnE;AEbCJTo_$`=+*>uH=*IYPxDie<b@z*IsMj3THBwnV`0
z3_e!w5&L|O2RYr6(rtV*j)@keQul()8+eU3xq&gKb!RJM4_&3QEEBaeRw9i4tbD+<
z3ie5YP^HA4>gBhS0Qata3BPu8G!BsV>UCsll4#|#a(=d;F4#lqeJ?+a)@nv%s@@tY
zXq9RtVunH2AbDz{YWnhpM7Daz#y41|j{EQOHH?Q}#<^=!xrx_@v)^`RnF$WAA+TPV
zmopqTXEKPlG5G)*mz3N80ZD(t<Bx8G?LPu926~Ra`^tYE{;MR?A(gE!0x!JJ%$E-P
zi@<9)&kSL+HK;cq*p3heHuy#0EhDIFS=~}@<jZ#0_pWVBlofB-Xm8(qzx2fG*$j{)
ze|GL*s_AlRVMtsr&~s68S77$fi`g+u<;O09VBXAdQ|<8bzM4Y?*o<4T%_fk9q>v!U
zaQo7wp!3;@n|{-{$m%tF94JU64wED3c$BrKqr=CX-@T7|BDk~eguOrqOC%+R#K%=Y
zgytgCI@e5exEsBoi@eLUfI%WD^phxv99LN?)44Tk(3?U8%z0%U?xQC~kWoSpM8F7g
z{j5|cdYk=z|1!1QjtmH{4~`J|hugXp#`cC;HxBkH)>28*0$nghUeqXyVg6AR5+6<o
zW*{-{OCRN#rQ68P0md-BlFUrVK=)BSvqJ?M`<R2sn<ca(b1EbdRGA2c8$hau?vFx2
zR6;Qz4gWL;dQ-b#!ND^!g*)vr!Gw!1Z7NhjDk5f)RmdPQK9SbfgCp}Q;TcXC@R}vV
zkz;hv9Pl9D)UriKLi$IPBFRQKq+%m>rP4NwN-zeyDJ%=5`k0?u=h14v;DDfkWQmlX
zz1Uk6T`zg>;*@ZkDZ3uSU3dd1`X<Y7fzqJr<cwpGlO~U&O{&xI2}{qy9cqse{SfL^
z0w@>M-?NL@@i=pzbgAth>y)b>PLs+XDW%_d9h8{f?`$Y*;FrXVpNX`(6_u@rVcphd
zA|z&S_xJ34WD}Vk^P{>^HuiQfIj}W~X*AY-iitq?p>=p#Dl-j>b`?8-RHrm+>y@5O
zdM|@%lBC2nDf!eOHH4il{qEn{k3%=r-Q&h91wnb#BFbx_n;Zr;a;!qVzH`@__gOXe
zxEAEXr^`@PYb`eQ6<bc<LI=R3h|M;&#fvA_GocRaf~|3?583unLd#_Xu=P^TpZCZ;
z6DmbnBz(NG)^TGG?WoxlVqLM>>0=uH16KY7z@J!Q_)84=wVVCBS<~0yzjJH)<84U~
z{dMbHFT-dtPlOqiw9u;80dN#%`QZlRAd5sdt*KIuodVvE#MEzkE^ZT$leRcfO2)_?
z7Nm-SLj=w8Y-OnRmAnD7lIDH|r$FqxLMFibEJ#2~a7zh9;KOa6Eq|cTq5`y|)$BS1
ze;GB!VHkeprce++CqzO-;aB__!GIz!InP`eOXKhI)Z!3I#_aBc;yLEu(OaOi?>nD3
zh(N3)nIGn2&xmTTv`V)3(GPRnkFHLsp`~tagrZjT-I+?YUEdu}L0o9$hX3exL6jk_
znHv!??hyJ{e?ky}gzPnVuTXQKN1ft$zsp1=v#R}pc4R(AHI9fuytGi{LpzL+YUmz~
zygu=&s4uw)2|f0_uie!Wu4T&@<<pH*Km3F7rKPrtijvfH<u{FENj30lb3Ljhb!8}~
za@K3*UpEbR*139Ies0e2;di1Ib)?Uqes}w^?eMPwu#+M{4hDgqBCA4*+PuLKgY-eb
zim5t`D>uV8`uD@f;18aLJS&sP^lC6iyY!u2H?|Gh{VkfBVRgDW)b1ZSm8kU}FfG!_
zQK%+^*>DYO-c;Me`8nPpZc$fefTd+V;M-i<q3#AyE$pYpviYuCV?Ea8Nwc}P0nk=`
zmK8$*kosHTWM)U3FykRyy8v~tM@NJ!ldznQBBetHM3GM4L{;(~mQ^mr=wax5F$|}m
zRBg0TaGCm4vL<8-ykwfaaWXA+oISrCOqj#_G#4GtJ3nip>&Nipgyl6n0nhWbCW)_f
zh{<gOC{}>Dbb`u#5L@k`9?&T5p4vOoyUJyTUk}-h(QC^xwy`1dWmVKG%hhl9Mkl#q
z>S;p1vQ9ZyFq7W8U+Y5ZJ9_^zNHw+KR2!JX<fu4Ug1m2B(b?3^Hxx9@bc8Yf9sC$y
zOkC8khCv8wxlJLax0Ob-y=Mi5J~vo{YtHaa6Y^m{ujVPM(G^^!%GKuVRtmNrVea5t
zHFUW_)tlsR!(mR=I2_e2Uo#oOuCQR@jwdgb^P|Fl<<LH&eaRoH&B0!O#LKH|6OW2$
zh>rb|E52b;Lqm_j6WA}EPNIg-YlutQY|I0c&zo9jb^rc2Lh{nTCrHBb*WWSvKfwC~
zqwN3jgJ$@`<KH(0U#I_y>809d{pWI$>S$Sq*_dRlzH(F11{Ee2P`4%=8`UG1Lef}`
z5G6j`LXWRoNK#T!OFT|SiX=`X%?5X866*+85K-WydT%;?H^mAv34+izrP`lZqn~ha
zXXyusS$q}$T`u%y%lq3K{w+BDraDm1QE0q?DC6ivu2?kwP>!Q)KKd=GE7;W?UjR8_
zg$lZWH&*9{x3*Ay=>8KQ$co!F#mSs55`MTUaTtM)D6#InKz5Xt!o`JON003gIvXgf
zq&O5-RppQJ%bv%$D@U;hgs)(2oRKv`5{X13`V2Bdj*<7{AhGEu>}AR1{4?ed8n&wV
zV4wm`C~G}3Ljpq<CK{7`WN1ui2`bpmBbb!sSS1j6hY6|bKFV5f*$veSRVee9P|%|J
z51l?Kf*=%0e@Z)1^u;Lx^a?KHIE211SJ`<Z^q3PD4_d!|o$fwtMq1oh(yY}15OAnO
z4ImueH&<zih(ZSR{_I%iE3NTvI}d<G?h=`A){>vzf~5j6el4+;m*Ls7*^-N=4Nh1+
z-nRO3jY8t)3a8W0AeG<o4}E_EmM2@B-RH5G@5joMk+{*J&F2QmANBh<`(q311S~11
z4_kTjr{^*fADdr1g}c|=DB_swD)Te}d?qFw)5jsHi4>JvIN6@EY)#u9nP%_~Z3bi|
z%l3Tkd_HFmMCXth&er$Bbu;fiUYa+!#Rqaftyain5@UodOkz=!n3}4M@R_gC6QA<I
z*BSEK7ROZ8Tv$}q?Y4BPU`CBM$p<|dX71Im6(q_9d%9g{;PA}04-o6;VI^9)WY!+W
zT1t1so^&78{h*)oaPn2WdxNbzD{zQftEi^!wbjrA6r&Y_v7HfriUg%J&L`aj-}4kk
za=3AOefx<p_!T}zTpNh28r#Lp20wUn_bX{-Vg9Pxk3*|(D&%G@h5(FhRgjsISJuZz
zYf*^^N6S0x>1CX4%!eYM_m(ClY3og8U~=@+zO-botryq;>G&1#R~<^^a;o)3dXrs}
zzVbn3^ad4027Td^Vc(~JUdE3X>B4tmQn5YA{GXO&wRO((p_1-$TDp7xA7kGXoN2qP
zJ;B7bZQHgpv28n<*vZ7Uor!JRwr$(_GvBVg)~ec5^{><S=skF@?z_7$;BUhK2RRQ^
zY~z)iYHlXRbypXWsU<f)^GwLc3LocP?y|mquoI-1H_*DTr`QffxfEVnnV{f~N0{lC
zm~k8{-dZ{JoW&J^d_T{P<}u%7SaTKo?ri4%!zWM<bpYGTpmuNoPsiX4m*M);bcF|0
zcGALS?gO>3U#9a)Lvt2GqoD0uWRaEh1ktlJS}D`VDie2yrDkN@*{SMGmR~0TzSP*=
zU#i7FCE!oBU}ydJwuqko|C(jf(=+^6ZrNY)uK(T^u^8V|v$HNrR{{9-NCV$hEdfzS
zSYAlv3eGq~pG9rr7c9x-Hi!`}qX<FcZnmX}J_C55_}ENte<>8d%w?5VAiFZZ!ivNp
zs%1C1Ch#Q-*~#wACq-HhVYRp5beq2PYZPEc5DF}Txeso8-xyvD;UNXc)GxU`$Ud(9
zeD<4h`Rq>HJ6kga5kR+tT{e`qJ@4J>7OCKX*(C*rW_$weI)|3+D3vX0MPDInYlO=6
z@P$oubMj*fEMKZDG)t&eK*8R-8nH<224ZzN0>$I2m~!93M(|OCp|xk2rE(G>4lFjx
z;Vz(A!BjZU!ZWZ%s3hN~j7-IK8yPG(DRa5bhp;OH0@5a(%T#xFJ%w+Dsefqsv0Dla
zrycP1EEY4NfvY!w3E?P>OA-}35WflueX*RPvC#zHm8sB#xea!kRsv11_u>lZuEa+`
zTtPWEEMpc{$>tKp8|~><h)FG6@~9M8S{^LFWs5E2D+=5i`M)ro13p+x<6S9aFH3e!
z^h3`q5siVJvu~P<z81>DlrN$9J#JMANvb;9`;P!>H_@>|i_I2d5Vt3-7W&CM2ZiCN
z;xGF9a92&?HCmHLn3GBvR+y4@)LUXSH<q@xG1&^2Sg~UMhEh(Vb;#)r2Jb@st-g`&
z1IW4b*u#uEuAD)QuwwF9!{Q$1<>pa0Uh0W%LQeR|HfczuA7iz?>6CL>dj?Jr;`nOS
zpvs4@exhSiVk^NPmxtz`Cw6ozW;$GuE)@vf&@hnCJ749u4^S*_;$ZQeLX}!MpO5$c
zxj~?+5HwHX1{W=dws({e%?c^W7!1DeE4CVakB%FcQ|TmXn07+p$ouY{%8}efEG??N
zlVTC!;>verXzKm+M;7r@lS)DJYH4Qt?s{zoIhIJIB~D|Z^(u|r{km+4N@}<WCxtW6
zM#x7{(r51UE{n#loovl_>^5a=(#D#e7>tb3YYP#Sw-6sshj4g|RH<54H8Lm#H%>!Q
z$bOrKDRu(2UoG#()nUinh2xXdLNP3+W8BCKxr9J5N3u`tH0xg;?LxFe(fewXmpGDy
zL%QUUYA-=!yLi==R}Q8Ju@O5<Jjr`^pakd}-3}XN`wgw%n7S|@dfL5X!Q?~i`<5P_
zEcE)t-#eo`I^8~jDvJ3M{(|X$fcno1fbBmp{VyYv|KJMHGyYeYE?1V0`(jPDf2sCR
zT5~h#!~pkJ-QuWQCCEoDG<ovv(fA3a0mo>dR^%y?_L5rDVDX35i9;F6_&Av=c{ff)
zWVax|X>iw>Co*tx09BPDfq6y}7&Bhz?2Zv-1i%Vw;Upa8gUi!iWg{)&vRnJu+akb>
zKp5%$$(+;;!2#aC8{l*QvOh#_i}Z5HN76fz_;oN*8vM$cER+BE!g*LU^n6rjn#2~(
zfTREmr~_d$!?CR4(5}8}vd6eKK(CBU6;4A%C1D_KS+j74lVnsrLjAMCk$pgmF3IFn
zI&iZO{#SJ}j*nJy%4w)Btn9b7jqca}fucH!(IM82a4GAyYA}x^iFBrAQ42#!7Qb|P
zWlG>NI?)jgm1x}(NGU$lFHr2-kqy8#2^niV$f9XjL0kor`cckg4w(ra`A}6D^uY>j
z2XRWgm69(55y^B2K{lzVH7H(R9<nbtatTZIFYcpQj%G2BvwDrB?hfFKQOz+3(h(E2
zn0J({q-v^R_r8su>jRiwh8G)?tyO`xDx)Cn$}iIY@Jnne<(oaM?n4@l-LrFN1ymx!
zQq`mCV?IY=SrxDh^*b95Aed8z8=+Z#u6Wm6;elvcE~Idy3j&ww4$cnqS$Jd>9ke~2
zJb0@WuX_D_QxNSIS{3yWTucdwH+SMw31b}8H(InLY{h=KFEpTTQ!|IOi5UKYTqUO#
zp*SftIHErvUtcq_fSl}zw`F)EnxC9|n8evCND|Fk#l&4u?te$8txg_0iXeK`wjlL(
zRYzW>0D?I3qG>RFPDD6GP6)%N8JYPhf>sXZI58V7Bz9IBF@w&#aop`3i^dm;M6aJF
zd&%RG`N^gjAire)RbBE6hL@LdBueQXM!Y1>q%o(o6u-`;b(OG2bMv-ct_x}+MtCl?
z{8Nktzf~;0+*wM)kLpzIZKmEZY(E655%MyqUtPN(s57$6^OrHw(!a%a_J6FN?p!m$
z6xjOf@n|t}u0GdA4b4l4;m1r&&wXCaEH%F2g3KA1v81LZ&RvyRY4DHJSRUpgVkufE
zn1F}GV=#$WLy<^MzZ%X;GP6pea5Q3c8j?lJ8{E&F`Pw9LRUc+7VSbi2f5#uAS>|M{
zrs0k}+<`1Dx*p?T75x-cq#a++PH6?D;L2=`vo31gjN0%b!1_w%L~t)BYR7U7MG)ib
z1av>RP!wsQ5aFXPWw@4pxjcG|AwM>9b$hSTy??z~>}ciX&;bC#?Nj_qHTVbO|8)5O
zU=GnU{cRrjC)VlzdrTis`iHC-boqkpa7t69Cmf3O+u&q8_q$(D+B`w9K5VGaDizUm
zj3MarBeujx^x0fkJl&6H$f_V(lLPeFJd;0Td%JU|EArb5p58JD(psq+h(KSL;2T*5
zU#Jj&p1<%`+3V{hz&Wz+W1PyBMkob15s|MWJk$shQHPNbnSUJwPuJkxrH_2Bq8NTV
zEDx7Qitkpu=Noa8q<>|1_CqE(nUWA)G(B-RY+QJSd#$Du?TTlwRpx0!U^BB5=<R?r
zOXI%ogD@|1TAAy2l$ojLpSB0@(+vDO8?fR}LMNVf<ibeOu`xIR$;)nfiD@LK;pN+}
zEkhj8urIE8s}ti+g8OtQLBc`<_{Qx=h&8yyvLN-*+ur2^;au$kjWf2K{u4bd)f%%c
z;%nYf$8Shj<{f2Hzq_GGVAC*GU=pTB9gWnx9t-CK5lb!gQ2gC^z`JOoTjN%wYm&~^
zOj{TH)szvKIDwg@KAL8j4eK2mr<++cB62jxqT)R1jY1yIR~EjTXMz~E%y))0@t1!v
zsj>&xG8>z%C$FDNFQ4b8EDLmQ+lLyUG*F#~{Z5*)&Q#B6C08fA>zQjoEw2))EdbFv
zf%vV9b6Qc|Pco>;)1LXd)~vb7yD@P%7!Y%9?&bmjDGrW2+z|kNPo|F%BqW3MwH-R*
zt(AEEK8nD^_LX;_0yA;KL|DNT<bhoAz=dMb*SyLAoJ1r6a@hebghvuDgk$F*0v<&=
z(`TarpPb9aA+PtLC=zOIp=QKv{G6uIYunf_rE}n5?aeLEC8WZBMT9RQBd+JyZr`mW
zrpOiZK-5pH466hx&*Q`tjX_E9do`D#-i)(xsgV;fNv)lEC$z5EmXrZCTu2~eN?-dG
zTox_HgWy~;Oz$-s%j_9znNyumIDbDj;y0@+<nP~(4k>fL?~z?P19r}u>e%F_*@?FW
z$(4Z-=@K9Ek;o+kT=VyK*ZIuKe#Ku{@nAh>)zY+vo9ep>^DHrwViEXqVkwyv#mQ#a
z`ySeT{keTaVIeTrEyUMbbaH~MNe&zBMbA4IX#-5lriF%X7H!r6lq6p*9QQA3mDQ!U
zO~nH>w<M8xF&F1x8%H@C34WHCJA)B|dndfY@wj8z(L^=+8~vuehlqvuj74?<W6O?y
z7*dE&2;3^OYt2Hk3iBmQZ*?6lDvH6T^Iq;-b2t*L=FTU4Qna3f^F)6U!K0?g40jUd
zqoNP1wc=i;nj-E66{U)^f;Zqg08d2E@jWL=Hwy`GE4`-oxR$;C!|vAQ;uh|!2tn&#
zD#pLk-Pr$w-b~N(m)jEkKb)NZZ^bzO&yBcWD%&PM;BU;dpJc^p1lM%u-O_7J(MxG@
zC<OOWhw1qRRtzCNd|YGJ`u84>t+20NuE23W=<d%Jn&`AQU!oI1zH=*?|B+mT$Zi2|
zwd#Ef#gr7ZV111Ov4YFi*a4&=5CX?1!WWXv6E57^ooocJ$D;^mWQ*!Ri;u;lBNt-a
zJ$raT&<s{Tqzx|}YNA)KqlY1b{$=5NDW}g~9_Rn%CaQEFamp&So18>EW<)}fOsO`k
zdQiT?tW(Uaz^qEb>=gd0J78kb+-I?K6(ZO}SQV3!LUIlJwdG?H-y$%%UgV;rY(hvV
zsrL^-&OPX>3As#BJ<cZ=sM`?)`Js!fI^uiSwxt?c7T`3Ds5;jLEJd3W+cg!LfrFw?
z^Pt++9Sex&5qVH~<=w2DB9^0G4WXkM#xFKhAlB>$O3bR(Bgth3-6sT1tdd4`u#&a#
z`Kw~Ovghh&^Q<f$;<z;`v)Qe{I`$MIO7gr}u9O`VnBeC}*DeI|^tGQ08}Vvgp+M-c
z$U)f%%Zdg5DpPAXSjpun*QyQ+;@7%xs0<(_BAV358lSvmb;}15=LwFFO=O`UaCd(X
z_E5H%+Cv=`FKJwQ<Y)6aaUQJQ3eNDlr;W>NQtpe3++7rJ3GNf7CO2xLJamKUsr7)c
zdU@SRYvYzn&#v2vv}b#Ni>mJA)_|RYV|!P;KJzggjQ#w9!nE~cL~FxEi`C|^e`Dpb
zwf)dYUdU8+bn<m?bzTpmKK5uJ&UHGWl%e0_(lRoxp%A9ptjIXNJQm9<v9=V(EP%eD
z7_Ud%uv5xn%h-xFmWuOW^X~Ab!Jvt=n{knz^9_cxTdu(erl0vMWTFI$f$9i!$m|fU
zT1TvfFLhAXYx-U2D?m>E$j%41&A_@QqL0buW%A{~69AHE-v71jrT?Fg{!d3`rTdTf
zHS1q4M)d#CF8=@cP?ofr<%8?EtW3r%#|vA$Mg-5VL$U)SqfTT~<Ys#qpkHb|UIAA<
zi85I@O(lw?n1LY5uZUA!NqIhaCvVi114;C1agmQ*RN*m1*2~6CfM2}ts=mTx19-AV
z^Vu=vuXCpCB>pEoJl+-s|DVh?bvXaAuE8kY!m*%YB2rrnPr~qNyec#y1$+DZ?Jqsj
zauMy2un<iMKj#2|0f3X$6}O1hAlov>ESJUtZ_`Jhc<fb)U&@#;G$XM^%1}?S=axf#
zq!Lg=KNYqC?%4J63eEiro5#tI0q3bmsqvfQLrZ*lAMw<lB#w$(;E7PSXYD;D=r8qT
zgfkOH-U(VObIst~BUPE(3JQ_>4X9L3Ur!%8sP<K?fzu7d0<x^$1|OBKJxu-DC6?a+
z7+P;=DFe!iIj#}}l6Qo0rB9f7xqS?Od$`5h_6tTpUxP)qKxjCnDtYs;f_Ba%2t@^p
zYtOVp=_j~9pEm@MaG(rhpr)xA=&TXHbPKGSuGcI1;0aF9r{;COh>|1s;g5by1Co3+
zD?{J!Yqm_Z1>)7CLAg#kcV@hSC{VDRwkEhun1p-U!_Y*6_w;OA|1d^y92Sj24)>2j
zCT)s2pW0~nX;vl<+gdP*@>c2T&zm~X#V$YO6+dZ0^<MLg`!}~%8+GxK+Xlr;pLH!F
z2FX#?+UHg-H~coWE)o?X?={1m*awaHyDtLLl)BiJ?F2ak${p*Uh0w02&_uOt92za(
zC2+C2T(bZc(Wk5~cv5MwF^@69OG%|(j{}+`LJX&nKVr(Bv+oH*7@3oYGD2<an=3*^
zl5o!{c8x3hK$Gh%u3)kr-kyOkJdCSNP&mi*&pLIht?N-F5~-urih1|x2a9MRdzFv5
zXcFzIZTGJx`T0SOK7J+2Z`a`PEHaKmW;!^?MkVc`eo(a){iTcii*dwC_b=xddV01$
zXQ4mX`Ohho?Z3(Z{*Ppj@?j}Igtvp~`M%jPLypkgNZ1S<U4;0lXdfvbIZsP(S5!Q5
z1>DG!nnFuS!f&uPkLNsHuv>@_9iGsaUnlM+3B5dSh=+OWHZ~c&n`_oE2C-c(|3vo$
z6O-0!&?pXIw2e>@FLgo*81`X3Emv-aKqT*(=&5fD5sx4n6`xmR#A*i$s@^vnW!9*0
zqD((u{U7ztJs;fak}UbmM0UQ-1jOQ<u%>Wj^%+|{tbGKg<!-6>%7dHfE>q+|C_T<v
zKYOlLKfr$-R}*)A$42v@^<&v^$V0%Oqo%acQnR9oQt=R=jxLOw1L{qGmQvrn!hs6T
z9eTpWGF{V87D#rxjYg3O`ghktf3a$U3_t>cVpRlg5CQ_w`Gdg|e?{d!9Dnveei_Hd
z2N=rS$sxtzB@@KCju4rNyq$@snszWDip?Du19Vme^=c<md&Coe-j)a)N@~j%4Z&g`
zvJvRn5-8EhmW+|AF$iZ;DjmhKO=Q)Deu9>hB$F+yyMZ^BRa~lF-<L?u4p**<fyYYU
zzLmwrK4&lmX8x8<5A1^_eHqJPJ!0$^^5jWmc3CLka8SxR-dmgprThha+{|<A;aNE4
zaNlj%?>J{7b8Cn`OolR!1V67vrWPW-$dKft<3h}crL1`wKesk4JnOYh+}zQ+a$;nQ
z(2%P5nwpfRJs`IrQD4*u7Qj5&%j2kt>Bkxl6z4VUqGqZ~4Qj>O;SGF%<)akT_!FL@
z>4{_y1WiA4>L-3+D|J#=J~xP)YU?FHKvt~VVUK0=g*i|l#WOnqzNFk126V1{Ew$Zx
zbE)k7JoA8GmJ3K)cO;5J2P&9)J%!Suxed_5di#ZimnAu<{fw<LPmr4vhJ%am4h)d3
zC%GL#==!GoTqJMx(`5oK346}-&ym4^2?mm^e9>R3&!s%CkZGP8hy0NaG|10}I~MBl
zd{?PBx&A_W&U+HzI42IdQ37>&XJBrHlz{-m;;AqzW9$qfDyanODk}^jY9IQRvmQ^z
zjNEq{PLdotp#)AC$UPspn8RdqkkG|;o4Si75L#Pn5urHaN^IT~R?7Yjm|U}_sBGbZ
z{+c4R7|mzpE?|uGkrvL5wyKL+0w_)@4?(wQ17K!$K`r%zHKUNF^?pSp13k`RSQkT;
zdmxnXha&)nsX?J3D;Vjmj|`@2<VdbOkZ152eO7F`+YMMrx!AH1xC-k%C2^jK+qC2C
zYY#x(o1YtAwDErYg-%xGsEn#Gb+mi0@&GX6CQTK3I_JTn(Q6nr?@_gK1;u4XoGQ#G
zaCn)_EDAIUV|3xa&msJ)O)<seS9aN4FlklWl`=d)*RmOaWwNpYSxS)mm-#;58tRY}
z`#PfrUYB1%!vc`4{!)4VDJOqw%$Hc^-=&A)Z)a+T|L#m(uH0?^C$;#N^5MX6Ktw#0
z;CEgr(d<~0g79?sSM9+=$eoJ)2JNH#{;2jXUm(mLOC`b5f(p>aWwXPx3n+ldZ>r;U
zG8f!S&E&^19^k985?xkNbih*@DZAmVFihz8)~*WYNnF1ne7;XPrmIsBIg~0q$fYyD
zC@lUU-sNy1ddt);?6%D}Y$5pJTROjStt;zyGw@rY&`q81xUAhtU3u-qd`SC-ID&~H
zL^2-H)2ERt?hd*Sv}-8eXEBsxA%Q4~Bd83|lRWh`=H>2zzq}4u2GfWLZ%wOx(w5Wn
z8OyvCIQGUfyJZ&YxoqWpFB(#jgCuiu3^{4g&@`uXvDE2xnJtp(Fgo)=Qe`lgY7`*g
z>Xf8*Iko^*?4iHT=B3C(iR9+h!^s(}vsnjES|`cFViE+HpPlw!PAZr{2tNCn5LEZ2
zIYHfnqEx-tsI<2G(p-dU7y|}3g{QK|fIQJ^>LQu@uMH=0wjwiMF(Sm;-a4MOc!Z1y
zI($O0!9=p6U3-31R#CCZM76@3`DcD(H|cxIjRt+ST7Jy4)F%ta*CZov4OwSPRj8)d
zQPIJv3COcDFSGrTsf1;yZ?JgGKl-~OdLO{a)@+pdT!P3Qv;D3`Ih~O}cMJn2`rA36
zU)7nvD}@?>2*`+_vA<c~F<GzvR^CybD~mDUz`~^2U+`IL7n@invYIY%OhJQ#0tM)v
zhH;i>=Icj1N<>ayIKrAqO(ot}3pdL(fxIYf8`F*DB7{7RmT7zb#M_|HMYb6)_A5Z*
z)b2KsyXjfpIql)@oO~#m%~Y^x8z?=K5Zq35_CJ+zdWATVs|U1B!uiNCIC`1*)QUGV
z@PJrL4`^J)q-epWmMXIJpGGuO;Uv#I@GV9$j~~z8#4qj5TpYutgIdTqnnbfwy7mKG
zq^Wk&>4`GVgZ1t-$<0#bEp<-T**V3K3<9b=y#$tOepVBqnYpxNA-r`xm~#$stBt2R
zlhz9lZhz^*aqZr6p@?R5>3FBdI$II{dC@>@LUfjTC`;vyCsP5kQe$G0Vq@V>FV|$d
zs)StQ;CYZMCuiB2H^Gu=(F^GbU4Mu9qmlTm$sA_EFU_DQX&UouR|eun+u{ZFKqpey
zv8GDzl^q15?>UcNs4-ADRbOyFLWnpc3w@IMRFSUdoD43RleJ%1(BmwFJt+}jk3WS^
zmDvbJ;#idI@XIUwjPU|tjbW7{a5j`J9L1egBbnT4`bndI685r=!@Ib~8`6bM7X*s7
z|4cP;^d))55lYe(u0EewrdAi!{YWvC#WVI{$ze?j5gi?n0<pVu)sHQ1pHY%;LgH=k
z4BojZTw{s2{IN#xwW>o4k<Ifxs3b8IH4gOS{%}M@dbSfp+8ewBK<qFQ_WxF&|EVbd
zQ+=5KZMDKc|CjNZf&RauX4WgO{|WZ+{uAtBF`bHNbXv*>nXeWG1Gc~fR~4)W%jDFs
zES@hp11*1N^g8O2zo+Vyo}<Pxk|=fZ)LOZT{SGcafDgU+6z_Sns|0S5WDAz0Me3^E
zMNnW<Uz|O53PD9uN+dS;n1z4?uj?^{qs<y1FF0;)s{CaOnUgQeZo=hXD4W?edtlJR
zURn|_=n%uz?B)*h>}MkDEw;fl9Bjzv{tIw|GSTD*O1e=P|FEHE@%?~~K~rx^{1KKW
zMgg~``fdc%I^F|Hk~8TUv>~~ye?+bDu)X#oUD{z;a@?mhW=vpEmV33xllV^nm7@j`
zPD4Fe789cw<7wJhOBOIn1NZIjvaVUn8o489UgpIX#@xWna7f4{y{HvVI23ZKSyOoP
zFd6mwK9u;#Y|2@u1NCF(ruCVeyHF_o*`GXL;p=i$_&UhD;h>uzR`xUT35Z-EqS}M1
zCd}aD*1d}xL6=#Cz$3npll#))eU;<HKM}n%GlIcz<05_(Oly;!=f;O#QO@U}aM$o3
znoOV5@j<?rC8#>H5&G6|M&sZzAlRliBHh@H(t*2sxo&o$))@k?Xq#<UdumeLxOJOr
zZ;}wYJ2Djh3U-7e?W9EZZ6%$lsz+nAYv+HLmg%5{2ZgCba<<C9lw%Hz=~?fVEi)or
zIB=0P^VuWf3I4wKgAW{e4pt3wnQwRbEM^hl#G<WpQ(|^Uk0<;VdW3haBCF-WDYc*O
z6Stg$on!^w;1TS7P#K$bHI2Fh%q%lFlhf!v`<_7AHu~p1!i}9Bn4K!u?2qxpk*Ika
zJ0izyL%iZffmUR7I=j&ykEG~M+4cdUTIn3O&K6Y6{-~rO+`-GN{P}+J>dvjsM>u(k
zIQc_A>Jqt_<S)vI0T_&IG)>h<i%mMMWRs2vuk?3zReieU0qkW<IZ5ZmN#BED>bqwZ
z>fM&G?{J)=RJVg~4#_iC><P=F=NQ)=mX0G|M!C)58+J%Cze|RTZY+8Cq{*;xm@)Tc
zi3L-#BVfGhbaQnKp}l8;^Bv}{CTDoT9PvB4G{4BO+myvVMn5%<Zi&i$bl9BW#&!az
z69^yu1(yFn?GG&3{vEbM&%p4Pp`C%@zoL1TC$7q@^1%gNz9Tt&U4l-XU>a!6ASe(@
zz6tN-p7ifn##)`PSG58Z$Zn#qf?xXzs$&Vn|9sf=Hs*<X|AxN{H&gmC7P@t71qF#}
zo1LTuoHvaYgx?XT2Y5{;-8G_%^TW~g1AnUka1K`uK&P-cR$xRvdBR^JMKIj^+UFXq
zP}mlDa8?K4kV;$tX0~+e=s_Pa4?ilB_xs`O7D@3O%(BmIKm@_B!F1tX^SJh13F^cT
z@fmNnQHEnIP0TMyYV1lI-%y+hY^>H-Vg3@pi5<*H>8*_rvDADKQ=N<EpsFO&1DBoU
z<_57<`xO{a*#p^>U~N<vSJzJ-Rk}56+O=c%t3NZrDVfG-69aD9#wydET|*4C1N*Kj
zae@(HV^}M}-lRo#+}D1K2t~=PFMp#46Rt(&QNjOPeES`YvPCOH6I6leer@MWW<rW0
zC9Ls>p9T_f0WwYeJ__|AEiwV(0>u~~CK((IM07J19r~d8SJKoVW!`XFVjo<L{@nud
zYVf13w#cwgpnn~S@fASd86^Q@a_L<wN4u~jVJd?*CwpF^p}zE1*ZN&*hq|kc6fF_-
zchH^@h{#uH06UgrWCe9sV*7hg@T-cjUuxo%#o)Ae4Q8*{TJ0JVT9{<3PrtTvGunem
z6AqbY8Q*r2R<kSm55ph@xrZBPW1rtXRncJtS;FH|6ShICYATxsM>s_#8QVCOF!ntn
z63+3=y5w0z$J*<h!s4~--0Q4NqS6-ej#AjygF5H~IC#{Xl>!p_9^sTzxbO!|%g`zh
zLTTy>t_nB~Hk=e^er0kPGFL`<gMOVZ6K|S8Ebjn(&MEbme-|7^&22xz<WGdI|5%~-
zLj=xA**-V1wv<cs^~!5WmsWj^$(t$QoHGuj?zWbQb@}lNdQGxRf`U;YWk|M5)wYnY
zW?jTY(xOhSm7?t+(z!%R-yRjMqV86}WNCQ>lShA#LD1=KnetHSU<9Dr`JP#xIkhfT
zO&@Rr;v7PlPj{mH%#_;bQRaffh|ATi?LKx<RU&PNJ80GbKO^gxhuOjlaI|F%qbcqt
zosEIg0=pbGZ^iKn7AbGz(FU+L03yrj|Mi*uLgN4SM>fWP3mO<0|M%DbSQjw-W3=)A
zU8?mf%l%IrR%KITgKAkwjgk0w4m@dvGQO6UiXd(z&p*61{1_PV0_Lf&I4ojfnKH|v
z8E4W}KeG*&!OIJtXN25nzP&Hv+RE0V6GS~YSd--9mq1ewew$OnFq*^_Bo$O?%lUPa
z7H9`vx2YOM8|7E5AkM)LMgAx$ynYo9SaB#}Os+ta{zIQ=x={kae&H*}_ZO(x?;%;-
z;1gk6o>O_;MBnh$lKY}*#L;M9@IamMPs-nW)=ASD1|obD5N3KLC`*&gU#u#hMO+jw
z@gv3d?9-`d=<r=(YF!a%4u5{+-VOC9_UiOQOjNSvmOUE{Mg*exnvHLtXW>HVN~lv1
zkqz@J=}za#OXqcfscn8mJVkc2ZI|~_HS4Kc{sjNEolg8|-tCCln}RHniueQL=qPxM
zJ$`!C`uBG|xB>(OdWz1)Gd9EoU0wE7iTPqTTpan2tyG#>s&EEb))`y`mx@pIE;5K&
z!7jKhWD~behoV4-@@p`Q4uzGMkv?|oto~a%Es<+IwF^5Af~QaxY!@si5b%{V?qSv0
zkQLQHVLk|r&cnO0`Pw${UM;j)hmHajRqFwca`<_$;U))+k=Y+-2<NwUeL5!IcIy@J
zSePlQ4te&ZqZ=7~P!6hmfRbYP{%=_eL3LAJDcm<LzAr(S%+!H?td(z%ye%jjO13oR
zC~Hrf(;Fobrnbt_6SFmQ)+C^xxQX-e*hSaZvvVDn>GK&gsIS=Gk&mtyqW2vGmkLc=
zH4Pe#?~SO@&|!qTlfm?89Z5?kY&V)&KI@mjdD69mFl9{^s^3NG*??y3wd4j!-6e)%
zy@io64-IndY*3esY$@>5tO5dMFytgF^%EC0IoZZ~a={)-7V0rImF5l49tzp&Xkl0p
zucIv3_W0@x-C4_lqO0fP+#si5FARV3j)lAVvZX!_k{@!3_p&#~Ogv4`xc)k-t6gP|
zG=;HIRtbwq@{XAh&m!FCnvy!n@>_gi%gIpW=swF5mBCqO1jpq?dH=1r1c=c9p;XOi
zAc?lp0z3eivpThdws=}nx76$PX&~&VZ}p)SaDTBPo4~}Bf7wthvpk8cUT0AL$y<{;
zwu3KsnRLl?zVGh#kO{oIDSqfIl2(4Q2W|^l2OjnFN$U^GOf9V;ijp;U^lg?*@Y25%
zz>23Y_b<)&U)DHZ!M^|NBK@UL{9E&7`mdVrAGOl|^2SlVc;h-XE~hOhm{R~|y1K!7
zp!12mEUV_k#KJxwPjb$&h1KpuZfGEiGG{*cSwo`YlaGIrblO=a%ba+q(BfBebZM11
z^w9XXc35Hbb-(n82r}EMmmi<*!4F_nu7=be67a;n0YuR#6FySD+riHPZqW@B<mm;S
zSQ6q`tw=K#hmLkm0D64wwTOodPS)uF=gHt?5#mPxVPw~Sda><xT1g46a1SttY9w_*
z&1IZG4#W{-hKx;GAsY32=Fnei#I#*1-9KtXMqZ+rsQV(<C=cqE8AaUd#jT^~0O5*7
zRR4iW2ewIvz+2U%I)sHDP)I|`0wI%BW~%z3ZD(i@?2aM_zx~xCn?uy#?S;CCBw<{<
zFabx`^@Qj!r3~;I*^TM-kRG2WL6>N;oz>ir2ILCKB_2G0r?xhWlW<JQK8h9PMTIls
zBkomrwkr#Z%t&7pn>HjojA??1AE($+Yc*gZ0_(`~^}(f3cCMg9`M=o)(2JWyZo-G4
z25w~t${{FzLlda$Q;(-MPPV9|Nhh5gW(aw&`uYdz21D-hlUi;BjEfHWBY=p7UVO<b
z1%RRS#UiV%D7vn#A4X2WPwWWZ$A7NC(7tx<YAD;NVJFRR@IS-Wetm|?YJ-C!Eggst
zM<!5Lc<#q{T<DV1!`>9U+C5?d%Oc*nD#fx`aZ3~rJOmKY$U&nC^I?HgE;X~csJJ5_
zm*ns0!QUpmTyApUUCHkf8!{%}<xK@iHb4gWFq#C+s!1p{+R3havR}wzLfnkZ_GRr1
z;Frc(v^i!|Of-LE9G>sx_?Sb+2K1fl*ud@iu_kCbU-F}EL8Dt0)7G=d&o4v1o)511
zF+LtT^RKaae_K|S{o7FZ&sY8D^~u8e9{^zf%QBpS`M+9*f6*)*^8SaCmAD=%j79}s
z$2!=m!M+r-h+iM92t#N(mG9Hd=wDwl5+yr%r58}QA@5oh2)$mp+2+OM=GSEcx0J_Q
zl<+ue037&$wj_wWVO}3(#MgPv5M){(!k?4m&a$%ZeUmKc^AWFnWg$R@x%7l7W?w02
z3^y(7cwP$^JK_#{8RyMC@Wuv%M&z>5Iyl)_rCxLOF1u0G_qyX`nuMfF^`L?;WN{EY
zS}|m}9-?pZV9L8qA}wd}Gdh>$Dmy>sH&tuZWRub#q9qWDY9wLGs0(JrTm3Hl>ookF
z(QBvyuW{Nq@FeKd5OlE6wfbT47JQca+yIJNRWYPaz@k?jjM&8(dCb|B2MQQ;`2bXS
zKm$4PBwnwThEK7>Zwl*xGJKVq)W&c=XkRaB9LtjT+k=IokBGq5<XT~7+raD?j4JN*
zo-VIoW-vk1+E8>1#e`xx1v1hb5NA#QVvOHVq)p@&J$VSr0XR;o6aw`>au?!bc94I0
z<m+B5F#1`TBJn^jo8P=EO8~i-B-)dr(I0Xr@|gM~=ZBuIClJ>sS*6I)(POCn07w1S
zOm_VXiMa?=URB&*3lw68(&lvTTzHO9RNLH4qi{We(9=D>x}I4q0e-9tKcPNRQL~}Y
zY+T3|p`4cDBv;f-eO`>hq42kkmG@68M&v@W%n&Hv%@Y|IxkRMjnBqhaJ!k3mwHp(&
zR&@h1I2ylqK*@}@$z)g87>9gLbLxW{B;)P%CZaz-@_tNfZhh~0*YPG%rtB5(=Jomn
zu5l2f8I`}_3^d*gR-~$~X_)v?Bw-n%wAqZ&318}5I?X(nCDRfXJjxLH1`WOI)%J7-
z4HWd<7Z)2p6Drv~B`1w$J4nErOWpD<grGP5826_+*|KbVctuL~?KR`d=TJ#y%3Q@(
zox%mfIcI={Y7fK$+<imN{jI)p+uDmw6&X=5$a&!6>_J6dKCEM*OZ<8_x-VxPXBlK|
zZA@9`OyI*YD|25MHTqjh5;Y7<t%Ry)xRHo)MrdPyZIDy%KuDC@XL!WJMb|6-I*W6I
z{=;@z4;0GQiv6ib+WrfHB->hBQMHK8e3aFE+wh}a)5GH8^wI0pct;jN=F`Uc0pMoq
zr`Oi&hwviVGgV8`3G%MD2_J4VPcAK&;0raaOHFy@H|TZ}kL1eD02cX>yFHP{53i~|
z!iUMJeA<oA$L@BQzjVESko*Vq?DWk4?s_bL13k-s1^V)@C+(NA&}*`?iIt@~mCY*E
z5J4;t$hS^>6>JCKdW%HHLhNkJnN?|L(7}0zrY>WOCDuvl?AFC))6->~`peGy=;EW*
z)Q^=FoJxwXd)*Db?;42&-)rVeE|p%8?fT>U#LDF+$Q&WxrxMc@k7zs;LoC1ccWj10
z;Llk49QZxyuaWb4(nmhF5I^vZfUV`3&HpPPa95=}n5zkfqwY_99I+knaD1%k3_H3e
zs(y9d<Jx<0ZSK}U*PrKXg0eDl$;BAYO|v$Adk|TEPM95&xR_Kel*n$f)L^o=wsnl)
z(pNxR{ZZG-&m>=J65&^RDZC(ZqG*AKc;>xIQ8#Y4op;+iR<DT^qv%SF4er-LNE%e<
z<#QKG;L4=t@ByNfpy?pM!)v6@U3x`{M>$gx>HgND4Gq-LT8~GR<};K=`qq0!@MBXN
zs<mpj{+zwSDSetfz_VC?r<C6i0Ya?MwF2VF4r{{2?<Ht7)ZJTGx&<fd>zrs&7CvS$
z#`6sl8rqo`CVR~EfKQ1!-BOITScTjD(>B^SA~`n`D$<-|hxoIZUg0f{m<d}>;vj_+
z2kDb4VS37jOLDT-%i;{gOR60i^06G_Jhj{kTo*5<zr=Klx>(ohBrq;Gqe#|6rW2<s
zZZ(l%aDkNHVoy2__5mRcV3*eQ`>E`%IF&fuq2$qYJoAxAbvliat2)mgm1?iQUoB&p
zs<bF!r*gi*6-LS5`h_jDj9B|!jJ9BM)cs7<u+O%`F)7ehha?iBFtxp+zZ<dG&{Z}j
z%&IhHhw|t4bJ_uNG_SWVg-^yTNxVGdjotzW6N<M;;%+s_HNH*lluFwD6>Apz6WNIN
z2XQF9gP`ZHVB%Iq2RVl)Kg;HB+hL;E1F+kk@b{GAOgdUl`-s_4Ew^nXuc{{aYKFFe
z=apL*76%G4CKD8ND@F2>`>$~OEz+Dm3AIQT9z26qaif>6HO5H#=HH>N=%v$41k*uE
z0-u77u<*D)Gsx9K`bB0xEg$@g8stSXxf>@99h1Zlex8}UcLinvtlr#f`O~=X$o|+Q
zX0n71j7`k>7B9qho@UT_%EjepNDuzb`8|lm;9kDGO0DU;a$GxVkZg}?fw0|{R*%+Z
zWqL5tOSN2=(-ml!LD2DEK>QCf|JfU{{M&+-f%R`7{)Ykb|D8+Qzn-rD@_L+BP1u7K
zZ!cJ;QO65&0|IhaJ@ZW*U};4-j*bTcdfnv|lnCjZA;7G&*Y8GnX1jgbfV#vFQ4o8Y
z-7IB!d8P@jkC5MrQWKp$h9UufM~wr#F;nyDHbuTR{rupO;0C;FED6*>4UiW=PpVQC
z24D|N|G2SBH?A_xYrL|)R*5gPlOrOhvd(LC!L`=q5U+Ky$=yVmE+WfrH}qwq-Z2At
zri!Q)SKZrcNjQyg=lcjcEfKKLt0=IiV_i9xVAWd!)l8L1<~9^hwGGb`$B~__37Gzg
zF*y+bnfowA&HsxTkYy>?9z}V@XH^WcF{|>>p}5XINH^F{UP)TzHUp%gN4#8y9Z#_l
z9tO-H0wTgRmD`fcu!X&hMS|6>9e0^p*`Bx*O}CogKOk78%Ib$I(F<A-4uNnUI4r+q
zqlire5{w?X67@U=l`<B<kFoj+j)`npU7un*;)FeZl)Dk2``=4N>7GsHOT7p=wW<ov
zzWzL~IHg%=vy+xshqXkQH(FO)_-LI(>Yd7XW~$HJ<zmy`bCSzj<o7DT?gDwl4I$>D
z!|<6i6QD$7962=hu1(a}IUqVzH|WE*iAmZ%M(G3Omp4%o9O64~U@;GGzaVL+%kt&&
zM2$}~m%Vc$j1C?xn;)@sHmh_2Vez(Z^*_pZu$Lk(Qd5%yMM{~?B8VE|h-|`)NkiQI
z5UP*|hD$60d|3i8?{u~BIE2J0`B&9MU-i|0s}=%<T56Q3HSPIWOCr##=B&l|xf9Vg
z#P!jPgcC3bEGw&@I(6n=eWYZLm=u?mFqREC#GD7jwA3QSRqe%=ZtPgn$|(@c%*4uE
zT$u$_)s^wDGW*xPaw+H9`)b<M!A%DRVN(ABlqDTbKAUjV0%$oANcFBc5iYjoat$fY
zR4s4s{a!{+#C+DB;L=y(kkNgM)R_AcH1SZ!=r?_?_seVZC16QwPj7nKUHDZ-66baE
zaFdf}E|iwny55o@lJP{cRy;id(k615vMf=0gpE_+6~o=3z?Gj?X1!kp@KD8VTg`cU
z`N^*lkR%Y$Ah`?4I9d>3Uo!LFWA=XbC?Siq`0~w()cp5$)MM}E?kOR1)M*O~Ra@=p
zt2gTWCsKc)U(MzYZCg|b>%5&b4CH#QdMh;S$SWyO@Y|U>KfSs<@p?$%E<|-f)iR4B
z_mWP~;KMD<&Cc&I(${+uFN1e9_<^<(Por5PoFv!Hjv5uV60#jXSef8oir25^?s@YP
z727b>2~J_{^F85`Un?+m6OWasT3ikEq~Vja8Cd8A#gX4Y=xcT{)(@yqkE-*T0G*dp
z95m7Qwr;yOo~R}35f!o{s|JT)(y=h=nt;??mQ$$KIo~4i>z^|9O|{D3v=xNCFHD*E
zFd;-Ryc5BZ6`9uTn`d6Vdhuu2rR}nygwj!O1&!Bk<6p|yGq?9fXKjQ8v32Zr0jB#*
zE?zQHGgurWTRc2d91xzLPP4~lr#E9bRR5w6VfYtQjh>$IKWf_Fs5uP(9X03AH1g*@
zeyVczG-D{DFQk^$+-%KgH8{=|$-(33<|Fn?KpK$Yo5aHO$G#_IGz4{PaGyPbEYZ&S
z#jEO3W{|jq;D?!)iPB~7csRtOWQe!rbedEl6VA@12UpRuAw4Oj`za1DHc#he0f29+
zj+!tpt#3`Xa834p3u=r)>h|Orm$+zMncL;j`^~0yD#`6LUBSN6<@$J$WNP^A^lO$|
zCyl#~8~nLDME)^XO1LSDblfx>%5htTV)eEA@aK$hqWIy_3fcMb3Wg1X!oVQUa6)+?
z_mpWeO!Hv(&qS%2em{`II77F{=OkA?ZEK=;g0}1e<dyP*0!&vO$;01(O=Lvx&x?!1
zMk4MxOs-rTUU-sf;^*t+pnT&6qh;#D>8XtBJU{L4M~25J^WtcDH>tZEBOeQW(}Wo$
z<gK?vmvLa?)KKa0;kHg@W($UmvaRd72>qvB8PZ@xwKh0lGr#u#z5(?!F@7f4UYl))
zvvPpDGDWjQZWk8$(S<fxo*pna2iRMC&{{PVyK;bI-;kvr{UgRjrzN%chU}f(?L4KE
zI~qoC{TRwmW%{2j+up!J@Oos_2QAUHa4>|iz(?}$&C40KiNP~=u^Zu)4}j3-BzS-J
z&r)vV857q=OpPe*L9<(n1lg(z(K;WMs{*C$0r9GBjY$yHFaQH|n3S#VJCTh}H#K=^
zV35=@iIY-a+SK&vW0{=^_&pCb(=?rT_Y*_uDAgO^bd`mnn*p;a?KtO2h*Rw4M60XI
z34nq|{tPUSScgnwOwh2n;n)@4ejM0n@9CVG*ma~D$yu>cYyd|xp2YAIX)Y<HIj7!+
zeoqE?H{BHvz%EfXMUV!j+BTPyKd*woHIgUt^jZ~fX?cR`4y(EW(>AM$XFL)=c*iSd
zal9S;DKHS*O}~niU0%&bjEjVF`uT`_e$|IOy{VmGWLdKo=HJ`gzz;6RGoJ{lI3N)p
zRL}j<`&!tIun~3!gRQvZGdht2fMZ8m#!!EXh)ZPBP`oDyvt^Z+z{+oSch|jyLNT$W
z=UM(_4;HW5%t3eiqe4Cs*3P9V%&;4PxE98M32o@tN5g9rO~}kgg@(gjn&pj_!bk=c
zVR%9hVNZ^L8N<<Slgh7Cg&)L7>~>)uOSxD<5XS@GG;meyjPL*&wcIb%PBLmlK$Q@+
zPyO0gq7tp#c=eyJ$P+`x`7IsKW%OQaHB{+3`P&QAbrtFvnZ$lt7S%M_Q;eY<^w~}v
zUHz2uRpBI|OLx)|5i&AA$E1QYNNCL~fyor$Bt{cTL)(3f>nb<=?Xw_d3v3zPFjErx
z-W$BqkjxQg&t75G2gL=t{M>Yr92RENCzGj4Y;2}f$^beVb#bhr8)Zum^KJ|eh$adH
zEyEda8td9XeF}(XLhU%!o+qU7(?Juz^64z`d#G6uvlILRn1KJ)1-mK+G33VpAlIRK
zThKrfj>EVX@b^oLCHe{wD&~NnUBg}-NwLn@xsfyeSUAgAp3`{X)Fb}>P@=1?U9gnv
zGbh?qZFveRH@c}7{YJ)=t8ntxHL0togf|KKn$2a-*ZP`+v`!!ukhaiBQPWgm2JS$V
zy%oEcE+td(R#0nW_v`?tEl}VbZr#l-D+4eNkg}|lJ8YKzJFH~YD7IM>BOFN??)FwA
zGiP>JyOQ+K^^eownA&Uj;styYW05L!fm+jQ{L|K|;k3-qM46h9JBG3i7vBAP2d=<;
zQbpzthd&PhDZ|l&kfqKu^ig?Bgh<|1H1wy#6UCx^;~93+@#jTQP0n4;Sgd3>Z@RE|
zXmIOIlXBPaW<6s)N{Jj_UZ4ec0Ee_a;B>roZdKNnpRyhxN0T<Zd!KGs|MFn{H~Wc+
zj`81P=idx%82&p$o3GHmKa$>#Q<X6*jV|NzVCvRJ%T!&+e2qr>Xu)V8!D$u^aYrGF
z-(TX(P4rlMLsG45r;K1i$v5MJG#i{|fA}yxA)Re4#p%{c_A)6XAW!B}Q?5)tmYys#
zmOu}#Gy%dqBO%$=R~NZ6IJ~wHh!1VN5h!CzkT9dY7=xi}PFc0|uH4X#uGRiVvdCpe
zj!->2`1WTvFNj?#nT-$R4C-9k7|~Z`AUiIjUEmw>vDh)p<93=kb1Ph;_aH?4e0sXY
zk_I}Px_N=5k7@_k)w;H20ftb~y<NJ|Wwy+5-Q>t+qW&k;K*5D?=HPAh7HS&AO-d~w
z+NhU~KxrcD4%Oe=fz?n2OM{<48n#CZ5UTn}aTX-XVA-!|@bEOL4+6fE7Ik5Q9~D_r
zsF7`unem}Z^=Or1s6k!XwUs@gSQFc$(y>Hzs031NY1=)qvC4NjWi9JSYQ=`DCGztK
z=y2ECiFAA#=f*Obn9T&Y>P4RXWXQqnB{F(8jK53103()xAtPmJ4wSby=sp^WVHMg5
zsIbZ#&5FjdpUy+TA=an{&}<H4e7nj_nj!DQ^lsxw<L!27W;VP_Ia?S4fuev|rw3ZH
zHGtDyJ{s9a(5h}3JwfbsXnmq-dFpZSTTB*ltYAjLzgm)5sM%Kb>sCEM{$<=+?KXb}
z4KeiG<3|VyN>8-!*!`W2s3#i@BkHIknqscdldrP@(`-Yqn_4s*D3>F<3o28jMoagX
zRBYi?76=Ws@5RMfmn0TA%!l4LiKSS_P$#le8e@(y8AcyTCCFp0W%P#@5qsgV3())p
zGQ*zI7kF%Y@kOx3yVCItIcLZOBnxdyg`7Ot$cTcHR`qG>3|b9R;z=1^hyz!vd^1T&
zWtU=K5q~ZaGJS<3^E?YAX!%g2`~1*7g9g42JQL*`<`Iru4#XN15C5Qy34hYcO(Jv$
z{sBp&1yG@kbS)TJSzhSuXc49p6mGeDx$|$FXQmJa@$@W0DqY9)=en_sR6#sz5n(9)
zD^U!N%sO5bdSfJxj!kh^)8f*>T{i6VJEJtxLy8iPuI-0!m3A>ZVrfQnBCxh>9EWj)
zO=7p`A~m2chzy+yFc6XYvZ4xZcXSU)(0-wHwpIvAd=jn;-Q`sGK%4{~SSM;cdTeg*
zs%X^)xmiXXv=8|7FJYx|&sY<fkw#t(l4*oFr}@EzyXNH*#~k6jZO1`e_IfR$*>125
zKbPC%J&kPfTp=Las<8$EGb`$eDcQWPXt#`-d(~na2cR!?1yFcma#-4R0vQB0M+amZ
zY?`9Gj3Z*5K*4Xf=sb>KfYF%rpD0urn9AcX%K$+M8dw(Pe>3YF%s(afzVW|jUAl?;
z^i&rF-XPChPOsA-yg2!qR5cx)EV~~%dL!Hm<ZL)DLAdBUuMm;!OK31{OdB*P5u52d
z`p-)~Pm6(zI#ygK_oL@4Sn4(}E*2os=*M5sOH)acP)R;SXT8Y_veYI)ykjBEnm~Bt
z--@-Gtp~MOj@q9ZOOTgu-gEF{N@}(%n)df&6k(>9BFjjLZSm(&P>#tr2BgotIj~|6
z_#~3@mX!AZ3c_EK-+cnN^Xh6ZTV|FfEI@YvL6-FEs+6$o0k}Spd$=i&gvPfi)=+J9
zu1QdY>~e`+#i?}zsw4wwj&MFTmV;d6!R!buP_{lmju^qs48r2`1z!qM?8j0J+UtEr
z55$s37BX$lstzEa;1bp_=^Y!wwjiQM8n!u*F*G6u8KaW+u2MIY`l}r+P*Y5ggEW%p
zgbPuX|EMFV&{0a6R6G*r<wt5mVrqVErIV<r#<tcm#-!<xJiQ5^F10ipX=Op_^UfZq
z-)ov`QT(2~DZ7MpNcQfZqzf+lVLNcdn=01;ip{`+X#iuw)G3O{a*NKnzpvhS|Ls>u
zZ1?sl?%8Up+s<j_DZ7#^PscL*8}SRQWS8~DUs}Y!Y@FzsSpThHVWj)N!QNj2@&77U
z=YI!)Ta`2F;qal*7iDXTb15wi?EVF!jN`j+zLfCH;#1#D)sF9`-fpP6V5f16IewGN
z5rA)<U#vDl@^sOG>6!B0^G>#9Ss&U?X@foF!E88k_zy=<^cw=)9@_&zw7365&!=?+
z`|)`V<+Xt@f{@sa(BNJv0HY_f`OF3;S~cGGwbpn|LJjKHr-#yW-)(PyhwFAkh}>wu
zrfJ*|trU2L2hwW-D<n*w?9pZV9qt&3X(u)Ye@<J*CR(mXC~U2pmmi~9I9~_bq(H1d
ziU!@Ab3dIm=5N-d>BpN1QcK_88G(Jn!mp~e@hn#tq($+}Z7WAqoNf9InI~Q#2PDyd
zC=i|sStl8uAy{-zq-2X2ocV10aNc;<-vGh*2z2|_Sunf0Ra-ck9wI=7PE`C&4K3ok
z!Wf>W=L}FZdyh5+UFbdsqPhky6(3`Ew1FNsBn4~*&paDF#q}@xz5;~jZuGW6#4SWw
zRWCj=ghF^{(k1b@yJr%|2t{*0y%p}wW#I)HNrkTTQUyKJI^8#%h@d<?DiC&@^6G5L
z5Zr||OAhdXgo7SEx`yyiSx;)xZVwhLC-{(ZC2@d#5nE%zCK78J3+r?@kzI2+_vsQ*
zQwanY^Ivif#LmSUUW|#gK*qpOn#SJ?LMrw)A~>Dy$cm;V69fXgj);W$NQS>1)sW@a
z$jCQf4Y+R=hc9t%T1}itAwzg(Or1R4-^rrx>auA!yn$|0GQh!@bX(p)&4PqcAT~?w
zZ|{-WoZRt}75Ry~gWH@=Bxnp=gm59yPH#%OjUw|?%2)1})_YVOw@WFw)-lIR?xy-U
zgMVe!BM^@Y5=d%nn9y!6g2#MIYqhw_Xq>DCy5EQS-K@8v;M<M9*OIMot=E?)-P(_*
zM^84QMbWhBsZE!Y`L);|H)m~DJImzCau2Q;*3_B;1etTzPbnZ}(~TTal9=ChWQG>9
zv@oUp0S&hMeK4T`*DP|@8Zoyx_dTJ7ZB0H*$jYsWREOrhsI&YMNcB_jVr`>5HPb*k
z?$ct#Z+z_1#*wr}h6xqMHyNF8j<0Vi@K+0*2?Qsab){-$uJ`eEwzZQExW#w$7`~l6
zA1Iu7I?^rhn^%75WvVmcfrDj$1+%Jk0^!*U{E4yblVaz$34{cPfXxxh;1cI3m>r%7
zjb)^>cnK8N;(Q)&PvrVcef5M;5rnb;+G0cA`-R6*j-9y+`KLX<4JOt)UPqR1hlOe9
z0+$iVc%3$<xiw1XeG%2S8THDC=k*J@4ySi!X?a{C@h=mzGAFGL<@TPXo0k)X^xo%q
zjR`Ymh3zJGQnUaSU+duRzGsB$_!beKZxX<@8K3>vVN?H)v2*MWY~8kX#kQSPY+DsO
zso1t{+qP}nwkoz&vF)2$`<%U3Yj?GF_Sg9X`W$2Q{yzOKi_h(X_hWh4;+L^E3-?F<
zBTPNl@;`(D{-r2?E~;Ps75_0q8R`EQT>Q7F5941|U;pPxwNh!zewPK_>ruPb+L;we
zLE>YBRa`VZ&Y>kh8kgfSXBluFGknC34VTv2Rk=w3+O{g*o*;mJ)~kK>y-SnZM}n;7
zVZ*B!>##T-T&Yl?x9ffk!Vlg9jkgw00GWv1WQPi;y<N-O#w7CFxpJGY_E*s73s0;<
zl?j^4AK)D;Lgqg>^bDSj>dl!D$L2&%Rh1FViiQO4F~;L*Qv`KbKbO-v3{Xf9fi6fu
zJYk*Tprvfr$ik`n+0P~=q}r!3+Sj8&nJ<^fx<)h5S=F)$WM68okNu1QVG`Ff0wsF1
z^Ngk%S@CTse&*f<kWi%pgvW!dm*<9R4qT>!`BoIUt%65a-=5KarYFZ&X{?7=&l|M8
zQE~}iLbP#P*r26Cu~7{uICZ(db^0b2s}xdFn$_5HL@{<%=!u21+r`iDRn*45`qgyl
zvqALUOFexl*I*G%xMto=pH)2pZSJ({`2Jv@*V4+kftj41xH5U~esnZQ0Y##e^(`{R
z%6Rzq+!u|h6DSjNs}t6$__=8bu`7}PM{?HXUiTE)wZOiMAXh>BLGeMyA#s=C7+f5#
zA__izY%b2wrz7xF7ah4FQAqTUc!2B1yt6(}*YCr995r|N745tVv0+Lo&f)A761U&w
z(>>rQWx+Me3u@9gV^&(ie@fh1`T!9YiFh@8WK(AOsx4xhF0qKBbRpu~)glC%4z5v3
zsus8=hSuqC(vBTJae58+zeT}$dB?zy(9!A=@yRWp$R@i4z~}~G#ZB|}5q(PzWQsd<
z?0#(|k2!ZvBAxPlOdypq1Q<6X2jr4kFiIb{gGnD#2pOc5{Gn^GdWYB^E3knx52+aS
z%!$Jv5;hBV&8&F~7*9O|$q*j+jy@Tgq+TMfT5+=e5d{QnH6TDNP8H&5*6KhwR!Jc~
z^A;le>zCQ%{ak^mjlgT@;otz!6kNz9vuOv)BsMq%&QH9p`;!+3AN5{0+<Hn+N0l-z
z<#rC*-SXZ=)gracW@N5{Tdi$iRH1w@b%yk>aslo@I&-U4UllzR4(c{Wy7F0RiNJEx
zLJ*CO$U}Qhz6d2(^>8IN!|uCP&^g<AYO~@+TGDkh!)iF*<|mk62Z(aHks4}Ep)=gg
zz6-Kq_1;l;X9xSLN{2<t-A`#9I++ySbk->nR}{lBJOGi>U(cQa=C9*I1Vu(<YT`jD
z4ab7`s0Lv2`(x{W#ab?0xeyyoF2^~^(e)+V-#_mm@*E;tsh4SFeQvehn(7o|*kgp|
zFSUjTjljO@?&I<CGV3E=!n90hH*mB+Ocbx|dEQnn{ES{+?TuY=YE9sWlS0mifbbE9
z$YtVMcQiq60g@Z&3(>i5FY&M9pbEPVrdf|kM-TTzd=;^AnRCrOyw7fiB74q1vTLZK
z%g<^&tEP)Xe~q1W!D@8$+;5$*P(GT-Hd>qqbnTK~sgri;8Y*=J9Rbh!ll3Q&$ZwF;
zrfx_cX+@Dn_H;GsH9pj~xXC8?{|Bjm$<tp_M$hn{mqv_?{{X~fWc*_p{hw0SsI+Fa
zCJgU+s0{t42L|6vL>-pr!&4F#(N-rfq!;r|2yby;Tu;Ex@M1P>dY|v(X5!|1{CuH}
zpB$^1v+?hV)czGuVE+`I66NR9;Z<5juq1v)zRuY~qc!d$%%@}L*X?C1Jh>ujrbdoz
z@A-*!pafno=x*1eL6GE@ZR&=;dI;FAOmjW8?ZH))j_Z#Z$@sh1Ac)OOC+2nx-wozU
z*5uXYxlQxH<|SadNuFA28#j{LHldhRM>HB`yZ(7rXwPg20C`*z#3J(K^+Va(vmovQ
z45?-vjG|n+6V2e|qEkOF%lJ*^-<KeX#<1I!=pJ`P+r<&$BtHD&@jk;bR|Cd4;7Gh<
zfT-Irq8hKqnV7-odvnC*@iijj-%%NXn~@^;GUJwPqr_rxlO{Vzq<dd8o*DKb?n1;g
zP(Hv$n=*J{=dpR?(HJgxC%ED7LKozdxQgc(u$kr`Rlyo7vQ3adMfI&7z?8s@Br9CM
zqsum-f}Ub1MV6`o5Z%!1{tRoo)*lKO7<pc{5sVov?>hr(6C!@4@_>v#@RcfV@R6+P
z+w&7a*xFXRvsI~c97`+!WphO&b}Lt~i_r%A$=rh&TlmbB_?*W6GGK-S6S{Q1CNApU
zJD~7V&Hy-@O1`aHm#ob#Vh4G44(O3IW`pn&qU4<ecu$#<U6{MhPlim+H#nWM?_e$E
zp99WY_S~~RPBAaMwk@`{&@12=>Sf2QndI?&>=a21N32J2>JmoP@xTm>NzHClAEsMj
zz3;}VY7CbtUYh-pvG6^y&q_yL#smQ?_1g720(YNe>KJY?#UKi<Am>a|HS>mW2IwIq
zzpS1l8f65+QTED1qhe`Eh7`0$+>J%6+1N{99ADRwa!N<%%v6l&N~d@6tr!^11rKbo
ze2@Fp6DG+Jh{wB{n6fGI=MGZY7Ga?aC-(9Ao9%CPFc!+By7#dfc!Uq3kNIy5>19=#
z6t2B<E$4^3<H>xtp1y<W!M5l#Osh)!3LmC`{m(}a52B{7Ib=KGvw0A?@=|2blR1{k
z?(k&*IhLqm2k6g(PkK1HHnwoPlXBRX-y^l^z~wD0jNn>mRmnT2Ahw8p++s$D2jvAN
zQq7ZbuLxuMDKQIp;w<R_0hvYXN6g`0sN=^}-NIj3izJ6-IVM%HvuwuW!*ZT{E`JB5
z!=AdouFAO=j5a~j>V1txwapo<tIoDWfDyj=kU&XRjPSgZYl_S));WMCq<BUs^Hx@9
z(0$WDZaI0P1=N<UmE-iH#A*b84XEll_u5s_ZyOl8q_MRqcC4uNx=`7BnD;HZczL!-
zADg02s#H38H3R<iY$$nnsjJ1|)WGJ3UzA2`l4yIL2oa`SU*YT_5>Nc``ofKjcz=o~
ziM*sOpBOv$*<RM?e$I)L#2xYvO7xey{A;LU`Onpl@t-h1jQ<_xr}A$FVQ6s}1>Z5?
zZ?Fbi91oa)Q`i_&xu|9#n^4sZoefV|Ty4BvFU>$im+4yMbqQmX4l`aIldPw0HI9yy
z9itW(W#sXaX6^X82WC(1ze*UlKXW+0b)!N5_(@rNcXIQ=I!=v{!y#n;<Qhc=04)9O
zc7S1o=IQBBo2?4$w(%ZybMmuBV+jMAgJ#0IvU%<l;jXRfvC1&=a8YDDr!%O>5lngt
zsQZ#bYbj<vO1(*=6lUR)F5)`{u_W6#vLvuF*KVn*lN4GW{w_jC)Y=T@dDZ3JI{vrU
zyu&+Mx)0Y5q2J$FA>c<q8V|z2G5fhafk|>>n5_KOWLwf@e2|~W<*B}hjoqABi+ZN`
zX3mo*vQH6N<_@Tuba!L)V&2CQgQU$ee`gPJfg5)Lh0rav(EoT4O`{;4;Z{^rpmNEY
zTka*^4BUI<)QUvYPgS<l#|$0Tz$onBaz&jH0Qgad&f}fZG?51uhl;GL4Q<>%56Odt
zK3MCSpmXP&1lJTqNOswP-LE}!uup$LB)kym0xVTBZ7PiYoj~t73{vP*p(clXOQQ>Y
z1tYM}89mDQVPTHxEMkp$+dD&F*B7B9`bYn<U(Q$v?@uW?(Io2TTKzVB8Hfk$-7bxQ
z%z5w?RXJwplgi_W^T@I6K8>2-qG`D)h{n(IS+#aSKg?A88p<b3wHGtR1<z+Q86ET@
z>%MYx(J(5CS2T089Qe|$M%RKGOWVSE)>@5We)qIM#VaYUOa>fs7V$oL3pm$Ov}Nw4
z*LITH8J(@}rP=u))@JAaQDFYFL~RpcA$Ak%RSxi1?yCNS{@9N@{p5FUC4mTB-n1G?
ziLq^ojRP&?e64BQHvk9!9*ieGQ~NHbxKEQbt!ZbEYJkTDa?hz-x0k5Sa?gziqn)Z?
zRKKk~^50ky4E^8B5_6EDl96)5Rm*dzI=4$M2dR3m7cb(_z8^kqm-;T=OQ*y@uJa^J
z>X97q%!$_=)lcIzO60G?#&n5)U6}?L1vRiZg*uCa6y_wb@d9{%@owJ6GiZ{Im@2hh
zq|TcS4v_yYKa9;T68RO0|IEG)K?|(*f^d^AQ(f3KnxaQ!=$$&?ofo?cxXW)Mv08j!
zLAYvF!<N3|v}cAXJEwaNGQ&}uCRz&naJh3-N59~qOfH~cA2%kbnEKt4?FCCL8CzEQ
zR04gCH15auyF0y^Dj+M%%I|`a%hr%!0|glawyh{EcfKq4m(YG5O}5IMr!xk)XYni#
z{TR;}+i;xkYd-}dMca0T7C{@V<2Y<w-o}U)lZB?NQuf9L$M5~C)uZ1`-l59R_QU=`
zPX3Jm`qL5rZxex$>CZ9fkIMXgM`QW}3;jO_n?F0+|1>X;hR0*r9{d2mN~ajFq-@Vu
zY494^-vJ~I1-0G(A<ZO(ch=qE{)VU{CO;^Ih`D{SX6@X)aR7xL;Frs@;9WEG#X8YR
zG)0~lsbX5g?Vaw)=5*+-<whe~N=j4H<oe<^0s@qE>j3e-hV1%^a9t&<g-Z7JR_h~}
z`E}21_HlmFM#}BBfr5N0xx0IF1GtM$I-{-5FKwC=ud;)ZIfh#LG3E_mCkd+!TQ;a2
zYPWLqvw^!L^=b%;!P=ACA%wJOI8E}7Qpa=B!I+Uny-X9Z+;dG+r$<oTZNaIJ0Q!*n
zt{1w3KBx5$`tt^F2_arVEgQ+!QC!dnVTV_rgbh*><a>0so`K~^IdN$o%@x0<(&IEB
zWJCBw+awC%^5e&4keZ~6!BRoHhFqWiILOnv`uW|UhHq*Gl3uT?H#4SAlS)O@CfgLj
z*dT?PC9k0v9iL6jw>@19W@Q<5eD{SFnlys6e%5+`^C;8K(vCHYi`wYUYTCjLG%27E
zA&}U$DbgOLhIxE3aWKmKc2H8;AZyi+T_$$kHpIAZ1Q)Sf;lK~fl?V|XA>M_8kC#kn
zt_cFCDK`7nmo%`Yg!2ndLUOm`JDq<Du^&ggLQ-b1IM6mW=pwg$&k%y{U2qh&4-k!O
zPQU05wje!$Hs!`3Rrr(Gt`*L85G=XA@_T{^z_@Gnq*~ayndW*0lESm6B%CALH>)J~
zqagJW^+Cn3mcS=K;X#2L4dJ)g$J1J-nH{VeA_R7i6TL<pXbBQ>D4tvFJZOIM*@Wz>
z<hc$RJ8smXArS9q<-{sI;^#PtP#6GuRZzZ!s@92T)&s1fyBqwqxEe^#-|43-Y2*P@
z9>wso$VZ%6;bEO+X*0M_so43D#G_0`%UURbWR%1aFofa!TGMBRznQwfNePdO+my|n
zj|Or;Wf_%5;I{8W!jhtQWo_^*4L%fw7%4B+tdkfL_BsH^5n4xFo0Np(i=ga`LF3`-
z7bE&?)LK2@a2>ShMX=L^Gq)>1Ii#m~E8iTOgLZibLm8-Q!E8^S_q*@}W2ij`l4>x3
zycy+iL`HdHBs>2YLUMe}7BEm?zA{W86Nm74x)!$Barb2f9xoiQS<lnvs6OgS+S66x
zw85kN2v60^EVNBPdtYMEXjHI9oXI*TgZJe;GRXNgx9h=72D&hr4U`B(l|C$LQSSn_
zETW+7vJ${4M?N@xl7<vZMc7IJhIQ_Z)rvCktlzxq@^IvNzC2heDx%}Y=2?3C`Aah#
zas2!T9##jTKqVKC%V`@Ao%5;BQnk{@+r*AK0QAW@7|B&HS5wi=v2$ZTQrphEoj6{+
z6tB|;f*KHuegi89XBj((Fph_IHH?f(2kM%^x0bL$;FsZQ*`&Q!`>S0(SC16Rx~l71
zr9<~~ZK-%i$$!$N{{<6&l~?^Iy28l(PrAhXU+GfjpO++mg7nJJ(8yxnLQ#li@o3y^
zP{5?lk;5v6zS@_=uw&EZG>n{06)W9Myj_i*#A4;JbD|8?Z|ok=C(>E*vURq>=(e5T
zF)ll-mE}bn(Y|#no&@dy4*|VoMjF$>95VhqvgF>h%=W$k4F7g7(&3M{7{CzR${T#Y
zXg>lVd2Gya<4;iGyeZ+*_;Cc{%bN}ZsIuiot89%5ALYMOj<$Kf>VC=IaHs(f%*cz~
z=YaUsU)x@A+lFFl^f2PRLlGrwt|Bh`RY_oKKxN;24r8T&QVIkO*6U+=7G3OxK5;mW
z7x-Zy_)(1%P6cpb<!26$3E3LVQ0;^z>4Q(40=;7fARF8B?)J<tPytI^sUI5#NHE*6
zmjPhhvv9BJUF!nY{HQ!mJWxj$X3^jG9bDCiWbXOand`~Gx)5Cayr3@&#B=5wd7I|N
z_BmKn&8$IMJ1R@8u!}l4VV=ethUzpNI#wyV%nU|6#0Fqu5{c>^{@884kfDG&296yD
zF(!-Xo1X3^es$%eq~8g;;%o2F^jt|^XCQ*@0A(VokeLix3$JZ`d8l!?6=KwTERrVO
zmB>ek>!(^M49SPVdLYr5Qj1~<Ba4@Ae@0o!gdjAl%d`@Iq}@w@EN>=sP-MV`AVU4m
zmn51>Ln;e4rZW&(%NVxr3l=eUG{vNFDR}tFLaS59?z2F;S?~yf>iW5ZBqBVTd58=I
zQT7}a8I?%~QANM}_#_-hLOkCy7l8U_O%)(3Wr>QQ0`D^3y6{mi>N)NjfLoXI5ZXzu
zAoJM-U~aFlV$|Ei4H{5P2X)|NwPIa_`kJi+CkfhvpW3-WcB>&jW<sv+)4<8xdV%{^
zM(`qjvxGSldH?nun_3FjM~`^BLVnavkDtEU?-Nf&%9j|foUm_QN>(E7bs0IF65@9>
z(ll0(6vW)Mb!5cXATFO5s#AEvHz*|Ufv_s=BeJ=DfhjbnNTgf2xH*>Vr`x*y^+A{M
zCNy~F2uGu_p}M)zqn2dD*y1xR(o!COeQy2{EqUCXKjGzJfs`&NDd8Ot@0AqfkSsKm
zmJ~v53aWa@QbzR)Q9sOH5^7cOL9BRnIo=}twTU!|<DyU{r*0vS+zi@JR_?THkN{3i
zKf~kny(V_(8Z}>U(Du2O{0G{-BWf)fxeoQBG)ajk8kl%C1uM2>Q8iNRDekA|@Zbr0
z@0t}b%EfotE3vv33$waDwdaJKpUqLx3bvV&4HvN{lEOLJ!&4;Jc=T=9JaSeGpqw07
zg$9^gHouUyr){e@SL=!B23W$Rpj-eKl&<tUFB-yF<f2js9z-Q@Ky-p-cig6B&UPSq
z6-y$^sSI%kQyPArHEy)kUCg_?Z_Kq7$c1j~4a-wY+pk+*0Hn1<6|9U$aml<U@5LM)
zLEbXaO$;3zeib2fnk+0>zvwzo-V0;mhWLK}RlcwCoE71;C()f7d7YLx#3^Sy+8Dt(
zh$QYXR7n@95LXXZ5a=1i#pe+3ySSjr@Kd5sO;o$Cs%o`Q3bhH2Xx<&yg7<hKa7=a>
z2#N2w$n9P|?Ra6+j4@g``fa-Wz=%?Sdqm@Bl(q-^R*7d1tzqBjhAd{IFwii<WHoJ7
z^z^nZ$;M%Xvkam=!wt7}o4FW!_RU$qT?RmP;ETts`-P8l8e(z$<|p2jS^{J8Awlz0
zYM~9nL23o$FSWYK;M=8W{&>cD@hq?Rwt_m4`t4>T6_?9*uz;`o&Oa#dU#j}oqRB}A
zx9dI2KY52N|DAXE?|2Ecn<*rlhC~z9Yf2jg%a7Hz(6+zo1ySq?L(9lGuWcWbFQLUo
zZ}h`SY_)=fyclmMS)<<q2yS&nwJ)sYT)fwXZK}EPj>@|p`)mOB2tFi-<wN>bkj-`s
zaWh$_yxqF^zCDtXZ+k|36~WYE45S*zdWKwaV$$>av|Rn#)_iL|e6`@fd4b<@F>Y42
z2Osvjx~O!<aM$Jvf4~On;x*L$_La5lUB*1_wAz0!b49+xqKOkUfq^0(2Ssf(Q^>P(
zKNF`qWv*_9hkhq`cHxOqIhr!E;elK+2)G_L4fn|OjhPgm_vzkN@Azi8r8PmI__GXj
zR6JlEe499=Sez(Q^qNt#R1QkT3Qo1A1$btJKZUjV!XW~$#8Dr29+(6H>|=)iM|S-o
zu_4o~DpT)zgo*)@eK3!>BA^kVr@Jo2Q0~+l_p&z_as+_`6V7b^EzL!gjNaAWQaid_
zZ1_-+c9;keEl6T<4!!w)Iu)ZLTE-i8O7KX4i5k$b$4L;OT5o(J6@nth_9+wE1BAc_
z;GF{lv|DnOLRPtm>L!rL8(3{%nNmSI0F`3>iJbI<<}bW}k_a?w88+DkJ;DVwf3kQt
zb&NQAXz;06DQZN;B1}R7h(aPV5DA4z22yW?Y9M-=AA|8=GbT(!Slf<Lh=jH!6JO?C
zGVtOtFr_Ktq~z`!0aiCZM1Ac+Bi!h>-+5LBBuHc9%9EFs468&A))`D6yRDK^ZR9_`
zbFOSGsR&yFlA$FamC_sXE~yZZVH&D%<U%X{R;Q5cP_dD$E)i1#rBqKYf@Z>K5V6RL
zwQ`?a?lq@j{q#<S)f>1TV=GKoBe5iE_g9LCg^J9j0p9}Ix$!`LQq%WnKax78QcqAg
z0bOWMax*kYSSVu)SQfDHqSzM83!@kghb<%6l20|vLp3DS+?mNFMTIp^pXpK`f>R}V
z=0NGJp~=RSHAAu@0ZF=jOb(yV4*Y5|58?04ItzG#Oa<)^k@Dm2z$4iUuI(YEY7bD>
zs|o`g?ZJOh%0?S>!LHNUD!c41I~QgfdGxcvarVo`W6_xT?LU+259$&K$<)^Dx_RY6
zy}HX;kOO3f;?f2dcUPO<m8wnErAZ}PgI7aHlD7rDNoSlk?_#k^e%y@B)*y0k0K<{M
zT|Z2y(|cMJ`2-4p>K<6X(pb<$%9;4nf61J|Q<6`4$OVj3_%!c~rkDx9YxKIu)!HcU
zSnxb$m3{S>7^h&(p$<@w8Oa?_B<HGJpw*gVVV<g*8ZGlMPJz-gR|^YX0gJBX70Cc&
zbIskdtyluF8VwS?&BiRz;oM;gW<-gN)%_(~!Eoa2@XVT*FH<UgwHI$OZMJXzOh};a
z-Ai5us1l&(52B-&n;XQUexGNaj$}h|1G&nkF!l^zBQKNYjKc5zQbWH5&sNP?ZyB0{
z)z}rR`nl-=EBPmoT@tKHkKGrwJaLlwn2fxJiQQq+&v|Bo1zC7UBIm8jHm?fHyjx`k
zMCPG?y5yZ9%#ik$;XZa*Vc#Mtn5|!kxrrWy?G-6sl3aYGu^mO}9a~BDhPUMy=9UAb
zR=_e&tE0M5>jb*Aiptzkmvvb2b@tP5qOY++PWFnZ8Bh!iXr_G6W2{Qz@SsxmTyLw`
zZ~K_PB2_HYYY!i!0U3!J5IdIEoEYr||0FPv{mrFa%8Wa}|C`;ve<{1AkxU~t3U_(w
z5#%CFMUGdE+w1xR$n87gKiLj{>FWPz@ZXMoZ2!RYW@P)XI(`zB*6j9JpgotAx2fA1
zqb#1Yy4Y7*&Y6zcLXBrrrSVK4>Xs8lg9|e5^<NJ_Xm5y{;)TVjRKLT*!v5%?oeo7h
zT4vOkqcG!*(kaacJ}XU{(V+|Q3jP>=r;h+t*8hoq5UY8<*)13<;A103*^-4chN3a3
zOgBXsozWBWA>7G!+}9D-)wA^cryqOImeluI^X|ab4anbX_T3F(<5zz0NWSL~UtGi<
zADVDK(ZxgO7tth&7V0+a0g1#kOs!wiPFJVs&x6wUI&vC?$$8MW%mRIOt5FZ0)eC%F
z4qRl?OfZvd=t{<j;CJo;^lei`JD|sStZ?_0d{%DpUxv+S(Lp$f?Dp4FP*r^TW-Z7$
zP|sz($lw^-_Lg{~*y2qwkf@?3IX2eWhm1Pk?H_TydF2DfKx%LRbSS7>2uK_G^;ixh
z+I%;&x*G(GLWaZ0jXJc&8v@77cSh&|*S?h(sPt{z8nE~)C{dFCM8}z1wbXE4>yY**
z@9<t9oqr~ZVbx_CX03|c4PW);&Q-fbmeG&JL<1}8hV&nYpKDJVE?OFqt9!u!0rjy5
zJJ^e)MmY!EL0~2?m~!PZrqq`0eXnCU$B^jG_dVs9lC_olAY3ce8xND)eQN5~?fQHN
zS_@rdu#8`v*x<@*&)PjJ;E;Z5nTw1Eo;tiPA`;EAjv{0~*4?@zr=}|(kEXWNIVZdg
z#ytJhg^Hv(^xHf1w}<*L*^)NGYh}}W#IoAXf@l&<FPBMmQ?sFzYg7#^U~Lxh1-Or8
zY+Yjs%nlhfGi=OTM4C>ItRNr_(9}*nyHD&fm!90$X<y}O?1pIE3P>AD_>JL*oEzDA
zHmmP?T*z-1-ZO@1#t<BV0XokjMGc&k(m98vufFJ;78A56$Ec}4?n`cPP`HD_V#~6w
zHveO;?pFn56{omv0u|7&G7Qnk^gwImhtqUVnYHRVn}{Q{yUn<J05B>&_dHi=?A9<_
zT?}A5r7JUKBHUGiQ@6&rF^k&Dlwp3{pnVq3M{?JJWXwj>Ui03$KJmE-5Ia+%L6ISI
z)hc?ZhStaaw+yY(xMHjye5T^uoa3YswC!{O(`0Dv91tpATWt4zxc-+7cn<=WzrpPl
zbBGh13_2F#>O83q?0Y5d4C=$oS>**doPjKqPteEYx+x1iYbkL%&81jElBdmX&Wmar
z4w^W~pSDU7flTG;1n?9lQ;Dh-@_l$M@@m9>R2dj1s@o@XB^j<y=~r`dL;YNQ#!dF`
z_2kEp=xc{tnJAR%V07%vImnugs=v{A14_QS1gV^CS<vE~(>Dz%sSKUw#jc=LK+9!=
z_p1=OQ?IG*(lsP7p8-sBnOGc2-$OH_l)H{c3XS45R-mQ3cwczq_YC;}QtiKp`iBwl
zFG=~A*TDR@_!!$iE#Ykc)e_#Rr1`~aLH1m#Zjq6IS`H%~kJYdMQlRAvC#g&~5%v9p
zIJ2~k7ZOQ`f1>|5XfG%c{0K>ISUw_(nk;{{z1V5(@Xb2qlj%O=%;p?UCYVUr^Yuz(
zG^S(o%@OIAh38{K7yg;Y=-AM>(rwGN2XKa!-TxZU0j+xkOOVRZXbi{y0`XdPD8S(S
z6*AtZ9ll*BJ8_N4;IyWh5~c&^`aF-dPh->0TwOB<bkW*}^#GUQT7o;luXLm_QgsY|
zp&iJ`m!nI{E78#y6SqrUGBRc(Pp;7L-MV$-7`B3M1F~idu=3u{x-0!EsN;&Z^WE3|
zY?B_EI{U#joAus>m38MK|DM$AZlHk*EQFQoc6xY`D-><<l($O)p6pUDsK{-JYj^!k
zQ-!zv_0%3=o*xx5+etgw*j$Kv>z*sbTZRXFSX_)og%}#0_Qu2HoTz&xktq<09f7^C
zpG-uF-|tbeSo#RdgZyUUCC5MV-Xp19bs7A+ZY)H`FWqm46e`e1rp0g0J*!slK`)>i
zFSyfZpjdfh=16bd*Y@T(`SlY##8NT@bX~_*sgAwuv(O3ashKTwr&qn3>UTF@8c=bk
zs<B=Z6@s6$P2-3V2--C`jcCa-^bS?BGfUzSG-_c73OR)iNC=m9Sy@FYVet=1KZSKj
zL*7G+?-KAJHLK56O-Cjb`>7={%E&z+Pbx8Zx!*2VJYw~Oal3e;c?E`$CE=mAiR&Qc
z>-11Uig<}M<>U1s<sr>f*L@2S2ca=ZQagpntuVA@D*_O+#xll;2v0*GnfR&MwUbUZ
zXu|5eq$SRwp$cvwU^Lq-cL$EhBw^gsfCc$t4<k#?C@KOI%i?}$mek477^m8n%LMRk
z^AYg7D|A|+K7cXV5*~?Utw9komRHpnwf!2t*N~A3xx^0OqqFh!?tjJn%^W)+dK&D@
za>TRv!8SuT%q|wwZp_nI)8tvJVm*Prt0&G1%nc(4;+!|;b1sxRKAU!&Wg(3q0S3vK
z>oKBvu9o6bDfYv&L%+~6@px*aMx2Hzfyx@O5d4DgMnwc`eML@RQ`sC_Rr;LzoIVwH
z-O$gN<GM|WxCB35uiVM}*QBAIca}C})KEwx1Aeu}iM{H~Xv0E0AhH<^MLxvg(zQzk
zdpoN{`I*#~1uAAF9#J#zS*svtHrpm%(Aqw%cg*^`$+qxE(4!-vV!)K(rdpJ{Z`0cF
zweX~5=L-`Sku&qD`mjUhgm?k16j)PrW#c#@XD{&vLX-}HeXlYdLQtIwotax(cP(CV
zbV<BvC081f%9Wj=ibsatEiD<9HOP`U2{pk3Uge8gnPMA(=&D|mPxmp8?*mV*L}u~r
zAY^H{wKlNR@hpHM0s(XEF;pPYLY|r`e3r)yP)T6&(wny)7Z*6E5u5xI8}1@74+Qw{
zR<CLa%c|YBd4zGsRw@pk0`}H+MoC_9#ZkE{W219CeQw44?Wv$c?M&})NZw5UWO4kZ
zOn<2uJ;UFIDE5C^WZD0#MK<$4F*JMH&U7(olD9J~g3<e;ogku%f=p?=fR3hxdSbm%
z_>b2r1FQ_7C<!S<@I|lHcc*(#FW)M>A4^>)&ROo6!w5uQ)n{E{16a^O)0eZCExbW9
zIt)R8oy+y*8}DeeHsC+Iud%BH_)~iZvVWkvqu6~Te8JFs=7Z~7e+AF(^X|mI8s4+|
zw$u4|eQgEm?=}5;7w(MZ2B#JHkOkwXa|Y)|hY9Lct!+8mb|Dm(2D92tcYxg(6o@$6
zllN2DHc@f>!bUZrVwt}h%fT`#`8}2woCK+*1M{h$vWzzZ(;%T^xhmo(V%H98gr8hK
z+!e9a#))8yIx$m$q%ejsK2ZvCw{dP?<}aEvsT5&^i3K?W@aQMGJeC?+LsWzj%#E<G
ztt=6u3nVfKkpR`a0<Iof6@Z{C4UWfiqy0vt->P~=3Lqfh7MliNX)p*S7L=r!?&9GM
zAHN9ONuvgv*)c0$MgB&iblm#)5*ES))3}c@VCZZJ#^OMY9|Luvp!ywRDaa9pvpOOg
zb&kOIE(-lq10ys73skql0#u2-K)X#_e5Bx|Y3g`x2t^t+d_DL9f;mBNA~wc$VeFk%
z>*(EfW6x!r7eY)d&R_-f$%6CyPaI1?tcNX~*^~{+UkoWS##Ykl*B$GQEopOf#J`x7
zBIiq2O_Z&P7Wvnz6`(QH5u=OK?G403nVV#M+9tljxbby0VB69}cL1Q3?=4sYk(5ew
z^5^Q0q%?&RQHFgMz6W8LuAf|*R6gYy98ySy(UMi1m5yX@Pj#-Vh9brjnymck{8SQP
z4*`Q}He69c6K98Gn%V`u1vDqYxgvViv9^$}5s2mi@=Ll@5KFVL<(x3ZO<XADEGj)*
zqf*AbPpq>MrwmcGHNi(3XPUin8ELyW=j%G_AD@zE3g&~H11$D<xHFyEzn*Ij6X|x2
zm3}ewAzwe#B-}P|T_fi+aN@ZUJ>(ADkOEF6kw_>1Mtxgp&7}Ed$!Gjv>C_$1JDF+#
zv8vQb+0f*-)|tO?hI3vFX}-U$EUw#FM-+QBUo(lYC_PRol>1Ud%~yK+EV)QX$@=vg
ztWp|>-5>KRG0At8e07kZo)lVwVs2S??VLu3P*M%!l5$wFk{p#Rzw*Hdv7AaCOT8qK
zQ`{mEH@@a@el-%N22-5DvSuXEp=n-x%?))U!6aMltUlDRY^<d2<udHMq7IfiXl;hN
zM15PBd3k=-w_5+jF7CL3{dIBh)~x*_T<(*y3Ydvc7f37y4UJn99hs^UvT7Xp=F+nB
zeBnHW!@2H}cIA~Oy;yMLJ|5%_kg|meyAyDF(rOmwktl%igAl4la<`#6g~S^`(Giv3
zcoTQl^Eiqj`TPP)TTmQmbhvMGY#;uQc;+fwVE-^m{Ut2_GfMp@K*mJ(hYS1X^WS_{
zCb~ZX+5gjLZB$bKGfH_aRkQsWr7DQO0udG<U!zp;YG!(g$)8b5NFCdNo}iS?RnqI(
zW%BIF&)`RNJX_PqrN?34<rSzKSx}bivvXb4re>55aX$KlL`5DGPG3&3cRe3yzC(s@
z&I|)X`T1=+Srhp7)(9pKDyAW{K2wk$2Kzp`@Qd-hh%MkChZ~S}xOX0#u<BxXZi=uq
z4J}Cw?C$=#s)LrGHev7sCYWtTE|c#Jo$zQ6`$`?Tx}urDr1l6zu3TS6y>PFF%^*be
zMjcceJT>ZL%-wF*&N5EKPt54y>GNWf<)v%1LLnLoNL5<CYq%b%<Bv!TkD^Dqei*G8
z=7pp2CW5eQVPmPfIB^{qvQEbAoI?zo6hE5Q9GvzeclzL!=5oM0Wh^T39>;UfF82$O
z?M7i`jl(H?cDy9jWs9ypIlI1^yg~wpNi0*=6=ONweq_^tf@tA>EkqN~ov;&P6_5uB
zttF5CG!&|pG8hMSF<;u9Gk~@$m!hSl2ovR5tA&y&zfRQkgx;JZP1Hq@UZRAK85OA!
zzn!~;4^y(U0wa>Uej_{QftyjUkhO<cy}oqMzE!XDEQah?oVoMHoKJ2xh$~&V9!He@
ztuPtd0X9)Ryy-`PdfTpVON)0X1I{;^NpyQqO7bo#^T<$SN0}!9bGOFwTfA9DotDF@
zxMEvyBkCI>kqjFqQM<I9!S`=b3N5Og4Z@`72DtnunYbFuTA#<#aLNR{-6zr{^{!yQ
z2M@O{yyPAP2D%T0K4yRLX7Hr-(o~%FTyaaX_cBj3EKWA0n6L*xQA=%Vsu(r=UL2#f
z@>y`COtk6TPAoQPmVB9F*0Rw}faSdMB%s@@!AFr#AUppC@TS`!4u#g)e|oA0^*!iv
z?hQ&orO$5`G$cpKDKjFd&pgu>(#(+K&QL_6G<NVO$?KU~jk@GTY&w?=<e6_r3Lt3#
z%FVkMYU`S@fvpf0MF-v7&w@Y{ZrWboZ{`h$jxnL0?02Trli<4I{Scc~6s#T&?JLk+
zqT;&lW!)F6(=zu5ME*ord0M>n`tM<Fga%JJ=z~TvA5)zDIx%@fD}3Gojpjt0@2~m3
zs?(lfozS&&tI}GWL(zw;OM{22us|&Ztkj8Pu*R%`5)fEL6g^<|k}X%`l2U*{>6>6h
z_esvYFV2wflF%@rm8RQR+xT$aG9#oo%L)++Mn7NGfz{{dosLmuyEB%_EnSRW9+F=m
zczPWN*NT7?4s(Uw!QPPK!=QwtGCsS1|1L1@?-tPajQjwhv`BsY|JCAO3h+l3*#AZm
zW1{~Dj2_cpxat2>ED9C>mqh|?H%b#zlB6f{Fmp<B1SqzYjxH6R2d0LpYC$wZK+efy
z^yPetj@jM<I5a!$!lk<1{+`_11A^WK27QCRbVYi1i0>T}gt(Hg&YL;H4gz|?gBy;C
zB+;KnPeiD8>gN4(`MFABy)xw^LrNJyQb~vvk;c#OKBJPBQ(>9`dun;&6pwS^!X>I{
z3FBGU_@%=nIU7AZGx+@l)3xD}Jcek`C4t{5Yv6bqjon3KRMD_`q?&Hho(c4~coXVx
zHPyuORoeD}!i#`SJ`PdPiED?H!F&S--?@5O4=>?&TFBsvZ(R-SewFY6^c2Z`;tPIE
zG37>@`GZK0dk&yV;fqYOnDEpZ8&Ze%DX4=I5M2J|jS0+sFgy+>R4NBQE>P`V7(#4H
zrXFGNGog1Qj8ZZNQ}Oz!e@8LIj_eXir%c0zd9&aS?%lz2fj+IfIVPF;OOMwZjFd}1
zYNB~AJ&~y}RxfWX+$mS<tB)xb*ZRnrqQlLyJ--JqQMsfFw;kPitB>e+<0`0MM(I|X
zrC#cgQxob_CNZPZm!=}_-SVw&iRx<tcS3kkI`9dUpZ;85aKb}^cx)lubR}Lz;TMQP
zq-0{E1N59EVe@@eF(3ShKR<bYp_R;U(SDeCeP9F7AN4&y*|-6{m6m8fZOn16CFVEK
zD;kuzQTu)#N;(?92LUd?n5wm&g=prJHd%GJWdaG>B-%I4xfN<z<!o+Dx)@l)>2GUd
zH1&#6Xua+B0ye@@-R>6w*nPdPKJ#<NlK3`EtCqNTnvVLrU=9eCv(<?^6)q}D0tj_n
z;p+?`0tQ^a@{y9KMGm~ukJ3_5i182E8m=BSGu4WZcE(lB8lb>1a~^#230bQUbM$Ek
z)L=|7y2i0lwf3KLuT+xTK837YsYU`YY17ZA5X~b+yGI=8AX}>2AC%-Zu?<uo*T}i(
zcv1B(eSD(r87>8%ge)WiwATbgslSCogEFAAYY?%-Ha#|-Y_K%W01NSEJ_JM)rhZY?
zsZv^kjG9vF3S5c*N)2LivYm`aY&CRUDls=+A5y<}EI~e+caL(<L;t;&w?W}4!>nF1
zpHzLW6G&~QyS4mneQIjNSg<?y_02{-s3kpS@~Ne0(BQ4{#uPJd7Pw$L9I)Us^#PK6
z@f<+f4@|P^Ag%?>jt^Q~rCjkn;vl-uD<7d~7K9ki5d-oWnQz)l(E1F?nIdd+1m(d0
zc->ds$>Kqa%Wq3u9j9#ge!$#5IINH^(R@V2h5B-4N<t-ka@CNa-Y%J64^p|sI(o`|
z_Hj0oJjR!RemxeO2}F_MTH0Li!@6u}jToPq2xPKrz6=2ND4*7`m-A(0p~$JpW<Xou
z<5_^JM4ZCL>rPbDk~o>hK=u2QC&FADP!AYUG7+vN-;BKtE=Yl%NGrL0OM8kv;GCxO
zEqNrIjR1mpw!BIlnU+J;k;XoX0FUJ}6}PAY*!z=5gQcR#Id!a^vs9eU^`vW<uYz$V
z5U3azyYp>YXj;{5!n9o0;ML7_IFpj;?(@Um6uadYCBXY0;-2{hjG7zX>L29q-w6G$
z8lnGKk4y~zz+z(h3+(-W>R+Rh<sU}yN0qki)}mf4#b_Nd$lAAI`<fin(^WtQon<g#
zjx`P98RBC$@)zRw15WXVJyt5QdO5Fy@&5M1sHtnlC#`Q?u4m3#?AAl{6A4H@uKN?m
zPVVr}chY&lyH;sFg2pE)E0a&gq$cn^UI!={h5>Q>CxtOmnW*eODO$F}Q2ZklU)8q1
zK5YGZBoKLh&SqVidGLO)LiR23viDE?skWV3!3RgI#^PUx>Yy`YT`^1cU|FJM%ATIG
zSAZ1uTf!8UGl>na%XErbvK!sU3Gmv+!rCBvXyZ%sTRV2^gniCNG2iDKjfHnw4X*Pk
zw`f>%ou0u%Kdadr<mR<_3nr|rP8eaI)0n3lnvzg>nM7aUpN9-BwtP7Y(_SZSbhp`A
zvs$tSc9{n^7nkkfw4Ia)c;yR~<PU0o0Y>D#^W)tS(A@NVwGP-j@7cEGq;l~tJse=1
zQYX21Mm7V;zJj$&nnEy%01Rr@Fm1FPh{n&SC*Ou|rE~(b9u3;D<T1X7_P!cwKX;~*
z&5s<}GtbhQmUrHi4*0Oyg$2D7CZ!wO{BV2yB<|4%^Iv7prY7e1XyXag@1@Y1BEzjv
zV=Az4*k9paAO<?BVExWtT%iwp>Rcv=*;r*E;Px%mfEmZ2bYm3Ip67r)<GKwWOd+4c
z9F&E(;^b}|k*4}3AK{4E&yT&GFNYCOUN%Y3P^ASOHkd_~Zw2RpIC;D3Jgb;CkMcxF
zYgvrN!L=6(9O^A=Dcp%Jv^vztt<-0spep(O5h;u}Nl0KpE%~u@ECe3WB>^h5EfJQU
zIIYDm=TOTYM&2I)gr<fDdAen%W*gC-^A%hl<{U-Y%s;qB=b3cg-~hdtj4zx8-7@F~
zvnzXD8q=L#kU+7i;XqF>(j8+|wtDY*2DWA?E;YzVCwn~UgOK?&EFm>d&%TZrFho}(
zeo>`IAq-MQ9yk;;Z5=P8!PW%OMrG85$k<R!0w$W}&ay@lFeRf<%?FZ*vLy#96j34-
ztE`w`Nvfn0nO>a_!ff!qBQo3o#ck1HPIku7XL8!2{hA0(K|#<|caae{V)LtS_Q_Aq
zC3rXSy!{6ylvh6#Q`WMEtcOxPVnUM2)QI$+(b}Qe4laWNR8`D6sj~X8l6_XXAtzY(
zHL{WcRw2_37L{~~%J005)t9DnER=HdgyLc5W!}90-s|uXu{wATcs?{Ycmcp;r!9fP
zrxnkA*OZsWXKWb~w6#yt%VDRf>M4N@`|0hhs%t3<CIGqw;z*VC8avb3-+7bPdX`dU
zk@K?OSr8h<BuZWNh;rG=C94J;lr?G5YwT!}m?TL<5;p<nyr<uVMJbSn*R%=abH#2R
z)hu~9J^?%TM*aUmZT?*iKu^c`AABRzzk~LFU(Fc*JA9+^zbHvxkEAO{=k-9uk;S&K
zhfTTn3hD~~G??KdCj5;51{9;TK05eupy@H4M=ZrD&A*aFg<##i*`?_jWGkv;f&0N;
z?XPWxsB-G#<67bfKg^gCb<LVt6f>X-83tmgbJ3LT4I3i#?K5HN$|{r$!$22woWW)U
z81YSvgdkK$70i13{O0ltNiH=EoTS{Fo(^{iFC%vMP`s^&p#cVa&I}4J*3af=Alzqi
z5&>OB*|piAZuHTon#EYDOVetiTV+6LuiCoCQ<Hd7;^t!_IW#mp!vvupXGoVeuw&tO
zO$!y?@#J8ClI3Hblk==rvkN>s6V_}aQyvxgExGc!VT10Ky;8Um8)B3hNJyRLv3@%v
zrjR>V<<}E8<@U|)F5s*!G9qAM9y2EZO^yqiUR|D8%EXYY_she{S$t4jeHq>6hE>Wp
zitUpJ3!Y%VCS)_{%&JsJ3E5op%_ft4g*q1JtW3hAT#3p7c<ba_q&sMtxYWqmRX%OV
zthpr97{Dg1Eb9&|bYMSMU=q94qpG~~+K>uPL?w$O<lmS63eyk)OXsj<xz9M}jgNzz
zxqKt29Fa%mVClRLON12(1%bWaN}cE&l^aoA!A+w1EM4=K52Gl5PuR$cE2if`Y!hGQ
z@``WX0`3i?F9_&c&q!|A7p%l$?%Y!@D&o^vQri!->Ct9zT}`?Zp$8e?Iy8u<5#(O$
zySMR8P`7DgRIRyjv4kC06_uX=pbs)wy0-IyL24yQ?yP8vavEPO_s@A1K`Gf0asCu|
zGybkqH+ANn1{33SmXm~P^NfqjtWS4#w<IQpJWP<vpAi!?kZO4kGH$slCC%@##<a+K
zGD0NGE~%ZP4~Sje+))NCrkNMJDNK+@#0Vxlbx-!PEY+{8loX_h{-T%6XAnk}a*Q+H
zDyNjV{v9r-h@Z~U%m>cY{{u&BpA1DKPX{oCG=&e4+@Sx_3FO7~jyHOvQrlU{lN|4U
zt|zg&THt-?W{)WKSCKB0n58Y<!?AM$XL=hI96_zoB`OpV#e>|`N_2y1&5x?xE`}*u
zk5Q@I%z2h~h0^29+^(Un`o0`l#YF{_qQ#<{#VDsXVxg(hPB#u>`}%-~It47)JQD73
zRE}^u7Xccf@ukc&rV5JGt(_m&fwqgF2?67Px@<Rc>~;^5A`+rP*vM0MZcb79BJTL7
z)u!IQ+r%tf3>fFUBETq1=LqMFW)p!{r6ZHblp6}ZFw_xoKR57-g>oaTcF3@!Wrp`1
zurt%pejo0~Tqz)LiY%oW#h?U+*WkHmojv3WL&c&H;jJ{^GD!8$TR_IML68!?&$J27
zilzM0%J~W)GHlB8u~H3B+o6^2B}m;UIVtKsONbieJfJ`YTJo;Qx(J3Q;nF2LS_aq4
zI_nn}X}fGJ;J3LQ$ekWrl4hntYtD%-ob*GYW}c|;YJ|mA?|_>AviX+U=9-FK1v3PI
zwF5(K6KgkUFT!~+<e=?}?c1c<<$PvPPZxSc4#60AmdyIvmFv$)B&Dsx8%TSlRT(SG
zFbI%zhl%m|EfSkQFGRz+VfWm>^tP{(^RqNcy4$8)Xq8U4D7!GQ`cULdvzV<(={-j1
zT2;(KV`)RAq1M`S+-7YTCd@jYt*-9ThG;zY5gxbtV0ZNV@MT~w2x4On4u}6)gYfz+
z@6d%*r9JTkHkq#XD`L3faN8l@!f^20vAW7jvAo~`u^gR+_yik-i9-*Nl{R9Pc5k9B
zpS6fGGAj$WtWaw5ZN6DUzY89DsK|b6-xD-^%j<LRq;oWR!5|+HIXOX7DY^>GU-Ffv
z_p8}#RCUh?(u<N`aLca^4{{R~a~0;LRQCBpB97ihnleHRAN#}x1^0}yd&eLK^8Wbg
z{&2m)BJF*F^~CXtHsxlE`5%4)e+m0v_c<n}|5%+&|HgU${U^ZmUzIt1)y7zT!IXk7
z?~(17P(>T!rZzd3q-Fp|7sWJy!w0pdXGeZ3A)?6Doi_hrDeVi;)~S+4MaH~5PqBg>
zW8~2Vg?PUi%K>+DN9bDmp+AXK`|sEQ`-g1C_W}>~9|JRis`j*>zu3d8gIwW>0pKMU
zFa(;i1sbBV9iR{0ab5)5!X*h^;qp*@LhQ0-Namp@HTS*-PuZix?rsJ<_f9gjz-6qO
z!-njMv7Pn0AP0B)a(*R^6Hlc&1wNqaiTLz&at&1b`ODRaDV*1M_QYBFFLTib5!^d)
zBl>l@GW#68(W73FKN%XwvT+Z?w~p;w`Cf6%YJ)0Auz(YLb%3L_yF9z!fhhxqbRbh_
z@o%t6WN9PxThb?G5ZJ&1$p$f@h|ED+3od^{UK#r-S~8E&it%jQ`xg}zZU~d4KhSZ6
zese4Qz(1SyaBLIa6GNAx602j^YyYHYp5tS~73!?g69pEc-u^WRj%S!UW@kxttF?8`
z>v261+9(WvM}xA?Gl>c%syg8BmxxxI)3v$2?y|ZQ`?%zPB(h_}W+@i&35SRy#!s(o
zSXm0HEs>99fW>VQ;G4F{ka%b|{3+Jaap;hHB{yL}ZeA*W+mwe9wMTbR1G&dK9hNW4
zhKX&8Si#vC$IehMS+yozQ?QE4O-c-dF3H9NB``8eZ+BEB6&N~UU{^vkVF`6ZB5OaW
zsbjR}MtT~l*miUhNrkbEFy1`l0902l{sn_N>BNg}hZ=mSYm9^oDIcs^RR^zUpNBLM
zdsp`HDL&`}NVo^_GRjX|haJkCCZAU`$ncY->}o=6OA?ERf(hiDoA*OP$DMeRb=E6|
zcgJi9vLtei|4!O9Q@2@PKvpAsKBvai;JF|zX|OaZL1mG32=2|x*dNLbZ@0r`Sz|$f
zP9+bN*Wq&(rqi(KGXAk0O(X-JiBU9d@?<U-hbjL{%QW?NS2_)b9PzU#uT<227VI~6
zH{;Jz4HEYpT$@teRt13EyqHL;G7sy_+Y$JmyH)DgTBj|%UV**G=8`|Hu8{{qgFy7;
zW5uK*J%srzWzEGx4OE`w)6!t<m~%Q4@|HuWapN2{Xa-i@o1e5H$%;>pr=w~g@RO6o
z_ms+p;F0k}-JpA8rk5rP-;!q#9@1BKU)04IC{3}3bUY6dS2@~WKUxA5%FA9ueunOY
zH4%o~D3rC~XjQCK1#6wc32|u<+d#Smb1!6@Otq0Cbyia)1yTk{e!t(|IFlKlmI!5P
zd<2YbC&hG|fHxe2#0;$)q-o8Hh@}jBt~g9Yle73i^soc6u`;itdHaI|sUv~4Ez%Wb
zZW*kpVpNP;R-t%#EF`Fks+9GdS=sV)#co&5t8{Nq*EWtgD#t7$eLrY%xd(3lVL7p5
zndD^KG&q4wcTGy4FLCdwX_`4PDd{1|K3BwJVZB^rsyjVjfV(7-uTv<zYu0R>T1P!)
zT-)$4^2SaeKT?f?^X{oOK~m2YGxD6NsHJ4AHRov*(b7z_%+uwg<Co4M9f@ZboXnZ4
zeeB#D$-e00Fjv6b655HpT}%db%aS(K5O3s%)n&|MZ}&q>VD&#p;a~FhmlV>o|4j;+
z|H-Og{;#Zx!9Pzg*#1yMCn~8~7Q=3m8(6DP^9DIek;>CSP~CHgSAQ#gM~Rch$LH-5
z5U<Nn;|3Oz8*9?B`#tH-NGRtF{{#%^&ivSL<<*_qC+!Y=R_L_p!sRRLvt@$Z>wqni
zlhS-&(Wu^i8zSKII|=nmP{`;9yr4%H%VQxVuNiS(hyn_(Hv8K5y`$lI!vFzCXWiXz
zbz%1qAhtTMQA3^27fhxgeu(Zz3#3SgeANl#lj@H;yWjSl(N4@Jn8Hww2Kpw(2^TR`
zPx916a{N@}LyzgP!;UEWNEx7q4$}8#5PTPN5`^9Mh{<ZLF}8a01dU1oJ`bkzqnFfy
zL>QP#?SEqy?S}EXImy92pMsfe36Qy5`*fOUNFpx|l8~*&KBqOdPcclb3k@1h)?eVw
z68xNTp;wY=q{TgyNud!eE1NB}Ahyp^s_rWbT@B(I-@qJI6ZftidwgFSSNv3wt-@_F
zim5pCbnv1tPuCtdla^@PVQ0;7Jhxo3POdM1V0U<EPKIhpz;NeNl7)W>s3DQ;zfn86
zRH=qDBu~`ExF9Ube;-460|-~H-rj2ZsobEmEIbtwShO>pE$vssO&?cg;Jy9zC!$Q;
zaIAq}#;V}cWT^drjJ;EIrt8u!9NRWJwr$&H$96jE*tTukcE`5Oj&1DB`TgHo^B=p%
z*z@E)cuwDORozu}fyv#HA%j`zoY#iT6ezDZ2)m{D*>`6~ceiLDV8;O5BpP|K$@u9<
zy~_nZDcMDv5yh5jrQ-%>u?@rzuU*eks~#HDQNAUYy2Mo<$Ud|$^5GuAmYJ!LWqQ&{
z9t&v{p5NC!2R03JSvd-q6BANfZxxEoKE2{f7B;8<AlYeF>fyu@2<1Dz9a&+X1&PVL
z{4!-laTh?S-src`pU>GQ1I-aF7o(9LR@%-k+bMj~K*QE!AjT|{P2Y8_CsH5apc1Vx
z!t6!OX<3|GSPU@koTma%z3i3E7X*ro%vpXA2!;t@Clq~8onb`{D~#CMtFKe3J0_e_
zYIv42>SjBw;9_J^`pfZo+xMsy^-J|W#We3Od@;9Ps_p&uX8epd7j{HoDLEH5ZV?;F
zXidSG3m>)+>8nomThdtJFtM?gLA$A5sfbq42{7H?SK0u95EddxbTQD&7+3jy`wAta
zew{+|;u>EDH>P6jq$ID2h0ax0C2BgQGagS~`PdJ8&uG4L*+dn}$ik3I=J<hM1&moO
z!h|di>p=`aYwh8EN!3vHwv#&qx<_#K?G4~<xG@$g^)cF8?Z*%S>1QL|^U@|8KF<!y
zA8Nqgxc>V9!N~C+RVeeH5)GLDU7|s!s)FMx`<HW1^>VYNX_z6lKcQ_xzGG?-wj_7I
zP%(U;F29=Ax4QKNcT2D5N+TFJ_HmNbQV4p1+2-u8f%w$@N*ka1cGa7#)sZDyPlug1
zC0UcJQx{(_deh$yK*5$BAaHV&q5S-<b59Fo*_(vJBLdPGLdXT;dbBjgGvt`=q|FP!
z{-VSG@tQB{vfbbJNXX-~Bi$QIi0;n+(VIPf`FU5_j1F@96}TClfBtcUpu&%NkmkGX
z9dMc)1_>k@=r}PtmWiZA>TreT17vcUkp;N#k$aFKS;Tr4AC6%0n&Ybur+0?teyI4o
zO?fK{NW!&|iwxf&c0lDjyedvTN{hNgB6^Ow0pgS%5k9}vGJULxYngzE{#e{)3A8#z
z>h~GVdX{9VEJBpDR395uGm?5~Uc1^Ld}^v%fTEcFwSJTXXR5@(yEHH8Hk<iJKT#BT
z&S0h<14bgZeoGAF6~eA0wID$$kKr*v<P#1Tt|SO`Ktm{FeF(;Sl>+HPQd!dxYw701
zRNItDCL<_=x6)6xQf0pwbTf($x>i9w18{1Y)|Fq3HNqrTiOeGU!?Z3=ZL5%A#j}B%
zwhFX&w9rdDQs(qeJQT2C$*F-dCix>errcRwA)B}3Fqh6hS;~bvs%325Qr(<_W3dII
zWku2SI!PFl9}{I!e+D4)`o11&*8g?}W}4#=Pgx8;XCaB;+ZyMbOTQkgTRUN$Dr6hX
zIP<?4GF|VDoNoEb1dp<L9<y^T7)!vT8G=()^vHGVi_%ldvcfR29ra<eD}@&EO!nB6
zJbc`W@w3@(ou5u~eMJG;nI6w5+MY}SrjT&J$j3(%6eGoAL3vHRbiIPzCdK~Y8UT)z
zuk+lwD~eyaY%zdbFGeYTZM92W4V&yei+E=fPN0?qr68`5|J7HysWk+$f6e;fXe}X{
zEgoyqB)bl_{M`PL^<<;X#;F8YFy<*iCV(*(S0=2WzaEKyI;V8&uP9H$ZAcqDt0IlU
zu~cM~)zBfOd?-fgC>`_JgT{KRR-=Hb`IFKeI+bCKF)h!;PecXXYpYFm;RBh1d9SZ1
zP7h3%{{T$F5ZT`Hz`!#2bmHJDd~IgS?zT9RI_HM#l^$RK4Y_M|A+|iQv^C|IbnELc
zx+3J1QIu=|kA%3kYI+naR@X*rQ;XD^1kj4iK=jHx*cu+v8P+o8f)eIW5fT||ydDvY
zN<aQon{W71@v2IO!JsUc<J`?MW74-cN|SmwO8GU-m*^rM6+&JFWrH8;sE-gLAO!?G
zzg-73gpo@|UbQbMy`NY|H1G4K-LEE3jkxLqG@Fo@k<BMjIe;?79Y>?l7N-UeaSW5J
zk7qpr>V%V8?KnSn1Czo!Dm*<hYgzi}pH!Pe=q9~i3j^)`P=5ZC#qi}E_Fu{tGut2R
zcD{@a{|#H>AH-8z>)JF_<1u_d)*gm+r;>Qi+C^TNuQ$l(E@>>B$dcVm@?G*}T->)I
zeB8R6d;<moI(YcY&Lc&aZDgn}&l6tS4z^}s^+Y_-*W*O=AkX9HC+vqHdI&M0>2)a{
z%k#ra?h}NZi(MdEB4NzlkO%_FPN>vAfKM<TLEsRmOOlSTj~jB5{#-f2G&efiEm?xI
zne7E=TP!!WFVa>5EIDo*y^lb4T#lM`-I9qxVk%9uEyfT7om2`HA?$b~Bc-aF@k0{b
zeb8@Q5Z-&5Az52~K~5}zV(d6C^eKE2xMxus+8S&r4Ckc29@8XS_5@43@E>IRP||~y
zh!rZdySNyj+C`E>I9JxD@H+Ag<giSF5<m#Xi_B9Ci+vn#NGXFdtf!5$L1gIk-I?0_
zcYvgqMe&cv?Kx6lo_x#wx4FPI2+yWfJ0Ee$U_}&2^jp(ythtN(YKdfap9;j<=Q5zq
z7Fk3jtrT{ep(&R#F6VcJsyEPLc4(iSvlc}0g9bAQfm$Z6=I_Sv_dWOxxJ^|W4$BGb
zHK?SHSyc0i`#AQK?#E9p_@;Z7EheDVMEQ%0F$c%oG|P-bm61)85sA#w!=%#ir~D)F
zS~g6GY8|{HjtEf>RR&2%T<R9F6*!)-kW4T{E|oB1mL^vuql-GF+s8)QRm8NvLc(5t
zF@=Mw?S&4|jdVd|Rn#H;&X>;wI_n0x*Hb!ot6LQtK>lFOl+`~54^V7z$n^uYfa-+3
ze7>l)!}C*y95U&-MoOvIsZs|5jbgYXn{w+_$Ud%|eOQZ-LifGi53obBX`u~hSTTB^
zG_G)=eaTVObK+zv1s(u%^5JMc#A=k++lAB!E`_U`!@uwpKRS670a?QT)~tCOh7}}l
zEj>UhVUhC^0S-{@JF<@$=8y1O$l3T9q*OXm5fw$D5KBsaKvX?<9?QZ4QuTm~8eUb&
zU5suIhOIL8LTYlS+f+3Zyc2*+3zPvKjoW!`UPClH))?>{$$joD*PDno(u}T#DOf`}
zv1w0KE&`Nnu&ub<Rs`%+6JGGRA0UYS=cs!5eKzNmhh|AN*%RBuBFs34HC=<_`DwI?
zQ=BjppY^T1u1?@5czJz0>)nF|JmJ3B^U1bfn6sq|n*!gD(f4FVO@&nZR>oAFhq0-W
z#-fe}-flaVd;3s#1x{#HjhLS^v1(<7_hgcuJS)`+c~+;ftE;E9{cTQ%g1UPHQ!<dH
zssq@}EMit&w=8on?e7)6wSb$N6ST-lhMtMlzSw$h*yTl?$b|};zf5O8qgyMx^DnYx
zuG_Ca03pIVME+1n{uAHA!SN5))t~e;%>Pb5^H-?L|Bf;g&J$rTH3jP(RpBgY0J20m
zUm9}FJZl@0ncQPy+Mg0$&v5rU<V`pg*hZ!7jN+5ydwU(2TRt-6%ZKKh5;mSsNIi88
z<SAk_G+X$7rh8;}f)H=yAOn?w#?ES|Y-p9-{I`-0PgJ6Gh{D8vuKEjE6d+INEdiVe
zM~j#p(Vw;CB>HAbA#@e>blHR3?(=S+lWD&e6II-~NB{~6uW=!Q64-Td3z%qsITT*D
zJj3S`?-)ZeQ9!{mku*vhsoK8&I<n}WN5e^91>5U^4w1`;0IQM<qRrxy)tX|30U#C0
zYqEs>PR0~)oY_x4rZ*9XubrH85F8lCaf}+QJt;DnJ1-5b!QVx3&kKp$;Rx69Fs`(m
zkf#pB)Fd*hYykv&m<J^p!!Yzk6>#R{E%9ZYWLHACb$`!RC`5uPojE{M58JW|*zF0U
zsbNMP3^A4mOsr9zrMK*vY)*WwzDD$!<aNpN#BvfN>>AH7?Uv4Pw=0%?>IUd%rz5&;
z8y1Z}?RE8VL+aQYhPm)^r76?tu+{O+QUzQm|B5>VB$<z<^aT?I=%#R)avqs>KfK^7
zMLBJY(!e|;Ux!@0RK)PkngmOpyT+zm4B#&<=wUssp8lpU7oPl0gCVOkNP+H3eBUR!
z5Yke401&q;XwFW&&-4OIlILWvk2ilw^i+J@w2LPg1ClB|6yKxR3n55}n=$xHq*n;>
z<qxh%)ubM>ALvfdJ*B2cj*WDN!lIS{5`grG8o?q{e40qWATy{vVmbHaF!|v|w?Z^)
zw`2&+)HFdXMJT4bf^<u@$5DhxTsJL^VmtxYj{Zz~nak9GD?Ct34P6>A$fYmEtdC{g
zMEd<&b+$>d`3xwcrismgzig_kEZfdL+?~qMEBoq%D_ASZx~w6YVlo7X?7Hi5ht+t-
zbr)zNAvBY+RX0CY8EnykEPOH+>(R2xAve;FKGv?)K5!egwAJ0YrzvHE<H3ErC0kp<
zwFaMxFzF4g7|(C$11sF+C%f5H#vIep1G;)VDcl2Ug$jKDfMAGhs-<lBUUV;2Hkn%Y
z&+X<t2j(D!G|F4#-^)+;izPn==1)~rr{sxJ5-5uBf-!90Vdc*Y#X59u9X*t$f<R5q
ze=w#pBb}mpL>~B|OLdl=WtfyXvNGZ0E4R29HwG`biyJPwUu61=GE5ZR&lPD3CE8h@
z;}n%p%((!i6O1vssf}TDvL(8vrA;;>kgo;1zFZ?-SuTcT@-akpGrH-Q@oPE3pyQ{S
z)a+7=l<umYEy!a39Is1UNAU()!brv`Sl-H;CqLO22lGl#g+g}QTC=e;euwr#<oSd9
z{{NJVzqcgx46OehkvRS!&12^HSJJ#jRVl}>(6_EvwKG^w1Vaw{Gdrods}xA-)ieh^
zcJhZ+MDnEAM8Oo@Q99EDF+67DBKpKV*Mg1rht3DKD{Zi>&Q;So2VL!e7&SOx_uuP~
zeuOaGZTSKq`t)J^`SBb{?M2>>>R-;LL>j&3(&R)KtwbSA#R4V>vvg<e<H4>6+=1~=
z;r%JtB6$9;huod6EWUa@Z}DW4%+8aUVCRHT7~$(Z!FI#i-qYkOT1>HY6D|#(^s-15
zlqpmS7%7&<%6Ufp4^ZeoC+@*KqTLn;D;eM)7vb0St-+r$+s1Kmw%^kowWQIv&wp?R
z4&UkwZVRP4_+QD=1PHUMC9A60BD4WwN9G(oZrB|w9M5r5UL##f_JsNMIf5j#2!=(J
z=;`P~i3-&1gDSv`WLCGLn9RL0`GS<!ZIYZ=#u6k*h8Y2ul^F95Iu0j*!L_yw0;xvM
zj@l6^?<h_-gH1M>-)>(Rh)uo`nR@!Y^|ye<A-dy(A@m>!hUneJFacS|X5D|>t_o~S
zd-f{jZl7y3S1+}cDStbGXe@~O+;9cjV_s+q**To4Xfwq%>$c@dQwi=8(rKCRORX%<
zTu_TsnpP|`h=rVwwn5F%kv&AX?buk-S;6HNKHX3aVI%1(Aj>DTazDP**)mJhk4-nG
zVKIwtL#hvMdS82I6`ty~l8m*ZU}N54nom4`m8?WClgyiR^%F~%M4|Xtw!9<S@K7Jg
z1g(Sz|5eFhWBH)l#?{)tb6rs8=Gs3Odae?Pij9tNkJi`2l5B}Y!+^LVisHsJ6VjTg
zw$F%$a^UXKc-@S&v26h}nvihPE>gZjwVkHEXk6ORdv`GN`%nOWTXEQua&k?n0!Eri
zkgeOfv5$Jpl0>Pc6N#dXC(c&FQ9=~u6g3t#a-GLvD^9MF((9Y=?Y?EzLYp{ORQbx&
zyKafK&mnp|?GGIimz}D|I6C>&<7sF>VK5TkJag{CIgv3F*DS+T!t=Ckf&)i#7E<w-
z-#jzK`*b~Gx6|8q&L`hqYHGGflZ^Wg;?_Ok%zUICC(V8mQRX*@U!-bhA3or+L-D$N
z|8_KK+xC-U=@0GxZ=n4JN_K{SwEO>Xum5?(;rLg2wSh0a+A2MY=T{J;t!3lR0AaT0
zDY@A~iLg+COxi;X7;x5&fORphqW7B(5(LPsc?pyg0ovq2#-3v}E}x$)`SC#G?|k9c
zGp?E#tiW9)=!rTjdZ)LxBIu}tR)Q4PrLg0h=X_BqkmVl=K;MCcuX~8_KpZOti?+9i
zej{7($C#npVZJSrlT?)}K@6@2@?rTHEAHL+v%)mER|;|k`Y0x=gR!%c1Zl*cH8Oms
zUSOiSu)`IRmP|3?R-s2s9nGVz>JvQ^*w0n>&sFN2RuAX!Yzh)NQv{!!BNPQb|5f^%
zwRVC>80d;8rROSi2gc(eg{c(kO&6c&C8Z#1hAgTwf2DplSZ{<x9E~EY5W%<<%8gQh
z2D7D2fc$&}HT)?<EGCC##}6=E!|zx`zJvhfjNULLO^Vguv?_^YHa3q2ZAI>6gm<+`
zCV~ea(lb0>CH9PdW@K&0uB8^Rh*DXb5^rQyc8(D3z5|VGMfW(@RQ_k=dw(0NsBw;P
z%4oozA&J&_gact1-w0N+vap<fM!m`Gp$3lW6t_-KM!hR(_4JPBZcCL1ZWOjPCX?pi
z3xr!vjb8!ACO9&6O)nsNhteRz5C6N`$3aW*d&TuPyFsRw&Xtc%%U*npP&<Vplb8cn
z+ooh2Wfn6fr;-!eXoe9&T4Wfj*o9cimU0g0K_Qi8QNn0@oo0@O%ra8*aLR0o^`tcs
zr=qfvRb`b!Th#icM5lr>;>|j|MO0PozHQR)1L|5~jl(C@{#u81HE>MF;7Tcn3*nCu
zmNf$I9bn-@A_oU~6Q!~$3k^eMRp48jLMr}E1Lcn^BJZCYBJcP|TO#jE&NDN5P(p-^
zfJb*_0`6xE4>BnY$ttF0&K1_W8#Uq;Y6ray3A9uBWfD}M0}dW7P>WQ~fu36f`6<hM
zEUM&&Nwo8IAvHKSb=(F?-naqRNSU7?Fwyf29HUce!XqGAeQRq|6858aXW!R=?>isR
zaT$IG{s~e4>%+wM4+SX8p8^C}{#}5;*B~yp_WvOY*gSyKTD+c3RTDN+rZDnXfjN9{
zt2qx+J3HL8*waC~vu25W3Av%v3*yQo$5EEM<DTX56Ab5r_WSKDSB5ZsIXBqDJQE#E
zbk0()ZTC_zdBkhZ%otDm>cn^Val)RH=;SL7!UPNhz98a9EF&;P&%CNBAaO}s_=or{
zJVUSUE&Z4bH~07%fId9v2R_&SUtEt^4LT4Qr>|fBABea9x<YmK8KEod>v`{ihLg2r
zdKCf8^oyh9RbeJ85OhwNCnO-ai?vwrKV$Lh*n|9Sj`5u+K8PKM<C&46WaW5g?rQ@+
zdJF08;?Y>*grFl)C5iT7#xuaqG`IRdb@(_>KxmEH7+U>fWlc#c1AWU1?aiiPn{r3m
zI)q^<zl0|=R^NuzTvJxYkf`W66ICc+V4r`CF+pyf^g(2)4u-jr!5$DDmJ>%PD#Wa-
z#aGV&Tv~k_fNd(9Hf!i93$znt8e;=_9qu5?zI9dDP7l?3UNjiqbh9|VIMp<}sa3{0
zj{zZ>Db;LBwP6A#yU)v!#`NecvGN>~Ixt19iX}QIq*;qMf|_e{1KAo0E%O~a%~Q8o
z#Cpy&krGFdRxq)Xn}??(uVYa^#kCsNnX!?HP>PY(!iWa{?qcde*-x`h(H(b^WMXR8
z&To1D8C_Ig2$01&xj)2r%C7Y!=1&3BsQN;)*gjOG(x(^o76x_RCOU$65qj8b92U2p
z6okD0vz1<OL{#Sfk=BYo&)<sEf45_?iD|k8v{ihNx5ve}CY8-mL4dZVhNRIi50T`z
z`8V8ez=XczBwDsd$7$ifzJaQ2-}3dtTtz&dKw^1HOXas9HkYrSer~yaBGhEz2gbTL
zuWg@0-+$@JTbA|>kmI<2y8vY~ltG&_TSIm!C`p*Aw?_7GdPbv{NAeqNl*hF5+lna2
zZ@1=5x;xu*;{kuyPo%0Cyh+fmKpPgJWyiSpU^7aGaP#2Afm=$W4ID3ls_@r8dt9#*
z&>Sxf-~&Q3*y+FB3onV7{Wb0Nh7(T^lK=g*BE#JqAiH9j`2U9A|6uB`hQ`M6Ul%kM
zhCiI*SpK%v|9=u;|Nr?NesM1a4obN0yO@Ov)Nb6FvhWD4am$2&SODk8%O5uvemT@*
zl3K+H#*(BDJLm4<I$J{2NFmRt7aFMVKbU+gBaya~S48t?FoGC5=k%fCXP80#XGnJ!
zKAt@jTtOh3EBvz60vH2JQ~E5B8;2pKk4+g7B=A*L?$9<XKSJV!3(PZmEbuxzTibkQ
z=zn*+BkNS<RV#!)q`}4!qvrEU4~8DYugOGJxz%p8itTUFk1;l&p|#1wp^0*3{;tz;
z4z!#TuMhUh_%(jbe|W$0AZBppW|#HNE$Cr%ezz6_J{keE=l<Y;q`>|=G35G$X?IVc
zYPtb5o9kANQ^(pXU?qNx@#QNp1LhF1=Y@*K`IY;1WNg)RnZIwJpGcf}C%BkGJ+xgK
zU*?NgiAy;s3RJ_$%vG5c*#a8HIyVY2`@AS03dbQXS|$2;VAF7egJ`l5FR;pfRDt-<
zX?0CGb#?gw-|?Iu%l<`^?>gASwZg#!Ys4WO@$PeoNO#vUZ*OAp$w^nRt3^L@*g)Lk
z-1JPH0_7zZhLMbPQOjzg5b<LiA6XvB!YYp&3!oce8$NfXfy`Ifbrj@D#~dz=?>O*D
z$o(B$xRiajB&2<QqOB0=XC?41wgfJ-J4ZI8ZcU(t``GCw(K?H@Rm6&8jK|b@9G*$-
z*jjGT9L!J6{C3*8Qct*3%S2E2w7U~_45TK<U#RN&Nq~wP9y_WEYFzL!a2T@(tNG33
z8fGu`Mw@ra>pZM^4Te?uXCkZkz8O*FwC$B|D^@{p0u*n~N;mOEsQgJlk#;RbOOJ~v
z+ZrxMVHy<dt2i0OknR2rs<krtX~8JOoI8HV++>$9lg5}+sB)@adfVclnyQlHHL;;O
zZ8cxrv`ngh!K7Mye?7n*zMRn2a8RU*Dl12m4&hWg(a?^Lr+lnh!XBo6GRj8K3o{4w
zhhlo3ff)QOMzy0_4>9w7_CYaS^KCSpQ{tq)$cTNje3N;lJ>JqN)ThLwjf{BSfv{>t
zC;&b?r3g~9UD85xA3B(e;NTPsMP36@k#Q-$r-qAIYf)M33LNhity&G?a+8SJ77b;A
zpz*roEKc5|5}(hhKS1Wv>Z`cr=_)>+^BdPhB}reoRee)RZD^7v9HJQu-!&NqC2W?p
z4Sb!|>d!~A#b)qnmZk*(0}qAyA5S1ZT6i~D)<RjIKKBfN(Bp*e5b$6XeA*^7eUjkh
zXTc~@n%Mef=k$kSkj(vFfn25GUbv-i&YBp{=`NTwG0SZ<B|V-4;eru^d2!4yz%rj2
ziSIXpX8C|WTV+PGKZ&I^YMqPBgA=Yw0+OwkV@_svN=1iXJ#7XhW0LW{^mxU3hlTvw
zZv3I({3o2_iwyhU%O49P^Z%_=WMTYQJgCku>iySP`;qlUy$2AG$sm<sge<T@VPKG7
z5<LO`1<q!#DTHMj)lM_(#cj&wsSk?`;Uv3uH~Dz8Zg`Y|Z3hXuq<zk#!(mHCNNo}9
z*E-(^=?C~k>qW%pM;}5YzdnL%XnkahV?o64E~RFdrT5kEk%Z#7(uYw5-vT@ZdBjyG
zrCbx=?8r$J_7%meGLqw?(Gi~J-S7J_NhTZXLm%iM$s@nArr2|S-Lgr*4JN8n-{Z1%
z(@QJqE`3=&%+sqXjwz#I*GGF)ElRU|9hz7$+`Ytsu!g2j!HuSeUgE9LR|5A0xPIsc
zSAC}V>PUw@cwQ0u00tlkywP#)S4ZBpJ!UWQ&ig;7)<}!DywxP0r|7_T_kor#YoiFV
z+3DF9S8#A=z%5*3B$irG(inwOX@@lYW_34FK7Sg=CJ5lxx93zQeKbzJepSt)P2EjZ
z$>+v~-vOS3sd5diL!=YKh6Un9EgQKz)mJ6LGufzR++k5`4oSkPbD>nOr_0}J;lFlK
zPPpmp^^eW+rQ)hO_(2E1^b=A-$(|^iYNRe<0jo&K;|%YiKx0%kWb|;YVoXWHZuB(X
zZu{q&muXJ+4o`qKWq}>D-|#&|A^kYx8vm-D_^lva<nLFP?E!`I%_d?d25Q2SiNGK&
z)vw4}#l*fFDVkBxV-m^;8gpFyMw(OjA9mZ>ql!!lHl1^omD?<4kd9HYQSEGFHm$RH
zgOQxJ6?@c}{h8BJ3Yv&==^WsyCU%pUhd!uT!dAVO4&$<G{9HW?sB$8kR=w6ROiEU?
zEvsm5^AK#YFPqs!*PT+Cw9jSjk`>u1Dl;j3nzh{Mr3?Bht#MS?<|MJS5!I=oiwc<<
zUJYZ$3d3CSTR>%i?nv{eWpR?XXI5WVj^lGlzZJ8HOW+Som~bG<q>ueo>ajJxg5ZU=
z#mvHGhAq^n)21p|3={3Kh|=->+5r8@3&s)wX9c?=f}O{gY5`*;$!8Gi0oz5v)Q#Eg
z!O;MF15ouGBubJAtq8#OEsG6+&Y}6|i+cK_b~)rFK21fspIIdLc|t}4(jM5`eyCEd
zv|9j6Jz;xFFYzUf$}MZ{L(L4lBM3uV&2+U(lXOdym4C2@`X2!PJ?{R4v&izNPzsiR
z7fMm6qVsj7NAZ088h6(wQ5G0K#<c{0+Z5%J^tO8*-w8kfu406*I;cNHzTI@jNne2_
zNi?zM2t1yA4ZKbV_<tS9TGwK$J04visV$=YTFV2`MHm8jz2@k@tUDD;0@xm<n<782
zN<@5|x2al25lQ?bjAEvEf~5(2<z~s4eLN02eVd=N@d}A$JfWT=9}h3~0P<qMY`w38
zT3t>#8kP{`)8fc|h>M6Ja3zk~V#5nJA#S0QGs4?~YU2un><b%q%k0eY2O2EY8v}ca
zyJnW5k&$Mo{dM`i+2d#PWuM0i9RtEh=~^#AaAw?r`OjdO#pw1JEA*sYyXRU?pS*V{
zQcX(%Qn4fk`e-uIs64L+L~W`lS*AcC!0C?Xlp41Jm|VFltq{H~-k&*%{5FM@sA2Yu
zYiT1Eo&BWdKYo<Jah~Zyw$$&&PvNKQ;Xeb%1<$YYe=a_?xBbE6TI#--&xDp`Hzf~1
zW!i)Fi>h(|3;{=?%P8*&ldqqcSOdU54vDW3ZTiU+N5(MDc}7!62y5pJl5ejn8`xu6
z%`G%4v-Y+%8Cb*77?;FsIUcR~IDT1o+Ya(Qhi$`Rzc-4B`_Ukr5kas=^rSFx_FMXu
zCTg55tX}wRJFV$1oqwVssjN>Xfa+41lvXDh&acht3~G(QTr$l0(iX)sgo<BQMY+1r
zv`32bH5yRb-_HdQ_LhM)Zt_wIi>R%$V*SFQGfHZyEXAIj*qaz(j)1AK04?CW!zJ}q
zsbJ|mUQ+FQQ|K~Ml2&~ZCGi2fgd&Ty$8+&=5Ofp!sJY;O7F@NMd>=}_@-+uz%VVzE
zso^(`?cGi}cH&T57`0B(CsbV)sA<RJz4)57`@PXO-F~T*rczIIaR4_BwWfRU=I_hO
zOqgUsY$_|-?$l3Xt8DbcCG&jqMmMe|g_|m=4K<w)(Nu;vIE?B0GF&{b@Nc-^k-~WA
z9hvA=g0{BMr|Q0i2a60kq8>aJ=z4ubVv^bQ9{ao^DZaz8KKZ)%&E(o7cZ9r~-wX7P
zeEcr?*>q{sEln*4c`<PKGU#;VEazBGdcLFQff^K%|IIl4fmq+YE|b6tKE9O_s*wRC
z3DLbkaMh$!6%~&PJs9tHqLeds02mLkoyynUmR-!`-Bmo7^gu1};p`)ZDVH<1CtwgX
zj3OO1C~?0pAU`5Nb;bu(Y9Zkg;1Pxjg1g%*zEL%CUkuRQ6T3dJhb{Ee^K-TB{sV9h
zuYBSUjr%`x6%MBVuD)3Q6br%f?_wbeRTTc}+g@L*FSei@QrS7u4K21X{`4Fz|DXU@
zJLG1T0_UTa$}m^o?~^MMX;xq6Wf?^Z9xhwYyjw@>esbhb4`o@uSKS?Pd+V;qm!;@B
zd-Wi4qg`+Y5nx3b%r0oSPtVVq@th#!d1hHMNJ1F>5HSVnt|X115I^#Ga{-AhFF|xk
zw|FEaa9&a3q%QYgHaK7eu{u0<WRNaLsb;d`d}dQ%fI@;2K=e}!SZD_vj33rNzLK`w
z6nc~)&GpI>6-q~?nq54qnx*jxu1al}mZ6ClbMg`IUVs_T4BsVGi5_#o?TQlLMs^-C
zrM#&dS4YpHBcWf2v0i-3VReSI>iza>c8VWF1lQA{fw_`wIZ&{(!UhC}Nm5X|uuKBt
z=%Dm4eib5?rt_Pu1|&++Lr6?J(BVdb<f2hdEo=g{ONW#odbh8TTe~`k*(cW9Qav~9
zAejXBT{#)%E;=x!_E`n?VrpLr8Ny`Pb9(u^0Mz0mycE_xT&fq>hmQtC)KVJ<`mUVy
zYl%T*P$W8%3Ji}YhD&W$vnN&Kk}V<%1B&)$xF9j``Ax#p?vth>g=;%hpk2jVf~Jx$
zbBmGU>@plX)t|ge?&GK<7ZZcij*;tg4tE`bE^+P8sUW>{KKI%sNN_+y_ufV*L!N}i
zw~?Dfpxx4dE#I6y7$%6H&-o0WJrMaA`(iGKb9+YsB%Qag=JiCt0xtuyqU74r4&h5^
zY0IhFV!RMX7!*^dXXQ*<74ykeSu3ws!^e*lSP?_nx=qHSx8Jl&a^HNXoN-vW31kUN
zr?H=N=o0;)uGNx)W{r*!AAT8*B1+ug3qx?of0iw=j>RWf$jDWfJZ=LebbMx1G@)}R
zQJJMD++bB*+klvM60l#TP}$$x$-#9LIGW_*1WwR`0LBmmVTkx(S-N{E-$bq^y-R*?
zH%XQE(b4W)>bE~Air!ngt=lB3<dyJWc6u_@Q7Y=#cQ997?4<3~bs5sHcpjuwOM78o
zTx<?2KcNhi4UW#<Dcn=&oSN0~aT-vVU)1@0ZnMnaoZC2(8T?Rlq1h61Qo|M7b1ct{
zpaa1x(aBr;vK4*OZ_<-&lD)QxY+MK|GZ`!^*R2@fHhqTT8?FY7R!oWqclb#M^|jCD
zN(kCJoktV$e5u^*qPnCDKokFiD&c>S`gen8|1S-O<?kGZzrOxspUuMZ*Wu~^IsSj0
zuN}X1uwN$VU&^!wK?tuownUYpv}N1@eX?L_I0Q&ZGjcz$UiOUZXgYwnI0J>OGCX&R
z@LeR=*DJKa3*2Q0|H|r}tn&(&W<o10X#cKXgE#L0+*<D<x*)muVgw~B>OULYyiN7}
z0s3jydM`@_LkUG03IZ313?UZCejqv%Y-reSTfamHGK77@7W!%3+3K0?bE$uHPPh22
zkyn#vl?0GJD&~?OLvP>JGlr<$B)zhu_yzk=Lo^*sHA4kS)lVwxx(@##t4c&l7(6P{
zdcyuNaCpcbhG|L6w|p`C(A@}I7FO;l12X$n-Is?{bx-H2C;00+NznDH_zpY9E0gDz
zlb`3fS}TqTZj5j6sME76>vQ2%%w1hM_1J=hmQG`_w|}gbvyqT>Zvg`@YREeWS8$lS
zo3y-F`3FW{c5Sj@p&?y)#s@|gpLJ+Xt3AGYx)Esssii98N+$x<kchq>*It)gdzx-(
z`>8-LC^dRGsBn`%eNgvlhPZ_pEJ~GmW2_d>x+C~f3rnM;t^l*v*Gf-fMbSxf!H=~e
zu42_^oiZ3NJSen(k>wTuT<kV2&7|UZP~*Kvdk-Zd%>H9U_cT`fh#QGV+PsctLjlz3
zCyY2;LDiV-XN(^T=vYMcXfA?>X^gY>f%uM8-pq7qg{B5e)wc1-rIUwH31FhL*=pP2
z7bEl}Mg!aAm8AD*KoYlg6LowH$s*1(zfJ*VGZPZNy(u<cilJ$fPW!y2X~rldOY=Z@
zpEC+kdLTm=Y;im;4hfLro$!;XG(%`0JBQ?0XDk7$;KXO2V=i7CGKf4_(@uw+dBthT
z*8dJh;HdUT);r~>+rwO6D;b4T-jYNqGS9>~mkH~4k2I2z36Z-=rn!#d-;os$*IhV|
z*vTx+HaK|*8Ph_`@G{+qCvhKq?dVg^3fu1>kEp3&znpO2O`4MJw!EK)kc#k=%2y^B
zTdCXUc!pE&P7n?uzE$=qiRp{N(b=juku-Qj<z;DlocZjPiNZZ%ZEtg=i2{as`C${^
z*Hr6DlVjmfrIj4$78K2%K?>lPr`C|}iOz+3Bd8?67Zxai*35v%hTTS{rA@P<T%@k^
z(o!^*3Sv!1$C^$fDcZPcy@M$OQOIdU^Jx&Z%HJE$c2x`qQ5I%a8|w0Degd7TJZS!*
zSO1OG|AF;?1*a^3$~Iv6ci9Gw|1~7D?Mw$-+GX>UQnX1kpWSh|*xxCF7u4mCj13_U
zo^IvqqFRB2OKFubKLDt$cz14mJtyN6Kw=VqQ+W?_x|@54NMbeErmK$t^C!GReu;QB
z#DFC=q{pE7*3HT79j4Cjb0Su;LrIbVDZL9>5MCl|LZ8>IKxd*OzVv18k@A7cfEGOj
z>3_%iV)ywQ3(Rxz{Yi*fCVxsH^Z^e%BJwX+S0OZ)*TVS0mc+5dwY<+DDZ**Z6!TJ?
z@d#(l;|}cy$fKfd6Yz}y65c^sZxr}tBcRMp0=x&aPjj>w?|z*lQRAl@ri}usJ7fe>
zAFcAheK@9N$z~uiIedF`_YNC6JlJ@fWhP874SS)n;l+M!pwn>|xE;w;oYrqr7d<xe
z!-2xkYp6&`rGOM_6DUbsF_QZtqA7}jPQ28NljeOu;98s>DU*WYn@3Dj&>)>Y-7{u=
z6+Vk7J~TunZ*Cxk8;GNzprnok&uZkAcG1EnfrSUM{!R%=MAP{-!w&=s@Xg8H{VZEo
zt>cB|^(<#!za3DOILVS_#y)8Gn%V3(+(U~$uFo(d<9R!tX)$;U>gAg#y?;e>Sj!mO
z1!j22>sA~{HQ2|OU0ww0Ge(FBQ%x!1tE}IjJvGmh)#!i1lBztIaAx+g{~nA``8{Vr
zm~0pAoS!(rf0?$Bx#W?2_YlDgD35VLOp-TvjoKhyIWJB?lJUV~<?y}1(gI$R%<j76
zj&;Z?)Y4YE;Cc`YbX2CLP$U>pIfFA|uay5(Q#`(kykRYPY=yd}Up`rF!C%@?;;`)d
z@Y=;a;UQrWlN5JOWxT<K)H+x9FPZUvB&F5jDU^rT6HP4@w=yO9N2~mzd4yFXGtDx|
z1J;(ApoZRy1a-{HANqhiHI>8sh0*@r{)I8F@oy}@Rm`sg=O?L-`i`B9odxQF*len?
zBgwJ3N4GU@dfJi3^k|<m0!A?781Z$}YbxYbyd-aU+&kG53!w=*S4O$Phwx*6MDIs{
z?5k_GK&;<ki+Hb2r#b*)+Q=L0=0crhuyK`AfMfgTrWTYr&!{g*UMt;K#9n?p#Vzh0
zJGEXk1Wr137V1U$^FdJxQAK22%Ap3*{h&v64A;*#b(XB=3wiCd&sQ>VmaR^(1(KQf
z*KKWYB}Jr25E2^7pdml9g?~+|GOy*3o;N2Uc5ZBrB<2mdk^b6nDq#3a27J5TcIY*h
z?b4LI6ayOaZya~hI{aA)ZZJ$h0xxc*2SJ3<zt7|NYWO)cnYx5`g6(<XM#{4Ornr?X
zrnuLI<1#;#tYPwoy?Ofd&@JL*&>(8h{;^jAm#E(?@R`PJG=Fl~en%(ND$@9a%9gb#
zwGEehmt{)LNKjMyTlSDx`m>5=aU{yQ);s5|bzj_OcB8yU)CV9IEA`NyD$@U+`M%;-
z{;T<6`H%nfKVKTG|LSsHsoeXQ{IT<t>adB1RaHczu3&TB$`3Y%dR;jj4~^$b{%ArN
zN+I#J21&k1zKlsQBtu*UqcKiL8*#feIke{$Kw%6yW13V!?`WIU%LfK~P)H|`L5~r>
zn~2A$YZw;Lp9XnoSo=hw4+hv%cDgDeP5=t4@u`F4X7rEXUEwxjNYJ?g(oMn#9_-_e
z#z;u+4L`kA5=TbsexqTh@^AJPbB_WZyrGXI)T*JE?TF8}r(o4`41PdQQVG=TmkitN
zk(3~!T6r-%YEcDN;|d`{(}=1khE`HVp-(T~F_67ZZWQV|Y>ctH9<qG-Ze#zcYiKJ>
zB%kTCvJn#2d>*B^m@}(KY_>ueqooX6ePxft4L-B<glPmHq_>q^9^-&C)o+D3@Tzo4
zm+ZaqiiUNwqKSd=lZKUNak3W-bwY(}zJw>Pp5uyWzPM}Ti$S8SWoqwa4+V>Uo`Ybd
z0xPM{BXDTp1~t~EnlR_dc!u;SMSu;yIMQf_*svqovfSbu2A_63`#_vZ^tn?@n?=(B
zDq$G=m2<i%!wzql{+g|{%3uLuXYcF`=7tg+u~HW4$4>T9W7T@HomVXZ&-xPF*Ctnt
zuKK(DgU0=syw=0thsIf1o&eH}tJ;M&RnFKLP{OMTK{>6R=7Ha@bVkpZ*-n0PMWGIV
zVL1vS3y!rGO|D{s4En4NvmXaZTpti~U!L1El3%P~%ardKC#MTX=i;49#n{C^*wa;v
z5$|pXS8w3d{&T7Br!vG?|7P8{K+&>Gs0pRkUtWeyi`1BEUJ{RKl)vGbt34qWt82{*
z;ja0;^Jz<0o`fQ;wA{#EVApS)bDRek8XS4n*TqGGs>x8t^+aP019#CDawThZXi+bn
z$Rb*|u1T7Nli!#1w!~MyU0TP`_WlZ~LJ}#{Zh`kl_!+l{RhcR%hf)%Rs!xf2HVbZs
zd_zZRUfpOLGmDSKbr2HJtXzq_R$W?s<6nAqy*%6Q0FpT%EF#{{I%zpyVlxtkGQDVb
z|JWXPtZ2%BHpK9P^=^8ukrp7aJ1*zeo+#uE^dqc!CqDhNcv_TFL53L=>$AcN+fd;~
ze`|XS>=PKSilX2T`1~7lf4><1p~qoi`$Lj83)^45rvG9Pu#W!H<9u!98MdlaY(4G8
z3D%Rt4n%_C+Nk&EC5yf2L-ln?7*5&SMNXo-?c;)yzh16iDoa3|DW<6ip4)vyE5Tk?
zwR=p`Mf_X13a0R{#r*0`2Wt!Km*puuZuP1E?&2t8dH7K@8Vy3u3j}ftEJ7i)&TOEb
zapEuv=hKoo;t79@`qwOQHISF^)FnfhqHcSb&+AI-wE1BI3w*jsIa6iNUn<89&S@=)
z)BK~3jnv>hC%d&(hz`arsaHBoxnEj>MhG)`Ow^;)p{Qwld7c%=l5t7w)V1L2$<N*n
zuD%4i=p<2W&E@U`q8El(!xF4NjvS@G9>$FHo0G}QCPUR+!5cE~8+I>n@U<N~$d)ri
zAsv4b2?Tcy40Dyv2z$~LyJLq|2<mmBcpw_%#K$k0avmADTd$Ghu^&#Zmm-J;cy1jQ
z<IjfnQ>*}=R^Q%u6QvMuMay0}o-xL^_X-{X52=yrwuu&74M-KWUrOmqE+TOrdk>`@
z)$Kf!PT(p4_0xtl*M%ANzXkHH(ZdKHpU0kS1nA;luy#b{th{mrY*Q_cGN~Ose-EJF
zk>mCXowi~@2n)u#eN4G!-Z!CZh--WX^|}=G|6RM{G>-mkLX>!@P@B908DO%eTjrKl
zhiu;d%iWvVKhT8Jd&hO^!3xec(MVyqE^mg0Lsj6H9D}(iJ*a|uEwi6qI|t+E-A6DE
zOrPgum?M>1OZJIGz!3Fh_KrP%kfcN)s&x~vs3fV12>u>3ksdsKqk8K4n24dEcZ3ok
zb&X@1!%MpDR6h#)=XYW4RZ`rOB}TzxIS9zcwSsdzy|}UT@43`82{~w8Aj}j}))i2D
zS2>PhFgGyeX00>{pzd*-G`;l;IrJpp4GSdf6dS~eX4jGpS?U>%z=gFUc&DnZ!9=}#
z#|6?Wu<fGQhZ#Ywi;$^|znybHX<es-;GU*CO>A5qHaFh(8~tCvoD_%rU)ZK<aNO?R
zn=xJVQ*70-Y_2OQ5F1@R-FZ}trY0nPOVv|SDPAe#xP1k>$aD{G*9P)nc3CtsvAB-N
zhAit=!#hoWVWRm+<i^b4K|5lD?3pL7f6plI8dq>@F3}t9Q298~_Uy@bY-aq81z%UM
zdlkDxVx!ROiN;58xdphjsxGZt^DbqiNr}ihbaOf0Kx*Nh-QE1|e#(cuG^YFqi2se-
zzajq5Q$PEkPW|lvN_Cs~HS6zwb>LUEI~pdH?OKVa;dMp?ixNpz>D~GH#YMaTlA0!~
z(AfQ&m9_n3+h*z-iIfef007aS?=SbKN#6WO#WB-N9Y-p6zrA3vu?zX->O+J25w(e*
z(zK=ZxH~d@5N9~^7Cs*F6;2QdIu1}hMi35=X!oRs7Zv<7`Y=8RkL)>pD#CbshR&+V
zW%fphB?#L?dDo|k={v;1@u%`msbA1o%q}5gisD__eXhwP!O>-6Cig^bpqi2I@T+dL
z)uE+m68#HjWRKdck|qX5=f}DG2_%qrm%A~B`tNR#UXJ=*e?&c-t`nI~X<cJ(k<~1M
zp)D;f(My2Yr}aHrL2lVrdHK5!76z57TDF$LIx156;baW$DKK7{BQxc)RuPm4_^r$p
zn(P^fqF19xzfk?&4oz(2zi<AMS!5_<+kxs{S!M=t|3bXR16@ib>xDdcxF+;Z1fasH
zd>6yORoysn>olhH77eBRZDy}34n596q}GT`fSSzV*!SX!`l_Ys1X?l6GFrS8GDl;S
zpC6xiydyh&1<XzPoBC}W?_3IAAO#pqtJ<roaYvCM7;97aT~>lUf2=3chu+9~MO2UY
z)0ixhywoFc8_Dggfa=G&e2QWjeq#eD1+rZUD~)RDHG1xkP6}}l)uf-nZh{mk1JWpk
z7PuBW{u2eTP*-RMZAama0dAEJpF2lZoZf(o%TTeMvRS&)7Es#;6DPBc>@p0Vl46>C
z9-ZzTsS1U&#J>TR-o$@&SBh|GX3B4TceCXD-lvFB>ZYVN133^lacxLmURIt+&wFWQ
zA1=s#2S;^2a#97-6esUR1Z6S|w(ltRWj)8oCK%A7?o6!z-Amwtm6#R!{o0%PQSi!>
zFEbB4L-1+8XK2vDh)&spD50m*um5C)&T^2yxu&wmIxty%2bsge&DCr*LA+VU+eCk$
zq9;X3FT-$1^G6?!OjLg_tA|zRhQ*$&iM%<HSz@1P?eS3^;H6t1?qxs<v}|8B30lnh
zFSn(--sr+d*NcEP+xvBFe=OffKiILitCQLKm?%x^Fq3qB#Tv4Pjgs_li^Bn_d%<}>
zD*Y)u!t?hn0yzj*R(A~wTvIGFD@=+(&|%zPhv&s$jherak?6K#naZVblYxq%zj7`m
zfY>*?5xVNkQbQ7E>W`|<YHFMAA+(eRHsH3V8%N;;T|lQxfN`5od$T7tLlEd$tCO6C
zqId##arKf;kL<%ud}$RVn+loXb=D;+MCyF?(lIBLNl_*GeAst!s!9yn1r2$#9_I0(
z#H;s}H}=Jg(V(h3W<%qC6XOxUS$S0^MTdYtC_CDpT&*^X=BweU8vfEDy!E5~C?-UZ
zwl&w&Th&jgF6>ox;M!=2=ZUcAq?5-n2R_+E<l2~mHo>T31qb7}0X2cYoha{d(sh?W
zhj+<FTT)_|6U+C4P6UI(n7o>vc+Jn8te#%6lo7*rcz#o*3+SnJxTn{lo|b}{Y6E8D
zu1S9vwK|zSiiRy?uk-3wcbz_LTV>=%yv`Z0m76sa8Cmh{^hfDzCI-iiGj%b&%x@`n
zY(sBDNk!~hVL;mywBrV9<5rltX$Aj)Gw?<i=T}nQ#SK0I44WFo(B<pejr3<_^uG1?
zeyc4=Pi4k@Z|z=qM|+2kU~|m=LmB<MHvUyc85sW|9c1D7gLfbc$G>v(I{)J3f9*`W
zzILY4@UlgSk}(P5FD7FT%1q9Ku_+_DbHKs^#F|L*{L^)u&(}Ivxy{8+nd?xJ9zJ8X
z=<Qox`)Yr27;H8eXfnSS5gH{5_1bVceic#>+K+q!KRXPuoYwju6;6(y<wDpX$8hG5
zOOScL5aKc73g^BlL0qH11pJIinB;QJe%q0k%o{F@S?9VeaxugJn|Jr#Stp$&D;9B&
z1ePRXyd%I-*afYO@3g0@Td!!{=vPU*Df1H}Dex7mjF42BN!z$?txDbWIZ|92WQP!B
zEU<?G_7)fAt>V*Q9_9rk-LYWJlHN9O05qRumV#Zv=cn%7$3ae90A&&!fwE}b##(F@
zzdh77PQxD3F!M)1EkRu}BV^J`>sK^Cl^zc4W1`ItP_5g?=!_c((wpSY4j@`O72sVw
zz<Dnv(VjAiPd`CAio>x_WzZbA>?i!%==<ib*hxN6kG6rV@CC;d+c&DqFO(<F2GQwt
znP+{(amT@ZhN3p=xCPoM&iP&XJBtU73Xej?tXCv{+=7mK(sra-<@XTz;<E|&6#n{E
zKk`w%?jUA_f}^(^M%LWijL?dgi&6yR$hlXvBQ2NM+eA%cilnV>3qj%#V~pe4o37YY
z+K;39P$t#CfC1gjPQHjac~-Y{Eh-^Rn{_oBWDXbJsVtJan4~4u8!qDHHkxhHV#j%$
z%5gcK;hn@kO*{vT4}{SN@wHs`nplq#;Dg_6InU`@*+`%X@Eeiw_GE5S;bQ9Y+$xEZ
zjI~l-Z=%CxVYEwfto(GRWs28Y%Sr!@ZhTZlEbQM(zlNrxpZsl(8Xl|B!YZ;(TO+Ju
zF~dqhlPww7KQ<mSxg%HY_L!A})U@bQcg#o_nUUrMluruWH!cXveggBw$~DS>`^eK&
z*%sNS2UdJvj0^B;ix%KDMGWXl9$gg1Mmf|I%&^J8Q30a<S&YYZrxn?)=f~oLEPgG7
zXl5)BVJyi(6T}nPv91u*cZ)!BhMfYZ^_y*ejn$u@)$pH!_(jXyFOa9T#po`AYG8vL
z@p0%^bMUjl?<IPlDq9>?aF={Frs7%GhNh9Kk8h#qe8gqR%40kVmC0BK>c8?XsSI>F
zsYm;dG=NH&5)-LGz3nTf%RZ;;sW9rlsWrX<nDs(A2yT5B34|q?Wf~v6Udy-EJ_+i6
z1bP^G#vWm8pZ^2W|3>d$Navvc?{S2c{tp^qR{DRX5gzy_&}E8Pg-#?64xbn%A`;or
zczBE)e1=IvlR&Hh?ug>0-p1+y$U~d<?KfmK6_LOZo_5x3@t3JW`Y^t^yG&I;Zf3~k
z&I`ais2bDb$?2iYuwjzW<4z&TW1#rzoPTsf83Y4t5Ls^PNPYzr1~Q3<_Ye)y7f$`a
z7z7qi-$w0_{e;<NmyRP3x?^^A@^XOKQ{Z-ex3tRu%La;mh=bi_ha3V<k=?bUze&HV
zQqomD1Usk0F~YQfHI0J?HkHIm9a*L0>MgWLZSxmE5lh<pFvE)4TY-59-m_yQew|w<
z%(g3p#Zi@psMtwvW=>Sq24)hyHnv1)8Fm|lv7kroV=31H(P$B%v6W9B!g7Vu0H;_r
z2@R89$8OW1O&!jS8I4R`WZVnL5~9TxEoWST%D)irffGkYR0v{bzzCX?U{<%j=_Nu=
zj_UHlbSHu>hjdPFS0{2&MKG|AoXBoA6ne`QkXvIgZI0QD!?!h?QtB9d(cr>z9!qZm
z%uktyW#g)BY4CARvj3=Bd3{Cu@ry0UN~<R79Gz^69W!Xg?hq)Qe5x-NHrqRmYKAx?
z0#7dp;4(TonlKbhAE*Cq8-Z6h&mc%@2T33G^VO2>NmyLMAG|y__soC<XmOdK5aU^B
z?dWC_Qq(fC0CP{&s~fjekAW`L02WIbt3d5D`i}a}{Uv6+fWDyh(T1?HT-<`3eX-T6
z9hd1LOz$<!WgOOd9M(lN0@(>bh(JakNJ(7pA+A+s_^s)a?h<yM?bUJ8fp+J8=4S-f
z0?U8}oAZ)e8-WDsiR9w*&xf@sgT|5q#$UgRf^f4XZ`9fDDr8ZptdE~ufAXIf*RHxL
zxTVrX(H=jMPhWv$t3Tk^bAEcO^GFunT_9P1{j2(xJ97*D@$4cBX``L=zl&6R&B@?F
zh+m~_+B#HSC1i^cYF4ZqwOSjM*~#~yb(^62Q6<r5(Tu%n#q~qG+Qgs2B&$^K4c}HA
z4IE=e#&c$xp6WA8`Aq#RGRqxLRd+)$!O;C8o_YDW+FG`VB$ZRPi*_|YrPUd2;pPSg
zdA91YQg56T_8<9+O{=IL(0_*Wdi+q0%`5of?{<8*D(H5n`UzV%kJ<Dq4q9J?WG$t|
zzfV=YN6TF=dHEFYs!Sx7Fjh41LdP<k=CBEtV9T9p<Q5z9Ve#~(pn+xO#C_s6X`$yv
zdj+h5OCJ7>{y`*tQj1etCw?C&$azigULyf&MCSp<1T9!=$mxQ_4b7}=`nP*)FmWX}
zi_!s@!5rT5la9RnH4Hv`eB1>d^XDqCgQVKos#Ji8Z>l|1V_EzPn@nc?Pu_1sR(cuO
z84YV?KO5C(!mXLtB_xArr1|=-aA;=zU&$uE7yeQzfHYmWSOwrSauUJ)Ka9Oobf#;!
zEgG8@+qP{~Y}>Xgw(V3@v2C+r+qP}&%vxuyf1b5xYkOXNH{X39?|4Sn7_J;+4d)sq
zU6-SE{?78n&h7Kq1Au*^r}{llwm%-uCI8X?J*WO_`25*O=sB4G$0^84|KBIqzui_@
z8U7WEJN_4oD+=?);%+S%iJH{c^E!TsxMwgdzjonaBTk-jF}by1yc-9M)sBX)_HJ5=
zaMsL)bCP)DXyG&9D*)~txPeYzhOTtWM2}0GgX$`7z_$etTh7cLBdP4)Mu4}+4uF^)
z{f3qvpA$%^fIlS@`z8r;sP&KO2&A|}sP$xgZXI<&5Dqr5+^{|_Ah+pI4FR_s9uE#q
zfC`Zi+uw)VU^-;8gua#%0@M#?-)E_(o_-FFAKGPJ78h}!eU#zVrFx2`z1^ZIg^?p;
zY1-Q|iwb;#^r(i>*H(;=MFuT_b+;vaTt#0dJrULhTBVwhT7U$?wZK(Zv~5%c^?qf_
zE<)l0ur%XXvou3cV<5czIJuLeWv=!H>OEY?{Nk})z#cPor4~jo!zG@0c;y~et!Ds&
zmI#J8XOpe;F$-cVgUYA~*a8NPbBloL&h_AGA&3bIv|6Z%_h&2Y`sgO}64<q0(=nHR
zIUXU(h-G4!;aQ4f`vD`T*x{U;IW98UhtvJq%HgR5<YVvyCUiJRL=j2)HEa~0p4p}3
zpbqKw>M+-f`+_h#+B8h`BuLnWm}T{21_QANshYHg`BaF}XCkHL3rjh|BnA5H*f%qU
z$X)z<2tGK-99Ra|t@)x)1Y&EJ#Hug#I7Wc>=7CT05E(ECZUy^Unz|ZvgY@7_<#6aF
z!Yo#z4GT_Iv3<$M67K?@B|sxXze+@DMWL*2w;OZx?}LCN7!)_<X4~c4;zZEy4|dT;
zT$H=rB~3LJTw344`^5zg#1jCn6MS=_JwQD}5q3}NF`o$K8FPC5A`MlN?oWUe@@vf)
zDGY2NlBUtR`Yif#2=q^p-q}lkqGYTJVmvvHAAigbY~<AYDK0!xaMBPxl;mOuTeHqE
z!}Y3sq=)~&rH~lkEe-d!p?YisC`E8hgY8%>c^l8U8ItTM%6JvBHD|DfhH=4=JcZ_5
zEW?rv$6-wF!dOxiW>&08hF|RX1tB3yG0p$G(f$#uiQgis@Rzj2CuW-vhx3flLr05w
z`-PntcEGWfUVJb3BFZAAK%T?fAY!i+F6D%{y|mer&G&%ay_E!6atrd`xt^2?<<gY|
z-=j+A^AU*~3WZt+{Suh6Y7Ynw!ET(IAqZ4|J7yl+bxL9rNQuyQPmX_Xo8EEyGmE;>
z({L5#nG{XS*nC$@QO|C{)hE83b9tr}`o2stal7pu)*swPCWWI~rF!YoLwyzSymp~2
zJT{Yk6Md_z+HyUXE$yC){7#pWl2VNh-iffbn|_0PPUyTgHW3}<LWNnhiU~xchf+d>
zGE0#^nqAtdXj+rYX`f^y>djjRp<-3%fvq-|dN;WpjM;N#I4!1pmnCdh{lWNiwOkpM
z#!%Ts;fJc>?~5#U$Cn@1*w4suoZYP7f#-#Hp(qS3P(5XvQ0vWaYbO|Vhp1^z4M5Dg
zNuT!a<&_KPDBWH9I=$EFEe+b=D$ZkMH#W<h(uDtEg8i9Fe<m0M!+%8KtPKCqpvB7Y
zuNt)GRW@zYzr<ySRn1Ke8oT=6fRtA9X{8&)*XQu0yoz78d?B;CWunYeN_^g|=pn^t
zrM1h%nIJ<)pFKY=+9q2-(e&-cjkCp%+uI=YbU4t*NDiYfWAyh<Y}ug*uJRCwof!w+
z*t#}3o5KJe;u5bI7UT&-<v{EY>f;zdUXWlAAMj~2d6r_jxX|<Hof!IyCN_Q#gS;U=
zJZ!ShE^)Z7m`$n!>>@nlf*3}A;YZ9iqxMJTMM+DaeEd|YKT}V$KNCfwnDBIK=2TjF
zn3n&c!Qvh}I_S`#JV-!J%z#kGC%d+Y%l36Qm(>Q`svVY}vQ+td2t5$q00KY6w4)U!
zAJ*~tR?s5nTtJI<Y$D{7XS;h5N|Gz{`NnwaoPq+Z#hXx`him~0U%QRU1_G$z;;CFj
z3beaf>?1zXH(uEyMF?$p{q~W*N*{@5t^EO4BbxQX$n#Jk_EZK?*Zks=gJ;1L8i(Ic
z*h-bKQB~h!A+l<I&`_M@s*y`2(rwZjrpgx=Gj{ToATL;AVejG`mILJ`8r5mYBdH?}
zl$r35Kvqd)#uU%zs#I5V{gA>O$Y~dRU-;o-`+}(?eOYLG2ZV@;<^5qz)oRF$Yuztg
zT}R(a>{@SzS#es`Q`&Bw_Zu@@+Lhe-HJ$@hV`>J!lz}<Of4LU$f|3`wcNXO*7w33$
z0rjYvVjP${xs(-7i4Jw360^wp3JumvQqBFCuzaXTUv%U&VFetX;_W_RP1)LKl&ELL
zXrqC$EYV9)`vF_#GoE?>m3UOO(wa&*{H3ls^};V~4VT;2jN^Ne1+pCtlu{cLI%y_n
ziFi*#QOQ0Q<>8;BU5GIz7d@6{p@(f|=%ALckUEtF@2Q%Y4r9d9$XYY2KW_qig)cS3
z`67mqZe2>C{4lWcqxg_Akhv23-A~sl9Y&g*#db?sm3eB4_zOaFU6LzoeJ-Z=^a_l}
z;{<24zP<yAC&DFy4*=?>Rz#3G)H#(->#(bu?Itv2Ww7d_;_35^$rywnFEL6@(~uMn
z^0&ZKMVJ&*L^&`0lqAHGE@r8?i>6?zk?ZNvx`z{VC}yEl{{+bYZs25R_}fOo_z!dt
zE91YSgT4eLfAu4HFY4OcTGpr`?c>G2Brn5h;0vs)S<1tB#1_=`3y>nkOPu7=4eNI1
zk#kg@>xs3AH$vjZ;KjIZu0Nv!WeezS+KjPn*e)U_t{Cd+D!cDqgNOop?aISUvxf=f
zG(D8Nw0WP_paQlMY<6E#<PgU`LFQXd5-^1xA;Ef~3btPB^qk(=#xU?j1A`qGJf6H5
zK<y$z>wfNxD_#a1PU$!R7}oH?5&Wd*!)_6J$ddee_u!t>WgK!?z(RjTGzP_s9@M&6
zpfxK<7d9e*QCG9ViN^7nhyw*|FJ;3Vf0)+@!EHV1lNoJ8E?-Rnb4iK52%-0&lOhPf
z3`-jAb-^7k_Q-b1%59!aI;+@0UYfLVSSY!w)!&-uA;+^7DU+_;XX?4j+<s1$_L<Vk
zC26MS^sMn~P|PKjM<|wl)+ldJ#gGat4Kl88Y+;RtAeI;SyWT!y@8I8I1YoExG?Q$w
zk~;*JAd3#SG97*sF{f-}xghR1tT@x+=T@@^c2!@;C)tHvkHsDrfh;5xD6=HqQz-wj
zOn&E)NUMXoe-dL1MFkQyaN;dO!d3Ck4^>{_pkWW2#t>eG8GyQEq;>Sr+^(3yR?KJ#
z(u1AgUa_X!6w9R+d+PF<Lze86UjEB3zjV2~&#Fa>m-n~%^+TP{*$Gc2he!6=iIygk
zbQ{+F@+bdFOtpaGFi<nQxvMJ`g{N<f`Z)BV^G$Fs+n~#mSs%cZe6<~NV(vySFsjR1
zo48o`k3!_{BJv2BT)(yO$fKi?ndGrE1g?n3?l&5r%vO2WP|!OG05c6t&y8&1)29l<
zCH8!6qCUMX3LK;jsNEw?<1gvSC-;w_vWevKD16H*c46dm$$Bf5+ndpX#P`UkEnYz~
zQ=V!n2KiRp{loY$yh6kymt~(H(dx>yvsN2tToZbtg(@r5_&QXDM-;-#gCn#L#-4B%
zg+-bzEc$FM-V78!dVu&IhJ;Nk>b}X=qn6tndf6&ssCdfNrwy(OwX!fiD+curd|8e@
z5@{!V(`h@&6m_u(M@u>mXX|kLP%_Gk<@7^Dj0b6318>?W>r9Q);jGuJpPg*Rw0=0A
z@WfIDZl*OBMy5P2@L5JX=U7*+pp(!l7pZFxi)H{Sca=ZHVD@QNMk#Ug%`*dhXvKyc
zZ-Tv+k!^ur;{AR$4*Lgu{{ih^A6)jozZjVQ!Gy)i^sh`<4S$PYY;+Vb#fX&NB$uWg
zBX(uBFPc4G3$TKgv(yw$9-cmyd>OSRS%#yy<7_E(@Wrp{dUtu8rDgl$?O2&Czw_=2
z*HiXD9xG7ML66qo+oi(&jS!T8j{KOMRnz!r%WZ-9>wQSVEeU@Fgw*IOY1MHEneZ(l
zI1ns0al_Fq&hw6(#QscCjJEwy)szY1JG0yM7?*TA+t+&`5?I3U8yG?q1*GW2@J1^_
zSwrXk0ZyU%z$qrGf)Xa`SNP&^Z(8QH5{uONUxIFSI8j8%V<VsdeX#+dNWNhYBRn`X
zo?0~QWi0P>Kiq`ecLY&{uY*je{!J>+m~O<~>K0j*M={;OdHB9y@0;^y=AxGM51Xz@
z%mQ{3$3~N+j?Zvq4lTCyC?(9!H%^uBs*E8<6>c5LA|Kj$MJ6aP;>-^LmC3_4eY%)D
zfz^pn2Sr6i2(N%S$RC^@UXV=c<|GlxeV|n;?$&3!E=7_}%jqfz@CrHlqv653kZXE&
zsW$Qz{8jdSD;AJx<;e!~<T9LzjbdQ?H|Nek6d^w?4PVo!mNm{*t9F7IWEOJ43LCze
z=d}PXNGUZqr!*Wm^r0{jBOJ&LOa8XS)G_87!loW7@LCJ*V)v1SOK7aZ{Labnu@qd8
zi{So90}|?>c=c@<A6{Kw?RyD(F1E07_Chf%oGrM|#9?gi;7>g$qi6*abjKi*pH<Bk
zby2j-9SXsXaFRXHmK}*A1h%IsAvvjLQ!^oe%>Yo)^M~a`0Wo=HZLw2!2=VxVd=q>=
z&U?`VGjx4#Z8pa-YsrL@*9)2UVcsFKdu&f}y5$wnY_;CIMG#LglW3nI7!(;xeI^!9
za_FA|$Hj`OD0!k%iAckcn0)L=O|=4uW)ESjU&)%$X6{`W&fyDQt`aT!Gjrs;+zA|u
z+_T;I)+acL+-TB25;wJdT01eXCkii|3{C0ZA9`+69i)7PY_JA8GO8-84!adv_Gw$Q
z(3kQ0W3ujg*zpCBmnkCmrn{xuKDn0O88BjS^$f;dVV%Rl8%t9&7uQp9?~LtkSMoa=
z`ugWsH0`%!2z~ubYpK&EjFw2N$+<MAU59&-f4^~MrfoQ|*RV<0h}dvKpHw<&B*+|(
zaR~jkN+XYa5gRr53X^&)JYYSvX5geflDqDVaplgM=h2DS`8n&YYvZRS$(YorJ@Qb9
z?&FrWX%l=OiDJ2|MCNPgi?XLjofV-WNm3ht<>IB5+Aoj!whp-$^+?CDl=A)$<KYkH
z{~8Y*EdOzZvoik!#lgz_uPBZN<-e`tD?9o?fRxq>i-j5mR?>?3JW5{p{ltH*<FmAi
zx(i*NrryNn{OKz;q=5Fkoo%ldp03cWIeO`3-lQ$}-aCEm)#Ry?<1~|4zLvXucEDF1
zUy+sNbBrtd9~B~!AjNp%aM^^ykOag8!X?TCidWZ%kC4vzBNf2xk)4`}@%Ysg!bGQf
z4lY1hl9_#M3-q<L6;S6KVC1l&hrWEj`t7NRxGeh*p}i)@aH10eQ9vU}&@c!7<gzMo
z87ek}&trZinhgwQog&2q6WqPvV%#x&m^BJC=5&~aj2*|`KVmHDDa>64K;y!E3B!92
zhhn=hkF7707Ew=n)<~}-CE58ZHf5i26hRkHO+JMW6lqgSH)4WJ1pDp$k^A~SZ!LUS
zT&mOtzKs|7TBgTVvEh_{E>RW9zWJRqw?r;Tx&+Fm2vVYCz=sGyScS-~JgKGQF)%Db
z=e=A5gEUkVycWYi`fns!Hb>N<^xZZomFo#QGJtpR3zU?R5G&++b}B^9k*8xjcOy$C
zUpZOxU!cL*D?y?zzFh+$A{J`rNRnJWjXlND_lKw(2I@_P#*R=YJc2bbEAf|4tyr`q
zO4KdOr<c?oc?_%)W|>$uN<*{k<d7F!QN=9ci!=sP09Vk1WbxW_gas{YpcG^0Ez4Yv
z&Nu7$JTE<zP#o|fnU<4DFQZBSR_1on@PT9_fmDT{LHRUyL$6Wdvk`ZAcqA(vJ}1A6
z>J_1VQrW|tM#~!2sOP9~Ai3K#L@o0SM;vu3N?h%+iP0NTXQdM3YF{vCX`}-wi?U_Z
zM03%~Ri>p$JE?D_(35X{p~39RrIoyxM3fI>U*&3oz3;=TI3EY`cnEbWmh_yY8$=sG
zjsMDEbR*{MhtBdP#AvHHDh<QqiZ&5pxhD4x%y?k+R6?4JZ7zc6fSYlf0Ju#tlw`E-
zt0zsZ#Cni6+%XtHn!7~*p$yC<=Z?7h*eWhAUsN%|s^S~nLN4)cO<LB=*m5hllblLs
z-`Gv*4GwckMpRMxnTB?dPpsVsyyb3{n^W&In}0p?0y{+TJ?|gD_y=KszSRu>=_+IW
zABp$huX`;2DhF&l`41QeH=n64tSc7WQu*;cEbD~J=ETh->O;)oX}@X}m*&{dIqzdO
zF>V47N-58AO}-J1tv|nYysEW;r^wlzH+)D#9nMNaM2zI<(RJAQ>w$DeY!1cX!wevr
zT^L0-RBmo^)kg!IX6O4xpyx&EOAR2H${?i)hGyG|6@%MvXLOstjpif@$4L@&I>^|V
zAVGMZWO~~b);OLsPe-f!&V+*C1`<hdcd6&IRQ4N~<F<74{fNIR^>6uVme!)m`<BFJ
z!sK0~D#hpb#Wo(WUkQDix<&`<^NkE{{$yVlb=kI?%HpUpwORTq?)~dS?Fpd=LLf}f
zYXWz#`Td36?XUs*-pZDZ8U>2B%PQ+};JlPNiIrP~sjqBe_0T6hiH&%B=$^Iow=Bu0
zRT7>+A+wfDkz%M;jNFQ}W##}%3UpmP?T5Qb9UGS`Edk~lBrrU+uD#Wx!fm)D(H_v)
zH?ndXbuJgw>JNq$&zM7eqxdR?xn54^dj?4pe)RNdeR%3L8N9RuITjrh^W2>as8ba`
zF>67{(Vk+?&M2s+wX;Cl>fg)$z>`1x2J&GSruV>>-oyl?Q4Y97t*u`>)0ARBrgh}j
z^xJF_ma%PMnaWD_V{>^Vn3q&K^{2vXna*vNp^TwTStuLa`KK)^NSTEBCTp^IAV?)l
z3~FY^AV`Mw>pDWcY)N#99wBHS%&mHsrkazt)K+u~A!A-?r7KFE1a92<!%sWQvrk>d
zK^9H*vLsfUpONB|?6sFqluEaTBDOgVAup8`h7v!)NKT;$b$ANQ6;_3w1WPiQ%*!lN
zW3d9uM5&XUUvq5tBlBtwmU0eHi2&a}>?*$UAKFIa4l?OYubPoLz#CcCQG~>;q?g@7
zU4f2+cyk1nfMz`SV$Xl!;Gg?FNE7f&6*@<>kL>$>$IB{%k`=b{g>_b8KQ&W=|5>`X
zg6k-ltE_wj!bRx^wD{!15hNP0;7IdZlYRXSu|{21ty78W2iO|G=x`5hSNI5d)X7~m
zo}(t1#Cvu+ZoA6|(6x!Q`aj_A519VK9UBMzf3E6({1Sit`*+;2{;R9{S4Zj>&yU=G
ztJ<EPU>^7_kvzU-xRPl+ayE{}#r^0Gz&|z+jL-<6UNrOLiPtxgL^4v7EuRMNx<;*i
z9Tbm%6xqP%QMNP8+jB_Im<Z~FwTxW4h(7F^FMBVxKm<-ycyuTR?mY$(7GjF;39M35
znBo^cXyRzGP+{!0E-NXsp94}yz~g>4Vgd1_A=JM1-Np7SY(CP@_O5W7(IeiIsf}8I
z0uFJcp~6Js1e>^oQ<=&I8?raLF?O_tUairAo;9<g7M1mC*<3~%CJ!+KOpoY1aZv>g
zWO~dZBhG>M6lZ?gN6l-*>|>DRmF~mURn4K@Ksl(cB*&**OThAyK6d!TNO9JvglhH4
z@61$94*=eyoxdlqF6+Q<<VkS28RnsigZ4#LYSsNTq3s~R-63mxl-b6_*ZE02t5Bkd
zLcbhLHi{$@nid6j6EV=$sHup0tLG|MWG6A~my!5743Pk+nn7BfV>a$TvubR+W;03>
z9)x&CfQJi^OTo-@rs3QyVQv&X%qoh9OGa!P<$uZx&Jv16rqe*+yaIjNt`ZZE>-v6k
zBRFiBE<YFpt5PC_m{$+jkt)ACYH{jdsRj{B&<kiZqyiKSgH-_*DJL<7n_sE`Ew%Io
zy*<lUI0O{XB05vaE651e_3mg3_`P#0%hQe+Lta`Z=0$)-`^#O24+b{R|ENPt2l)~m
zexTb1G(~cFd&STjLgrSO-SVxwDr$p3WO#A?=hAu~zA(<%AtzPtnppo?O;n&Dx*snJ
zE@B&Hjfw2H*;?~B^cfurZH9S6f&_1EMzims;OjU_QhG2*V){_a(?xud6BmYyn;)ir
z`I@U8UA(7}V~!8UA`jr>4$i1QR+^kZbOJv#EJ@THs|N@k8uP+?e6|yN{Fhi1Pv)r4
zG+hM3Ox_s+hI}CNVvLImjFSW>pZ4hvJ?tV{bE%MVoxUTlhZ2RFal#yT(%p#1#rd0%
z#btZ??8ypD5?*%rY%+2`KX}VR>t_*vK2E{QwuO4BQjG~g=rzETWUc>F0?y$RMs(hD
zuQN}#Gte99WhCmrUiQYQOfS%CD3sl~2EMLf@7WjmRP4tO*{MHIx@yPm0auZPH7mR5
zFrrFj`cP(nbtm3Ln6|pQ<;K5IcKXWO2*oN~Xtn0`wd+Q1A)lL^;k3T$$8Pt|_UNFH
z{$yYJ;C%tN;WbeE2c-Xj@1J#-{%_Z=fAS`<{yT5N*R?Al{p;Fw_*F(gs)z?_^+sgd
zShct@<{Vr%y!O>bz(}n|fuBu$=14|&uDg-syE7UmWg8EHrCGNB>Z004h1=ukbu~8s
zL0WJ-YXa8d;7Ok{mPwz{+n;yo$rz&EoEjiZ<`~(i?c?Mb0dOv>&`U|02ui&M+MhOy
z|4N@XX?6Aj*k5o9wlRQ*z3F=BI2rOZ@uRLqU5NcUpox#2Z*Zbx_E$%6_v4`rdbia{
zTTebg3%V=!<|)!oF6so3B!96h2_fPj)G%_)2CTK=pTkTbS(g}CRisR8cWBVfm?0NV
zQXhjQBAtDdi?6PCF_EOd_0A>=b@Va`wu1|_y3ZTrLm!vM70a0?*+&qMZvDv0$tRGf
zVG4j~_`|;Wl?$fTfKZ^O5Li&}DTmAAQ%(iGAbh7a_v*!|!zN6A3)8@OA;DIc$68B-
zV5xFoKaayrv3snJBxGl9{q>MbtFQ!%WSM-JDo9Ga7D0n;@dE)WY4s^3EEj<+z<L;&
zJ}h=lA-?Z-8h|FUG9H|uh16z8eR?psD!^q~aGB2t+fEBwv-cb{Fj4zPC7p1SaTtXu
zCPit72&sY<Su}))5k<>*Qqnyp#jMqod4X}}kw&g_LKf4{4rG~ja&o=;AaG(0D0ni=
zaY-ej72>uKnnXx!+&G8PVA=3Uv?WnlF~j7ca&@%Pk<=HR+VI8w;*fBtx+r3QUE#QB
zz0rs~aSD}!>iFCjXz<!x$ji}f_#uD5WjA{M#ycSNJ`lmwUYLVwx2SU0lfkm8cK6~K
zfJYXE5#3#Z%kwvbay;+dd8Xk(nTf2Q&yTey91$IKwqN;zryXf!<BmO#btf8Te6`kj
znTqlav#K?nQmqlzN1O!v=au3Qm6u06v$549$O@}VbAU)E31Jk$+cv@?ITDrI(~JlJ
zWfQTA_sWfLU{Ku`9;UxF<WdTBq&(s0(0@Zp=v>#*u9}#aHc$;jTTUU2@{J8-b#{OK
zNYaOMqpc`hGx(`jD>x*#L>W0%8<A~S;Xvn3Fb+RMuVO>W#)Et$m^h_X^Sg3HA$(>}
z_$pk5$z7oKud!l3Qc7{09VzAd`azDJq^rqTbZ&UZ$HIhXCb4a4WE^kMckH%h&R%|^
zIMJ&R@k`Y92FVUqX_*sHsDck(B96xC$Q1fGRk1!!bTMXYH2o8}|C<J9=lI+D%=Qnm
zXVyP<hkxO0_#e66SNWzeWccJ7vPhOYVMF+M349thzJqv90Yp&#nHg!yLyD__U@0|2
z=13M;y);scE#4;Y6$bV|&veX>BFodFRfO<?onP6l)t-C+lR2A15%_nz5Ek_gl9v|?
ze46b-0Jjp0SFC>}45A9fYw|FL#CrE4?$Q!lo_;BKyqnlf<@fBwOcu&kPa&UhU3EY8
zq>)Yo=JT`(eQ!gbX#)XGD;J?TFqzcLSH92r=w}ozF;~mgTIkD{sT7o+HEHkGZiKso
zSN7pl<edkN9ooY@44L+Xp2^n2J+H4D0fv!pOnnYRy<RF%*95BcGz!FWSP8#?H^PQu
z-k;4_S&GQ(4KRQ7ERA*?$G*A?4aYI;ejv3=W*#!~aSj*(u+1JL6Al_@^u3t?&9<tr
ztnG--(`YSPz&bW0l010tfbbiwT!aSs?Owd+d)?ZG=u2yb0s%^D5g`&{ncaD`0L%Bd
z2}X0lqWYuQWm9k22cZll8!(DI`|cgdsC)%bk))`WCbdY3P$`4LEAUH>+=WvcOXd{D
z8O_Vap#8$F4qkpjdrIi^&U`oS8pPRaP$SA42k$cpnR3|jyz=94)w2<fB@?}m&1j72
z{?ge&5cogEa~L8=;hm%Le)4<a$mzz2Q?MvH5}IciH^`LsT;G4rouo@}&%d0nuaCD~
z7R|E_w4iQIsx}cOK)GLMCO>k{jX#1aOezvATgxr>&<AHYoboM3=^Vh6<!T?_t}!Vd
zW?YP(O^4H4m9<N56`tR=U+fK)qK{QABoZkSg59*{nbB1qM#$l*GHPdLEi_n!5syI3
zvvjcOU7qqpKTn9cmWrwA3bd`t8B>npWRBO^IQf{({iH8LJ=Mx*FYYR5e9J|dDV2l7
zrth9=Me8tqW+ckmOcA9u6+pkhQrr~HUQNah36e#SU5z)#Rh;GaM%qVBuOw(;z~Q+R
z)%Fl?6QeK|>Uf5juwhL-i3WtnkwF{JT@mm@SzzXA!=pn5UO&nYK}@3($Sju_wGQSF
zOi>rwP<5iBA6kzBm{l&2P(HIlV)b|iF2~iBZi*<(`zpUH!DVsfIl~Ir^@E+ItZ>C@
zJ(s#X8#d|$xDe$eb=tIQ#FBP)RBH#C<_~Tur=P{S-n|v-j=)9*-D(9~PjR2=MGN#r
z1EqHNe+Wy14v~c}0(t$OOm=CD$|~}bHt+7|Hm)c0j9<-N<L#@*qqBwN$hKe8x5Iv<
zNaQB26N!Dm<Hsa(ZTPcEs1?X{Bte!mSF6O@8Fa~?d|AEgIW3<5cnKF94~?^&1D+43
z{$1}KmRxHY`yb}W|9GMPp7hW9KWgB=KL^<V9VM3hC#W>|@|J1>hu#mZ=y^?Bm46jP
z(ND_kr;Gl#A_fU7u^H5l_vqVclLC>%<a}$w)gR}#yoc;wAPI8x_scqYYfql%J^9S!
zM|G*_(YyZEJBv+TR~g+Q{#ao--xuFwz$#FFbqI5K!pf8Q`hp;kisni6^u@5@&-v4{
z!EKYbvyqc@+A2WMMfRQEBC@kKM8ieaO*J!OHdvGXnj?z_&5{f=W=pt>hGq~i<5=vX
zk0jJdrdJVEp{G?UAWUNEn|Rh{F#gS?M#^%Ji59WUt1(Jo(*YM*T2-&D);XVApGbs0
zes0IDL(7BAK_|g8EPi+##)6+^nY(Il-H%|?$50FuOjN9(;x~lHnB}ORRG~pVA~w!G
z;Qf3`s`apI*C_!Fij-t*LAwW1>h3Z_*3_V0dHSu4C1MKa4C;*ZtN?$-c{od^?Wl7!
z9E~Y?-o}}<q7|hO+u?!u##|=^Tnc>Duz5FCSW9r&xZF^8sF%ej<L2AC6jYM!mDEuS
z66&>KyGWGSaP!=0dNPVcfKu%7m@xmhavK18jMGZ-9t_?XUdsx1nEUY{m`1u>vqG+Y
z$aIr=G^vA+;zvaXZi!+frwkYI(`ZHAZ<)=A7=>%A7?3S`bB}lEYMGbLq?2jIz9i(3
zkVxv8wHC0M{@=C6VjDaMUT*}3<B6a_fl4|-ydwL*DchX|k8a!QA(0wEe=i#R`CZ45
znch{<(1W%Ir&@?<3HWCxaqe>o+a#BAh6Ab(z^|5K1(phYV<ze1AjGO|C)5Hc8g0P2
z#>(m*&Omg{K%*qNZ>|-&mE!@O3hyuruXU9IS~?U4I(jvO=*Ph)R-omw8o7>!LOqT9
zR$V1Z>+3UmTVR1;5zN((v0z@}Gj5IGZ)I4=K2OYw(l+cG0lH*RV~U6c_vo1-6ja-|
zn+Mz<-B5L&DXG9!bqmV@4PN5)4>*^_Q6CGJPxtA1iW)0UjRPAWmGg;9xv88gFy6nG
zaVi$6U8`e$(n9{ML>#Ri*k`cQk`&due<B@`Kp}LWmdEoMu<E_vZ12Juq}s*XaQuDu
z4<P)5tiLvO_P<MV|3q#7uQxdx{l9vXS0rmYrn4glUp}K8+N`E2MbIDQbx0(*xR}mj
zut}~)Wa<prRnPk-;v+78ddECb4!h5~V^>Fk=d14g(8Xy6&bGf==f%EVd41;$j=E<5
zN`7`5H3rF%-6WR6|GK0wA0=g3u4{MQx)lNR5maqki&9eLQwNpbxf{bVc<q4h0vdhQ
zLh6`oa!;toKVjEWUH-m*g;opZc6&~Lq`l>J?^s~~w#%wE2C(l}M|cPrYouyfUcqVA
zWuJ6p22;_Xgf0`+%sef%eZXCmruxYP!uz<6T{MjC)6^3$vd-<+{Z$w;xUPm-%YGA(
zh7a5<x(Z=zVg9Lvn(iUrf~W%;(RqGHM#TxYjGB`yv0x3Wvfu`$;Mb#7)|=tC4h0RA
zs8S{Dop)E+YY+gc<;9^}v6VcL<7I^&c44I4gGqt7t3{0(iJbv<xvFhIu`<#b{CjOZ
z&rejpyH|vhFe)4HSgSU`!lr>S6_H?l1u1mqb6w>?6T#w_Ta+seCNztPtW~kCB^<-K
zU8_2B|K>@N*-e5OZ3+eSPMFCJ4D(^U@Gae%?(jF9jO+yD&FrxQv1tUJ5|p(q+<d_B
zj{N?(mrnsGh)SPt#q?q763$h?4eWr5-|l24K_L}=3>7h6s4*!PP<}=)r$!HsO>9dx
z0<CvHi^z&CG@&dMmt%lHn>%>LD2?!XzHkA{E4zb}+*fOI$F?c7fhkyr9@7JcXGah{
z%Z*5{%Hb}0(0drxkai&lEk!+og=et{xCk0S?qdrF=-Du&6y!&X1{~d4*azU#)Jx=0
z^;XW!9Gk;9xWl(%*PE4snIh$C%~cA}l7pWytG>sQL`*9WWD|Tiir?G^Jb81t;e)gJ
z7=so!>KF>aY&kgC72^~(xl^|V9|e$?yacds6+;hcSXyS46BJcMiFB(Y4-);}!XTd@
z3EKhL7Hm2>M0p19*a7!Q<;l_t78wjSAnTUfp~_e8*YYukv&&~B`n3?gP!!KmK~&03
zX)D*<nYgyV<0A`ghybd@P8M18WtG|0y6HLXt-&q|@lbV>Ruu%X+T$q&zXS*FhFb&-
z?*fW_MU;Gv)CskaM4JGh*g**xT*aGFTOWGkLu)<HPV(q=$nwUqem;7KKEv%^|G%O8
zUwHfj-M?{4Yz%+VNB<kT41e*^|Ia=A|DQBG8d_^4*-|1iYcgP-q?Cru$-_@fPCyC>
z3Q%#B`gYR^%I~!#QIw^SOp@Ncy8gI9`xFHBLjc&jV6t{x$Gf>OX%uQFMca7y8YK$M
zO;!}C6<3zb$XLa+opbFo9tF^E=KJ!@B=j#S^PjTj@}`I_zbxOhbPs;VqFO&>=uq>T
zip0s12Kb{kE#Jc1+L&=u2GeC3cTv|qstbEa_~xeW?Gk9~qCDFn2ViSASu{Lo4tJTW
zB+qdC#46w!uedH`mezU@rL`tIiw+Jj=;pXc_~G8rXYY-2Lr!};4Y@E2l^%U_TGn#~
zK~LsR*6AI)0d=mikMUNtZLHP!Sz8PQ8qtui;;C%C7=N)+P;X>WoXW~o6zQUbCF!qn
zqGQqe&YV7JPBg-GY))Y>$(sn>jN2SF<2o0LLofNOSV9BM#)|kuSzLY}!6{pA?MY)H
z*Yb@D6EEW3$h%6k&(nz`3g#2fo2*Z5kpUn5!>jREx>Dkml)|qT(`}e>mH6&eTiBK;
zYUK(EhY?qMHtXGRfHRkgQPkEmetKsamHa!5_@0wPnG_g)&HY9Bbna3Os#8zmjUR)h
zP#<L~Wwa*PLjL<YRk9Hr6d|#e1!W0J0MC{Pn^i$%)6D!9t1@MbgcK=yi7GmfF@Y&<
zxVQcweVNN3L~2h(za1RmCEGK}QYR=n1i{{>#a^B;gP9g|g&*&DD1sDWd)55LWm@wB
zagY{NgZasVvh8t@4v1Bh;n{n2@{AQi@+NK68WfWSg8;nNfWPN92{L4y=0`A(R3U(U
z85JH?02Xc4IKf2fm45qiS{**6%HYfDsff5|G8r3X8CyjH6v5DBu364r>fu%#tDJV6
zT?V33kpoD2KwE51n5!tG2GBP{J~uo?lR!$c)+VLKNLicGbP9%|hC$e#(Nb2P;6pHO
zGD{pO_}3}a>*c4AR@?hIm|3<K8r0dsh)#U_=^>=R5Kx6%ro0#GO!g`CV8l9BVn(~<
zYckp>(T02aJ3fa4<!0S}F(}D(#fpU}oCmKfts-!jRt$?SFPU1O5-Me>J1<wOsMaV?
zqaY~8*PsM*-xZs3nXj|~8CGluMB2-D=SJAP2daIGu%<_q+cnL54?(ZOC_+rT2hi({
zNfhrOF4T-x#$cF2q}SuLh~q9Y=Ua>?kll1!-IoV3Mj$Ot?M1?3Y_JeA;B2T*`Ob?@
z*#8*~C*j?FH?!o75gc5X(>Q@R92|F6Rs0DT=*}yp^(ndS67Xz!N9KERUr7iZxX@ko
z+F??u<?uRx1B-R|-PsUEi1pb^!UYFr^c6tNE&T;^!fHcJF))IwO6q*On#GXf2<6Id
zU{I$>bTj-CII)g?xkgWp^w0zQux(D9>dF$H%c{6NU+ii6>&JVf5mPFfPP8My54Ii*
z`W=n65MX?_yRjer1tE2`cCY-5i`Gxo5Xt))wkD3$1$@cbB+(<UTX##qo=s9ZyMhcI
zAl6gCuZj%yAqiOe94vPqny|HY2O;8dKta!$YKIoP3@A5}?5{*+@y?7p6e(34H!;s`
zV(hC8y-JY7Z5xAP!pHQY?o%CC*YY$<%9>I-gQQ;-m#>YzDsj#=Rd-GsLC?C9+dmlF
zU!M+vxR4|Yu;F9E;l(oV+^-<)x#@Sq&<jzsH@H^9*9q{donj6t9Kc+vb{z3j$rlBw
z76)pvSNi6m3aGa;<wzDEzme~n^FrY^BaW{)z4#OJmF?YKy}+)+45q}`1fEuLAnC$@
z`#i$`x~%g7c-1^0`G-0EXZZd#kr|j+{=<8)G5!Pj&&K$#$p1{0OWPGOg!hXsgU*7a
zQ1}D{{>L!MDvN^R0@$J~r&jm~o-OP5fU}jHx5q~lS8J&e@x=gQ1huZTAD82i*=E>e
z%*m#1(xXQylT0hi<ODx{YBOhUOrN87-L7(s7e;VkL^sA|xNP!?gbDq+ich{<#UzK;
z=!e#@C5p+Ig5j%6XHT1IjntVwy<a33-+A`Tn0g^_zkfdGk+w}3J}o<XbiSjwG2=tR
z7eBam60B<@&RToH4;T#C*dO=Xr=yuotSC^fC<|68v^lA#eXD6|XQ*KO{xdS6<|{&u
zE23!FKwyz=_UQubzKSU%V?o)_E^WVqv2@y5q;%w{&q4bBfT}3U+k}hIxMcWQERFT4
zoPET3Rj>#a$0?!92(Y<)Cc{F@&>**fghW-%+oDC{hj4|l&`|m~lPc|r02-(@dMkGW
zM7+FWfUsZfxwmdQSe0*iGsoOPders)9%<Hk6q)u=2;Jy>xC2Q~WBJbo`gj%ClH6kW
z<i>`$CMDYfRE-T?^_jFlTV~Cz4swG2`FS{BF2yE~mb+1RP+ALdmWt8Z3a3&`akjxQ
zZQNf3iPnN2BuWZgq_oY#%vUuN4d;r~nyU~Rg%vBv{G5AQ&h+d}+ghsX-3l@o@?vo9
zx^W|nM6`B6JIpCq6N~~StAt2e+B{`~rf3kFz`Y5Lmut6|XC)Fh0^7Om8^enyK&G(V
ziEv0rLXhS)F(IyZOL!W=LYGvbikz?7U+LYR!D<U_02GbNl!HD6?Yvh^>4>#FHJEa^
zn_h3b+pu0w&8Vb$tuRgyL8@+p^L4DwBv*EBnkZS{=aQ0I{k@MuRzQgTR0?S887FQo
zelgh<gbQ@+pr#*)t>Db+h%0#+1J7(6nX(r;-VBwb&68J@VlCl~E5DXKoP*IUFqva?
zE@AJN0W`FC{W?LbiOI`gw3({tEG}P1n<(YM4IHbtV<%jnil!3n5!>}I&%}(~#Bu~l
zv4F@at2YxteSVV0Gr+fQW;XIX@ry|X&UcY`z1mVunX!Q~AcARz_~2r551CzUCsJR<
z<DPBeFKp6ey_sH^+xPA6zUr<7jtA~|$NoGPvFFO{XPa%o+8I^~-uqmGybV(|gn)p;
z<FJmhiFS&a4nMfMU2Xlb3F)@pMuY_;?gS(nlzdGcRiV+|hkciDhIPR0BkQQ_Cpjkd
zta}c_r9c<?62D*GSa39ulr&v!DsZ7k^4*@pklWWTT?l+YmkM^aiF>Dcn6eL|(fQkx
zlWc&>$*XMw^=?IF|M(pWbo@iA)mlp<mU*SPQL<sTPKF6D-{zGKfd4()7Pj;Sc8FPR
zz;xfcy1r!l5-UwFwvaUfcm(t9xQz%K2EUH4jU#?{_O(;{uf!VX#?AyIQvw)W*HL=a
z0ZU{s%1|rlru+#fta?XKc?HKc_`*~C<<5kP>=+p#*EcBupOk9VW42`T5-=?Boz|DP
z^ML$^JV72yPX|C(r3`596VXB<Xvrd_?}?CWcqkUuA(ZO%uTt!%%Ewf<mb}07;gGDh
z!o0V;`v5KZ;h!A2R?3!-AucvE7vLW2A1zkr%%sR&CkakKmnVGVQYhh0&_h%5a$*5?
zM=>%V#sS1f8rGcdGj3%|^v(Be)ZDX;$sqIJ5QBV!dSQorc{_ds8Mso(6~%&Y@A%g9
zlC5}5j>sr4nTDX5x7R1@1_PGvT=o@Tpx$;j^C;3$dn~9QUcktq@laAs+UL<ez8EBX
zDDOE(l&ag98@NBag#_thQ3piCbg9&;#f#s#HX-tgd;(Y#FaJaN<bRFd|8G?PCsd1#
z>93dX|K6$pgm(Wwcj`<P=>$x+ulP=?7n8Q|O!~80ej5-E!$B-85BsxHB{+jZz~unu
zWE1>7lh2#>1v5359LoJ_yl$}*n-1^y)-DA)@e(q=Yo1jnZ+E`@q|1C_KAU+An9AeQ
zkgn<Z(BOdUP;A#^oMoJaE|(cSza7oS9NmLz#zK3>!spsqH5v2J&28iO2lLKj?gG=>
z$xLQx(L5cA+trELM>a)Ft%7$`Sx&lxOxMhTl^AxhS$W2z*(*-z7uBeQyu}KgiZYy0
zpPxn;9<oej(jrWzRO!pP%PxJ;s#Hxy-gM{Uk!Y%YMzPU@PWBvPm2~!>KX9qL4r}E+
zDD5-qBs7Iw#OHq=v!(t%S^ViGvNEfY*1m;pIk8a2LLv0#8eBx>4FfdR8(IT)Ew966
zt<tk+%J4kS`O@oAI;y4omO0XJlYuaf_YC51AeLTU?6~CDC2QMnl;UEUSwT|RoVqJy
zN1w*qGk}RFUBHw&88B=nQQ0~O#+tU8Qp*krW)6%#A07t1v1OE^B)^m?+#y_T(7dv2
zMtpIvq^?0vV`c3i{Fwvd5Y4n;d=DYOeja>@cUWg;^g9@*_jdf&jRwH8K6l8Get%p3
z255?VUZ+>#?&Vp!zM))t2+QBilKtgj&1%s>Fy7?&QFZpUm~?g#@n)EL#s17bWNlVP
zb;zd9)?!?tO&a>S5DZOe+d6{#p~nV-=cga^pl=jtrc{!JeBdt!7x&d~J!P=jZ8|_i
z@1sU;>!(e^?#8|hK=Fpz@dCC|7;O@CLhisu1-sB)DsYR)I@Z)ngor&0L<$ypR25L~
zF;K#r{#QeE^ds2dwe@SLrWX25g0Ms$H7=<30$1~R1TY){Jm8vf#@7~sPb*5oO!h+T
zZm;%?>GCGh`*OXK;GPqH*JT^E^xDdU)M#im0D?0swfSrQ-v@vWsLOEXmvl06zm<q5
zDGt~=?c+`5lX#{$&GRdpcGH6qX!Z-WD?~#<sV^r~5%VeVQL5R>c(`b0Lc$8t8*FWh
z<mLpph60E7*EBX#H$14YH_qxv1WOzx$Cb}GvbwcZk4Cg@1?ABwD^tD#Db-iC(_?^W
z<MXrrP?X&2&=xIWC)YuGMztD_fpRrHB?PaC8zyI0&>+XD)W9a7AIdZDzr)S}MsQcu
zP^Exin*ipw0m!V;+#z09Yf_{w;sVR8?Z}AbE}cE&=r7ZrstC|vv7$8m&W_ZV9?&;?
z{#Y*m16RS^?fYsgg1*KP5DD_!C3B*DRdzl_F~r9U6nBXQ+Pc*o8k_<#%IEcO>OglT
z0^@UuQ>=-Ik`$LgO&9H+5=7%u?)47O*X;+6{T0(jm)xaqA92ch82Or6O<!VuG&pkG
z{46S}W<u|Y1+WY%D0%_r3_)s_eI>|}zPjAxAy2lIYnD5BBP-gHgk7-DKBWGAy;QBj
zys7nBfp`hv_w3!?r_$lG8u7WII~`&=Z~0s<S9w!ip-7!yoM=H0mIADi;4}hocsp)W
zcEAW8dl27i@lC#~or7wy^5(CI`>4@_A+v@gyK-XJJ8+~86rxDT_(K~}OjBCnCgf$H
z9+LZJK824s9UX;S3qzdVkAMU<_k|QL>izyLEqy-1>qH8@VU3Tuwe7Xr+the1)X!7<
zd24>2KRjG4*b^}(KXcxSA5#ovAeRG_|7$Ekg3_wYk(UNLr)28X45Cb$pibK?*=z_y
zgERK<OAKxR)(MPb?xksMiB~lRWePKz7q<i}s2<elr<D=s?>!U!Rk%D6Q`nJreD0kA
z328<0^5(pg=rpixESQj55`r)4_U04*Qqo3#-Ixiq`lCSnStF>|haUY~nUxp(YE!`X
zHMn;E7@+daRgWQ-6+n%48ReQ_Gp8_PY>A`mQxc6RXY%B_Dn3&}ZS$^ARVu<u&QGAs
zh&`Ww*x3K4kAZ=i`9JyvHm3jf@cfOMU}O4s*@|jkH4Q`Gybe{J_KjW3uGI2mn;ROG
zS?w)u1(I3z4hWJ$1TbS!a|nnaL%bxtpLu8?!Oxylj2n7I@yF}kUov>t`^X#ui9>YP
zIX2*EZHY8efW_ZxPX!PH_qd+$o{7T!uS3gm%fYx?TRzS4v7qNNcWAWf^o*qp847<}
zOlc$|Z`0ibI+@qtyh(LYe_)DHh!TCD*%{wDTt!2I@;v^yncXsBcygT5c#Q)W<M`$$
zDNi1B+62$Rv0-#t-#YsyqiSD18gD{MMfp=*F>Pt@yc*5j+|n3+k8?&JkM2zj#DTjI
znhqf+<en~m;D&Ji&YPhv)lAd4j9MkBkWv}Nn8a8lV=+wT3UHCRqc`D5#i!I+efn<Q
zQ$X^a9)P|@^+$5IjNqsc)1?Jrs17TsvJR#OR>IUoY4ga=h50%Cig_EOOT<x4&Wshy
zwJRf)f^!mP`g=v`7_!iei27=|nooMPa&=ymE4qJ?vx!nxI+vRwMlVgnSREsY@>Kex
zY8^&WC;@!eXlY`tL<Zqw-yB4rT>V(ApB)G5XDq0pu5iw77P>Hm>FpxgVrjp^LFR1L
zy`N3A<;qE}MYT(Z%guWT+^K7U4WW418B=6pNv-Eh%{<EHP@VNabx$-)8?cwanYfS2
zs&-{aYVe^C_yv(>`GnuN&LOxOYa`}2lg*O&ow>wTJw|egQyRi5s9$jlB-Zmez!a<^
z1pvAeiM*Tuv)wh6Uy&-nSzL;TdPHv=p8G8{_4Ka7t))us)5$p(#et@TD3o4)bof|W
z61Az%J<HS4htn#9CX+~tUc|acsD*uA$gB5_!kryyZw#3m?Oxuu?GXUq!wAeEG#b$~
zKT|U)mrX=eR8*7)dXM_>G0TgJ89usm)QnG8PD}{>H%!JSetIRF1y|9oknE{DZ-E?Z
z>6{Ao@tOwZ3U0=U{2EV|hAC0N>b#yjKIf=}5GvLr=7xZDjGvbg^_vYi(gB#q%~UUd
zH+}G)8l6I!Xi4$Ld+c@G<P|jVO$s+uMAQ48V6%H9Upk(XN#l)`e}sr`WM$wa9#j&m
z%9Ss|luwU7<{;UI%^`O@Ie*m_R@ei%M@@>ouee{YIOX4QF{JfvEP0u6@jY=2PsCu%
z*uR1L46!F}m3C(izy6GJ1Nne<aky3dXKmP?eGh!zut@3r=QmE+doYl4SgfBW_N7iT
zpUUZ&gf$Eqa8apCR_bge-P@iLjo-8f&_lP1hGrY_`=>Gr3V%8`PJ@Wp&H<Xnbhc-B
zi5Mum4%l?&!I;{xD$EnxWLe*J49Z1gLOr&XjAD=Jk!0|P5O^>TD<k6JS^`%=ESX+`
z3<;j6X-FlDBCJ@2XyjlE!j^BC4tW-HFqNrK%YU_N+fZ@4L4dRlemG^!RCs_Iu%Ubk
z!Iy*%r~zWq>PEIl3wf31uq8v>rFF#QhKTuYZiqpVop?rkfO=<R3Om`}LoJW|Sf8B)
z*ddDXhI*#ELoOoSKGswkF0|vjdLCxo33v;Av@H8pyb^n0AU4^ID4;@Y+^6!DybQ6Q
zW3<yn9p6~9x4}^NvQ*5y^<#0{q8?$tPCrJ1gh&i_;aCDuRK9NFbU4x|TX0K4RuA6Z
z!cmOpm-9OR(?=RlWnpFFF0YPgB|6`oL#b89x1XQIWvbD80x^2d7z<6M=hOh0D@Rb7
zNS4Fcxe4UKDWH})yY=)f>Uh3y%C)8f5?LU3g`wyAi^yGh7%vXaOrKDZy6qX`<_{N`
z8zMsV_Ek-i<Q1pv4okx-9&alFuvtW&!UJfGW<v2Q^A~(6DfZ@uJv?b@>F@iMqDbrE
zhCf<HT+XrHEGE#N@Lh&W!C60s5c96a;x;w-Jx#}4aRGN2@Goa0N0(x=h$dTW8S*tf
z^~pD&&hF1zX@AJxS@lXo?kt`elP)GikO`z2)ZH61rg@*InC<clhgO8pl)Z@>&?S0l
z2rfPbVr8iZjT~t^%feMfrGu=lU-pk5Hm?`gj?9ZT`Q2IpVcGxO=dfHTqxEzYK(cfj
z^*vf=U3c(<9ZJyWLabIfKG0r2M-g>BgHVD)gMBzss><N?N;z!lg`SLj_(nbX_zWJV
z=n>g)8R`CGS>?fzPIo@YBsBolWYXDfj3^a2_(y5@PUw;JOb;i@-O8JBE7fG7Ng9i0
zf#yc;2VRMWS%kJmp4B^mGa+Itai3Uo_ZBZ*Zue;dngD*jkIB7e`5P^XC~r*5XG@47
zi~J8Lef0PP*pgo%gO{=VhILQVQ3p@-ik8wd_q-czABS5$9eO)~|MY$QZv_wo8{>cC
z(AoY;$;<Zdl)UF^+Fx$gKQ%@}xC=n6G~q8W!9bO#_}U2*&M-zo2r!Yts~Y#)@k&~k
z`usPet`yIb&H)Ybc!%}k*oY}9Usa<QIedO1<Z1_&w@f3P?_uzc^ErB*d+ocexa_DO
z@EHJ}Y%u)c6Xk{~s*`-qW+;HHe7P_>vJ4Us1d#fir*m->PfwGkfh+XmoOE0JcU5o&
z#1Pa_vk?;!!^;R-AuDt~7m<aT@R^(|k5>HV{90I^G2d28*f`v@iEo2+Aa8NN<cSmg
z?c??^2WqE8l=AOune53VX&3c0=NLI2u(O+)VR8nwb{M!nnJWo5-I|`>_pEuTj0T()
z_I`=f4@K0cR^@;z#)TIT)iTQFp40$k4aS}=`at&3s$O$wTzS%N$>@y`f;XsW7(wOf
zAS23_@uyAIs-c?a{(#ehg5#*9-TNMdaAA1AWkHc^lq{^)ENe_CLh4{G7}YWdu|lD>
zi>C-Y^m~g(E1aF84pulytdDRIN71br8wRfoc_5-eLW&p7lZKc(a`Mv+q+z*|_f{Nj
zBU&_1^cU3_`vGHccP(UrcK^yvTNFtb_RQ9+n`oK{_7!)`oRp?n2lx5oyosX7Hv$lf
zy>>pdmA7d1yIq5%BG8yuX9=DJMD+nC#az>wX-MlGJkp!e!UXB@Y!6nVPSa&B*5}W<
z<E~{8;5AxSO;&>+MdMMO5Z)xY3Z(9^dDwoTCy8Btsp4qfG>Sx^$+P*U&@L-*_S|+}
z62(}&>A%ACi)Z6=iic=Rv7q}ZG&VqjgZdIjW3=6bTE&JK`n7Ib_Apd3s7PwL0t1U~
zfe5sXzy?L3Ho-#-gZg1H%~J&s<eH=pTOcYIAv9ELE%;H@4$N&Asjda|&C!?osaG3J
z*Tva#01u$B!UoYJlmasm*y$va!dZY=LN8&P42ac<7e`A2T>lSqZys;iRn>{h$JUUC
zXd@U<F+9d3Lfv=Id`_8^LPCN<5GsiR#q?73DygJWuXyiO2Ee9~NpOHhL2X1ZDuRUR
zLqkJ@{FI<HwlXNFINQ>If`TIspug|ld#!W#Is2@&&nb(0;~!GFb?WT1_FnV)uC<@}
z^n3l#8_)f3`BVPtLpNQ0*WZ2V#^#&9>SIs+m*da>_@jT|`~Up8_dWZI7v1_p&wKP;
z9`RQnzW;y8uDj>IUiZTNJ1_X97ah56^D`fR`}OCX`+;wM+lk9Rbk9fL_xhtx`kN;n
ze*HPkzrAStL+`lc<B#}E^`^VL<(yZXb?CXT`mz6c_ALF_J04Vj__tsD{I}lg@wYzn
zS3dW?w>|7$KYr5%fBCX!f8+nVYUk&-zVR;(zUVdQp8dM(f97siz2o*T-2G`!`RLkn
z%ZH&G=+U!tfB0!X@xa$zd(}hE`oO(j{mz{m-uvdSD?fJK@Ba3WJm)Jv{B{5RYhU~D
z7oT{*XXdwEf7bW>-~(QF_y7C{CocKydms3wA1hyb%P0Qz9q+yRDfj*Qhu`m&@4n{~
z9{$V=p1%FQhkW4SZ++s=e&`9G_{AIV^WDGonz!A4@-ff)%5(1hUH^35+wOPpeRp}|
z*&n>_qn~}mKV(1s;}>4_r90pKvu}IwLoUATZvX4s-~HwnY+ir;hd=eSmw)2>UiIMv
zPnrGuJziBj{?iZn(hJ}DL$~bv;4k0nx8D8EKYRTTAAj|+_n-IvkG*~S^|$=kWv_k9
z#o0@4y#3y<NbmOG^N+szp0~dJ3%~T4!_WHn2i)oH@A>y5mtFLQv!3yoPrl=Q&Cy5v
z+#`PSS1)<r*1x~%wfmp&n?JVqyr+KQ$f?`j{>ML>y!XGK{n79E_P@LE`Op0Hp^N_H
zO;<nm_y^DV`12n9q)*)blK=G7PkrC#e)#`>@VWP>zx%4oUwqenKl0DN@{;@9{VkWi
z>fR5|e&Sv87v1&pul}wF?%w}vKKID%XFhuD6_;+#p78vyc)_c``(c0ixuf6u4{s>H
z^?%QQ>QC;x_QLnx{*Wt9Jo9~j^lNYYz513{oqX`MAA8pSdBz26>+gQ(kKXwHmtA|!
z`;Y(b13!AFZ~OcY{OUiRwN+k!#rE?*`OAOzO^<!cm6zW0_0Ran5AL5|_wsM~-QRoX
z8=iRZjX!+<*FOL6zU})z`Lp$v&w2I_opbgd|HN-R@vKig_JM1M?*I9H-}K>IKmL{Z
z!|(jc=bhMn@lW3Vkl+8clS%%j8}I+E|MH-_{nZy=e&{)u{>{@r@Sfkf*X;ZM@zH;K
z)!%>Nn=bmuJD+ydr{DDXqc7O`pHF+#r=RkId;i%-ZvIHqy#MvT^}6Ic@AucQ+<n_4
z{`Q}L^v&P+%#FuxHc$T6vmSWASAOO<@A`&U?!Mvj*IfSC`~2ZWFD>8p`;YtHPu8FO
zyI0@-+CTcz`!CGj_iwNNi%(^5{p)*u=ifCS`oO83mtVQ}&=+m)o_Nr2-2M+YfBpx)
zaO*R^<1hd3$Ip7?PyXC%_TToR7ykH#&$!DUzvLHw@YYMN_`&!5*f0F2_dN5JKl_$T
zzHpy!x#+b|t`0w^_}b6@!M=Cj2SM2{U;p8M8ZbI7raUPMFDR>ra&z^lwyj^i^71SG
zV2*+J-}~9u{c`?24}8`uu6Wq5Uv}u#_x+nkeeEmHy~o4fcijzldB8h=^7Eg0@cSQq
zm*=LxefO8{`{7T$;Z=Wp;B)_S?ww!r9l!ta&%GOC_RhZTYi|AUqkrjPkG;pmkNCq^
zKL3ITJoe?^f6k}RdD}-0eev9n?EA{U|K>OS=>u+h$TuFTpYz3YPW{F`zW$~M-sv?5
zKJg9vpZl|4JnPnb{K5r4^OC3Bdi!5|{9d=d<X<j3>(lvV)oTy`>#M%<{L7#AiHpDf
ziqF2_kM8^8U;Ftde#4FXe*YUT{i(Yge(J49ZrHr_Wmi4%Wl#FOpM2b>pZ^zk{io-?
z^m~5xo)4;Tef(EH`9J?zee$0_^~k;Yy5m3dKbrsgk)79l%a6}*xa~fF`hW-hTX~=N
z7n|q2=3c*c+e5Cr;$81M_fwzw{9E!T{>t&gx4rf^zT&{g?)|P;pYt<kKl`2Yb9Rn?
z>-XG#*}iAJ@Z49t^HU%C^&hy?4_)>ZkH6$OZ@%n7&-=w+P2T+rfBl@FfATkd)ssK*
z{>OjaPd_<%{JFP(%jZ7&HMcyY{^T$2{8RQvS6uaoyS(+%|5JVB-p~7sD}M9$>kHm=
z_Ir*Ne^S5d!P~RXyzI@}_kG1B&;Iu-Z~V>2zwO4SKlzFSfBx%F_^12*`p#Q7{@16H
z8-C->zxRh{|J94$__VM3!`&}k@V{qY{I0+K{uh4z2Os&^-<|*X)&-B>`p07*`qcBD
z`CtFr+rRpcn>!u+=o`QJ#uJw$&%XXGPtM=?Rj+x`zO&x=wLkX_-*M5aKKs%?`Lnyf
z=2<7+@PTXp^hYnc=HS=gvib5`-gwJ<f8m3-{m!F*<>b5G^HaZm+uct7%Ky0ep<jB+
zzdhj2zw{H&J@@RN{<iHG{o@~P{?aqgfAZVEbjiLy{miq!?b%=Y?SFXQ6Q272ZvMRw
zCx2Lc&$YMx{V(42>+bv`-}dw0cg@#*$K#&*z~_JJ&mV>{QJ;9mFW>mgSG@UU+3&pg
zJ)irxTdGf2pZ}X91MN?hWlEDpF6Sk;KY8;3uDs>s*2ZHtui4tTeCx=u&4+E@yne{=
zcF`2;b)G(HZR6nf-saxc`W#Q~Y@OI!x3xn2ytTW1YUl9QF47W@+1WmP#n#@TjmKPa
z>H5Z%TQ~3F-#z^1z00n!|1`03v9@vPHvV~HM=Y)#IIy<y&=V)N_jV7tS!Pe#xEOzp
z1$Ni%qyqB<<k6+Y7m4s?e6PL4_8@()yS%pZy>_bhnw@HNaLvszT1#v~W-Ya7wYAhy
zY>TZ2*IaqkBhUe3JPQ4ZEX$xUq3`4)ai8m*N$SY4C5VG-uIRAl?gm}U90%Ab6ZkuK
zTAACF%tB_@Y|aXQ=iXv37d*J;t`l6d?dSL}_m<pZgw}HRmfXE1cW=q<h^RGtjoHC9
zcX8R8>y2G292*txEroka;oefXw-oLz_PQkebN4MSFjy-c#ie^o>E2Shx0LQJrF%>1
z-eS9m4z9Vrp|#2#bLHMrxwlmAEtPwV?Myhh=6Vs<++_=Em7}O~-(ro(!8K<#)@t{b
z+P$TAZ?R+D@re5t2S{G4-CJt+md1Tc<G#htFFv^DCKj(X?k$jI0I}8@_m;*{)VQ};
z&?VT|;VkjL?mdYcg^K@n-;>PUtCG2US2A}m!#yze-O1d&F0tbZ@jfTj_+NS-$$esx
zV&?DZefExe^WXG77Aux3Cs>~FxIsmp@FYH_VHwhsI)P>dLF&Sj9*mTBn_}e}#L+h=
zDQyyoS3>fYkbos5VF`&?LNW#jhkGAMSwdo#kenqXXbDMLLZX(CtR*CDNG!Yekhmoz
zZwU!pLK2sd$R#9m2?<?7QkRg}B_wz7jof=l@)8oggk&!v;Y&#R5)!|J<S!usOh^I~
z62XLIFd-pKND31Y!-V88Awfi9z<mdaVnVW*kT51BjR}ckLh_i9Kqe%S35jGvGMSK2
zCM1;!iDg1^nUG*6B$)|`W<s)=kZ>j>oe7C&Lh_lAfF>lN35jSzGMbQ(rX-{(3290~
znv#&FB%~<`X-Yzxl8~k(q$vq$N<x~FkftQ0DG6yxLYk70rX-{(3290~nzHp{^Vixx
zdmf(fCL}rw<DObsp)&U}q&Fj>bha;Bs1x=_Qj*e?q%<WdO-V{qlG2o<G$kobNlH_a
z(v+k$B`HlwN>h^3l%zBzDNRXAQ<Bn@q%<WdO-V{qlG2o<G$kobNlH_aQp~lt(vXsr
zrX-~)Noh(_nv#^JB&8`yX-ZO>l9Z+-r71~iN>ZAVl%^!5DM@KcQks&KrX-~)Noh(_
znv#^JB&8`yX-ZO>l9Z+-r71~iN>ZAVl%^!5DM@KcQks&KrX-~)Noh(_nv#^JB&8`y
zX-ZO>l9Z+-r71~iN>ZAVl%^!58A)kIQks#JW+bH<Noht>nvs-dB&8WiX+~0-k(6d6
zr5Q<SMpBxQlx8HQ8A)kIQks#JW+bH<Noht>nvt8Dk!)sU&@yMmJn2nIbQaQ^Sy@@4
z^yVa#PI_|^P0#jb?5wuls*{3@{Z)2Y*<)pwm3>x{(u|}uBPq>DN;8tujHEOpDa}Yq
zGm_Gbq%<Qb1q#zjV@6V%k(6d6r5Q<SMpBxQlx8HQ8A)kIQks#JW+bH<Noht>nvs-d
zB&8WiX+~0-k(6d6r5Q<SMpBxQlx8HQ8A)kIQks#JW+bH<Noht>nvs-dB&8WiX+~0-
zk(6d6r5Q<SMpBxQlx8HQ8A)kIQks#JW+bH<Noht>nvs-dB&8WiX+~0-la%Hpr8!Ay
zPEwkal;$L*IZ0_wQks*L<|L&#Noh_}nv;~~B&9h?X--m_la%Hpr8!AyPEwkal;$L*
zIZ0_wQks*L=HzSUB%3)IwA@)SPkJ*ForUz~R#uiMy#;NWliq^1&XeApq%<cf%}Gjg
zlG2={H0RKgV@nP$Il64aOXu<C9AI*U$ss1km?Wh+Noh_}nv;~~B&9h?X--m_la%Hp
zr8!AyPEwkal;$L*IZ0_wQks*L<|L&#Noh_}nv;~~B&9h?X--m_la%Hpr8!AyPEwka
zl;$L*IZ0_wQks*L<|L&#Noh_}nv;~~B&9h?X--m_la%Hpr8!AyPEwkal;$L*IZ0_w
zQks*L<|L&#Noh_}T9A|$B&7vOX+ct2kdziAr3Fc8;iS~#{+#T=g8K_AvCHIs5_#f&
z5`2&Q3(^$@>59VX3Xh6{w2M!Li7A&!MaO?GLjSoSja87wDoA4$q_K*?uP8|8c~mXi
zuP8{-(Aki>@y~|*ih}s4An(5*ja4{}<)2lcZwsrvmU&jB?uaT<dOlU8Hw)661?kO#
zyqm)5O`j^#yxv(^9lA`aNC^{Fq>6p2NP8Egy$h$keJV)bdsJ9WzDz1e#S;~z=sQ%n
z1Ybcmq#zqokPRuwh7@E&3bG-EvmrjUWSu-}tvy*LwPaw3S~4>}wPeW(vSbBWvVts`
zyTlfGT(V>ZS+asGS>Y_1Pc_*}k7{exmPs|4L86+Bp-(m0(}L`2LH4vDds;Yq>QhA)
z*`vzZ)+JKq?#|)@30<1yS4ax7>IGT#f~<N$R=spq-KUEDf(2EjweZWNip-WftCEbD
zcUCB%*$A$r2%scq*4@y9+5klWCE4hbB7l;tdP!EjqzIrScfj3`Vg9|#4wqyNOBVrn
zyHt|5<L#2Qt;^gcQk=9)<SzTWMD77yD6m#iHmxLUSW?Jdl07ZSo|a@!OR}dluzal~
z!(5U{E-3;i$qtni0hDCP+<0T`CRwtQELlkrKuIRCBx6{*2*BUvMM9qnkfpUJ%iLvB
z>9otF*!^856Ihb*D=7{sNz<1Uhm;hDlw?CnvLPkekkZ)@pL(*H9*<djvP|m96cF`f
z5Pa$>8Y)S{mo6IesUYL(QDN=LGN~ZdPE?SB_o*ODR+1$v$&!^6la*vLOEQ)v#bhN}
zfYQZeKGkF^J*ureSt8XmuZ3!36@_g+)npP&GKM8Zh9y~mk|M*BY)DBqq$C?sIve6s
zO}27Db!DT(Wl~Kl-<@?uir=HUqWH8T8&Z)CsmO*@lnSYw4e_X}DAM()v-V_})R8SD
z>L{G^sUu5PQAk^nC9BAiRg}xBoQd_RBb(?^XSMG#sUw3!)KTKer;bA0iY!@0mdrJ1
zqQp;@tRhQRIZNhKNjW-?N^8}YNhKw^h{{Fy!&NV8DO#(@o>pW}D~b#&vZoc<(~9hA
zMfS9E_SC0(5k!+6t*pDSOsdK35!Gb;{IjLJUPbn_B70hqJ*~)|R%A~d+WeqTCB>TF
z*;?DWOe)C?5|xx1^r<8VqN40#Mb@#RptExJ)TfGKOOGmRl$S{rnK`105|BPsWbG=-
zaaLqcE3&5*+0%;bse{5nUdf(T&Yt>IFI)}gSZl<WNi~^4qMD4MPc>OPOf$F9NJaLv
zB70gnd+JlQa6OnRYg?B{RZW45qpBuj=u<_JVNLnonjD9k^1YZ7XQ=h5BEMk4p|!QG
z%cP3zJW)kqo<~(pR=uXkuy$^OM@3D3fJcS3h|8pcj5AR|QLs-1S@oK%dhM*bPX$G^
z9u?MQSSl4RSw>WZb>W(9a82=PO;)`Q>SXo8!6A96mt7~TDad7N9BuxYkke9=yHZn>
zTsxcVpG{ErsI7%x=GjoFP1KMl;!{JuMNPg%O}<6#d<&l%@=82Tv#!iCsUg>Zs9B^|
z*^{a%g09K8sL8jeop0e&vq+yXr&&K^nbeTCK-5s=?Vk-fO*Lf<YVr(fN>SA0Th!!R
z)Z|;#<XhAftJls+=}_OYHB)cx?=q>UbSqK62qfFHB;TSY-=Zepq9)&>Cf}l_SiL6S
zqNZ5ACMTvQ_ob$!K<#X@zZ;bA_Bh*G_$BT}Lq^x_Mnk68=LL$@aoeEvJ!*1KYKqls
zvdJ~Y>NQ#QCdl_<h`W8mg4$-;`QC=?HBq|=MEUF+iq#vk(GA7w4O#Vuta?Mif8*Q%
z?@XH@U)xwqxy&;qvqw~t@$=5KA*<d{tlp42(2yh0Q1IW7Rcu^#)Tff7fA1`<ZCxgn
zlsqOX$vFB{l0(o?tll`Q=u<(_y+?($t;?i>LT#dgjADlhS0QL9_uWve-Z-o1Q$zlM
zM~$_u%cQ1LrES70Z9{HBLk>YhNr{H6VndO2L-w=@s<;jL2_BWpuHrUi4(ZIuDEenc
z8Tf`$5e?bX#@SQ<%oeT$*~7-#)@7bqC-dGc!r@jYl2vcWsyCE+Xo3uUL;iqwHp|Yy
zH=PW8vj~G*YRIZLWYrt8>J3@-hOBx+R=pvs-jG#qf((2UWZ;`+XW-Gv<7}&AN&Kg4
zitu@otZzd(gNE#SLw3C(yWWspZ^*9W$^>h*8?x(ow@pI$OuX=+h>7u#iQSjT#pq#j
z{t55EB0S}j$47Dh5?Ocr;)uf^oL`F9xD*Tiz)evU@#B|%J_7&DExKTMJY^PHD&-XI
zG38_zy|c$hF?nR^(dxzIk*&us4m6EFIHK?e?)xGa0>5zQ7g<jH!fz&Pi{>%=W{*Fx
zy!&VVHd%YU)NLZu!rQc{c`g`)ve%%2`GTx2TH%;4C>q5t)Oa)}qm5s9<H$zg7v?y!
zd-#RlOqLJLb$xll@^0h({j!E|sryC2AMe*9JG|I03X4Gl^9AM1@eA_>*+4W8hI~Qp
zf={Qlrc0%>6Ah!cF;JcObS95XA%0=<f)E#f7oOg-gIu&`I{D_)BWu=C3KZvpWG0Vn
zB7R}=oK@@ya}cy*v88K!%7im{i_mhxoa71M>zF)>{PBw=uR|4?cb^rlrCcg2lC5p2
za;MNaG&0lZxn<Sj40VSXvh5x*FjY%7OWY+)#9-5{AK??zHX1`M+P_2xF_|1lk@>}^
z3TA}gz;1@?JYMDzanCYSwXke0<0b4cEc%|wH$h{xC9gvjIUN33+3<X+RFQ#as>sZD
z&Ward*LrQbx7lGx*kPa^=q`CJ54VSAeTSuzM|PdbBkSHFkCFs9GcxOKLw4Jd-L_;W
zF4FGM834cWCPVsC>7+Q5=_Cu@p_9Fqwm-aW5Kq`^X<NkG9`UwGyzLTi+r-;G@wQRC
z?G$fY#oJ!-gdK*qTfA)-Z~MimVZ5`s<b3%uV%?FYZf>XIo^bzpXLBk3g_0nX({`^@
z`+A3}MdF|pjb#_yL57o0W*LftJ5*78i)YE?w7vAyOy8kukw9pvvcAYt&#G%kxtG2}
z6&d`bZR~G5``gz3wzt1+?r*#M+xGspzrStpZ#(?k7XP-#pPKwT`?c`Qc)wiB|1$TB
zhXD{5@Js-Izj)pN#>kMZ=7|INh4_MJ4&WDxa(L=MLSqMf%6XyzR%t0;Hp~si%*Ay~
zc~}a^r!#qE?C}ee7nH^EcW!%ps+L_Chh^?~|2(~*bDkXBbAvawf|M2yL%=UiIpBRk
zjLHL1d^&CBVX1sehJjCSQ7LY{F`mo-8kjr|?rAtfhbI?hgqA0*#au2`9i7ax9y+JT
zwweb;zz1XUT!x`T)uOD>QnhS&JAA_~Rg@R#P(}FwJWF8!&#k~OOrFaybjVwza$54N
zC$!W<ql^HvB6$lP^2p#PJVgV4VAaA70}ayXkhgH-TJmhpVyWbH{RE!J(IJl#1DJfo
zr^gNhkM+P`S<TrYZ;^0m$y>U^!1F-(^ak<?JYoa`otQk%Fz}QS{1qF9FvGwjOR!}v
zolDO!@Ej7NlgE*Cj*&AAJo6;sp(pqQlgGsXo_m6+R?gz!4-`Mq=#$P-hj|G%2xXa^
z%p+8I3l{dewHZ8x1v9#wcYr@Ic|pM+6g$=A9jqJ6vQ(-lA<tAT!qEj)?6vSv7=*e^
z9tZb47Y2Vt)c~FhgI|d4d6*J@v4s04%yVe`y|BK+Qum@8?q>txenv$S1o`C6W|VWs
zFIFdas3Lc&LzS^+OQniTKA$j^7JSj=c{Rvb@aegdM2DC#n0E7PmP!m6cqWGO0v%!q
z5`e4=%O2Tz{KDiphoMWJ(^39eS>Iu)<dLOk@)i|=g*0+qgopVcsl=Mom0CJfQC-ES
z%K8pVrHbkVOchlNI)}z}5gsjsv4wnkWase<pB_65JYNWZ70MoYMn2`%7g;LhWb&DE
zGW;FNDUQc{Mkdc?7&^zeNUyLD;AS5!m6%Su0kV`%uXl){@(TWvPmf>&_{Eafr79G;
zWp^8345pJFIwBtF)TN5TS)K!he`Lw)5EJwm;3;DxmU%=xSc-`u@53jCXHwzo$SI?#
zR6a30$O`|E`OVF!S}rl2z>kMqb%-If28NhYK*S@m@QWp{L)D_|qNU0@FiWM1JS;vU
zf<JVq;<^aW>%weSCXaJ1;m9sL<T%+sH0yvYl{`wNFnLrq=#a;*6A$h}NrB1ZTno?c
z!e6oMIrpP;o<X|;Y7$1vER|q#E|_3)F**b@nj`02OU`JHoY5RSObo@8K(*kCHxPBu
zA7kuhi!GPVt~3s$VR*0^Xb5F*f$3~zZ|S)fo{+|8MNUWOtT@-gQ`S(_V&-%nMTY~!
z6pNd>w$zj9x>r25twR;NPCWAs6*`K_XzE*sDssK>hW4zM?mF?*I6f=NkaVbG*NG?4
zq1;GO8PA}@FZT30<b}?Z8%ej+LnH5r$s<%ohdg$jcpx5%sFu7AG30UiXJtK+WfH@a
z^@tcAu;&xQ!}(DECC`w@^Wm4kGvv{J9#w8y-%_a}JO)#>@E+P=jHgnfm`xcG8oK8n
z5zQC$)wdhkw^U*%Q^Uk8e1!!uT&5~G;ls1`P@)g&I5cmtLzT__ESD<h!?sj88`WVv
zcAaSYVCQ7W(el}B=~<_un{{$?|E#fJoD653cz__F5~RLq7GZ~~FzZw-9a2(|&%-A}
zo=@jw7*fK61cCb?^&O59#NRmy^Uun9QA_2wZu+ShNIw;vb>e}70I^VDk6WRPAJ;i6
z^8b9QmY#LuVSs#A<nVOPinC5USP+OD$~y6ALHrVu7p9*I>qRZ~(8&2=@)kJMg@94j
z4e%niPA==zIV%G3`e$XmsHGA^J`WQ^Nu$nLF&dZ09Re%G*2$rJJ5*7v&8NzGQOl*O
z6I{?FLw`&lXrMwajXmtpKxsCg2AhCdDh*xi5YI2{oD5~qfLUYp&1hU2f7qdl{6CK>
zHw<x^RPi7~;y0dW=u_pUF9O)fBM0#ZOP)^*&w=a^V~qDwiRt$G@NmTrF<h|YiHx{^
zCU8%Aila}=(%W}Rs<iRREPR<(t?_h7+?_)TpyYxb&8+Mk(E^jqVP9!$cS}8@E&_=s
zK6Z|Xdx&^UB(4Ms+|!cWKL3c84m0AplYB%A7iMupociLKl^`Zap75MYpBS5GTk6S>
z3)d3kT<^}wu>ZybG;v8&5PtK}%?>d}{V$am^4yphLJ4(<;i_TD{#(f~Bbuby5uRW?
z2QH>sx_+a2AyYNr$nj85T$e@u8;$jZ`VRd!9trB7)zba9k_v!K)dDEIkRtZq!s(tM
zt7X(ytyvdvsr*KM8q+{|st&(#Hx<wL1Q^_TMF4}d`ljwI{9;e9!-161^UuoqMN6fV
z{28WmQ50L86=R)BYX1eqoyp^>ArJh-Us3GDBR}y==vyqxs_h9|XKb02(=<-LxwIN6
zz43%oTt!E+#{)a@3q`&>{1d-W+L_0H;upur_=Dw(&fycV$~$~FS#-Hu(DCAVlBdt)
z6&LI(F4*xLQ1nGu@_eeQMaqp2){O;SDpgc+BbMgLo*k;VU{^8LsdDZ|hnPjmZ9&Yk
z?OsKBBPNEtj}9^1$V9VAae1vP*ma0mlr39gY#wW=C(||JJb$x847psm-H`%&o>7Wl
zNVV{kQv5<u8P6%jFBEiET(GOSVCUwOBI>C);Zw20P_e_nlS1)KptPz5x~$#7r8^8f
z29w!g0GU%!Zy1_*SZPs5H-2HIMScf<VWmar8~nmbixEB*+v<vQEfphtDlSu1jPR+r
zOhtn`J3L6haGZC$gG(<{Rb<I|2N#)$*5L6BQ8YaTktEL>UC>}2aYBUKv2o${y1j9G
zcYWiL$Byi-A6la=cf8BFZBi}neoWk@Oc9d1vkUiNP<4V6`vv_y=b8)RZq8>GbXEm<
zEd^O&j`TV7bhGX;Kc9}hq+=_|#Iv1aJzkNXtVr#!3^8jlBUEJ2EAl4Xv`%yTv7^2w
zdflu={7zC{lW^9QcC3k?YH~2#+%Q~jOjf8N)!vX+Y$$$dNU^w?I(VMwa`Rar^KMLu
z`2(A=IfEMJEc|npjyZF+Yj-#QiYt4ryBfbNu0rP8OMCyXYX>#Yu-vs**S2@h@@22+
zA|j=h(iWk8g@566JKz0@E&|eteA_10<X`v;`NBycnMpZjr1}APCHIuCF$BJn)Foda
z2w)yR!|6M|Ymd-Tpo?$61Av8AXTBvkhk1rWFTNZN1#EH}`Fb*xdTA}bAPkj7Qb&AA
z77AIk8wFG0N+Vc;g#h__&NQ+T<9lV0ge37RT2GaR&?4tWijJ@9K+=VFjIXOeG)x4R
zY(@C)1w<*dD9aFBeE#Q*p66NdIDdK%j~9oDW<y1+k5)^!8&6u_xOn^2iM@5S!uZ9y
zR?U!>xp;GL^Z52PtZv*kZCtXoySKaUDBHMvYj5)i9$SYdbIUE%micer_CNgQz00oH
z+uYk)+xYIsT)v(hIKVpE9Gm~-Lr<L8-do!^xOI4M{SbWH8I%Va31_D70UZQ0^FL`e
z1JO@f+j!Xa&XKL1^+V<*bNu&1FT8N$ijAude&?F`f9GGjw|8>?#>U?E_VL}>v8}zM
zv+bR0HclQny0LTgFm4G-?!Sv=j%}aVmtJ7pgey*6y$2n;@u*`bu3vni*<AX<gVma)
zbU~;s3iIDKYj%^pzcmaeQdc&!W*zo#X7VFdJ%iJaLDMr7^9D#WTfdP?-`L;p&Mvxj
zih5STFegbfgXzZH?iunH0}D;sLkO#~bB0kw>g#F-LytQdX6Bwz=o4(iI>M$Iy0%7t
z)=f9vG{af$+d6V=Z+pic@39j{x9$1r-)2rq{5GhS8Itq3fMzy_jN^*K8Eg+yaWm-t
z(H|%99j@_|_snKy#qXj$OUjvPpT%f^8T=_+mou9;U*^y9guvdk-C;2ISw&gnbMRSN
zHG}0uxoHL&`||FV@j=Di!tK>YrT`wC84Ha|nvF66*lt!g*?;7_u0DLSs+BV|+EV<g
z28ULz<4)I^xwRWTLbGZe$j%uI==g8iIkmgDwYAV`$B!M}I<dR8&oIC8Va8n1hlQ%l
zPwpQKRGG!8ibPFUWtpJLtRar9vwT$+0A~mIpH*2?%xY8alXaQZ<&CrfDo^8fRHG+(
zEnIdwLzEU-s+N{g85KixX7IC0NVmby!C{!e5yoXYGc;NZu&SjhNu;$r-U~GdlSOM0
zS+TX|(ptt<5_yP}Xa$3V!X%$oS(h_hEi2L`@~dj%v2hUZlGb9fB1=hDKFFwan2?XF
z%wSg+$5rJs6gEY&3TX>f+f8KAQcPB4sa#r0HN{L;0p$%hiMg;$XGmU&WL3giHZl}B
zgUF(#n5@WBrL@!tlZlET9E*Ixga!QFV#sDX_fK3)*BOopX)PuzvXsOa0iu483CVHd
z(-IvgN0y|YZ2TQNE%wozCX{_Nx0J{js>(np3v0cOSk5_KWi><YL3X^{T9SshMbH>o
zv=pC~=;KAmQUe1fYo5<ce=aIamMpm97(XJ(RwilP0Djlu43aHcipkQKO2yOCRfapQ
zqDkS0F36f^GqmZ7WJ!k0R&pb!#Y-_+`cfiUHgzm6MW+Sy7VL0K7E%v0q(elqBx7Q;
z)8bn0w0J2ZE3%YKmhNWIX>s)6m{5)$EW>A#F|moE7+JIwlO+Z!ZYjy~+a$iY6rWa6
z&de1?BwK(x&QQA)PfOCeHUlZHMW;neF<FtNM6$-H3_x>dW}H8hRlw&}REA`?f(plg
z%HXA#tjJO#S))`&mLXzXkd<e%Mo}4(da~%)*lE#HOjcwmiL9V$s<VU4glRHEwy`~}
zES=32l_8m9Tk(mJMN2VRk)=ekbd}*E6SP|(EeNt)WP+{)qy=T!lFTtSMu`?kwrD9P
zE3%YG))+4X`RbYJ6=vC**RymmUt!f#F4-+xgo&IMFU4d<mXa)gfB_m}LbH)3-%e!Z
z4dSh2DCObElI)f(AjZg|rHHK9QX*NZ%5aQfGKCc?F}zfjBCRS@B`syE7a~<8#^?@3
z0&B5@<$Q(`sbouX$(GnUtGE`CMN2VRk)<SSY%96qQcM=*=a@0X{G4M9$(Go%nz$B`
zMN2VRk)=ekRE<FqE1I-tD7Ue8%8?bt=zsCFBwG@+6m(>Z$fBi~tjJO#S!ybSPm2<l
zd|G1W(w&xMODwuAc3QL)lNDJ?Buh<YFj?~yb%=#*A+?^$a$JaVJVs^EQcRY<R4$n<
z3j!2(kjToKIg)n^vgQercOnxOk}U}asSPk8FU4f(OUY!ZsSG9y)iQ%VASTS}2Dv+#
zEJ<ZpJcGD}PPQ^yipYvBB{89`6pKqSS!Idb-GZzN!Gf$Z3Q1)IFwddWqNSLu$WkI%
zV^l_lI!ukc5ua9xoakV&!>WuzQW>_$EN&s47A?hOMV1oDQdNdaAY)1va(8K)yTddo
z<nD&5(vB=qjz_2rUW>_!EG3a;aWCQylHJO(1Vzu3?N*kf_BmK=w`7%)$_N^+hM16+
zVzMGjNlMp(Q=(*{?wtZ?OThwQD=3<Zr&UVsr-eR=YY`LDQcPB4DUmGQ%W!EEObtZt
z4rIBsNtPg3NMy1^&QJprB8!${vLZ`KF^~mui91M|FhyA=2SSO-nwQAkiDXqG6RNok
zM;0%|Wa&$lk}U}k<{f@#vg!=EyOyl9$&tI0$r9HZp)yihipYvBB?SxNg&!TdoGJuh
z43+<dDg;&srGJ?&$#A)=IYi!|^P<I=u*h06VY;K?QVf_jjPzZrHBtlCk+nu8nJ#xj
zNsKUBiwTRYB@;GAZ(z<d5_k(vL`l7t^+qk}DA<g6@`Tr7!t}K&$xynxT*OUe5z9)X
z@D_ySB~o}IE7p>pch}B{ixDf*T1;4EElEqcJ8i_Zn6NZQ5^q5m^#5Ge9krzC!@F)e
z0!@U`T1;4EElJe_$EtA$IUJ1cBg-tK`>exJi+pceY{Xq8!U##ogo#K(x0Xzpt~{J=
z1`HR8yv2zn2@-iSD~ejtf_P(u(OOJcWG%_EBo<OFu0^bf3oVe!OV~Q&UJRu25-GJ&
zi(1iQh{eU+iSb%QSZpnsurZMe`V)YzSr7*ER%9Y!ji?oE>vW7TT8jzO*Q!OWXc6M#
zT6|(<jx^<hFat;_WWq$PXfLV|7o!uSwV1HTTB26;p^zb34cPXDZVBOPP$rAN4)I3Q
z@oJ(zwM`e|maGhWYkL{Q&my)!vH>|tplV$7fX*)DC`D9FBdSB&Kq4;Y*n-z0wur4I
zvxVyXl1)LsB>)>OT&PM@;45XqM4O_c5s5HbiwTRYB{GtZF{Be?;2)ouh?lkotP$0r
z?dpr17_Y^IMb?rD(~Eh|Shg@j$BGf?Un3ez+jtWr47wI)$3>giS~6j(j^Ps{@E@I6
z1ZUWY#?m%P#R!`OG;CzT)VP^s43h#TAPpPQfZ5K+7-5s3h6-W2@*q}ZtRb;t1OPY}
zRn?aPZ8#Twj$i^v$FFB*BoH7oqYeVZwafyz5zSeed3B1B(T$`(%GhEuX`>VfV-D%m
zbj%?la*;GOekRf;p$?Hm5f>Y!LMGu3aSN)rn(71-X_JtL8fmH$ahW5`h_cYb7KN<?
z0-<?C($thakv0i^sF9|t5rU^M{*Zw4Iw%m?4T-cfk3dvN`!Zk<k>3zW8=*#~p%9U{
z5f>YyM%peWr$!<;L}XLM)kdfhUW_zkbTOH<F=_<;+!L^fNZyE~jZh=J7?XzWRDh4#
zsi|s&>>7gv$*vVTNDy}pi=>TEBfJ=s7F$g85A4JO(eq)_CSelM6DW~(=23~bh+16C
zi_XLFn@O95OGIu;Ty2aRnS@N#NE@X_7@J6HL<bC_nO`Jrj2fAQPQ>lu;$mae2!jS$
z)^yMyuKN{N8=*#cF_yL1VlruC)QE8t#$yz5=dVcG2sOfs5or;WqIPOyypg;@->Cs%
zIBx`_@sZjTAv3soS0YV^Dmq7t7h}>QizT8F)v=1CMi_%h44LZ~Ok77Rk~Tt(@M26_
zY%x(o>Uc#aZ4%@Ya6^%_5o(0-rA(R*`a}X&Tx^sYnFRX;+ls4=Q6rOppST5ATx^sY
zVd$q*{t@UW2Cs;#jZq_$z@Hjvx*Bo05$;=OS<^9@xTsYkO@}X%8kqzDRY=qEi!5uC
zAfUL#R3vST8kqzF#Uvhau`%8VV>9{GbZjQBA{AE~p+<NyRwI$c6w=115yoc{X%T!T
zE*lj|8=*#cF(NIxn5ZFjEF&=_#wJaGgW|SMk+czNgcoDdbU-MERfvn}YQ*J6T1cq#
zMlb<JgM?x~q}6mtqf;Zi7?T!TOe9UmH1eqtE|eKk$7*6&ib&cBH8Kqtin~F@#YU+S
zhK4%37J-K13QKXdF=}KII8-BTlp0}pD3PXPHZg=vByEfunFJ8kNYlL$k~M~ilC0^t
zO$=faNgJa^CV@mX(sVUK2%AYTQ4}o%(%is2F%#p|$TXlR=GcjgjmeELev{Nl1iy)k
z5yjO;s1aU_G-Px!nKWIE5U7$6oD_;i(4v_7Cz3WojW9NqNz>t?+NtSkgh-o&7sVVy
zk+czNgu$synhqG%NE@R@7{$q_rlUA9kWnOUgc{++n6%hpl3h#fY-~}m$z-RKFr%0(
zDUqh*9Z8K$0*&InNpZ1JYGe{>6jut0tBp}3lVGD7X`|E#VL6#0bu1^Qe~P4yQ6rOp
zqZ(<t8X>zj2|0@E21U}wsF6v~QH?ZRjX2U6&q;PIg6G79R*|$3YJ?XfH4<A)k+m`2
z$TajQCd^8t`N+qxc;eIuFUF+l@KM|lC@!X}5ogyhJ;LEfoezl#<{Ew!Gjqk&MyL^9
zj7f_vCX?o=kq|+e+VRt58$twWs)HJ*BS_^vQJHI12+~x?K9cEVR40jZ1l5U40VT%J
z(T|Sjc`;&)=wc#c=;%i#jWMJyB#dB4aaW*7n#YEcI5S|CNz*~3ia6`|M~3dv)Lo46
zo?-N`4(!C3YmqY5n7Konh9cD{Q*9X?S_>mZxeFt>BhXIVyeE>T8Z#no5{^_OO|@lw
zXbdE^hZez+VgR{FnW}DxvPnQvg)$ui$%n>BQaZHAAW5+~H`OtaMA{@MDen7|_ECpG
z626U~q%FQJf+a0Qm8H*JB+@2Mu9QhrJ!0lZ#*#XpAO`O&MR&*Evm(Z5MB1e3mD;K4
zTEw|KJouYJi^xz(OzRhUWQ-P>h9xaUKSCeC$g(yKOInIn&E8oMJGE(8QkgUz0?DLJ
znq!Hp!=zKwF_6TN)3BtaXhZcuj6@m_m?Sp~vrn{Hmbf-SByEH*!i$kF5?f3mO;;l>
zAY^zakro*;iF+SJ(ndHVycm%dT};%F`aniLwMjEAachT2+6Xl=5lbr0Oi1;ij7-`z
zENLYwEgb{tWNjjrv=S|i4uNFSCe60Q%_`EV>9ZM$G+K-qGJ++oL`$O&XC#vi#Fv|I
z=}dN^51qulE+T1T)X1a>m&j*`i;Yqv)3BuCM1#~`UKX)yXnwW>HTl%^DVK>j(je7`
zG%`a@!;;pb($eQN5<^bIk}9O>F^yCH4DV#+AAxt)qK33rltoUB7voclEhbtT9Rf+G
zX0~$zmQ)<r;BMoJkv3`KWg?EfNXJcVWGpG++amDJT9j-Z1L+uYB9>H~50M79{0=q9
zF}#x)GKM9sMdd$gZsVlkp@~A89@LPmO~aCkV;j;@vl}N35Y<T2)rgDN_=+Ej*W@dH
zY*%z54sJ+;3nM!`LJT<#ODaxoNOcG#tC49~(neJNItG$Rn}#J-NK@1NOxmPTqDdp_
z<1up_8MsQyU%qk4v4}$27;gk)UnYzbO~lCx>6lrLycm<F4-`!l(#EI}hIg`tjKDj^
zUhGuIKstux#hA3nVhU-x8gUwu;hjWU4Bpv@L5;n7GGelMF(NItm`s`ufh1XDcqfw<
zfp?07BXEgYyz!eCW6~mvDWr{2BMk3k(jxFqadZTRtdAgV(tuG#)^NR`GIgF$Z5ozT
z93BDanzkCr8ZE}B76Gm*r#4EBOu~`^peIF#&4}Cx&opJy^g*M535bi0QX`Bdb>)o6
zsL@oMACck`IfX~))TUucMba{RbFHYem?0TUN~Gyn(o`I>kj=-akx5um40jbyEyD~p
zWgm$&hIb+jXDWxd=~x>%iu*Uk)kdfhUW^$swwO%X7&XH1P9iM=?@Yx>1lg!*kCO(E
zrs6~gchz)^AsODur0MX^R2&X~Il3B;I9cPx=+q*>RgJVUYJ}mPOqvewOvND!xMFk!
zX_JPJDx~QUNR~C8KI&u*DQ9i^C_tQ&tc{xaNQ?2Q#TJviy3D`pImB^LinYa(x)f`w
z&jd}yAq&~4sgIMeq}r*CQX`YFq^UR@z}+1$N;b*bBrK^$n(mDdZhI1z6cbBDh8&|t
zCSgf6(nhI~Nmx=`{3nt&MvY9ulBVLYicE(<lB_YjlhQsBcxNikJ;?l7lA&ZfhUCRa
zjYJodQq^W!yXK7$;F2ei65vvYcc$X}hz!?BD60`^lSYwhr>3eA2Z>>HCqrT)SkhFS
zACc)JK8dtR!$>vKJT($xNi%=kW{4$4{Gpw~bS$ZqQOA({_(Cv%6{=hbA_r6rE394?
zL$fg-df|l|S8QB$@H^Mc|2zNMy}gtBH#Wpu?Nj;U@hnrhki?ncog~f?cxNh3-@q-O
z+9o*0;KfLsql<~+oT;HTIXn#Sq#Q*AOPY$)H?lEPAbBw+O~;a^;`EIya^bW~nlZkU
zNz=iksW>$v8#M=#fU8VeWHE&_)tC`OwqR01xan7)V{o}-I&~DJV@O_%NQ)p>Q*nw3
zx^gw{XVMr<N~Gymk^?F)lBOygB5e|yR3mMS8kshiG!+MnWTUR1o`fdVNYm8_;SzZ=
zDV>^*CQZe`BH5@bs3)OGHPTd{m^3603neuYL6f36Lu5$RDJF)TgeFbJDJGc?f@IPr
zO(spn!6KQCf+W%=p-C0ebPyzyHVI9dW>R%B(@~H_+9Wh7`d1_tDMqOgMw61P>61xQ
zaj*!=6Pi9I(k7uvHPXhY5e9fNyje$+rs80cOh-XF(s(hpYq7;dBU+46BMk5)H4*`M
zrs80cOh-WyX>=7kkrrJ{CQbK7oTJ46PbN*jwj6mViT!mHB#}1hj`UO<2b1X_Nb*J)
z;7JS_xg|Xn2a9An3X({hbWeIJ4rnpgg({)7i*|WdC`Y@I$)u?`SR@;DP4y%+sYco;
zH8KfJnu>!(P%hRsl1^<Bnp7iglp2|YCQZe`BH5Vhs;8kz(c~lwwys8;4>|4D^i&)y
zlIbW&I<-k?QiZf}gCHl}oR0fJq>a>3kdCxzXwp=iVuJg4HSTw6#4KsSqyWIwxVJ*R
zI~_F#k+2cI2(Lv}ExMQ(8tM>8QvD3?bgih7v7{IaB2qR&hwxfVnT}i4j!f4fPS9E?
zsqNQ{AW2hk@&<518h;QoPC}BV;sldS2SD<fF_P3#rq2mY#px884uB-eCILxPamq)g
z;~y!WX@R7!Fc|@ors8yp47Xt_z5$Uo2}r7urfLu-je(>@ntn-qDo&@!^sB6iv`Iix
z+_Wx<wT^#e(ilieq#<I%fI{g$I@Hz0)y621Nkd6d+7=fZr9>D=>O@V4cBW#pa#oK~
zB9ms4recRVpo|*xJB!B1PTcuwESe7NOvRROyhdBgaU-wAdOx<9m^jeEkE9(L*y$`<
z1lO609p9OLtu;|L>2`YM$aL%@$r<B186u_QI?+ibvAzy|B+@3`P@jtJ<(ZCsWYYMK
zdZ$7n14&b{=QY!>w<gjifk;!a2RqZTkIat@BDE?ca!oxTPU4}BP$ARik>WaKaWPee
zFlC^~URCcX(@~wN*j}6K&__BmT8nf@WcDfgs07NO=`@AK>^KcVDt5e@>t~~WNHz&V
zs*$GqA<ivsZ>)ER7D14TU7`7WL@2{+@u9^QlN46210RVU8PrLNKZ5BL`-b!R2rq=!
zV#;ER$&`)pLRtW+J+l~oRO|`Ofvb&jBd<l2MHiF&t6YaY@|p20Qb$<?J}Pz%=Q`}s
zsgQ~AQL+0PcP(q%NGfC^d{pcj&UM%$kv0uJs*t9u5SIz(>7a~^jUYP3#xeASX&XtT
zO@oh$4S2bJ+conek0N#a7(tJU9Y}dHMu$v8kBXgKxqjU>^CP22ori_ei*|o~Dz@q5
z`i0kYXw%T6V!KnWUwF-=F?y6p(<hMv*e>}7I_fb;#iuIQfj*r9dd|1k0(LUPR1_)N
z1!iAdZIl{e_$bk)Un~!UE3T${B1GFH{HR8ou1B0J!jMj9up@|0z`sS(bT#5g<Hg9X
zMOTyjaCEL}N{d*M$AglJOb~P{H`xPhF4Cqe5~6JqfHV`4;kgf^41u^z8xJFOEExfi
zW+FB=*C%|ExG`Rp&&^<&ibNDQ5oDaFUPu!nNOOPOW{4oobxh-Q1gR*eI-YS=(@1k2
z_(+_=pibiY2&gj?p~bkdNs}?+3|@^mBf6TXh;`&6)5haS9oI)7q=@MxiOxJe3}uXI
zn{=stCSq}O9r{SLwHQ*OO^0;?t}oH1V;_k&UX9N!wwjcr$n^=3OdC`$oRW3o$q23!
zczuyJ)ub_Pv>MSCT}`xUI{1-kV-%@7x5!M=Ohl39kr9y2%9N8}r0BB{cT%-!OxvWP
zq?w4d%=0n2gh8u(Zu$sRv_6QmsUbGg#yC<sHyuZsiC|0I7&t;t!d%X3oG{ZCTTL`g
zI{uMq<FTY*8f3pBKvFbkOFO9pAX(lfAxSe4+nMVCNT!XEq(mDEh)tD?zKDoP%yk4L
z(>4i8iXInnCsqHLX=5lU(Uw-Td85!K>d8X&kD0bfSW=C)QM!b&q(qyJCCx-sVy<H#
znYKw_Qgq9R=Qc){FuoI0?yS7&_)avih^vj!CA=EzlGth@Z8`{&c(O&4I@%%t&rAgG
z0SYogPx5L+TXZ!s^QogCDbv)#NdW|av5(w6pNZ(bT!%ptPx5L^8#c7iG?z@9s!LpL
zxrLM3+HwR<ijtMYk&#i5paJO^UW_TjOg!bHd(@4@)pSil=sg}zYV(5;G-)P+_wvXn
zNFr?#oKz!CS0qFl!$}=!`fO4(=ZO0_N{>u}lPaX?C`gtyhLbwd^l_n?h)c|M6eNq<
zq~W9*X==ufN#o(9jx_zAd-NSir>3JInY2l8QjIiKix6py@O0_HLLV2JiO|Gc$3YTl
zycnyI*lMC0fl5+pY)l&CN$sgcAfD)Q5>IVRY-3XL2E0n7MOPDbzm9}t(h$?wi|!q1
zI>r+%RU&C))W|eMX(r+>a~%rFq!G%~F=PZ$nu)l}T!%t3Lr#K}YNV-Z#93^<dY;f=
zI-(TKV$z{SCP6y0#)~mOMpjb}ZIl)vlqVfpj!`#_h)o1KM<i`bSi|^LCM~j>LfR-T
z!jMuYYC576eQ+XaqqN8*NU6q;W1JBl7fPq5BT6&zzO!71Lb9k$f|M$x>0n6KB2yrx
znRu;Lu7e?&v`Ls!G!#laqN5?57Ga#{C`>6j{KU1!WLkMK7BwAIs!^tD5u%K6o{q8z
zrZf|gxw(#oq%&gxD^V6(O@vd!(2sCMT2QG~BAJdUMT4JsXk(NJFUF+BRujFfW{eVP
zCzCqT^ueTP@DoWJ<BITNOj>L;$<P!!8j|>tF{L)bj$ldwrWGhFbTB0I<D|i)Xv-8=
z8{vuYs8EtL9a9Q+64x4~L%<jYz{+P9TTP}+)gh$#8RzM2T4XF~CZdiD9Sq5bHVIU!
z9oi@*!gEQTr0F<Mv;v8zHcE+1noElQK5;cqiG+v%G-@u?XNU+W^Z|j>5do4pEOeCI
zst^H%j;C{<Ww24e%fNa9E*vS)OF?eoW9bHt$w$8p9Fsm<Zu&8a6C(?Ku-wYdNuNMx
zKZ~)dbu)vXhqeHuP(?(Wh#o5Z3w=XmgR%Y10zHQU5c1?QdTz?}Gt9bd<mqRHj@Zf(
z*kp_E%5syAm%q#2Pk_F1NvWisz8v6IA7M4Xt!H{rod}vM?wFJ6a6{HY>4rQsU8{)5
zx<W^EVa5wkp6eym@^BHv3|&*DUO5y&2!)R70-j)o^Wek?8gplGaC1E|qAaGfpbxGZ
zU_l+ja~cX$@~aCSzq2xhsbBSqqRtE!nY+u8<}-W}O9qPlNElEOWq8giIrSWAiWUKo
zg%0w;UCis;K868^vvNHWR>)1Eg+JbGKnMDWoB;;Zfgh*AfMSrKgFaTqfI2$FeHM9E
zjwK?Vm58$}{MlFo2jxRKh7QVekR@Ghd<iffd4M(UJI{t@ozks8l2O&s0xLTx9aaET
zw{a!dgpgK`m=Liwr-+~m5WAu?gE0)ajbVmzO$@^z*4_&pRe*t%GuTf?6_9m|VHm`^
zL7@*<%BmCqHbm(_N+6B^rga9$ZloY6-qu#=umXcOho$HAA_mI=J{oI~S5D2d#i5K4
zi?IKl0bvOOBM!J+e*x5DVN3?(*`J0qAkX^PozqafVo0Y~n^z{!kt+(Fi1Bz|60sN%
zToy6CE{!2Evt*$>;CMnvBFZBXTbl~KEKLq5qq{PUqeUPXxp`Vf?iBhJg$Y{v(ACH;
z6m4Y0g_7M}y)4ZlMx9M8Vv#;7<<wN8XYPW7QEi)zpiJN_#+r>}#TcneJC5WQ8Rxb|
z`f(BwZ&>(s=>hHG&(s;v9<{3JrfUyz2zR01T(>gqq0e|hRcMBSOxrjPaBmU2<tUN!
z+mXU19C&o>v>ngzyUf~pd$l6ZdSTPFj6-!AryzlsLLpJ4!&JWA8cvI9#r#s_03YgA
zuhZZ|F<Y&V|5zCx>a{VKhHHBQT)L~&djjNH|Al@>8pc=|ho-eFfW~34Ys9X|gWOBK
zHinzC0CYm94^oTBVqi*)F*C8=OHtLAeswI=howK;Bjm$UA0u%Zd?=M(Oa1PwRq<h|
zPn*DaBI9E$SOXoh{{fey^s6-kjyAwCSd0e-BdZ666^V}IYlcdF+(e3~9IiIco&|<u
zhT1>`EUc~O>BEq;91#jK@5r1&)DRtk`@xxoj^C9p<0<ud6A8tcjHm@l4U6fBT5T~k
z-OC$Euv0QDMGWLB3W{Dy!zGtSJ2CW#)JN>5V(~I-`05KY79N`^bfZ?lmj`FK+`_D#
z%`lBm>L`-0D=YmXS-4n|HmGs%IGzOaOA$|_Yjg&#lNL)vh<E9i+y)lI&81L&?CDT4
zQJ;{Lh@k6IpErTozi>L%+Xx!0QpEyj`MRc3pEqGvfpz5x5V&>7=&VSsNWKQ5)aOkQ
z_Zzk}bEHU(pw=}@<?5U~2*30zp#$d3FJBIrGrz7Cp808*GpQ_J`Xw@HrRCqDRO-_T
z5+phi0JO;gpiWWVh$IK((f*}BtsvY4@~gO$8Xeh2b5(jLwLG`I^oJjWs~Lw1!5{a?
zBJpohjiufrD^HLq^&%%FKB#FGS69tYPKY?D@=TXfuX9o&6Y6t@D`lax&?*bk^yWu-
zlzOR`FG-@?jIeVIB1s*21b7)KVLE%pjse-Th+~k*_Dru~CQj?~cyp)qBc@uhXZpMe
zHr3Q?z@}PnHc&h)za$#+zX5I`;mr9e%8teIRbnBo)aOl@%rhqPbI~t{sxzfw6}PU~
zYJJ><!I~m}W-t(mX%WG|D^rNpq2!9O*2hhdv1WiPZpMYNj^JArW35-J$>$;PA}-c6
zyBe!$ies-zy;x15C!-fhkDvnz4dSAQrD!d^2JJ{=2aDY~-NRCpmR^D;!REPuPOxKR
z0maToQw-GlqZ%9&^e_#5BU2N*pjb?4mVPCAK(K)%EY|tTU``E3hQ5inpOk)GJ6w$S
zk=!}j$A~v4X1z-krIdXn2Z8g@<RC=y(2DQq51JV89sS7=1HPkQW)3&zG<-)1Qi6*#
zwOv_RDn!4iiF`+%uL3{K_>PfjF7lm#r9P#ASEKnVyjsMY6DOXO`b|x2JE;eep-uV?
z8geGO1WH9=dlTVe&<VB9WjOC73e6FVFQtw;V9Ka@h$)M-D#_W#2$;Z9##L#eEY|ZP
zCPH*90n)uQqz4FQouUR6NfjvP6~PhMmAFhnFoH;#0@XtSCQ|w^f&ne%7ybvdRH?Go
zX=o{_?V{A1)>o#b^!9f9S<Dm;&l6z_*?9R#gMowc;Q<2&rB|0v<Df)_(o4&$JE#$y
zIt3sm4wx$S`m@~tjxSxuP9(fcB}ho=7oP<m!F7A1oNl|GB6k&ugQZHpjxDXkJ(_MM
zJu52?UMlr=Xx!v7gCMkxV+Hc~h*0##G4YC#Qok35yw5g3aR^U6J`tP!O8r`xj;5eS
zE<M*QPRfE4w6OOBn!<+y3}_0!k}Mo`H3gw4-m{2)iN$wHE3F`DsoyK&6c}j=cTf>1
zsT^tPcZ%4RkU~Yf9Y!%)sX`h=ot`FIPrZrO=_D>s*_9&YDRCrLsY3}Ewa?zBtKa~u
zSSl49ah69p0!_ea8d89ImPWid6GJJZyvj<6q*vETazw171ME?87Q-Q#krJ6@nVd0^
z%tz%T142DfbxQfonz5e;4;)zAI&ozC>g(1jy`|EL$rL>yPV1`1paPb!C#n$;0xq6A
zmWb5O#W7ozjta0_J&F0mfU43F0gn0T-ULTe1a~Xuv`}}^1j>XrFk@|+2_q{_h6@l&
znbAd$3<ajeS_6#kSMNiESm|Zr(_nNd6I1CmVz<%?7+tR>yU&_p5XHK6rI(WJN?dkw
z>=&sziL<*Zy^L&E;wgDf%SJ}>i2-)ymyiW7hx5cFQpo3GwyK0N5C`C(aH_Jo-_$z5
z=3`38lk~Z0cl4_8%Gg{lA5Uj<aZXpImyYd9F6hX}?~4>g#Iadbq-^Z8EGH;14AkVX
z^sqzLvU=6nQpH)T1koYTUXiSom}RW=lCfKgFF2v4jDnKOO5zMF`1Yz$`32qqq0%df
zj;E#wl{k>9(yNGWr4`r?z24|Pi*1KHsYo;>&aJBSYNK6>%LQaS(6WK?LXx5t2Rl`I
zr7=SQh2jMpDp#?M7^+OXG_KMsjh3uQZl*XLtJ2GiZlx(fqByOp(o2lEbItXSr2yok
zz>fJnO$_EITSdLXXsKd1(`9HQZl*Xps`AT=18!!g9vH?`V>(!;s0wkSRyC%yxB^w7
z*C7c9#21)g;;iYWj3^5+n_lVFMW-wpKv+=!pnhQ;C?@6@t4L+h4H7Q-1^|l<j$8ns
zP^D%m+|&+6k7J~!X>f@(7D$cYm0neJ+Jf-a<U#B3YB6(K`8CA>x$=vE118w7U<v;B
zq<p40tE&Q5Mya#f9jR6zSAK)5v;k~_ZSF53RN~OL%I}p8S2EKQO6YQPvkU;frspqm
z*Ng0Hj;K4fH5TVqM2alpyf^U1;#3E?&o2NDaG&0=>Ud(3Ru|<_?^azI_l+n#vZq8*
zLBv%OhrCrIDvxbB%rQlz9wtsKsw%abNPRk-dUkPD1R$7-S?+2?L6KV`XbU4f5v3TK
zkEkeev`9-u!bS1A>}o_wk^M5ti|FY;@fPq(FDa6@$*`{+(ujO(1okD*hphaX;()&J
z%YXy=Lhn(Xt}nzPI+fm^x-xw+qWs8MC1!TLd?d~?tVYxyTe$*62`*zquEaadE4`*j
zh+=NS%o@z@D5Fi7wFFhF{JP=*3;M;t0TvulfSTkmRZ>;5_6ty<zpyG6to_25@LAl~
zL5Tz%2q?z(wcidati;U$E;fxc2Z$H6*K@UL&~7!O=bg76LC=fRTWYj~v|ez?e6?RT
z44JPUQGlApe3GfF^#at&n9r|O2`s@weH`<}X8K6CMbw?LSG8uw;CS`j+Mm@ra8P4v
zRZ|>Walmaoru?-0u&N$WtKwvZJE%xlC93n<uT>35lwV*PI4FIRr{nWU2PHKj)??Zo
zS8z~c3R_d+-&(5Q)*}jAlb{>oJg(ZWRSmF&Utk(w3BRTx=$J`Lww8j@+AohtE3JSf
z^iDY|6KzoHfLD5VV=bX!YrRX(uEYcWotB8)CQwU5bZfsuZipqkh;@J^^peJDXbI8o
zj;Lp>AWLR0du`p8kW={{5^7vXaATesXsS0ZppYP-?rXgO;@HA=;k6ZDw2Ia;C_wB$
zt^M-H09$lw7C})0D{8wkoh=$^Fi<_F{ILQ}F``z&9pz-@^*TW#1#Pun{;*rkV>aAM
z5$<b5JMGs#23W!`SPW<iKiwV*%4x8KXioKx8@JL5SVC{lv7g1LT^CA4P`iy7AN##I
z!d7!%Fc}Xln9EmnHKIP!izJkvV2q(_ua1E3YccK^Q6`y$ei8eRYrXQpR8h|sQKh3_
zWG7v(eORuT1oLV{L$B99D4ogOz^-^6X$F=(TEF-qa3GJcbG#mzVAqIlL8p!qMx&kX
zr_fG~DSk`|a+0~oz9R}6tMFe&6hC-|hSL?15gK?%a$fY}2Z<G9Qk+;tpwF^bJEHc%
zI88@Z1gDwIMFXtYJ~B5AjVFe=t2iP>McFGGQT*V<ACaXG@Ji;Qwb!d3)Z@e{bspWU
zr_^O9#xH&d`hwGpj;=_WF`0|rfnP`om*U<n3<k-u156i!Ib3ceA--gn$#1C&7qi-(
z!#Ha5)URnnJRwP!-<~Bb#fF4bu8tR$2OQV_^wj}J(62=eID&dj!?|bEbgmdh`vnbQ
zPgbFG{X$CkS#;|K_n%`7yBVOE>ny0mjCyC4<3W2lTN^X#t%}K9bTRb4sx#|2jp(dm
zes?M(GDjtui#~>4*}|2mW(p*a#mnhdBg4Y->^L#=(~Kx?O{#Av;w@T@U$6@0xbdq@
zp&U13+N&nXv3T26Gooc`1#;Ys=&xdThO9AWp5;X@*^xxNLaG^2-{LUKEfoo~Py-hX
zNuw9IC{ExD7G0bWxnNO@6PgiKE6#iqS$flAl1O&H@yk}B(hVBN>?phlq*qqDO{WSL
zge8qX9d$so#+0t6iI(IxG-Jw9%TJaxe(fqeEo-zK_O)$sE-(~Q6D=u+(fD<+aH$3z
zCkE|`OIR@Z*D+xv1j<B6QRBB-g=<-|run(zeM61kwk0ez(T+%FztJxvBve~FTa_lc
zMy7FzIq=3WOb%ErznVB8T7HR3*p^8(EL?{uDN?<O$~n3#5UmmYRvbgRKp_GiNyOVD
z8o%Fa;Hdn1;?Pm4sC2h~leAzer6!s&{Z=bDsxi%3Q%cZDDrGU65e-*-XQESrkt-81
z;!=_ezu{_tEBun;09W{hsWT$LspvBJMJ{QnRd9t@k`+FS3khVe^zk3KHds0;f7oES
z6y3AJ#*r=yi&#g+MbmF1%<{${Y}upEQ7|);|8<vIanVN9D5s?e#r~RRM3Hiuo1020
zkH#-N4hWZDEgTT85zRT%tfSb9(fHjtA#1J7I*uq)vUPOA6}66{e=wp>$w>vbRAgvI
zBF^Dz{MzFHSNH|P0j?NPqngGQ;ux<+FH)_HD@N3_CZQ`6aSB)C7qmjTKpzxJTCF99
zN;EU1BexgJzI3NN7KW+%aKL6vNo$gWCeHk7MwF>mkpa?6T8>>OIcVb0uSTzE@o;?_
z<<EC$NA8-E86#5E!c5skP)yh0MC`uU{@3V5t^T<00@nv%+Ju;+o_3l2JeM!CZ}buv
z#kK92KOB(!RqiT#IT1FZ0LIzuan+kl^ywl6umqi!$Y%2xj0#Ry{N5FXk-X;C0n6i8
ztp+U5h_0TAmPbqjjp*uGg@zeXE#u}`a`rJB598Iv9J4s9uF<PyROa9g7AkW@ZYD_*
zdB0WQq*a~MGJN7_yhg8pIg`rm?TIs~vG#VE;q@ArrE6NIJ`){Cy#(fv2dtiQhdhXA
zDEY?HMlXUnx(E{GG*qO+GZ6>(0Yu~VPD?&eo4j-fcG{_Wtfr26!{2*g)=)>`?>!Y4
zeywu?Cb>c4L_e(M-8wC;wfvL>zAK)q<1_)ODcrJ*i$X*-CC(beT5A4-^i-QBaOK!Y
znn2c5_*#`2?eR{_6NtkNv6jb*;qjghmPnRptmZLxxSFGk?gJc`2^O!h!&>o1LPl?r
z`Vc)l>r2TO<6tedl@NdLnVunm9#a#WCeV@<1gtF1T`O=q@Leh=THavu?9MAPd`7-X
z0BfmyNS8kpxMJ1}-loeR3OJ@kCF&13?}z2$tT-*jBMy<mS{^HgB1XCjlTC2BAtqKi
zU6t!Mc4)fFuZ@Mv*;8Z49>l=hf~h0+;0+0>VUVVpJtNF`f~%R7t&PF<5~;?B<>Ho)
z`y3oYM*18Qan2&vid!=VO1o{00HqUg(jwLxW6c;W&ETR8kR!RPN8^wY^-r$U5@~v&
zHW8;S0$Zx;5aJM?UO*fYxk6e_oMAanjf9~l{@#=OA+<lE=WbfCDNcvPx5PPYC2D_6
zA#_qgOPo9jh^}h-oU_ACQWU;KuHDp}oe>329`i^BO&{}^h!Z72na7Et8m6mlxl@!b
z42z5}(hQnkF%6e<e%zD+jEOkH5~S${jkJD)BoYQXaE%Uw8B@8vC=nxfEa$mu0%`4R
zCTGy}izyRvj3w5J7&LROIcMI9A0wG}l^;jgGrB6WDa>4#$RMah9GeNs;@W0m&ro5&
z%ya~inDiiqXW}$VET$VY+Yiy&GnbW!bpL4Es8^^h@3TE~+ZegjIT7by0(<Y-vmpcH
zSCoegjNd>hF!MA6BTkRRx5n9PB?d;n!p_ANbVG20bP`xGq8Jl#03<d+XGI6x=FA^w
zH0K$v#SjAv&9@p+(&i|J#`5SvOd`&VM01A6ivllk5aY~QtWGV~XRwxM&W8BDQ(X?4
z?C|eL@ZzL+TAaFwwc@I7C44`ku+4^y!k364E9IQRh-!6P-?2tBH7=bz<s4%R#3;}&
zR}b+<r@}nI8)v)&QyjhsbuxkvSCKp&QQT&~gQ9l5;Gc+t8nFkuO0?FQ2T-z;qhEd`
zb}OP$NcHetI%3N8Z@5oYWJJGWJ;aE9m3hcGk7(7KW}HP7IQHcZ%7}hrpI}rb&8C7*
zk<UwIMCZ6oxiTmb2R5R!%j3f#-tf!JL%g9k?AdRf$Qu&o6yK^wA#SZzD5(*3O?Gaa
zl8R(#6LG#H_P{gZgXiV(&cJygy>e#9&mc!7@iF3^_*yGCFF3#P@0yg!5r;&g!!XXX
ze1(g1ZX!3hB;uGztmWy>0p5UeUC=$m8zYKd6J=RUk)z3O@hy@*T?KFW1v25grj<0s
zsVzz37u$rjreUAOiH}&z<HI4|@P|(h@y3Xv*EHS`=f0rT(+jGEeOX1Ig1(I?&vKwb
z&S)f1sij5`>_J?2a;Aui5s|`&2(ZIisy=ktX3i9m;~PsArLyGv#jzny^s8AzoT!&h
zPQ&96XF@_r-9b6guh&QtGRcC8^CqzeDkq*^EkcY{k`d!AxfbF09(OZqS5Bd5Ci*8M
zW>%WP3;?|GrExIP$}lhtyqDLC*k-@#HN^FL-Q;w*UY5`iMU$22U%kNM_JFwF`BIVj
zz=<56149$l_0xQMaZV$;zC7C;N;3^TDe`<~+KKZtHFNU|WN2#zBqolwz;YfdhRfM)
zEGE^&#NkC)%X2xywai@r=*r^$5V}7pGJZQzyd1s2Vo953p~d+{aNfMgd4M#`HHFM_
zatc~w282$mC?;nUfs=?bBqyiH`OtGyNh1c@04`{2nejVl{O5}t=z5RHMGi_10)wTr
z<?N|V)5GHYN1U2&&4BqaK&m3g{{VGVqz0)I9T*~}a!?76lQwC>kT`G>q^WAeVY%CQ
z!j0RFTy&l&!OMs$8V9!Ipw<v}C6g`=odjj779j^U$DM|V9N0lc@TgU36$e!>jahb_
z=6Z{RClQsYO60U$Z?V-8t9d$P$o1}2v%-o*GGfl?v>;F%UWspwTd9>eA!Dj&Q(SKZ
zR-)55rZPrA2&xE2kPxXjf-*q?VWFyqn4?q98eonyeJ@)o&XvTss;bV4=t`JlOc||Z
z4qL*HxTvW(g%X>fYDMSlOymyPCGd-5L)_ulvxefA5nX(fR7Wa~drT6&jc;|_F{X|-
zkvrt%yIx2$qcw4NB;CiF;~qGqI${t)C0#Y5Jhlki9d<>J+taxmxBF8x2Rv^VRFu^3
z%a^k1{k}^16j9<rF^0=oc3KP-akS}EMN)B0Bt|BACOTY<j*Uic(XmCki?s~Mh|W&#
z79s-^=@v@GQIQ}`b@Lr*oLeW-VxxzZgp1y?X-|#sGj+*=$mHQviKs^uL3x&~^MxZ<
zk|4V(`UH9rl;+N4_NEIHe$HpeEM@vt7xL^Q99rBB<AH~68zTb`fv%BB^9<UMjq&>|
z2W$*%WmHh7*%)yWBnEq_apcNu49sG54<<E5qY+U$FN`11)}rK2+Z9chW9t|DDajpJ
z1Z_E|hwY``e8G66?<!5CK>#>jj}=2TY}azFNjY6+9_dU<#cpq`<(2G(wYdL}CSmLS
zf2lb6Fo6<_?jc9*PMjm<=u~b?f)ZP-H6YH=1m53=0R^^f@%O^MOcZA^<&7<iueE}5
zG`2VTT`XW!4$<W+6(<scH{yKAfM8ln#{;M0P(c_Rj}M1<!!I`vsd~L+>D2EO+-xe2
z|HHSA;KNn$hF>U^<YP)X1W;E|)sJZVV@Hv^smSm-akL=zJI;sPJL%Snv`(ht5I<D(
zJw6onkW;4Q-sn@7!7Sn)`i1Kup7)E*Lp(pCTsci2recVdj%oN?1<(6sQsKN7ai;0w
zjg*H|aS9)JBhH6hC?K!CEM`?E-h~0i7J0*O_#5I4zeR6|H%62zr}2iIMMk?_)F!PW
z`Gz*F=y!2afb5r^6G+8bd_d>K?ea9eAx^!+S{@$`@rGZB9O4bV<aHXhQk+ExBvCy4
zSP5_FwK2B`lWe6pjShPd=R=Mi93RGF2XSB-)*8WwX+A?I7(rMf{e&1DB<d)?E;hu6
zel2T=5B*V^g6^KEqh$M~-@fP0dlmL;L<Nlj3gp}95W-Y$5Kc!_&^UENab-52&E<<(
zU=T&#7*Q4Dfvt|N$iUWA9)XqmRk0yH>=d#F;z~45D)-W!hCY;sQl(>xVyoc85d}1E
z!Y5m)U)P+<L#a}|D29It^#o*0GON%nnc}hv059~}D_JEcrAAc6xS^Xk5&N$o1yXq?
zRT?RZrIDgodd7=l@{}ozJ&kkyDmZaOQEXbmGMBS@v6|R?hU_}$Q+Q^(o={P8=joWD
z7$+>V89IAn2}^ObVv_1LF{{)VujrcnBRxov5mDLu1+gIo?ANe{9Dxz#l4*{BJY_1?
z%O$IG1oXO!!50B{&GlJWc>^Yl)MqofKAZY&W1;UwV^<jUnPQ$8lCwpYVw95D?w`pW
zr>S45375+p%8r}xd2E?}A7>_a?q>Q>Onb=eRnfqZh*u@g_R9Q`m?3E?kb@`<F<dco
zH~M6-GzxA!m1kgO{)A0&Ii7!<;VxA~=aK9D<Z%X>UO^)WA;%LALKq1sw8cC>Y(R}<
zekp4}jbtP0Cezf2JoYRbQ8!sdT$}kdmXJLx=X1`(aef)ec_^&t*K35eI0rluEFcd^
z%l!VpA?EP=^oE#YMB!v2bBM`t1W|WL*DCXiEa8FW(6>k_w|xaDmzX<b#J++l)8n(O
zQKrYEt;#D6hF^wmMO-lq`;$SJ;%2#|nIV4>!Dj$cAvrABh=xMGQ<ia*kvnDO*=?EL
zCFmf%Ek48DU>n0{%*CXPxp_|sW@$hu4}{Jz0KHz1%!8J1A;P(-L4+AH2{)x}6?8oh
zu~tF3GM?#`Hxx%_;EoCxE+9QlPK!JwaSH#U1Ai{xet>;YQ+$YcvCZv=VT38bNb-ld
z3lQX)7@1#u8`6b-!E8tuj_DShR4kR}`(Zqk#*ZuWw==!3(6B60sg)V%iBgIQ+$;21
zp&L;g^CklyGQCje*p{aZrI-hZ`75z8Lvp$q3T3h5L)_t)%!at*Om`Nh@`yyVvMs(f
z)cdRB4!yGw!L_+hjoZ}d$RcfOxM)JOM}D<#=*avE+t88u6(4CErwO!dJ4f`Lt;F-y
zd(@2bg;=rg3!XGr<3yZaWtbu?w8ps<(Y9e<jZ6|?mwMQzafn{CL&w|<;5)7`rU=yG
zFU6X<6dmH1?S>fAFP{xDq+j|uGYlzqQfGb>leE?f5}BFbJSBV=vm-f~5q3mYM${nw
zT)}WL;t!6-fZ;R^n-S<Xd{TKi&#DjchhJ_R<c|>%(j<i?k0M1{N|V&p*%-fnDm*f3
zs$~y^I!_}`h<0TDbir^rml>dGqLdkkRCwfxs+oToUbq%Ijp3oMx7kIEJjTaGvx~9@
z&<l7u8s$y)l3Lhv=z<Ze$)Yx*gvapQ+Gg=17YU{ERMu=nS&rek?$BcJTzO0?;^l>$
z49T=#NE?!Ae`;WO=uXb2$+TG1LuPyNt<qYn(D`Euc+)z%<oT_cU%?wXFu#&EbYOnj
zM%u(_2PUT_{1T9~)+!E6Z+N16l-Z4=CZvcPhuVs0H}#e$iYvGrouMNR-xrxL4vCkS
zi<oJ@@HWUHXWUGSaYa6&X0wX8BG>CX&Tdlw9lLS*eO*XQNe6}&nT1{(5b4~n#|#`;
zKB6UNT9#WbvgIRMVpeltD$|lkbA^mVI#MB1L>l)t=tt&PWQLAx#L&NKM<$nHF$!bx
zt#=?Toa@~-q!!r~CbbxGg%!1!kEjJPAd||&`ZZH<!9<DnYe7R2?bl?6*hA0fpN3Z@
z&l$!oP<KrB(9`~Q57@hR=M{-1QhEMyu4nS?S`1C&(vXf#OJ!_Y?kDm?dCct9(LBT{
zFA>IIVw66`Np4@rJ5_<;0`nyITVIAaaZDzElDjA;L~}hm@3?*i?qVLv<U6nj<Ek=D
z9KZ?3fK{@)h_j9gBr_u^su(Yd9y&Uxw6z@6qit^iTn0d@$Q&%qYU;f-CXtEs8Rs(z
z5ERL00wN%4VZWUw6g10E)8c5kxSV%da|YzhudfWrnV;+zzICEQAp4smT4Yw@!;NUC
z;kGWv__4OGO3deABA>?imN$5u2dx#E<{=MB%SRMySbLCliD?gc_+dVxQp1othE(W~
zJI$x^%P&KIj$bbs;`$LyGSj$T20tPL7(MZoaDAkq2E!s3-#xU4XS|_Co)Mk<8GcDi
zt-?a<4K>cCVrLQe?wMP&BHp4>mdo{)nhdvc73f{aknYab>GHx{hnga*Ct5MTsb)yV
zI*l-4qYFM{!9UWOP4eKBZ`E`1tMlMSWbdacMcJp))AyLzW=F!(Og5^@MIC%G-Iqr)
z_<1CQpP%szzC3F?zk_D*A)T6xkp7_iwON1YSJP?w!%yLd5@|FC&V+G~Ih^n&3VT#!
z(k}>vt67<3SUfod5oLvr7ExLGy){G1%5R1lGG=;a-YJl2%1U+t^|buzl+}otW$h(X
z4ip<3A1O~b&pX9{fw;x*oEbQ<VoU;m(t*hn(u)yE`Bivug`d9{B&<C!cV%bvz(jRl
z_{9KWG45R>aW3`VHC#L_iF4u4HyaS=BGQ}zo2u#6(-3EQTzTQA<b{n{33vFV0O7kB
z2I?Zs2nrPW5%IkI=8U29>hx2DzG9)L<WJ|kL^r7zk&j=^d5z%NY1MprraA7MjS7hC
z62RpnPS;1e1eEj}0-(iWL)_svNDS%v5gGYu(YieNyBLv?UkP{k$@{@Q^tfke56?6T
zA6<{4HW-t;UqQ59=y`tUZFAj^yzNNcPw}=3J$p~yHs=+cw;jnVD$#o3C+~;&!%w&m
z@rR!$7Ocf28AGS4$RBr596ox{7J5q910Max5lfDirbe8(h5lK26XNAhZe^myBCSkl
zpOqK$O7TP7;b-QDxMM_ecOrL)XuHDC?Fy%`5)JI<l*8|G+JnnFq&*_|NKJd_5PZ@e
z+*#+eN2Ie((;g87KIURCBx8s_{9JLkH`Dz$bYF|Sd<R9~7h@3klb~CuK+2mCPp-C!
zMHl+P<-=9-@;n83;(ak9(?88w%;XXDg`eslQdNG+eTWsu0Pv?I2GHm)o`MdlUs)yx
z_Z%(6RS?H^zLN9qOC5fX2?X*cc&s>dV190X@W4jY$0i+^JiZ>~&FIFg#J2dOnuG)6
zOpc4yBZ-_$o^xN+UNk1GWm>5*c?v`O?1d75YM~ib_Htw>MByj-hnT}p%nvb#pVt*W
zcADcM50o$b9I>?4D#8|jxYE!b`pEjBJsgwQohD$iarV=?cceY^)5*ejl{5^Can%?F
zS1a>}<iP=jK3&P01-`zJB`nEiX`x7%h-5GP*-C@l;i<d<?l9NODkB_D!*!Ee(@Q_C
zE1beA)NkphlZEf%Zbk;m=mW+v`9iXnrGIb5z=4%Ms($FeM&xy;sYH1wf9dCSg^gLs
zf%*Al;k$U?CmmR1;wRt|;(>LB{e-0|T!6HYpuq$4BvAO+i3cWT70MBL-IW}ep8^*4
zfN?S`VUhW7@^t~FpHCJR<E|&>4%l^N3Mb~=h}_{1+!+#QA5uTW9e!e0_}GcuAzJ6s
z2W3lZt-!-6eK5H2U5w791B;<^<%<x?$VCWc<RXMp&+DFs!AwQtUiw*GVPjSz&VDvo
z_^zq?SHyO}FZ1;4fd2L2)<Y6DBCR`7!ery_&sGsOW+ewU0_M%d-~_%Xuz!(iFfLjX
zRbnTbJak}Q#6NUkV=};#0v7oyg;LMzt}KO9>iJ*$U5wPC1B*?llka#a{q(QEwVc^z
z?$EE(#wbvcJ36`K0q*dz*+bkhCjUE)J7nWNBB#3&an=X0IPM_WAah3qHYnfnP>x9d
zw$|C{j+k|puX!jV>EAMv{w>dV`ZtrU^Bpw(Tl(qWA(zxgW)Df2kL(rH!8C&@UlURK
zC}C->Rk)-hGQ~U}n<OkYA6ve^q8yR_<-0QIt|$Gjj7+}2qSVvBIn)Gj<Yof6xwVA~
zi&=qD+^IB-P$^@Ue*QN+Uc#g&bv-j6p(IPt!I0ou=sZcp)nv$V*~umkm=+&yJ;eB9
zGQg8ei+ndn>1TDromrjZ;b)Vj@8Y|P?7*Q|DMB9XRgRd`!kAKOhSMRXnD8jN9U~Cl
z+zjW|iuA%|@@*I82!uC7-`!df<a;LHDp8Ke?(^->Zmr1e&zXG9LpdV5&!aBfT9HW?
znS9Md>1XVRjF_KfACTp03}}0rEQ=9pH3o>i0wY$9$?cOYyYq_5vKaYRBXav(VR36k
zt{chZdHB_sd_87v*7zp3R^%pk^v+9qqw>@Bf<EN&9c}<y<UX}b9y?$8sefs$d5XE|
z8PSzT>PCgA533Oab=c={dl<P|9o_o!9(oxZfi6xLxwT^1dU*siyf8Ie1bnCW_aPL$
z^0WEEw@!0@<$=W29dtrYH3p79NpBQl5LJzU<Fnpy@)gw^vYw8N$Ep14$&gL)bNOe6
zH)MT!2OW=7jR50g$ib|JFHZWfoX@ICu5HW1R4X5hKi~sYe(hxFy!=%D896U`3Mp>h
zUFa2QtyTB{Bf$7PXod8=evdFF4U2l-2iOmtmtQ&=IxjzyFYVzZpG_V>TKR)hq_tLY
zUL%0`(_$j|4x~y4;se4zL$a2yXyE}vXXJ{O$Q2irUbD%dQV<`sUxsKoQSOe3U2##3
zsM<{P@#HzGm0pQ4!#|M{V|Y;3q%-tU$J{)522ADGVgxqlful4(I5IZA6hX<=h&ehF
zRgLU6=yP;v06#mhH0(h3U`OB1a`oYpiFUUTZf?=c0Nt$Deizaih%e5-ckLWKjP{U5
zxizNJdpMG`!Of>!<;m;B2$<ZzFuY-hcXtlYP8{3an_aVg<HpHTS06uicysUA_KDq%
zqsLCV|CcnC{f~Y4!|dddqv|KCIA)sc%}o#~CU3*Q$XyV_-@LcIeSCLzY-{i6Y<uUL
z4SdlCHWPFHwJUfky==&%b#bqY8M4Y3<C*(i1}``s{bh#z=B2u2Y7Y|<WM-@%Hx`k4
zksFIfe;Bq5BU<$@^I%e;CQ9cea=_~e<_=b<@X?hSFcULeTQHCdp7Lc#P-p6%`Q0sH
z+PI2TB+d7pSqP;(F|xXYRwT{k$;uu$?ZSQwE~A_w6)(>R7(U$Hz0DIxHg}E~Y2Dhg
z(t6F-p80b<PdAQi-*n>m_U4fd{KqUw_JPNv`bDp7CJ1q%P&g}0UoEGF&%jq7GoPKu
z)S_P_4J8S3Xz#CsI&2WI(p?T`=4QP*DKtUyi?iW}rD&E+#@}N!yq$u&)^Gf)^vPLN
z^y08JM*+(CU}D@l<;x1(=A~|#hlL5Zj99SkIz?cOm^K%?PS5C<sYyF0(XF3qJ#g7g
z9saJHZn|l<vvuU!&Ar*-?HeG$hj%w_*gSD+^Z4$@;jNv$eY>~p?rq($v3cZ%V<$GM
zS+cQt^5j#tZr+<+yLZF!`(q+Ordk{w3qX6zS1*#0#su~mZWI}9alY&{sJ6wOf@{75
zUu3ue5!e6Xex`b`Tq_^L;oaG(8;;Djj-1-~FNcqBo;ZAqJC5TwVaxaJY~6Tl>!z4m
z@?i%dE8B`DJHF#G%JQ^H<dZaW!(-R6OpbWkT|6m+Qiiu>SkolcT$N|P+b!G#x}ceh
zWN6v8)plG_12sLG=Z3!wSAV9OrqO57nHqcr=NUu40H3BSzvasyrfeBzJtyjidG6Q1
zmf;ZL^e{RRrBHJ>xr|Pn@?~i<SA#hp2s4z=^1&-Z`79m%;A;Gn@>#VUeEZmka2MTL
ztH@_{Fc$;PwLg?D+(XX>J#2G#>(cELdm9&TpV~RLwX<QVG{3BEJp9Dr?IXudT!U**
z?bx}48&{mVdheE#TlS&kz=5@`6GyhMzHW{F-u&^x3*8&|-)>xT?C8<0ovjmxw{{P$
zC275J_2%L0caLxGUb}H}6TctdI=binv~%p5YxmZYa=x*9a`W)klNRsytoeNXkcq_(
zu5Uc<@lROam#^1QMJG-jKMpxhl)p>Y583vX#XqcYhwGgGX|{gIrr?FY&hf8p|AX-N
z1^&4$EeL;Kt{-wYz6yU|;ma+8UikZZ{g9i8CH#Fe@b?%pkJJ%w4ff5=XcFFl0$%U{
z#@^480{Dc*4r3ePdvy+=vya&0@PY1^U@r@cbeFyao7sQBxZ4?eY~gt`LD<s5rpBb#
zU{8Ywx?f^;)#7HQSD0<J16hR!P}w?ESQQ~XV0P8wR-^~8p{`j_dH@?*+HM%>0qiG&
zdHG1dmxmm{Q+flovj2b?bX!&x(muT5s2UwYY^kh+?F=61Y&aTaf+q^tMtBk?X-+4L
zww2&1i<oO_RQcPdu(SQua5u^fRn{7j9KXwKZ||c+(okeNR9cjputPA7;R7AgP@@T+
zD05ulnKigbuKgUd)4hc-KWPTZ#AdfonVs%EmFGx$RS3ctPnqrRJ(Zb&p{am!XZp>K
z_aB-g5Nk|@m>xoX=#T^32;`%v6FgAByK0hVju?<%gT3y*Cioy6bMR28X5elgsx)<t
z(n9z^=Rm-?!4v3+niUX7XnOu;Y;}L3qDr9kFn?(A6t=qml({gtf!hj0%<sZpLttb9
zK@vNBp!3lX<KPM7nqi)>xvGg4f)E5xrMPEoj=m;-#B6i#TT;v@Mw^xCqvof~Hrwi<
zaPa702p{NvvDxO{D*(crHCP6C2VTf*bML8;fiTiNd@7I*3|J4IO3_u0Q9(c#(}I|s
zbI2791j>+H3?BgOr%IX{MG$_C*=bvQSiB}wSV+<xav8+MQyrs-gjo1MXB(lhf+q$R
zGMjDVL1`hg&%Fmirbio6@KmT^VfVtP0tJg?K=4$kU;*h5o(j$k-+hSu%+|T<Y$Kx6
z;DH=>LMKU$#5SK9w0-zg_}ym1Ef`YRO2D;)2LP*|%`32WyO!DS-dhUfH%m-~YHbk0
znc$(&p8@Y4sx2x`_#mL!g9i%KKF}#sp!h%>3mp2P+O}3pufZ+{4|I4D{>-6Tb9SNf
z!Uwvq!0z^6fr&p|vxAW0P^~(>*xmjEAveRi1y5xtw9PAI&sz-yT==2d0wIKb0YE!=
zAS>XTV7e1ninbTfYCL7aC+Rh2d;1RrdIcU~@DwhRnn7tc3vU4!<U_T+=R#V{Y;*5{
z(CGkw22Yt1RZ{?Q*Lq#B3gJ_M>A_fx;Hl6OHfFPX-(_+iMFKaoT`|G1=|i<mISKTk
zD<gcOOlo+ha6MWnOi&CAUKCpK1jL4q^`#ZLi}0yXToZt0gO`PDhq7Y$Sh!(mzs6&>
zM?l;Pv-7<tLf0U{i00t2f%O3A3?J(o(Zs}rjYT_4Uxi5)!4sijM=MYGSl}8aP+P&v
z0<Dn%NqVTUa8mK3u;=|J(D?~bZp^hYB+BTL2_G9cX!yy&+XCAKkN}>tz&h!xOsv>{
zBCr(+`gIO97Vss$$8353iH`O~3O;<qTs;RFOcut=1k;Ba3ked}GJD;7B2+L5{ORDa
z0r@i#WdCj9`69b;s8OSG6Grx*2zSzik^QH_NCVALc+8gmq)k9+D0m_?yqM&L$9kb=
z$9+jm6d63xJvkFb_8%D#U%1kTnqFAfTg&Wq{|OXf>a3|?;8_NchY21V5EaY{2p$XN
z*Tj+iHA7!8G0`M+zbQ3HTaJ`o_{f0bH_>G9ssYY3@nra1p!!Wz89X+iWKC=d+hh{#
zA_dt0;E{oyMFuN;E@WnS6yal`@0*wqGgvnCED{rF2G8LV`&n9*p6i;JP&0fEbL=Wi
zlw5c!34l9z&Vpj49YIoJ;E^u-n|L#LO&CrhCpqw3m`F(gF$v!nhB}D$hn@>kE=GBV
z?;F@Q6MhDC7`R+-+e{P+PeKy~6luaoLN7QmL1^$Q<R+07SU5^15Dgy+<iJFu@LZHs
z1{}G8M+SBl>7npdVJ0FmF)6$tbtmlR_Z}HAYbGQOUKOSW6BCpsb1i$Dn2<Dlq|37=
zDh-|)Ff=AEg?nbOcan&pmKZ+LKSL9kCeTvad(5T>kMus<Y<T~fUKS}aK`9<m;+@2V
zrNJWuD%b?3!E>SYM{N&}+3po-mrQ&bJTky~CQJ>U8wf*CD#LSXQNx6);UnD*#Z1lc
znE~Bp;?>|?VLX<Yh!u{rw)ZAx4Ik-#mWfz{XZkz^t{iwMNWCQ{ZVg^Gu=OT#4WA43
zDLP-n=LYt|gs{Q;1`M+aVuR=UOl@M=@S!j~HBoG0^r|SZK$Q(W(m8<C#IV6@!gPLW
zf>^{Pihf8<02@BiTh4BM?=?fq*{!!@3j{#}cGN7_f26mZ-SOTtA=jtKUWe}rLy6SH
zufdvOL<xw&&~rg82^idg=fXH0IEbO=vJCZt3S)oSVNOjXo0xN#nZksz;Uj_Xoti*4
zcrJ7iQ}~(Ta|TUU!;^>BAzwZ<@oezEP)Je}&<4--gd{cbEP_#u`At9@JQAcxQxnmK
zj{%olHH`_H`16r*#B*BS5$KemN4gAYg4*CU0}N!UqQP@v_zzcQ;JLtVr6#sT+^z1H
z-S^%j1EONW+u&6}w3V9p79qT*FHCG3Jc1M)YJ{liw@FPPoCcl?X*3aTlB%U<6XJ%C
zbWg~{xWO|6{A_~U;JMI#r%3YRIg1vTG?@u=gGWNUm6|v=c+Nl=ds@Imy1{dy&zIUz
z7u_F<wy>dY|B=wYH*>?WWbajB=z(?(^IT6McX9)%4ReD>LIq{R-2QU|3JT3o;gUTU
z11M$lkmmlTHpuNiGH^;Z$OZ0D*;O0g_8%GGd>h~PpBvB?HoncYtRpapAh7?4xv`|i
zXplv+I<+w_dXu!TH=Lhou3u^+TMYWp-ePtfB@FEm!|(k^2DZt@vzT|Hyvl~M{YM7)
z*v7N{=LW2ljc5DM^{teRXEQrgN)mk=%Lb2hHIfZxjVYClx{YH|V%8q9``vpaOj@O;
zu$q7|lvmjhHn(G<CAw_%+J9s~i`o!2w}XPkR~gmPe<aMNK)($<7bc-n8^)?|He{L1
zt6-n}9Upp?Q7!%F`dnZNtVs?9>A$S2@@yd6e`LV++GsX-F2L~^r5G;RS9vy;?Y}I@
z?E$rH-eo6KN+)DP*<3YoHj2$HHeY;;-Splg1K(r!Too!C!=k^Vv*QDr+QzWCoyjGA
zl#OA7N4oN9W7yn|CK6v`T$tdI-fQee_g)h^tTuQpRP$ov*8U@5Rx7n}tEtY*oM}VW
z;E~>k8wT$`6Bega8?oX*<>hd{pm~*MeE=)Bk8}^WBTl%0ZQzm6c?J-F;JGjlnwgqw
z5`Z;3_*_$OP2h%Uv>E>HKN2e7%oJOL=K?vvZAt@=g}V+v**s@^p#<*4JwF4FgvK$m
z(Q08^3dC30t?xh5;g`$?sr}c4Re;P!ss)sb$ezZZ0daPsocKj{+k20MZX$pb1Fs76
zvYCxfOD)7kAs4UeKN7lanGI1(JCjNJdK;eh9|>Lg%!a49-bvXj8=m$b3GFDx-kY!Q
zy()C&GaI6o8m!zP8S$##BSGYr+32+Fg`QoJHf2{NySln#Xdmp>+c6)~mfFa)>^%}{
zM}v#Sl6|mDN9t{4+J7Vj#vw!-cva6&$ZT+0_HZfPU9hof|B;?uM|+%EtoNR9(`{T@
zs(Qi3rG0#I?~Cky_v^|5q6o7|%}4c~3q#k;hNP(RDST{0(%_M<im~Bn|Czv+Vw$7*
zs@`h-{j~9D|Dn*EzzD^GmxZ}J6BUJvhE?>;hNPvv=|^H^8<GZ(bhpBWqy1+F^q-AM
z`_F}y5`%Ha=l4D<^z6}(IP_eAbi{0sf#(J|!v?1Pbq6$nExuM-aAG3LL#VIya#Ou+
zGYY5w%+R(O0jRV926Jl$9tkUhm_A{j(>xm+o>uloj|EQz$u~195FZ5zmo2A_P5Y08
z5@O@i{$m5DZDZ8_b783@vw>>xT+kO_>#f0K0p1Uk4-gvaIvcR|UpHXVY}6V&7XZ^U
z8@2YIL$|@KX<(yT3>R98&FA%0aaV!bs5N+`%ZoN*?LRZXi#BZSKZlM2z$WS%ejw$t
zk?<M#tkA=>fouPD1B%Z^ufcNxUNp1OYyY_c1!<$#;JF~pnb`m~c&?A*&1?YMe{4W;
z*eEu5E-1VKJ3X*_sE?uGQRa{r-ep^rMQ%+J!UG2u?TJQG{r1GmxAr!VZ0>C?hORyC
z@<(kvYU{)`d)KZ550W1^u)DXjwRywZh2MTNx)HD6+FQSR>zZRHE;{dX@B07FTR(Q>
zqVvADxO{&3$&0tHJ@$yF?`&Q1^haNL`03XlZjPMy?FaC$HqjZmweRN5llzVyJHEHI
zv%9{vd-$UJU3~CSm)_4jaP$6~Z#a1aK4bmn8;+mY-GB2%=h=U<AAdGKZ=APoAKAP9
zqVpbi`D4~id-C<i_SOO1ohAE{>>=w%cQ$X>x@mjo`gQbborhQM967rG;3b#R3-MnU
zop<ft-pTzN8#iGlz)hJQ?t$EYvw_JTX}S+jU>LxOz0I5Vo!GrU*0UdS>~ZZsJFz>n
z-(&{~9DCdbP}Li}5XOHU-Z^&C%pqDg3vXV%eQNKb^G=;Qc4U7IA9wR`ne96Q4|QLX
zY#rS<$N%k{A31Uu8T`%k$h_g@FdArhJu@>1Qv<Nzh4|zC$Lwq$IfeNJ2QGWeqt-9G
zc6)cvt-s!2*wck(!qDQ8HTy3fxpfP6=g97X^Dl6J-~O<6;fDESj|AF1@0b4&Q8?OR
zqQDQdix=XV{g<P^_UJ8_Z0>CxK%uzUH#aAH<viJ6Wc%mozInZWKEH6I_at}+|MX&T
z=ib(sf9gHy{nPE8E5T6*%*==M<nH>7;81gvIASpR-e%>Nwf~kL{jzV`=E=)1*SGD4
z8;n?(=k{N+efZQ3TPOCu^O7k{w{eCK`pDt-gHN8?Ic_EF$l;Bx<6Gw2c5&7TzWB)D
z{YSTVZrFr;VDJNv?=n0K=Eh&{9osv;b->E+LyzydKO8@1<Z(ZyMqG2zc{lGnvUPOx
z)bYLZ4jjDnVvOj6Z?$jzQKn(~rY-aT*B^Qq4c5EskJ&zUVs9O?vbTMB`?x!?<HruT
zKiGF~EY`!H4jV4o-f>G_vGp`w+scfQk@g?kzcl~2{U`YIk%bbN@`}zs8xTeN6EqnP
zYopbZ2iDfl(Epve7cGnfOwC2--DFfh{zRsO%#U${$@Z`kJAX)tU9h%c#SLO;#QOY8
z_8Xlr2UZ3DgPa@G!Flufd3X$JBk}~v?fIg3<1G(8wRi3I&iVKgD@OBYwD@1Qb$HMG
z@k+y%=TBic45T2UZ{FEDx;8hH1L`%S``!Po<5DEV*hkmxZ}`g;zPtUa^%L$lMCr8|
z*lqrge@iNKUm`Qn`7OtrdcT>!H#Iu{Is9T`<IZnbH~0-{Cp)mx|F`(fwtxG-nSX1l
ztG(ZFO;q@s!76s1%L_Xo-2csdUw;qgbM&)?-)#HD{eO#ZvBS-Kzttv7+WoD;D#35a
zVFbTrCN0(bx4Fq-^nNRm&FlY$cB0_7+T`&%|29VhE;5e(Z-(Cfo?>8^EqM6P0gqUl
z)OGK-;C%okn!eobbM-tiIm*tzML)HPvwOegCima_&1T<wzu6lxd%xMxvG*Gaz`^@$
zA4K;#0CS-!dcPUSasRh8IFC9(gK+R%ZU&|F-iN;C;J4D0M0(GeA^-i~8WYfWpM!!5
z-UlpI@IF9yg7@L4@O_vT7OY`Y`n`4S^;x~&Z0Bq5x7vgUz27ixp#K{p+Ti<;Jr2GP
zb^G9bNU4SIGw_<;x=0#?@2gCezx#bzZOZz+-x^aN?EVHe4c>=zdhov7R9pN17K;SG
z<)M5)Si|?(%Nu&%Vp~dkzcnUl)BUZ0zy-fS0S3Pr983S-VpMYQ8$K}jtuR1^-nuq3
z+WW2Q>l~>2I+PD=LGV7zF%7=2G+@Kty0{iK_&%T>!}k@Te1OHn_f?^MAafeNuQBNT
zF1;`n!TZpoAABF?zX$IFn}+X$YZ9!1jR}6Uml5>7r4DrjT3`G22uYQY575IF@ICy9
z;9F{wyz1=%L@UtuIP`$t+Fr`j{bqbj--d!)LY>&mQFiLBi^qa*X$*3$|C~v3_kXk4
zfbO@Tu`T!(%s&YBps@ovI{y~dy#H^Ft?k>2`MgXFTC4MK>&6b`@BIdcD0r?3<fxg?
z16ymhs!uN(PWwI_5`Vd=YIoLc&^OcnK8zy?e7$BK%1kp4eWYgI1bU-EA4#9@8^Du;
zZ^7~Q_r3wfC;ZJ$aq7~6`dy!2Fjyqumj=uBc?ez5W&~3Aed*lfLwmoWG!*=nnn7&6
z=dwT+FzqzZe+}IBzO16RH9R+rx(@a)4gIwS2!LQu!3N=P$SL=~IWyVf9vuiGg1ygd
z8M{kwhPi{mzpVou)@0b}{&Sep8UB_8ve4uP``G)w+=A}9-vWO(I1dC2fqdj;ct*hD
z1m}@MLi+1MWe4X`m`32<_aRpu>^)3W_!~eU!M`oSGXgv!IFBN<zYW~e;5<<04}Y^w
zN!|T}{SD3oE?2PkCFZ{NzZtpyVDE8hYWQ0f>WC6)>EL~hsd;w4ubPKvgu8Kqy+^-6
z_}hT~!}#ssJdhv{&ZDZrGs2ve;5^JssQx$CbJP@ibktDC!EXk8)PF7yd}Zv4Y3=In
zOI?O%gs~98-q)dD3@a1(J`IdOa2`;o!Fe=kct#NPVDFnEJfo%z;_0TTLK}s6H8_t3
z8lk%f=qH)?eOvqnj7abtuJ8(eGj*TNp5otHM4i9S_^k-+OpcJLw+8G!09xJmA({?+
zNAtdcZ!Y`if#-sJ4t~Rd{QrgBO{-|jao+Ly{S<fNv5wE(ZwG`1vLo;)pbSF>9>`!Y
z5hxm%eER%qhg|M@{u?qadabUmuI_rTe$K&?{I+^ASZo8ZOJJY%N@5<IjeA)=2TV0j
zzWsbo^+_vg@zBM$G?@Jsw6JRiG5D!#DeMB7JB}h2SnOYh>1STa6KCRl_};jWl@(x$
zKXwioYK4Ul6rf%5(%?)igr>Hmu(!R3{O_}G)^i;au|s<u0t0isg!V63Yw^=4H?)6w
z=^hbfp*<EV?DO@PC(hon2|rVtvLCPCx<{_W(Eioa-@A_2&z$k+ypCY@gZK^Yv3+6J
zId%5(^?H2{?2RQ5*i}#OI6c_|(+4~-*$sicb&seFp}nJ8*pHPJ-@kb`Gy6e3&3<@y
ztuPN;EPfv0DNMp)#(h56`P?IFPH6wm_}g!pm!UnkN@1TRSkF1wy4ernGPGyw7A6lq
zxLn1`>@U?UwC7hYEdD=Low0SnV(WsvbdQMm(4MVZ*!%jl{O==sq~?9?c-5o?&8(L=
zx?;o!o%M9c9`OXNpT_?x8#Po|pT2SNnS;e=2^M>rvnlp8*cI9i&We)uELiQznSXrI
zf^_!$ME5nX{Vfd$JTpIG=KZX&`RzC`&o5`(+xmEnOWXzQBl4V7U7r?D^JmM5=e!DB
z2WR6x%gSclJtB0VU*k;1Y3vgig($H1jYIhMv%lQ@@5lP<)YN`kpC#Bez!+R)?H2Y~
zrSzObTmI~?kka03wrFEJ=G8ed^TrQH5r`iSOve6x%e5KWYhGGd{7wG%y8b4x&j+WU
z>t)(!KVE*UZmYcdTleVov!TNCe_Zv$_rBF^de`>K@D5B5y}%fRfqiy~oOu~4JMJy<
zOXc6!&+9(@4WAP6;oY~(?cH%N*S&PUm9Q4rTi2!|an_-iaB+@*Tq%0>$;;skuf12F
zbRDcO-2bXidW<f*ia>GXpdjh`f&EVxtfc{4H|u5VX1zj?g*goQ-)qm-hfT`3&j%x)
zd-UO@k&I(>E{t<C`^!;Sn77mNEu}gz3Tj}Vr3z2{*t%ISTQ_TC>n`t};kavKMrCab
zmFSoZhOCVTB|0V-X!Ms;3U|GvWn|+iD@y|ccw<!h8Za=2RwqCT`>bMp(C;p`j?>6B
z|4SUgydSaEc)r4a-w`nXbK`#jTOC*--L+0Vlz+W*PVVoWLldZ-48h1F;orzwk2bD<
zm%^2}2H0EVhjt5*@!zp{cul=qVb%5ArnzHzKw~orS(l%Gk%;o7m7iUo(+B;)KA+e5
zElt7hLFXO!qw9FVfICjbZegCQ$++6*NZ)lxt?jpo71_4Wo~_Syyg2+j?`w2N+j~81
zX1)5z6&8P|Z{zPgc8SbW8Xv!u^pfb_-!<Fads0|qbztmwt(XSqx8#i&cP-j?+-vWb
zx3}IeSUmT^+ehyg*Fny&aC~8;=;9)-TbSnwGLGUD*jsci?xyI)cPvBG_a7URb5vd0
zJI7~l(xIQYZfGi<rZ7yI|6Qm1{oi}<&JPo3T<!Dk0+XSOAYWwJ4_v<g^O(TO?(aWd
zD&O>E4qblKK3B}twQ+p!dR>3f`6Uy^&+2xLTu{6lKP%YEEo%15@(Z~Tp9kr|0vWmp
z`+b44fK<lyK2^pW-T+&<4?jxv^M8lS>cHnNj+{{g9De3a%vt3=4gV?T&DlbN()9n<
z{vV_MzkJ8<B0#GPSV#Eua9%&54Zp(5C*NCc`9Rz`bf!Qrk6&Ws@}#Vm>n;1lnc|fF
zJ*)UR4kn449?mO!zMbCw#s7BSPITw~V^ws$j^*C5suNbH@xS-@e8JX+u#W4=^Ps`u
zyt0CWOcud&oH>#g308Yhx>@|nb~m~O*!sDyU%<-7!)19x2FCa9FQV?9c<NC2iW@0B
z)Hpj;s&>5SM`VhgH?iYo>Lzx=(%oDLs+reVo^(F0-?drqbvStL8_RV4VV9k_<G`+Y
zz~kFf3F9kp%6m7tU;3>K-u&+)Hs>#|!g4!~tE#Xs_Kg`j<IshWdj9Vl8Z7;IK;I+Z
z)Tb8b*Xj|};?3P6WU6DzgeX71R>#CviNn59f#+^IoYzlCx@k4{TrXVe=i)ZoGeeb6
z9u!!32<)Z&%tbN0X58!Q2NK$P|G{}>GJ~#uR{x9c&HUJV$h`GW%8-kH$WiSb%XK((
zX3l(ZZ@4<=zBi6>u(W^w?6~lhACmlY7Op@b--a&CsQM>eFY!-ucP?-EHnBGQ@wV|J
zv`;>lFzkEuY~_%}`QxQ>Ml2>g$yHTY@($tr1wTus%Ux_(VV_L{pR`BPj!XVMmQ=64
z`$0b~>^(l2U+AZEKYxFL#qt#@C#FOMtRCT8Qe|*CH}&$%i&#uyl6&%P_mV{yn@QMt
z?S-q(S-awRWAAa{_;2x_`d@KwEdY(Cwlgu9d+miuvOL5)8QX=1l)H`yjqUs*7Lz^V
z77hJ4*w((}qFB1XgysFDJ-Se!7xn{!PZ-8+KFAA?#PTi*<Qz%ETid{gpRJI7dluj)
z>Fzl%1tc+gTEtg#yvEKG5{VwG7f*Ryh$`zfNzRNd4?k0QLxW$EFHd1jzC2jtt6<B!
z=yI<G9jSh`Qy>?=x9nYsZqIS%sL$iVLi0c4zBq4paqRybn$Up078+<Bw|CPEwRrYd
zu>lF3IXHO=TR#%IB*u3%SY26gzxg?CtK=EI$mJ}4$@AsH`xg23Lg5Xq2(!@2W`@_u
zw>i@UX!1O69gClvxUt!DF?Qb9@~INL(4HG4w5R_KeqJXfEOw8$szSdv2K95CwdMTY
zI`)44Ml&lPD1Qrn(in^17c`J-8a`F)G5A@V$0D9Mg9#u7RzIe&>Dn&Vo4lY~+urvA
z9Urm5{4aV0?^W#N7e2<&MeRt|;ZeoVK<F-e`GroXf}>~k^Vzh=-Na3O?_mbEb{V=P
zK6o_PJra4UAJ`n_Q{)RDc)2z-;NI=H>Q`UnWt<B>HrNZ-LwMsOGDYLN;B0N8Sx;J#
zZXTt5!pvL$v*=r8p3<-EFV{nO{F38$jvx21%<P*Sp!uJ5ME8L+CFJ=n4`cKCUcBKL
zTK#zIUP@TbeJXu&=I|WY=W8j4^shcVsrK=u;rhfcdE2v>e5%3k{FsX~*v4GZCGq{E
z!LEbk{%m13I9D$g5suD}g<@-b;n%xtn#h3jn=M~~t#9NSG%o!P=cS*@px%GdJXW8C
z3(fe+8(`Ia&S$jzCyKN9`L?k;ewCfWI#O?XIB%|t0+`qp=8zD#IJ;hg-vxU!?h6|5
z#LfMT0@ZC#G|nEetm==YHLcHxm$k8NDoA2pul%gx=lX8ocMXOf_rc+^eui(naNTpd
zO6ezQ@%g{A0%HHVUgFoI3dANk^<d^Wu39;G_^lrC?OcMnOQaYM?crDd!KEk-U5u;W
z=UhgEpK<Z4z&Ya%zxCZntWEvz{jYZ-u^;@n$Z`hHfZP2Lvfg|5)XCYm^H}a)9)8Pf
zsv#tZb&fA!^;OZE601}#lsN3^5rZF>5dr+17tUYED0MMID-s~}B>va9q?>*DN~pX!
zK)jBT=Va*O=UdY3i8EO93Ej`#OFZ6h7253oh_dXtDTYtcDn6*A%if9K$fNitp&Y%F
z7Eu{0_EcOlFDH6>fq*Hd&DxrWEE*6y?|3(~k~f$8K$tyq$eSB}k@g@svAC3eXj<F!
zRKnq17h-*a<|x0sH`mG>t8c)sIT*~m_(ojg$?eu1Bypy@P6uac9?faf%WcmG8iZeN
zy=xO+h4I=8=3sR$ot5Bc-;}Y0??0MvOH#zPx==^vpju=OVVo~uD;o*2doKAYL#-_`
zioM@Eg5Eyga^R(h0a$Zkd6D8jy*IAsPW0`^;wKfSF|RZC_bh-dU9NxM?m1^k?_GD|
z#=*=hiu<G$SZ#ZuqScX%YhD%D@)i7|57E%07k|5JclQ@4_NBC?*jpkjk-x6Q=xaJQ
zL<eDsuPz1WkJZ->zvVTnwINGCcEIwGwC30Wsw&sFB>gJ&mtY(^nd3cr1l2aSq;OvR
z7GNtsB#1Dso^#yV5|g_!=B!PU>z-d#1i9N~U_{5{rCB*hd*)er;sTaDEjZunB6H4(
zqrpXkfW#p0f04;=)ZM*fac<5p*H_Q4m`KjiInAH=!I?7kgdKjd{YaVan{fQBO-2V}
z?fE~j)PaNXa%bG@>K4W|X3Zo?JpS#A7_*eX=tC$PISsbDBf2EN?y{O!_He$qI(8k(
z8^bSWbY@)Z1Ku=N3;kXi!w@0edkweLCZ;{dfB#k=lq8<?0s%`uvV*O!6s?lae{@+s
zP}=N@UK%i73bT-mOK%alC=ATF#>?Ia!qC*EU07^!&U+0rb`EJvv*#TDiILuV*G4>#
zQTd(@TwLm(^fXj_>o{X^fwO|d;GCXkLZn~tu3Uqxmr0lVUamoSoPL_UlxvVXj18N!
zz^~kIQ-^`hi4`49_a5gEjNG^0#<!T*J*(<IvtFuW){D%AweC}ksKn@n5?24C>^3jW
zsNUmW)P0I%#c%P(Tpd0opb%?$gPSXRF61@i&^~>mj?SwyFeEwLGe>i=-+p|)opA#5
zSHG=pcs-ZW9mCK1DDRn}`b0O=foW}fO&rq0fB;C|&8?$+B~4~=@xS0qRayF(mp5qW
z!kd%*&?+qZ0k;2xGbi5je-zf*8Ztyy#>1txH%?{lk~4{e^A(6b=T$5uqdKtGc=B4T
zo^#sd`U<|mdH46*8@?|tgk$FI*|%*uA1uVh#X8y_1Z?j=IHSyS-otP8E3o(-zjHxF
zf1zzer+z0dv$opF{@0$Fbn4BMIb7CvO@V98p8rMHBV}SQpy>K1;Zog9H?1$$mb@Do
z(dpB6_(g`^zO76#N9;yb!nrrjb+bAHPk7hnnhZZveP%!4OrQ@Rz;Dm*H+0z;pTnDe
zJYcl`=l{UozgS!EM4{fELA6U+2OW6ku#WU?Je*^568rJTzF%Nyac<vBN`%atjN>&A
z%tHf#DMAg5Az#?iz}o6Zw~mc7U8lPE^$r$Xn0~><R(9MMccMIx;LKq>JmeL}*1f+o
z%ld8XOW*$3b1t$I`39DpZLrq8%MgyPBFlI0XWvq)cRvWE$O<_Qh5cAwBUICu?qDm+
zD6H{8-CnL-^<jPbqN~N(WgPq*%&bi-nvUcBS{fkq@CKX{PdWUGGsA3kWtmK|duUC`
zaqu`tbjNp%n6r+L>W<thtNXzD^Hsaw>T9G&dTme`+8^ZHG$SuDTI=|@OX9nx`E1Uj
zZ{OC}0`|o{DO4HyahK#CQYKQ^z3Tq(=eS8^U<Fp2PBd@jf^Q`s<=ggPlHt`m%zZWM
zI6Ch-NXswI79C{x4=(8gc~vpF!>(`l;w-f%dbSks++ixElYdV;2tNxsL@x&0{k@FY
z{r1+oXF(MjNi%f5R(h*5NFRzFDiwBpK_|Hv7qII5s_yoGaQ;F+_>n$_uw%$C&g#{I
zGt+eV04}w$Y4?kZan<=9%iP5*@!Z8=>ld}Q-UrsP{KC@UxY)IQQLpwPk7Dmr*=F&L
z=xVyS=yV#NC0Km*aDLzW;P8u%X^!{_{jYpVt0~Sp_3nC`qfWbOEj-x%Po_}n=vm_F
z{i#~A_3{1}`%Q^N>^I+bZ9=nI+ZX;=CBfZac@Lx0SO<gVNteTU_tN75t>xC`xO^&4
zX6CpqKwTSuY{#{R=;qDYx`gE?&eoALcsMV=K*Z^Peha^swb{YyAJRVTi?w|$F21d<
zCu=V95^UqO){#5sa9*2Jacy`K1GO&>Z(Zy%me8Ip-=^0+7!T^wN{++o4ChK)ISsZt
zgSDkz?bfk&iU3;sGWlP8o4m@=Uu2wYo~k4dft+23AV%boizsL79B279_o+EZ+l*^X
zlFZsYzjqU_fA?q*zr}}C>^ZCE<(%7jIg+vtYIeuf?|4tXWF1`kGcTO)Nxz34_6>fy
z$Ek2V=SphAFI29XLs4aQM;ce`t?P-OJ)$dzcL|Ha(koks(3kGH&~flXtS?~e7eK4{
z6CM1-?Jt8gaVx5F&zsbl(C>@BM}{pfqLP;P+&8d$7W%Q5a8AtT@Z0~{-1Y_YztWy-
zY3495Z|QShu-b!QOBWfb$uB-!)~A2%6XO@~zvLI=-Q)zS&f7c+73s0Tz!GD=))<MQ
zx&3y%){)xb!+G^9jj|gn^1tZRDndg0V~su2tkBp7H1FgKfUOM+=e%=q_^mB2v!Xfv
z{ulncJ7Uj~(8<~mJeG>EhF^FwcV6RUAY`0KPGG4=^lfC+!S?K<LFxi;y|D)`U4HJ#
z``^kum2Qly#ZRZF;C!6}GOq7>T<Yrl59L$aC(AAGDqPiF>@pTf^e|qy=$JZ%#b&xI
zXYc19w@c4;Pz2)pI{cQOwJWWk)&F`{nZz@Pz;SY(z#3BrTmCzXWc35M#9q}FEVREl
zdLNh~`%5j^dr~*w_zuCArtnKI+rwqgg2q{mLCPfA{eW|QuR0ek4N$&*RuP-EIRTQ#
z4d?n*;1@sFrIzLFbMb_J3J8bq%`5Ba$!lPZJqfQSMyisrcPuyS%)uEEA08)va)~dZ
z8F{YbK>S=Ri1klOs&DS4(xAO_jBD>FRZ6jcr6+zdFUxyr#eF*Tv)(WEND0xLbB^5h
z4DqH#&w_-<nd3Y4pl3niSI2!JXFlIWe&{s**BGRZ<Qw<1w&YCQI#xDvPPT`=|0R}1
zGDc6l7FJz{S6`mAhfCi!G4I|7r)8I>7tDYD?<#|mA4UYEcIloq>bHVL`QJ<9u<dIA
zzx2eCQ7K_6|5L#gSaTa$Jw4~ty4?4|O!*(T<ItYqNv!wq+x#$Ed*009Fqdw>IM-Ki
zoUT|ICkZ#O$Z6lorpvh0Wm!k`gR?X?)~hYH?pgVtuLEn0l&ZY;szf>`WWROQjot~r
z)cPJS;d`%}_HL&DW-lo#GY4E+U#mnheoU!@OBdfJ&I#wlaX1Nc-Y`)84F0$B*Bl}x
zp;dA@c_)<{J;xnv{|CSH!985|EMVQdJ>Y-oT@I$BYUWK{n{f*BGtT86Sl{z{SCT$w
z6@H0VVBPfCGB2-X<`7K{EN{{IHu7B7h(_SgZ*Si98NoR5#{1vu0-Tt6YZXiq^K%Zc
z<T!w(-~Yjurf}w9d;ah6TmOr!py;vwmv?W#^5zhj$mDYlu=seu61&qrF?~AVoE`>;
z-^!!w61YCg``^kkFs#4$UH7}dQY+}&+(QS8EIajO?!?0{ydg@mHk1EFw*X6x7+Cyz
zU<{vKhuoRD>tv6|j}Dd^4w+WrKizZsCaXTo8_&D{tv>=RIr(78Cj^UM?_hhk!>>O5
zYk<G!@><)J2DI<cD)}YmO>eJjx4F1n3zzjN94xv33u5g{&nl$fl9SI_u=r`nGix(P
zYLUU>mj_F}E&3&o?B-n^lUF6VocF(72Uz-xg2hGzi_eJFoml0;Hm2mdDhz(1vtp>V
z{qBEj&wwRX36@wTSZu_Dg;p|q_I{zNBsW>qSwqm>UxlRM$t&E>xby{sOKL~J(x(#r
z60d-ZqMGL%8jf;PJYo00)#2<$-ZTSqaqPEOJQ7&WuWu7qI}sWgb%Fc&pQHlL$jlKP
z&K!An4on72zU8bBEd514Md*x!OKk%}Z~aZ?{X&Q1dX3zdyc#}m7{Wtru+gtHu}-fN
z84k?E=h}2ZQ;PP4nIL)&*cUpS<g(mNN?XE1u9DfKd#WNjKU|`-UVGM|Gh7lw1N%aU
zlhBZF`3}RUp2iydNYK6|Dde^KF8bxIGK~Y1AAA4n{t6x!zb|wFanA6mFlWCNiGA)R
zIw$Y&@LRt!GbOzt;hbI(U@VpA91>^JBkEwQ6T&6+>^JY~47~TWmCTX8IM+^kZDO$0
z`++4!50?7{EHVWwe%pg>EdRRytzB{Ji2irIQ^RWvz2(VsUM~%_e_p?tBa=KMu;e)0
zF<&}^rDqLTddGkXF3x^%)I{Hv<r|q|z02c_b5ZO5Z{yuEY(hV<%5FyX;$obRhdT#*
zX6`@Zk{1M)ydbdTg@eVOKG?>w@ka6;(I9-KDHvzQ;@r1Le)&gbG2s^>pnjV^ZN9Dj
zaekHgADk15Is8@!zN+K(QQRDntFlzf<CpoB^~N{sf9aX2kOxyfzlDpez=81;bkEPT
z@*IbOFk4`?XHdRtbBWFW;3q8d{GTpLiFd20;ca=2gG+5IpKd(QxZYv+oZR4IT=I+v
zx8zEKMLz&b-z~88Dh5j(5Lj}Z!9F%u2rO@uUfcbi1$|g%&y9<(8I01pG?kM--`XP;
z^3QR%AM2;FG>XJ?oH_C)Az0p3083wXK}6xU{U7vJo?ilL_VSXW@@;Zv&5^i)l~q?h
zgK+3#TzZ{?rB4SKugBuTx1M#_@~q<$TK8MM^yVzsjJ#2L`>|)52O#ecYMPf?L9qB_
zz-lktbzhv*&*(b)|5iW!```Zc-~Zz;fBWh8zyJAn|Lx!Z_g{X#cMX32-Jk#Z*T4U4
zxj+B;=imLy|NOVV{!9h<`OiQ7?qB}-=l}luv$ZcO^Zn(Y{`l>m|M>p?$3F>z*k@<&
w<xj6KfB658_#Z$0;SWFkufPB6-~RrefBVb7{X~qgaew-UfA}x|^-n+jAIa6-^Z)<=

diff --git a/doc/rfc5412.txt b/doc/rfc5412.txt
new file mode 100644
index 00000000..a07df0f6
--- /dev/null
+++ b/doc/rfc5412.txt
@@ -0,0 +1,7003 @@
+
+
+
+
+
+
+Independent Submission                                        P. Calhoun
+Request for Comments: 5412                                       R. Suri
+Category: Historic                                         N. Cam-Winget
+ISSN: 2070-1721                                      Cisco Systems, Inc.
+                                                             M. Williams
+                                                   GWhiz Arts & Sciences
+                                                                S. Hares
+                                                               B. O'Hara
+                                                                 S.Kelly
+                                                           February 2010
+
+
+                   Lightweight Access Point Protocol
+
+Abstract
+
+   In recent years, there has been a shift in wireless LAN (WLAN)
+   product architectures from autonomous access points to centralized
+   control of lightweight access points.  The general goal has been to
+   move most of the traditional wireless functionality such as access
+   control (user authentication and authorization), mobility, and radio
+   management out of the access point into a centralized controller.
+
+   The IETF's CAPWAP (Control and Provisioning of Wireless Access
+   Points) WG has identified that a standards-based protocol is
+   necessary between a wireless Access Controller and Wireless
+   Termination Points (the latter are also commonly referred to as
+   Lightweight Access Points).  This specification defines the
+   Lightweight Access Point Protocol (LWAPP), which addresses the
+   CAPWAP's (Control and Provisioning of Wireless Access Points)
+   protocol requirements.  Although the LWAPP protocol is designed to be
+   flexible enough to be used for a variety of wireless technologies,
+   this specific document describes the base protocol and an extension
+   that allows it to be used with the IEEE's 802.11 wireless LAN
+   protocol.
+
+Status of This Memo
+
+   This document is not an Internet Standards Track specification; it is
+   published for the historical record.
+
+   This document defines a Historic Document for the Internet community.
+   This is a contribution to the RFC Series, independently of any other
+   RFC stream.  The RFC Editor has chosen to publish this document at
+   its discretion and makes no statement about its value for
+   implementation or deployment.  Documents approved for publication by
+   the RFC Editor are not a candidate for any level of Internet
+   Standard; see Section 2 of RFC 5741.
+
+
+
+Calhoun, et al.                 Historic                        [Page 1]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   Information about the current status of this document, any errata,
+   and how to provide feedback on it may be obtained at
+   http://www.rfc-editor.org/info/rfc5412.
+
+IESG Note
+
+   This RFC documents the LWAPP protocol as it was when submitted to the
+   IETF as a basis for further work in the CAPWAP Working Group, and
+   therefore it may resemble the CAPWAP protocol specification in RFC
+   5415 as well as other IETF work.  This RFC is being published solely
+   for the historical record.  The protocol described in this RFC has
+   not been thoroughly reviewed and may contain errors and omissions.
+
+   RFC 5415 documents the standards track solution for the CAPWAP
+   Working Group and obsoletes any and all mechanisms defined in this
+   RFC.  This RFC is not a candidate for any level of Internet Standard
+   and should not be used as a basis for any sort of Internet
+   deployment.
+
+Copyright Notice
+
+   Copyright (c) 2010 IETF Trust and the persons identified as the
+   document authors.  All rights reserved.
+
+   This document is subject to BCP 78 and the IETF Trust's Legal
+   Provisions Relating to IETF Documents
+   (http://trustee.ietf.org/license-info) in effect on the date of
+   publication of this document.  Please review these documents
+   carefully, as they describe your rights and restrictions with respect
+   to this document.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Calhoun, et al.                 Historic                        [Page 2]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+Table of Contents
+
+   1. Introduction ....................................................8
+      1.1. Conventions Used in This Document ..........................9
+   2. Protocol Overview ..............................................10
+      2.1. Wireless Binding Definition ...............................11
+      2.2. LWAPP State Machine Definition ............................12
+   3. LWAPP Transport Layers .........................................20
+      3.1. LWAPP Transport Header ....................................21
+           3.1.1. VER Field ..........................................21
+           3.1.2. RID Field ..........................................21
+           3.1.3. C Bit ..............................................21
+           3.1.4. F Bit ..............................................21
+           3.1.5. L Bit ..............................................22
+           3.1.6. Fragment ID ........................................22
+           3.1.7. Length .............................................22
+           3.1.8. Status and WLANS ...................................22
+           3.1.9. Payload ............................................22
+      3.2. Using IEEE 802.3 MAC as LWAPP Transport ...................22
+           3.2.1. Framing ............................................23
+           3.2.2. AC Discovery .......................................23
+           3.2.3. LWAPP Message Header Format over IEEE 802.3
+                  MAC Transport ......................................23
+           3.2.4. Fragmentation/Reassembly ...........................24
+           3.2.5. Multiplexing .......................................24
+      3.3. Using IP/UDP as LWAPP Transport ...........................24
+           3.3.1. Framing ............................................24
+           3.3.2. AC Discovery .......................................25
+           3.3.3. LWAPP Message Header Format over IP/UDP Transport ..25
+           3.3.4. Fragmentation/Reassembly for IPv4 ..................26
+           3.3.5. Fragmentation/Reassembly for IPv6 ..................26
+           3.3.6. Multiplexing .......................................26
+   4. LWAPP Packet Definitions .......................................26
+      4.1. LWAPP Data Messages .......................................27
+      4.2. LWAPP Control Messages Overview ...........................27
+           4.2.1. Control Message Format .............................28
+           4.2.2. Message Element Format .............................29
+           4.2.3. Quality of Service .................................31
+   5. LWAPP Discovery Operations .....................................31
+      5.1. Discovery Request .........................................31
+           5.1.1. Discovery Type .....................................32
+           5.1.2. WTP Descriptor .....................................33
+           5.1.3. WTP Radio Information ..............................34
+      5.2. Discovery Response ........................................34
+           5.2.1. AC Address .........................................35
+           5.2.2. AC Descriptor ......................................35
+           5.2.3. AC Name ............................................36
+           5.2.4. WTP Manager Control IPv4 Address ...................37
+
+
+
+Calhoun, et al.                 Historic                        [Page 3]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+           5.2.5. WTP Manager Control IPv6 Address ...................37
+      5.3. Primary Discovery Request .................................38
+           5.3.1. Discovery Type .....................................38
+           5.3.2. WTP Descriptor .....................................38
+           5.3.3. WTP Radio Information ..............................38
+      5.4. Primary Discovery Response ................................38
+           5.4.1. AC Descriptor ......................................39
+           5.4.2. AC Name ............................................39
+           5.4.3. WTP Manager Control IPv4 Address ...................39
+           5.4.4. WTP Manager Control IPv6 Address ...................39
+   6. Control Channel Management .....................................39
+      6.1. Join Request ..............................................39
+           6.1.1. WTP Descriptor .....................................40
+           6.1.2. AC Address .........................................40
+           6.1.3. WTP Name ...........................................40
+           6.1.4. Location Data ......................................41
+           6.1.5. WTP Radio Information ..............................41
+           6.1.6. Certificate ........................................41
+           6.1.7. Session ID .........................................42
+           6.1.8. Test ...............................................42
+           6.1.9. XNonce .............................................42
+      6.2. Join Response .............................................43
+           6.2.1. Result Code ........................................44
+           6.2.2. Status .............................................44
+           6.2.3. Certificate ........................................45
+           6.2.4. WTP Manager Data IPv4 Address ......................45
+           6.2.5. WTP Manager Data IPv6 Address ......................45
+           6.2.6. AC IPv4 List .......................................46
+           6.2.7. AC IPv6 List .......................................46
+           6.2.8. ANonce .............................................47
+           6.2.9. PSK-MIC ............................................48
+      6.3. Join ACK ..................................................48
+           6.3.1. Session ID .........................................49
+           6.3.2. WNonce .............................................49
+           6.3.3. PSK-MIC ............................................49
+      6.4. Join Confirm ..............................................49
+           6.4.1. Session ID .........................................50
+           6.4.2. PSK-MIC ............................................50
+      6.5. Echo Request ..............................................50
+      6.6. Echo Response .............................................50
+      6.7. Key Update Request ........................................51
+           6.7.1. Session ID .........................................51
+           6.7.2. XNonce .............................................51
+      6.8. Key Update Response .......................................51
+           6.8.1. Session ID .........................................51
+           6.8.2. ANonce .............................................51
+           6.8.3. PSK-MIC ............................................52
+      6.9. Key Update ACK ............................................52
+
+
+
+Calhoun, et al.                 Historic                        [Page 4]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+           6.9.1. WNonce .............................................52
+           6.9.2. PSK-MIC ............................................52
+      6.10. Key Update Confirm .......................................52
+           6.10.1. PSK-MIC ...........................................52
+      6.11. Key Update Trigger .......................................52
+           6.11.1. Session ID ........................................53
+   7. WTP Configuration Management ...................................53
+      7.1. Configuration Consistency .................................53
+      7.2. Configure Request .........................................54
+           7.2.1. Administrative State ...............................54
+           7.2.2. AC Name ............................................55
+           7.2.3. AC Name with Index .................................55
+           7.2.4. WTP Board Data .....................................56
+           7.2.5. Statistics Timer ...................................56
+           7.2.6. WTP Static IP Address Information ..................57
+           7.2.7. WTP Reboot Statistics ..............................58
+      7.3. Configure Response ........................................58
+           7.3.1. Decryption Error Report Period .....................59
+           7.3.2. Change State Event .................................59
+           7.3.3. LWAPP Timers .......................................60
+           7.3.4. AC IPv4 List .......................................60
+           7.3.5. AC IPv6 List .......................................61
+           7.3.6. WTP Fallback .......................................61
+           7.3.7. Idle Timeout .......................................61
+      7.4. Configuration Update Request ..............................62
+           7.4.1. WTP Name ...........................................62
+           7.4.2. Change State Event .................................62
+           7.4.3. Administrative State ...............................62
+           7.4.4. Statistics Timer ...................................62
+           7.4.5. Location Data ......................................62
+           7.4.6. Decryption Error Report Period .....................62
+           7.4.7. AC IPv4 List .......................................62
+           7.4.8. AC IPv6 List .......................................62
+           7.4.9. Add Blacklist Entry ................................63
+           7.4.10. Delete Blacklist Entry ............................63
+           7.4.11. Add Static Blacklist Entry ........................64
+           7.4.12. Delete Static Blacklist Entry .....................64
+           7.4.13. LWAPP Timers ......................................65
+           7.4.14. AC Name with Index ................................65
+           7.4.15. WTP Fallback ......................................65
+           7.4.16. Idle Timeout ......................................65
+      7.5. Configuration Update Response .............................65
+           7.5.1. Result Code ........................................65
+      7.6. Change State Event Request ................................65
+           7.6.1. Change State Event .................................66
+      7.7. Change State Event Response ...............................66
+      7.8. Clear Config Indication ...................................66
+   8. Device Management Operations ...................................66
+
+
+
+Calhoun, et al.                 Historic                        [Page 5]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+      8.1. Image Data Request ........................................66
+           8.1.1. Image Download .....................................67
+           8.1.2. Image Data .........................................67
+      8.2. Image Data Response .......................................68
+      8.3. Reset Request .............................................68
+      8.4. Reset Response ............................................68
+      8.5. WTP Event Request .........................................68
+           8.5.1. Decryption Error Report ............................69
+           8.5.2. Duplicate IPv4 Address .............................69
+           8.5.3. Duplicate IPv6 Address .............................70
+      8.6. WTP Event Response ........................................70
+      8.7. Data Transfer Request .....................................71
+           8.7.1. Data Transfer Mode .................................71
+           8.7.2. Data Transfer Data .................................71
+      8.8. Data Transfer Response ....................................72
+   9. Mobile Session Management ......................................72
+      9.1. Mobile Config Request .....................................72
+           9.1.1. Delete Mobile ......................................73
+      9.2. Mobile Config Response ....................................73
+           9.2.1. Result Code ........................................74
+   10. LWAPP Security ................................................74
+      10.1. Securing WTP-AC Communications ...........................74
+      10.2. LWAPP Frame Encryption ...................................75
+      10.3. Authenticated Key Exchange ...............................76
+           10.3.1. Terminology .......................................76
+           10.3.2. Initial Key Generation ............................77
+           10.3.3. Refreshing Cryptographic Keys .....................81
+      10.4. Certificate Usage ........................................82
+   11. IEEE 802.11 Binding ...........................................82
+      11.1. Division of Labor ........................................82
+           11.1.1. Split MAC .........................................83
+           11.1.2. Local MAC .........................................85
+      11.2. Roaming Behavior and 802.11 Security .....................87
+      11.3. Transport-Specific Bindings ..............................88
+           11.3.1. Status and WLANS Field ............................88
+      11.4. BSSID to WLAN ID Mapping .................................89
+      11.5. Quality of Service .......................................89
+      11.6. Data Message Bindings ....................................90
+      11.7. Control Message Bindings .................................90
+           11.7.1. Mobile Config Request .............................90
+           11.7.2. WTP Event Request .................................96
+      11.8. 802.11 Control Messages ..................................97
+           11.8.1. IEEE 802.11 WLAN Config Request ...................98
+           11.8.2. IEEE 802.11 WLAN Config Response .................103
+           11.8.3. IEEE 802.11 WTP Event ............................103
+      11.9. Message Element Bindings ................................105
+           11.9.1. IEEE 802.11 WTP WLAN Radio Configuration .........105
+           11.9.2. IEEE 802.11 Rate Set .............................107
+
+
+
+Calhoun, et al.                 Historic                        [Page 6]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+           11.9.3. IEEE 802.11 Multi-Domain Capability ..............107
+           11.9.4. IEEE 802.11 MAC Operation ........................108
+           11.9.5. IEEE 802.11 Tx Power .............................109
+           11.9.6. IEEE 802.11 Tx Power Level .......................110
+           11.9.7. IEEE 802.11 Direct Sequence Control ..............110
+           11.9.8. IEEE 802.11 OFDM Control .........................111
+           11.9.9. IEEE 802.11 Antenna ..............................112
+           11.9.10. IEEE 802.11 Supported Rates .....................113
+           11.9.11. IEEE 802.11 CFP Status ..........................114
+           11.9.12. IEEE 802.11 WTP Mode and Type ...................114
+           11.9.13. IEEE 802.11 Broadcast Probe Mode ................115
+           11.9.14. IEEE 802.11 WTP Quality of Service ..............115
+           11.9.15. IEEE 802.11 MIC Error Report From Mobile ........117
+      11.10. IEEE 802.11 Message Element Values .....................117
+   12. LWAPP Protocol Timers ........................................118
+      12.1. MaxDiscoveryInterval ....................................118
+      12.2. SilentInterval ..........................................118
+      12.3. NeighborDeadInterval ....................................118
+      12.4. EchoInterval ............................................118
+      12.5. DiscoveryInterval .......................................118
+      12.6. RetransmitInterval ......................................119
+      12.7. ResponseTimeout .........................................119
+      12.8. KeyLifetime .............................................119
+   13. LWAPP Protocol Variables .....................................119
+      13.1. MaxDiscoveries ..........................................119
+      13.2. DiscoveryCount ..........................................119
+      13.3. RetransmitCount .........................................119
+      13.4. MaxRetransmit ...........................................120
+   14. NAT Considerations ...........................................120
+   15. Security Considerations ......................................121
+      15.1. Certificate-Based Session Key Establishment .............122
+      15.2. PSK-Based Session Key Establishment .....................123
+   16. Acknowledgements .............................................123
+   17. References ...................................................123
+      17.1. Normative References ....................................123
+      17.2. Informative References ..................................124
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Calhoun, et al.                 Historic                        [Page 7]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+1.  Introduction
+
+   Unlike wired network elements, Wireless Termination Points (WTPs)
+   require a set of dynamic management and control functions related to
+   their primary task of connecting the wireless and wired mediums.
+   Today, protocols for managing WTPs are either manual static
+   configuration via HTTP, proprietary Layer 2-specific, or non-existent
+   (if the WTPs are self-contained).  The emergence of simple 802.11
+   WTPs that are managed by a WLAN appliance or switch (also known as an
+   Access Controller, or AC) suggests that having a standardized,
+   interoperable protocol could radically simplify the deployment and
+   management of wireless networks.  In many cases, the overall control
+   and management functions themselves are generic and could apply to an
+   AP for any wireless Layer 2 (L2) protocol.  Being independent of
+   specific wireless Layer 2 technologies, such a protocol could better
+   support interoperability between Layer 2 devices and enable smoother
+   intertechnology handovers.
+
+   The details of how these functions would be implemented are dependent
+   on the particular Layer 2 wireless technology.  Such a protocol would
+   need provisions for binding to specific technologies.
+
+   LWAPP assumes a network configuration that consists of multiple WTPs
+   communicating either via Layer 2 (Medium Access Control (MAC)) or
+   Layer 3 (IP) to an AC.  The WTPs can be considered as remote radio
+   frequency (RF) interfaces, being controlled by the AC.  The AC
+   forwards all L2 frames it wants to transmit to a WTP via the LWAPP
+   protocol.  Packets from mobile nodes are forwarded by the WTP to the
+   AC, also via this protocol.  Figure 1 illustrates this arrangement as
+   applied to an IEEE 802.11 binding.
+
+                  +-+         802.11 frames          +-+
+                  | |--------------------------------| |
+                  | |              +-+               | |
+                  | |--------------| |---------------| |
+                  | |  802.11 PHY/ | |     LWAPP     | |
+                  | | MAC sublayer | |               | |
+                  +-+              +-+               +-+
+                  STA              WTP                AC
+
+                        Figure 1: LWAPP Architecture
+
+
+
+
+
+
+
+
+
+
+Calhoun, et al.                 Historic                        [Page 8]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   Security is another aspect of Wireless Termination Point management
+   that is not well served by existing solutions.  Provisioning WTPs
+   with security credentials, and managing which WTPs are authorized to
+   provide service are today handled by proprietary solutions.  Allowing
+   these functions to be performed from a centralized AC in an
+   interoperable fashion increases manageability and allows network
+   operators to more tightly control their wireless network
+   infrastructure.
+
+   This document describes the Lightweight Access Point Protocol
+   (LWAPP), allowing an AC to manage a collection of WTPs.  The protocol
+   is defined to be independent of Layer 2 technology, but an 802.11
+   binding is provided for use in growing 802.11 wireless LAN networks.
+
+   Goals:
+
+   The following are goals for this protocol:
+
+   1. Centralization of the bridging, forwarding, authentication, and
+      policy enforcement functions for a wireless network.  Optionally,
+      the AC may also provide centralized encryption of user traffic.
+      This will permit reduced cost and higher efficiency when applying
+      the capabilities of network processing silicon to the wireless
+      network, as it has already been applied to wired LANs.
+
+   2. Permit shifting of the higher-level protocol processing burden
+      away from the WTP.  This leaves the computing resource of the WTP
+      to the timing-critical applications of wireless control and
+      access.  This makes the most efficient use of the computing power
+      available in WTPs that are the subject of severe cost pressure.
+
+   3. Providing a generic encapsulation and transport mechanism, the
+      protocol may be applied to other access point types in the future
+      by adding the binding.
+
+   The LWAPP protocol concerns itself solely with the interface between
+   the WTP and the AC.  Inter-AC, or mobile-to-AC communication is
+   strictly outside the scope of this document.
+
+1.1.  Conventions Used in This Document
+
+   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
+   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
+   document are to be interpreted as described in RFC 2119 [1].
+
+
+
+
+
+
+
+Calhoun, et al.                 Historic                        [Page 9]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+2.  Protocol Overview
+
+   LWAPP is a generic protocol defining how Wireless Termination Points
+   communicate with Access Controllers.  Wireless Termination Points and
+   Access Controllers may communicate either by means of Layer 2
+   protocols or by means of a routed IP network.
+
+   LWAPP messages and procedures defined in this document apply to both
+   types of transports unless specified otherwise.  Transport
+   independence is achieved by defining formats for both MAC-level and
+   IP-level transport (see Section 3).  Also defined are framing,
+   fragmentation/reassembly, and multiplexing services to LWAPP for each
+   transport type.
+
+   The LWAPP Transport layer carries two types of payload.  LWAPP data
+   messages are forwarded wireless frames.  LWAPP control messages are
+   management messages exchanged between a WTP and an AC.  The LWAPP
+   transport header defines the "C-bit", which is used to distinguish
+   data and control traffic.  When used over IP, the LWAPP data and
+   control traffic are also sent over separate UDP ports.  Since both
+   data and control frames can exceed Path Maximum Transmission Unit
+   (PMTU), the payload of an LWAPP data or control message can be
+   fragmented.  The fragmentation behavior is highly dependent upon the
+   lower-layer transport and is defined in Section 3.
+
+   The Lightweight Access Protocol (LWAPP) begins with a discovery
+   phase.  The WTPs send a Discovery Request frame, causing any Access
+   Controller (AC), receiving that frame to respond with a Discovery
+   Response.  From the Discovery Responses received, a WTP will select
+   an AC with which to associate, using the Join Request and Join
+   Response.  The Join Request also provides an MTU discovery mechanism,
+   to determine whether there is support for the transport of large
+   frames between the WTP and its AC.  If support for large frames is
+   not present, the LWAPP frames will be fragmented to the maximum
+   length discovered to be supported by the network.
+
+   Once the WTP and the AC have joined, a configuration exchange is
+   accomplished that will cause both devices to agree on version
+   information.  During this exchange, the WTP may receive provisioning
+   settings.  For the 802.11 binding, this information would typically
+   include a name (802.11 Service Set Identifier, SSID), and security
+   parameters, the data rates to be advertised, as well as the radio
+   channel (channels, if the WTP is capable of operating more than one
+   802.11 MAC and Physical Layer (PHY) simultaneously) to be used.
+   Finally, the WTPs are enabled for operation.
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 10]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   When the WTP and AC have completed the version and provision exchange
+   and the WTP is enabled, the LWAPP encapsulates the wireless frames
+   sent between them.  LWAPP will fragment its packets, if the size of
+   the encapsulated wireless user data (Data) or protocol control
+   (Management) frames cause the resultant LWAPP packet to exceed the
+   MTU supported between the WTP and AC.  Fragmented LWAPP packets are
+   reassembled to reconstitute the original encapsulated payload.
+
+   In addition to the functions thus far described, LWAPP also provides
+   for the delivery of commands from the AC to the WTP for the
+   management of devices that are communicating with the WTP.  This may
+   include the creation of local data structures in the WTP for the
+   managed devices and the collection of statistical information about
+   the communication between the WTP and the 802.11 devices.  LWAPP
+   provides the ability for the AC to obtain any statistical information
+   collected by the WTP.
+
+   LWAPP also provides for a keepalive feature that preserves the
+   communication channel between the WTP and AC.  If the AC fails to
+   appear alive, the WTP will try to discover a new AC to communicate
+   through.
+
+   This document uses terminology defined in [5].
+
+2.1.  Wireless Binding Definition
+
+   This draft standard specifies a protocol independent of a specific
+   wireless access point radio technology.  Elements of the protocol are
+   designed to accommodate specific needs of each wireless technology in
+   a standard way.  Implementation of this standard for a particular
+   wireless technology must follow the binding requirements defined for
+   that technology.  This specification includes a binding for the IEEE
+   802.11 (see Section 11).
+
+   When defining a binding for other technologies, the authors MUST
+   include any necessary definitions for technology-specific messages
+   and all technology-specific message elements for those messages.  At
+   a minimum, a binding MUST provide the definition for a binding-
+   specific Statistics message element, which is carried in the WTP
+   Event Request message, and Add Mobile message element, which is
+   carried in the Mobile Configure Request.  If any technology-specific
+   message elements are required for any of the existing LWAPP messages
+   defined in this specification, they MUST also be defined in the
+   technology-binding document.
+
+   The naming of binding-specific message elements MUST begin with the
+   name of the technology type, e.g., the binding for IEEE 802.11,
+   provided in this standard, begins with "IEEE 802.11".
+
+
+
+Calhoun, et al.                 Historic                       [Page 11]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+2.2.  LWAPP State Machine Definition
+
+   The following state diagram represents the life cycle of a WTP-AC
+   session:
+
+      /-------------\
+      |             v
+      |       +------------+
+      |      C|    Idle    |<-----------------------------------\
+      |       +------------+<-----------------------\           |
+      |        ^    |a    ^                         |           |
+      |        |    |     \----\                    |           |
+      |        |    |          |                 +------------+ |
+      |        |    |          |          -------| Key Confirm| |
+      |        |    |          |        w/       +------------+ |
+      |        |    |          |        |           ^           |
+      |        |    |          |t       V           |5          |
+      |        |    |        +-----------+       +------------+ |
+      |       /     |       C|    Run    |       | Key Update | |
+      |     /       |       r+-----------+------>+------------+ |
+      |    /        |              ^    |s      u        x|     |
+      |   |         v              |    |                 |     |
+      |   |   +--------------+     |    |                 v     |y
+      |   |  C|  Discovery   |    q|    \--------------->+-------+
+      |   |  b+--------------+    +-------------+        | Reset |
+      |   |     |d     f|  ^      |  Configure  |------->+-------+
+      |   |     |       |  |      +-------------+p           ^
+      |   |e    v       |  |              ^                  |
+      |  +---------+    v  |i            2|                  |
+      | C| Sulking |   +------------+    +--------------+    |
+      |  +---------+  C|    Join    |--->| Join-Confirm |    |
+      |               g+------------+z   +--------------+    |
+      |                   |h      m|        3|       |4      |
+      |                   |        |         |       v       |o
+      |\                  |        |         |     +------------+
+       \\-----------------/         \--------+---->| Image Data |C
+        \------------------------------------/     +------------+n
+
+                        Figure 2: LWAPP State Machine
+
+   The LWAPP state machine, depicted above, is used by both the AC and
+   the WTP.  For every state defined, only certain messages are
+   permitted to be sent and received.  In all of the LWAPP control
+   messages defined in this document, the state for which each command
+   is valid is specified.
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 12]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   Note that in the state diagram figure above, the 'C' character is
+   used to represent a condition that causes the state to remain the
+   same.
+
+   The following text discusses the various state transitions, and the
+   events that cause them.
+
+   Idle to Discovery (a):  This is the initialization state.
+
+      WTP:  The WTP enters the Discovery state prior to transmitting the
+            first Discovery Request (see Section 5.1).  Upon entering
+            this state, the WTP sets the DiscoveryInterval timer (see
+            Section 12).  The WTP resets the DiscoveryCount counter to
+            zero (0) (see Section 13).  The WTP also clears all
+            information from ACs (e.g., AC Addresses) it may have
+            received during a previous discovery phase.
+
+       AC:  The AC does not need to maintain state information for the
+            WTP upon reception of the Discovery Request, but it MUST
+            respond with a Discovery Response (see Section 5.2).
+
+   Discovery to Discovery (b):  This is the state the WTP uses to
+   determine to which AC it wishes to connect.
+
+      WTP:  This event occurs when the DiscoveryInterval timer expires.
+            The WTP transmits a Discovery Request to every AC to which
+            the WTP hasn't received a response.  For every transition to
+            this event, the WTP increments the DisoveryCount counter.
+            See Section 5.1 for more information on how the WTP knows to
+            which ACs it should transmit the Discovery Requests.  The
+            WTP restarts the DiscoveryInterval timer.
+
+       AC:  This is a noop.
+
+   Discovery to Sulking (d):  This state occurs on a WTP when Discovery
+   or connectivity to the AC fails.
+
+      WTP:  The WTP enters this state when the DiscoveryInterval timer
+            expires and the DiscoveryCount variable is equal to the
+            MaxDiscoveries variable (see Section 13).  Upon entering
+            this state, the WTP will start the SilentInterval timer.
+            While in the Sulking state, all LWAPP messages received are
+            ignored.
+
+       AC:  This is a noop.
+
+   Sulking to Idle (e):  This state occurs on a WTP when it must restart
+   the discovery phase.
+
+
+
+Calhoun, et al.                 Historic                       [Page 13]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+      WTP:  The WTP enters this state when the SilentInterval timer (see
+            Section 12) expires.
+
+       AC:  This is a noop.
+
+   Discovery to Join (f):  This state is used by the WTP to confirm its
+   commitment to an AC that it wishes to be provided service.
+
+      WTP:  The WTP selects the best AC based on the information it
+            gathered during the discovery phase.  It then transmits a
+            Join Request (see Section 6.1) to its preferred AC.  The WTP
+            starts the WaitJoin timer (see Section 12).
+
+       AC:  The AC enters this state for the given WTP upon reception of
+            a Join Request.  The AC processes the request and responds
+            with a Join Response.
+
+   Join to Join (g):  This state transition occurs during the join
+   phase.
+
+      WTP:  The WTP enters this state when the WaitJoin timer expires,
+            and the underlying transport requires LWAPP MTU detection
+            (Section 3).
+
+       AC:  This state occurs when the AC receives a retransmission of a
+            Join Request.  The WTP processes the request and responds
+            with the Join Response.
+
+   Join to Idle (h):  This state is used when the join process has
+   failed.
+
+      WTP:  This state transition occurs if the WTP is configured to use
+            pre-shared key (PSK) security and receives a Join Response
+            that includes an invalid PSK-MIC (Message Integrity Check)
+            message element.
+
+       AC:  The AC enters this state when it transmits an unsuccessful
+            Join Response.
+
+   Join to Discovery (i):  This state is used when the join process has
+   failed.
+
+      WTP:  The WTP enters this state when it receives an unsuccessful
+            Join Response.  Upon entering this state, the WTP sets the
+            DiscoveryInterval timer (see Section 12).  The WTP resets
+            the DiscoveryCount counter to zero (0) (see Section 13).
+            This state transition may also occur if the PSK-MIC (see
+            Section 6.2.9) message element is invalid.
+
+
+
+Calhoun, et al.                 Historic                       [Page 14]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+       AC:  This state transition is invalid.
+
+   Join to Join-Confirm (z):  This state is used to provide key
+   confirmation during the join process.
+
+      WTP:  This state is entered when the WTP receives a Join Response.
+            In the event that certificate-based security is utilized,
+            this transition will occur if the Certificate message
+            element is present and valid in the Join Response.  For pre-
+            shared key security, the Join Response must include a valid
+            and authenticated PSK-MIC message element.  The WTP MUST
+            respond with a Join ACK, which is used to provide key
+            confirmation.
+
+       AC:  The AC enters this state when it receives a valid Join ACK.
+            For certificate-based security, the Join ACK MUST include
+            the WNonce message element.  For pre-shared key security,
+            the message must include a valid PSK-MIC message element.
+            The AC MUST respond with a Join Confirm message, which
+            includes the Session Key message element.
+
+   Join-Confirm to Idle (3):  This state is used when the join process
+   has failed.
+
+      WTP:  This state transition occurs when the WTP receives an
+            invalid Join Confirm.
+
+       AC:  The AC enters this state when it receives an invalid Join
+            ACK.
+
+   Join-Confirm to Configure (2):  This state is used by the WTP and the
+   AC to exchange configuration information.
+
+      WTP:  The WTP enters this state when it receives a successful Join
+            Confirm and determines that its version number and the
+            version number advertised by the AC are the same.  The WTP
+            transmits the Configure Request (see Section 7.2) message to
+            the AC with a snapshot of its current configuration.  The
+            WTP also starts the ResponseTimeout timer (see Section 12).
+
+       AC:  This state transition occurs when the AC receives the
+            Configure Request from the WTP.  The AC must transmit a
+            Configure Response (see Section 7.3) to the WTP, and may
+            include specific message elements to override the WTP's
+            configuration.
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 15]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   Join-Confirm to Image Data (4):  This state is used by the WTP and
+   the AC to download executable firmware.
+
+      WTP:  The WTP enters this state when it receives a successful Join
+            Confirm, and determines that its version number and the
+            version number advertised by the AC are different.  The WTP
+            transmits the Image Data Request (see Section 8.1) message
+            requesting that the AC's latest firmware be initiated.
+
+       AC:  This state transition occurs when the AC receives the Image
+            Data Request from the WTP.  The AC must transmit an Image
+            Data Response (see Section 8.2) to the WTP, which includes a
+            portion of the firmware.
+
+   Image Data to Image Data (n):  This state is used by the WTP and the
+   AC during the firmware download phase.
+
+      WTP:  The WTP enters this state when it receives an Image Data
+            Response that indicates that the AC has more data to send.
+
+       AC:  This state transition occurs when the AC receives the Image
+            Data Request from the WTP while already in this state, and
+            it detects that the firmware download has not completed.
+
+   Image Data to Reset (o):  This state is used when the firmware
+   download is completed.
+
+      WTP:  The WTP enters this state when it receives an Image Data
+            Response that indicates that the AC has no more data to
+            send, or if the underlying LWAPP transport indicates a link
+            failure.  At this point, the WTP reboots itself.
+
+       AC:  This state transition occurs when the AC receives the Image
+            Data Request from the WTP while already in this state, and
+            it detects that the firmware download has completed or if
+            the underlying LWAPP transport indicates a link failure.
+            Note that the AC itself does not reset, but it places the
+            specific WTP's context it is communicating with in the reset
+            state: meaning that it clears all state associated with the
+            WTP.
+
+   Configure to Reset (p):  This state transition occurs if the
+   configure phase fails.
+
+      WTP:  The WTP enters this state when the reliable transport fails
+            to deliver the Configure Request, or if the ResponseTimeout
+            timer (see Section 12) expires.
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 16]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+       AC:  This state transition occurs if the AC is unable to transmit
+            the Configure Response to a specific WTP.  Note that the AC
+            itself does not reset, but it places the specific WTP's
+            context it is communicating with in the reset state: meaning
+            that it clears all state associated with the WTP.
+
+   Configure to Run (q):  This state transition occurs when the WTP and
+   AC enter their normal state of operation.
+
+      WTP:  The WTP enters this state when it receives a successful
+            Configure Response from the AC.  The WTP initializes the
+            HeartBeat timer (see Section 12), and transmits the Change
+            State Event Request message (see Section 7.6).
+
+       AC:  This state transition occurs when the AC receives the Change
+            State Event Request (see Section 7.6) from the WTP.  The AC
+            responds with a Change State Event Response (see Section
+            7.7) message.  The AC must start the Session ID and
+            NeighborDead timers (see Section 12).
+
+   Run to Run (r):  This is the normal state of operation.
+
+      WTP:  This is the WTP's normal state of operation, and there are
+            many events that cause this to occur:
+
+         Configuration Update:  The WTP receives a Configuration Update
+         Request (see Section 7.4).  The WTP MUST respond with a
+         Configuration Update Response (see Section 7.5).
+
+         Change State Event:  The WTP receives a Change State Event
+         Response, or determines that it must initiate a Change State
+         Event Request, as a result of a failure or change in the state
+         of a radio.
+
+         Echo Request:  The WTP receives an Echo Request message
+         (Section 6.5), to which it MUST respond with an Echo Response
+         (see Section 6.6).
+
+         Clear Config Indication:  The WTP receives a Clear Config
+         Indication message (Section 7.8).  The WTP MUST reset its
+         configuration back to manufacturer defaults.
+
+         WTP Event:  The WTP generates a WTP Event Request to send
+         information to the AC (Section 8.5).  The WTP receives a WTP
+         Event Response from the AC (Section 8.6).
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 17]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+         Data Transfer:  The WTP generates a Data Transfer Request to
+         the AC (Section 8.7).  The WTP receives a Data Transfer
+         Response from the AC (Section 8.8).
+
+         WLAN Config Request:  The WTP receives a WLAN Config Request
+         message (Section 11.8.1), to which it MUST respond with a WLAN
+         Config Response (see Section 11.8.2).
+
+         Mobile Config Request:  The WTP receives an Mobile Config
+         Request message (Section 9.1), to which it MUST respond with a
+         Mobile Config Response (see Section 9.2).
+
+       AC:  This is the AC's normal state of operation, and there are
+            many events that cause this to occur:
+
+         Configuration Update:  The AC sends a Configuration Update
+         Request (see Section 7.4) to the WTP to update its
+         configuration.  The AC receives a Configuration Update Response
+         (see Section 7.5) from the WTP.
+
+         Change State Event:  The AC receives a Change State Event
+         Request (see Section 7.6), to which it MUST respond with the
+         Change State Event Response (see Section 7.7).
+
+         Echo:  The AC sends an Echo Request message (Section 6.5) or
+         receives the associated Echo Response (see Section 6.6) from
+         the WTP.
+
+         Clear Config Indication:  The AC sends a Clear Config
+         Indication message (Section 7.8).
+
+         WLAN Config:  The AC sends a WLAN Config Request message
+         (Section 11.8.1) or receives the associated WLAN Config
+         Response (see Section 11.8.2) from the WTP.
+
+         Mobile Config:  The AC sends a Mobile Config Request message
+         (Section 9.1) or receives the associated Mobile Config Response
+         (see Section 9.2) from the WTP.
+
+         Data Transfer:  The AC receives a Data Transfer Request from
+         the AC (see Section 8.7) and MUST generate the associated Data
+         Transfer Response message (see Section 8.8).
+
+         WTP Event:  The AC receives a WTP Event Request from the AC
+         (see Section 8.5) and MUST generate the associated WTP Event
+         Response message (see Section 8.6).
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 18]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   Run to Reset (s):  This event occurs when the AC wishes for the WTP
+   to reboot.
+
+      WTP:  The WTP enters this state when it receives a Reset Request
+            (see Section 8.3).  It must respond with a Reset Response
+            (see Section 8.4), and once the reliable transport
+            acknowledgement has been received, it must reboot itself.
+
+       AC:  This state transition occurs either through some
+            administrative action, or via some internal event on the AC
+            that causes it to request that the WTP disconnect.  Note
+            that the AC itself does not reset, but it places the
+            specific WTPs context it is communicating with in the reset
+            state.
+
+   Run to Idle (t):  This event occurs when an error occurs in the
+   communication between the WTP and the AC.
+
+      WTP:  The WTP enters this state when the underlying reliable
+            transport is unable to transmit a message within the
+            RetransmitInterval timer (see Section 12), and the maximum
+            number of RetransmitCount counter has reached the
+            MaxRetransmit variable (see Section 13).
+
+       AC:  The AC enters this state when the underlying reliable
+            transport in unable to transmit a message within the
+            RetransmitInterval timer (see Section 12), and the maximum
+            number of RetransmitCount counter has reached the
+            MaxRetransmit variable (see Section 13).
+
+   Run to Key Update (u):  This event occurs when the WTP and the AC are
+   to exchange new keying material, with which it must use to protect
+   all future messages.
+
+      WTP:  This state transition occurs when the KeyLifetime timer
+            expires (see Section 12).
+
+       AC:  The WTP enters this state when it receives a Key Update
+            Request (see Section 6.7).
+
+   Key Update to Key Confirm (w):  This event occurs during the rekey
+   phase and is used to complete the loop.
+
+      WTP:  This state transition occurs when the WTP receives the Key
+            Update Response.  The WTP MUST only accept the message if it
+            is authentic.  The WTP responds to this response with a Key
+            Update ACK.
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 19]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+       AC:  The AC enters this state when it receives an authenticated
+            Key Update ACK message.
+
+   Key Confirm to Run (5):  This event occurs when the rekey exchange
+   phase is completed.
+
+      WTP:  This state transition occurs when the WTP receives the Key
+            Update Confirm.  The newly derived encryption key and
+            Initialization Vector (IV) must be plumbed into the crypto
+            module after validating the message's authentication.
+
+       AC:  The AC enters this state when it transmits the Key Update
+            Confirm message.  The newly derived encryption key and IV
+            must be plumbed into the crypto module after transmitting a
+            Key Update Confirm message.
+
+   Key Update to Reset (x):  This event occurs when the key exchange
+   phase times out.
+
+      WTP:  This state transition occurs when the WTP does not receive a
+            Key Update Response from the AC.
+
+       AC:  The AC enters this state when it is unable to process a Key
+            Update Request.
+
+   Reset to Idle (y):  This event occurs when the state machine is
+   restarted.
+
+      WTP:  The WTP reboots itself.  After rebooting, the WTP will start
+            its LWAPP state machine in the Idle state.
+
+       AC:  The AC clears out any state associated with the WTP.  The AC
+            generally does this as a result of the reliable link layer
+            timing out.
+
+3.  LWAPP Transport Layers
+
+   The LWAPP protocol can operate at Layer 2 or 3.  For Layer 2 support,
+   the LWAPP messages are carried in a native Ethernet frame.  As such,
+   the protocol is not routable and depends upon Layer 2 connectivity
+   between the WTP and the AC.  Layer 3 support is provided by
+   encapsulating the LWAPP messages within UDP.
+
+
+
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 20]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+3.1.  LWAPP Transport Header
+
+   All LWAPP protocol packets are encapsulated using a common header
+   format, regardless of the transport used to carry the frames.
+   However, certain flags are not applicable for a given transport, and
+   it is therefore necessary to refer to the specific transport section
+   in order to determine which flags are valid.
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |VER| RID |C|F|L|    Frag ID    |            Length             |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |          Status/WLANs         |   Payload...  |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+3.1.1.  VER Field
+
+   A 2-bit field that contains the version of LWAPP used in this packet.
+   The value for this document is 0.
+
+3.1.2.  RID Field
+
+   A 3-bit field that contains the Radio ID number for this packet.
+   WTPs with multiple radios but a single MAC address use this field to
+   indicate which radio is associated with the packet.
+
+3.1.3.  C Bit
+
+   The control message 'C' bit indicates whether this packet carries a
+   data or control message.  When this bit is zero (0), the packet
+   carries an LWAPP data message in the payload (see Section 4.1).  When
+   this bit is one (1), the packet carries an LWAPP control message as
+   defined in Section 4.2 for consumption by the addressed destination.
+
+3.1.4.  F Bit
+
+   The Fragment 'F' bit indicates whether this packet is a fragment.
+   When this bit is one (1), the packet is a fragment and MUST be
+   combined with the other corresponding fragments to reassemble the
+   complete information exchanged between the WTP and AC.
+
+
+
+
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 21]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+3.1.5.  L Bit
+
+   The Not Last 'L' bit is valid only if the 'F' bit is set and
+   indicates whether the packet contains the last fragment of a
+   fragmented exchange between the WTP and AC.  When this bit is 1, the
+   packet is not the last fragment.  When this bit is 0, the packet is
+   the last fragment.
+
+3.1.6.  Fragment ID
+
+   An 8-bit field whose value is assigned to each group of fragments
+   making up a complete set.  The Fragment ID space is managed
+   individually for every WTP/AC pair.  The value of Fragment ID is
+   incremented with each new set of fragments.  The Fragment ID wraps to
+   zero after the maximum value has been used to identify a set of
+   fragments.  LWAPP only supports up to 2 fragments per frame.
+
+3.1.7.  Length
+
+   The 16-bit length field contains the number of bytes in the Payload.
+   The field is encoded as an unsigned number.  If the LWAPP packet is
+   encrypted, the length field includes the Advanced Encryption Standard
+   Counter with CBC-MAC (AES-CCM) MIC (see Section 10.2 for more
+   information).
+
+3.1.8.  Status and WLANS
+
+   The interpretation of this 16-bit field is binding-specific.  Refer
+   to the transport portion of the binding for a wireless technology for
+   the specification.
+
+3.1.9.  Payload
+
+   This field contains the header for an LWAPP data message or LWAPP
+   control message, followed by the data associated with that message.
+
+3.2.  Using IEEE 802.3 MAC as LWAPP Transport
+
+   This section describes how the LWAPP protocol is provided over native
+   Ethernet frames.  An LWAPP packet is formed from the MAC frame
+   header, followed by the LWAPP message header.  The following figure
+   provides an example of the frame formats used when LWAPP is used over
+   the IEEE 802.3 transport.
+
+
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 22]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+      Layer 2 LWAPP Data Frame
+      +-----------------------------------------------------------+
+      | MAC Header | LWAPP Header [C=0] | Forwarded Data ...      |
+      +-----------------------------------------------------------+
+
+      Layer 2 LWAPP Control Frame
+      +---------------------------------------------------+
+      | MAC Header | LWAPP Header [C=1] | Control Message |
+      +---------------------------------------------------+
+      | Message Elements ... |
+      +----------------------+
+
+3.2.1.  Framing
+
+   Source Address
+
+   A MAC address belonging to the interface from which this message is
+   sent.  If multiple source addresses are configured on an interface,
+   then the one chosen is implementation-dependent.
+
+   Destination Address
+
+   A MAC address belonging to the interface to which this message is to
+   be sent.  This destination address MAY be either an individual
+   address or a multicast address, if more than one destination
+   interface is intended.
+
+   Ethertype
+
+   The Ethertype field is set to 0x88bb.
+
+3.2.2.  AC Discovery
+
+   When run over IEEE 802.3, LWAPP messages are distributed to a
+   specific MAC-level broadcast domain.  The AC discovery mechanism used
+   with this transport is for a WTP to transmit a Discovery Request
+   message to a broadcast destination MAC address.  The ACs will receive
+   this message and reply based on their policy.
+
+3.2.3.  LWAPP Message Header Format over IEEE 802.3 MAC Transport
+
+   All of the fields described in Section 3.1 are used when LWAPP uses
+   the IEEE 802.3 MAC transport.
+
+
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 23]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+3.2.4.  Fragmentation/Reassembly
+
+   Fragmentation at the MAC layer is managed using the F, L, and Frag ID
+   fields of the LWAPP message header.  The LWAPP protocol only allows a
+   single packet to be fragmented into 2, which is sufficient for a
+   frame that exceeds MTU due to LWAPP encapsulation.  When used with
+   Layer 2 (Ethernet) transport, both fragments MUST include the LWAPP
+   header.
+
+3.2.5.  Multiplexing
+
+   LWAPP control messages and data messages are distinguished by the 'C'
+   bit in the LWAPP message header.
+
+3.3.  Using IP/UDP as LWAPP Transport
+
+   This section defines how LWAPP makes use of IP/UDP transport between
+   the WTP and the AC.  When this transport is used, the MAC layer is
+   controlled by the IP stack, and there are therefore no special MAC-
+   layer requirements.  The following figure provides an example of the
+   frame formats used when LWAPP is used over the IP/UDP transport.  IP
+   stacks can be either IPv4 or IPv6.
+
+      Layer 3 LWAPP Data Frame
+      +--------------------------------------------+
+      | MAC Header | IP | UDP | LWAPP Header [C=0] |
+      +--------------------------------------------+
+      |Forwarded Data ... |
+      +-------------------+
+
+      Layer 3 LWAPP Control Frame
+      +--------------------------------------------+
+      | MAC Header | IP | UDP | LWAPP Header [C=1] |
+      +--------------------------------------------+
+      | Control Message | Message Elements ... |
+      +-----------------+----------------------+
+
+3.3.1.  Framing
+
+   Communication between the WTP and AC is established according to the
+   standard UDP client/server model.  The connection is initiated by the
+   WTP (client) to the well-known UDP port of the AC (server) used for
+   control messages.  This UDP port number of the AC is 12222 for LWAPP
+   data and 12223 for LWAPP control frames.
+
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 24]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+3.3.2.  AC Discovery
+
+   When LWAPP is run over routed IP networks, the WTP and the AC do not
+   need to reside in the same IP subnet (broadcast domain).  However, in
+   the event the peers reside on separate subnets, there must exist a
+   mechanism for the WTP to discover the AC.
+
+   As the WTP attempts to establish communication with the AC, it sends
+   the Discovery Request message and receives the corresponding response
+   message from the AC.  The WTP must send the Discovery Request message
+   to either the limited broadcast IP address (255.255.255.255), a well
+   known multicast address, or the unicast IP address of the AC.  Upon
+   receipt of the message, the AC issues a Discovery Response message to
+   the unicast IP address of the WTP, regardless of whether a Discovery
+   Request was sent as a broadcast, multicast, or unicast message.
+
+   Whether the WTP uses a limited IP broadcast, multicast or unicast IP
+   address is implementation-dependent.
+
+   In order for a WTP to transmit a Discovery Request to a unicast
+   address, the WTP must first obtain the IP address of the AC.  Any
+   static configuration of an AC's IP address on the WTP non-volatile
+   storage is implementation-dependent.  However, additional dynamic
+   schemes are possible: for example:
+
+   DHCP:  A comma-delimited, ASCII-encoded list of AC IP addresses is
+          embedded inside a DHCP vendor-specific option 43 extension.
+          An example of the actual format of the vendor-specific payload
+          for IPv4 is of the form "10.1.1.1, 10.1.1.2".
+
+    DNS:  The DNS name "LWAPP-AC-Address" MAY be resolvable to one or
+          more AC addresses.
+
+3.3.3.  LWAPP Message Header Format over IP/UDP Transport
+
+   All of the fields described in Section 3.1 are used when LWAPP uses
+   the IPv4/UDP or IPv6/UDP transport, with the following exceptions.
+
+3.3.3.1.  F Bit
+
+   This flag field is not used with this transport, and MUST be set to
+   zero.
+
+3.3.3.2.  L Bit
+
+   This flag field is not used with this transport, and MUST be set to
+   zero.
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 25]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+3.3.3.3.  Frag ID
+
+   This field is not used with this transport, and MUST be set to zero.
+
+3.3.4.  Fragmentation/Reassembly for IPv4
+
+   When LWAPP is implemented at L3, the transport layer uses IP
+   fragmentation to fragment and reassemble LWAPP messages that are
+   longer than the MTU size used by either the WTP or AC.  The details
+   of IP fragmentation are covered in [8].  When used with the IP
+   transport, only the first fragment would include the LWAPP header.
+
+3.3.5.  Fragmentation/Reassembly for IPv6
+
+   IPv6 does MTU discovery so fragmentation and re-assembly is not
+   necessary for UDP packets.
+
+3.3.6.  Multiplexing
+
+   LWAPP messages convey control information between WTP and AC, as well
+   as binding specific data frames or binding specific management
+   frames.  As such, LWAPP messages need to be multiplexed in the
+   transport sub-layer and be delivered to the proper software entities
+   in the endpoints of the protocol.  However, the 'C' bit is still used
+   to differentiate between data and control frames.
+
+   In case of Layer 3 connection, multiplexing is achieved by use of
+   different UDP ports for control and data packets (see Section 3.3.1).
+
+   As part of the Join procedure, the WTP and AC may negotiate different
+   IP Addresses for data or control messages.  The IP address returned
+   in the AP Manager Control IP Address message element is used to
+   inform the WTP with the IP address to which it must send all control
+   frames.  The AP Manager Data IP Address message element MAY be
+   present only if the AC has a different IP address that the WTP is to
+   use to send its data LWAPP frames.
+
+   In the event the WTP and AC are separated by a NAT, with the WTP
+   using private IP address space, it is the responsibility of the NAT
+   to manage appropriate UDP port mapping.
+
+4.  LWAPP Packet Definitions
+
+   This section contains the packet types and format.  The LWAPP
+   protocol is designed to be transport-agnostic by specifying packet
+   formats for both MAC frames and IP packets.  An LWAPP packet consists
+   of an LWAPP Transport Layer packet header followed by an LWAPP
+   message.
+
+
+
+Calhoun, et al.                 Historic                       [Page 26]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   Transport details can be found in Section 3.
+
+4.1.  LWAPP Data Messages
+
+   An LWAPP data message is a forwarded wireless frame.  When forwarding
+   wireless frames, the sender simply encapsulates the wireless frame in
+   an LWAPP data packet, using the appropriate transport rules defined
+   in Section 3.
+
+   In the event that the encapsulated frame would exceed the transport
+   layer's MTU, the sender is responsible for the fragmentation of the
+   frame, as specified in the transport-specific section of Section 3.
+
+   The actual format of the encapsulated LWAPP data frame is subject to
+   the rules defined under the specific wireless technology binding.
+
+4.2.  LWAPP Control Messages Overview
+
+   The LWAPP Control protocol provides a control channel between the WTP
+   and the AC.  The control channel is the series of control messages
+   between the WTP and AC, associated with a session ID and key.
+   Control messages are divided into the following distinct message
+   types:
+
+   Discovery:  LWAPP Discovery messages are used to identify potential
+      ACs, their load and capabilities.
+
+   Control Channel Management:  Messages that fall within this
+      classification are used for the discovery of ACs by the WTPs as
+      well as the establishment and maintenance of an LWAPP control
+      channel.
+
+   WTP Configuration:  The WTP Configuration messages are used by the AC
+      to push a specific configuration to the WTPs with which it has a
+      control channel.  Messages that deal with the retrieval of
+      statistics from the WTP also fall in this category.
+
+   Mobile Session Management:  Mobile Session Management messages are
+      used by the AC to push specific mobile policies to the WTP.
+
+   Firmware Management:  Messages in this category are used by the AC to
+      push a new firmware image down to the WTP.
+
+   Control Channel, WTP Configuration, and Mobile Session Management
+   MUST be implemented.  Firmware Management MAY be implemented.
+
+   In addition, technology-specific bindings may introduce new control
+   channel commands that depart from the above list.
+
+
+
+Calhoun, et al.                 Historic                       [Page 27]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+4.2.1.  Control Message Format
+
+   All LWAPP control messages are sent encapsulated within the LWAPP
+   header (see Section 3.1).  Immediately following the header is the
+   LWAPP control header, which has the following format:
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |  Message Type |    Seq Num    |      Msg Element Length       |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                           Session ID                          |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |      Msg Element [0..N]       |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+4.2.1.1.  Message Type
+
+   The Message Type field identifies the function of the LWAPP control
+   message.  The valid values for a Message Type are the following:
+
+                  Description                       Value
+                  Discovery Request                    1
+                  Discovery Response                   2
+                  Join Request                         3
+                  Join Response                        4
+                  Join ACK                             5
+                  Join Confirm                         6
+                  Unused                             7-9
+                  Configure Request                   10
+                  Configure Response                  11
+                  Configuration Update Request        12
+                  Configuration Update Response       13
+                  WTP Event Request                   14
+                  WTP Event Response                  15
+                  Change State Event Request          16
+                  Change State Event Response         17
+                  Unused                           18-21
+                  Echo Request                        22
+                  Echo Response                       23
+                  Image Data Request                  24
+                  Image Data Response                 25
+                  Reset Request                       26
+                  Reset Response                      27
+                  Unused                           28-29
+                  Key Update Request                  30
+                  Key Update Response                 31
+                  Primary Discovery Request           32
+
+
+
+Calhoun, et al.                 Historic                       [Page 28]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+                  Primary Discovery Response          33
+                  Data Transfer Request               34
+                  Data Transfer Response              35
+                  Clear Config Indication             36
+                  WLAN Config Request                 37
+                  WLAN Config Response                38
+                  Mobile Config Request               39
+                  Mobile Config Response              40
+
+4.2.1.2.  Sequence Number
+
+   The Sequence Number field is an identifier value to match request/
+   response packet exchanges.  When an LWAPP packet with a request
+   message type is received, the value of the Sequence Number field is
+   copied into the corresponding response packet.
+
+   When an LWAPP control frame is sent, its internal sequence number
+   counter is monotonically incremented, ensuring that no two requests
+   pending have the same sequence number.  This field will wrap back to
+   zero.
+
+4.2.1.3.  Message Element Length
+
+   The length field indicates the number of bytes following the Session
+   ID field.  If the LWAPP packet is encrypted, the length field
+   includes the AES-CCM MIC (see Section 10.2 for more information).
+
+4.2.1.4.  Session ID
+
+   The Session ID is a 32-bit unsigned integer that is used to identify
+   the security context for encrypted exchanges between the WTP and the
+   AC.  Note that a Session ID is a random value that MUST be unique
+   between a given AC and any of the WTPs with which it may be
+   communicating.
+
+4.2.1.5.  Message Element [0..N]
+
+   The message element(s) carry the information pertinent to each of the
+   control message types.  Every control message in this specification
+   specifies which message elements are permitted.
+
+4.2.2.  Message Element Format
+
+   The message element is used to carry information pertinent to a
+   control message.  Every message element is identified by the Type
+   field, whose numbering space is managed via IANA (see Section 16).
+   The total length of the message elements is indicated in the Message
+   Element Length field.
+
+
+
+Calhoun, et al.                 Historic                       [Page 29]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   All of the message element definitions in this document use a diagram
+   similar to the one below in order to depict their formats.  Note that
+   in order to simplify this specification, these diagrams do not
+   include the header fields (Type and Length).  However, in each
+   message element description, the header's field values will be
+   defined.
+
+   Note that additional message elements may be defined in separate IETF
+   documents.
+
+   The format of a message element uses the TLV format shown here:
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |      Type     |             Length            |   Value ...   |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   where Type (8 bits) identifies the character of the information
+   carried in the Value field and Length (16 bits) indicates the number
+   of bytes in the Value field.
+
+4.2.2.1.  Generic Message Elements
+
+   This section includes message elements that are not bound to a
+   specific control message.
+
+4.2.2.1.1.  Vendor Specific
+
+   The Vendor-Specific Payload is used to communicate vendor-specific
+   information between the WTP and the AC.  The value contains the
+   following format:
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                       Vendor Identifier                       |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |          Element ID           |   Value...    |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   104 for Vendor Specific
+
+   Length:   >= 7
+
+   Vendor Identifier:   A 32-bit value containing the IANA-assigned "SMI
+      Network Management Private Enterprise Codes" [13].
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 30]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   Element ID:   A 16-bit Element Identifier that is managed by the
+      vendor.
+
+   Value:   The value associated with the vendor-specific element.
+
+4.2.3.  Quality of Service
+
+   It is recommended that LWAPP control messages be sent by both the AC
+   and the WTP with an appropriate Quality-of-Service precedence value,
+   ensuring that congestion in the network minimizes occurrences of
+   LWAPP control channel disconnects.  Therefore, a Quality-of-Service-
+   enabled LWAPP device should use:
+
+   802.1P:   The precedence value of 7 SHOULD be used.
+
+   DSCP:   The Differentiated Services Code Point (DSCP) tag value of 46
+           SHOULD be used.
+
+5.  LWAPP Discovery Operations
+
+   The Discovery messages are used by a WTP to determine which ACs are
+   available to provide service, as well as the capabilities and load of
+   the ACs.
+
+5.1.  Discovery Request
+
+   The Discovery Request is used by the WTP to automatically discover
+   potential ACs available in the network.  A WTP must transmit this
+   command even if it has a statically configured AC, as it is a
+   required step in the LWAPP state machine.
+
+   Discovery Requests MUST be sent by a WTP in the Discover state after
+   waiting for a random delay less of than MaxDiscoveryInterval, after a
+   WTP first comes up or is (re)initialized.  A WTP MUST send no more
+   than a maximum of MaxDiscoveries discoveries, waiting for a random
+   delay less than MaxDiscoveryInterval between each successive
+   discovery.
+
+   This is to prevent an explosion of WTP Discoveries.  An example of
+   this occurring would be when many WTPs are powered on at the same
+   time.
+
+   Discovery Requests MUST be sent by a WTP when no Echo Responses are
+   received for NeighborDeadInterval and the WTP returns to the Idle
+   state.  Discovery Requests are sent after NeighborDeadInterval, they
+   MUST be sent after waiting for a random delay less than
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 31]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   MaxDiscoveryInterval.  A WTP MAY send up to a maximum of
+   MaxDiscoveries discoveries, waiting for a random delay less than
+   MaxDiscoveryInterval between each successive discovery.
+
+   If a Discovery Response is not received after sending the maximum
+   number of Discovery Requests, the WTP enters the Sulking state and
+   MUST wait for an interval equal to SilentInterval before sending
+   further Discovery Requests.
+
+   The Discovery Request message may be sent as a unicast, broadcast, or
+   multicast message.
+
+   Upon receiving a Discovery Request, the AC will respond with a
+   Discovery Response sent to the address in the source address of the
+   received Discovery Request.
+
+   The following subsections define the message elements that MUST be
+   included in this LWAPP operation.
+
+5.1.1.  Discovery Type
+
+   The Discovery message element is used to configure a WTP to operate
+   in a specific mode.
+
+       0
+       0 1 2 3 4 5 6 7
+      +-+-+-+-+-+-+-+-+
+      | Discovery Type|
+      +-+-+-+-+-+-+-+-+
+
+   Type:   58 for Discovery Type
+
+   Length:   1
+
+   Discovery Type:   An 8-bit value indicating how the AC was
+      discovered.  The following values are supported:
+
+      0 -  Broadcast
+
+      1 -  Configured
+
+
+
+
+
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 32]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+5.1.2.  WTP Descriptor
+
+   The WTP Descriptor message element is used by the WTP to communicate
+   its current hardware/firmware configuration.  The value contains the
+   following fields.
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                      Hardware   Version                       |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                      Software   Version                       |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                          Boot   Version                       |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |   Max Radios  | Radios in use |    Encryption Capabilities    |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   3 for WTP Descriptor
+
+   Length:   16
+
+   Hardware Version:   A 32-bit integer representing the WTP's hardware
+      version number.
+
+   Software Version:   A 32-bit integer representing the WTP's Firmware
+      version number.
+
+   Boot Version:   A 32-bit integer representing the WTP's boot loader's
+      version number.
+
+   Max Radios:   An 8-bit value representing the number of radios (where
+      each radio is identified via the RID field) supported by the WTP.
+
+   Radios in Use:   An 8-bit value representing the number of radios
+      present in the WTP.
+
+   Encryption Capabilities:   This 16-bit field is used by the WTP to
+      communicate its capabilities to the AC.  Since most WTPs support
+      link-layer encryption, the AC may make use of these services.
+      There are binding-dependent encryption capabilites.  A WTP that
+      does not have any encryption capabilities would set this field to
+      zero (0).  Refer to the specific binding for the specification.
+
+
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 33]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+5.1.3.  WTP Radio Information
+
+   The WTP Radio Information message element is used to communicate the
+   radio information in a specific slot.  The Discovery Request MUST
+   include one such message element per radio in the WTP.  The Radio-
+   Type field is used by the AC in order to determine which technology-
+   specific binding is to be used with the WTP.
+
+   The value contains two fields, as shown:
+
+       0                   1
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |   Radio ID    |   Radio Type  |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   4 for WTP Radio Information
+
+   Length:   2
+
+   Radio ID:   The Radio Identifier, typically refers to some interface
+      index on the WTP.
+
+   Radio Type:   The type of radio present.  The following values are
+      supported:
+
+      1 - 802.11bg:   An 802.11bg radio.
+
+      2 - 802.11a:   An 802.11a radio.
+
+      3 - 802.16:   An 802.16 radio.
+
+      4 - Ultra Wideband:   A UWB radio.
+
+      7 - all:   Used to specify all radios in the WTP.
+
+5.2.  Discovery Response
+
+   The Discovery Response is a mechanism by which an AC advertises its
+   services to requesting WTPs.
+
+   Discovery Responses are sent by an AC after receiving a Discovery
+   Request.
+
+
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 34]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   When a WTP receives a Discovery Response, it MUST wait for an
+   interval not less than DiscoveryInterval for receipt of additional
+   Discovery Responses.  After the DiscoveryInterval elapses, the WTP
+   enters the Joining state and will select one of the ACs that sent a
+   Discovery Response and send a Join Request to that AC.
+
+   The following subsections define the message elements that MUST be
+   included in this LWAPP operation.
+
+5.2.1.  AC Address
+
+   The AC Address message element is used to communicate the identity of
+   the AC.  The value contains two fields, as shown:
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |   Reserved    |                  MAC Address                  |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                 MAC Address                   |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   2 for AC Address
+
+   Length:   7
+
+   Reserved:   MUST be set to zero
+
+   MAC Address:   The MAC address of the AC
+
+5.2.2.  AC Descriptor
+
+   The AC Descriptor message element is used by the AC to communicate
+   its current state.  The value contains the following fields:
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |   Reserved    |                 Hardware  Version ...         |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |     HW Ver    |                 Software  Version ...         |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |     SW Ver    |            Stations           |     Limit     |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |     Limit     |            Radios             |   Max Radio   |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |   Max Radio   |    Security   |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+
+
+Calhoun, et al.                 Historic                       [Page 35]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   Type:   6 for AC Descriptor
+
+   Length:   17
+
+   Reserved:   MUST be set to zero
+
+   Hardware Version:   A 32-bit integer representing the AC's hardware
+      version number.
+
+   Software Version:   A 32-bit integer representing the AC's Firmware
+      version number.
+
+   Stations:   A 16-bit integer representing the number of mobile
+      stations currently associated with the AC.
+
+   Limit:   A 16-bit integer representing the maximum number of stations
+      supported by the AC.
+
+   Radios:   A 16-bit integer representing the number of WTPs currently
+      attached to the AC.
+
+   Max Radio:   A 16-bit integer representing the maximum number of WTPs
+      supported by the AC.
+
+   Security:   An 8-bit bitmask specifying the security schemes
+      supported by the AC.  The following values are supported (see
+      Section 10):
+
+      1 -  X.509 Certificate-Based
+
+      2 -  Pre-Shared Secret
+
+5.2.3.  AC Name
+
+   The AC Name message element contains an ASCII representation of the
+   AC's identity.  The value is a variable-length byte string.  The
+   string is NOT zero terminated.
+
+       0
+       0 1 2 3 4 5 6 7
+      +-+-+-+-+-+-+-+-+
+      | Name ...
+      +-+-+-+-+-+-+-+-+
+
+   Type:   31 for AC Name
+
+   Length:   > 0
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 36]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   Name:   A variable-length ASCII string containing the AC's name.
+
+5.2.4.  WTP Manager Control IPv4 Address
+
+   The WTP Manager Control IPv4 Address message element is sent by the
+   AC to the WTP during the discovery process and is used by the AC to
+   provide the interfaces available on the AC, and their current load.
+   This message element is useful for the WTP to perform load balancing
+   across multiple interfaces.
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                           IP Address                          |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |           WTP Count           |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   99 for WTP Manager Control IPv4 Address
+
+   Length:   6
+
+   IP Address:   The IP address of an interface.
+
+   WTP Count:   The number of WTPs currently connected to the interface.
+
+5.2.5.  WTP Manager Control IPv6 Address
+
+   The WTP Manager Control IPv6 Address message element is sent by the
+   AC to the WTP during the discovery process and is used by the AC to
+   provide the interfaces available on the AC, and their current load.
+   This message element is useful for the WTP to perform load balancing
+   across multiple interfaces.
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                           IP Address                          |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                           IP Address                          |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                           IP Address                          |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                           IP Address                          |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |           WTP Count           |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 37]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   Type:   137 for WTP Manager Control IPv6 Address
+
+   Length:   6
+
+   IP Address:   The IP address of an interface.
+
+   WTP Count:   The number of WTPs currently connected to the interface.
+
+5.3.  Primary Discovery Request
+
+   The Primary Discovery Request is sent by the WTP in order to
+   determine whether its preferred (or primary) AC is available.
+
+   Primary Discovery Requests are sent by a WTP when it has a primary AC
+   configured, and is connected to another AC.  This generally occurs as
+   a result of a failover, and is used by the WTP as a means to discover
+   when its primary AC becomes available.  As a consequence, this
+   message is only sent by a WTP when it is in the Run state.
+
+   The frequency of the Primary Discovery Requests should be no more
+   often than the sending of the Echo Request message.
+
+   Upon receiving a Discovery Request, the AC will respond with a
+   Primary Discovery Response sent to the address in the source address
+   of the received Primary Discovery Request.
+
+   The following subsections define the message elements that MUST be
+   included in this LWAPP operation.
+
+5.3.1.  Discovery Type
+
+   The Discovery Type message element is defined in Section 5.1.1.
+
+5.3.2.  WTP Descriptor
+
+   The WTP Descriptor message element is defined in Section 5.1.2.
+
+5.3.3.  WTP Radio Information
+
+   A WTP Radio Information message element must be present for every
+   radio in the WTP.  This message element is defined in Section 5.1.3.
+
+5.4.  Primary Discovery Response
+
+   The Primary Discovery Response is a mechanism by which an AC
+   advertises its availability and services to requesting WTPs that are
+   configured to have the AC as its primary AC.
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 38]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   Primary Discovery Responses are sent by an AC after receiving a
+   Primary Discovery Request.
+
+   When a WTP receives a Primary Discovery Response, it may opt to
+   establish an LWAPP connection to its primary AC, based on the
+   configuration of the WTP Fallback Status message element on the WTP.
+
+   The following subsections define the message elements that MUST be
+   included in this LWAPP operation.
+
+5.4.1.  AC Descriptor
+
+   The Discovery Type message element is defined in Section 5.2.2.
+
+5.4.2.  AC Name
+
+   The AC Name message element is defined in Section 5.2.3.
+
+5.4.3.  WTP Manager Control IPv4 Address
+
+   A WTP Radio Information message element MAY be present for every
+   radio in the WTP that is reachable via IPv4.  This message element is
+   defined in Section 5.2.4.
+
+5.4.4.  WTP Manager Control IPv6 Address
+
+   A WTP Radio Information message element must be present for every
+   radio in the WTP that is reachable via IPv6.  This message element is
+   defined in Section 5.2.5.
+
+6.  Control Channel Management
+
+   The Control Channel Management messages are used by the WTP and AC to
+   create and maintain a channel of communication on which various other
+   commands may be transmitted, such as configuration, firmware update,
+   etc.
+
+6.1.  Join Request
+
+   The Join Request is used by a WTP to inform an AC that it wishes to
+   provide services through it.
+
+   Join Requests are sent by a WTP in the Joining state after receiving
+   one or more Discovery Responses.  The Join Request is also used as an
+   MTU discovery mechanism by the WTP.  The WTP issues a Join Request
+   with a Test message element, bringing the total size of the message
+   to exceed MTU.
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 39]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   If the transport used does not provide MTU path discovery, the
+   initial Join Request is padded with the Test message element to 1596
+   bytes.  If a Join Response is received, the WTP can forward frames
+   without requiring any fragmentation.  If no Join Response is
+   received, it issues a second Join Request padded with the Test
+   payload to a total of 1500 bytes.  The WTP continues to cycle from
+   large (1596) to small (1500) packets until a Join Response has been
+   received, or until both packets' sizes have been retransmitted 3
+   times.  If the Join Response is not received after the maximum number
+   of retransmissions, the WTP MUST abandon the AC and restart the
+   discovery phase.
+
+   When an AC receives a Join Request, it will respond with a Join
+   Response.  If the certificate-based security mechanism is used, the
+   AC validates the certificate found in the request.  If valid, the AC
+   generates a session key that will be used to secure the control
+   frames it exchanges with the WTP.  When the AC issues the Join
+   Response, the AC creates a context for the session with the WTP.
+
+   If the pre-shared session key security mechanism is used, the AC
+   saves the WTP's nonce, found in the WNonce message element, and
+   creates its own nonce, which it includes in the ANonce message
+   element.  Finally, the AC creates the PSK-MIC, which is computed
+   using a key that is derived from the PSK.
+
+   A Join Request that includes both a WNonce and a Certificate message
+   element MUST be considered invalid.
+
+   Details on the key generation are found in Section 10.
+
+   The following subsections define the message elements that MUST be
+   included in this LWAPP operation.
+
+6.1.1.  WTP Descriptor
+
+   The WTP Descriptor message element is defined in Section 5.1.2.
+
+6.1.2.  AC Address
+
+   The AC Address message element is defined in Section 5.2.1.
+
+6.1.3.  WTP Name
+
+   The WTP Name message element value is a variable-length byte string.
+   The string is NOT zero terminated.
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 40]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+       0
+       0 1 2 3 4 5 6 7
+      +-+-+-+-+-+-+-+-+
+      | Name ...
+      +-+-+-+-+-+-+-+-+
+
+   Type:   5 for WTP Name
+
+   Length:   > 0
+
+   Name:   A non-zero-terminated string containing the WTP's name.
+
+6.1.4.  Location Data
+
+   The Location Data message element is a variable-length byte string
+   containing user-defined location information (e.g., "Next to
+   Fridge").  The string is NOT zero terminated.
+
+       0
+       0 1 2 3 4 5 6 7
+      +-+-+-+-+-+-+-+-+
+      | Location ...
+      +-+-+-+-+-+-+-+-+
+
+   Type:   35 for Location Data
+
+   Length:   > 0
+
+   Location:   A non-zero-terminated string containing the WTP's
+      location.
+
+6.1.5.  WTP Radio Information
+
+   A WTP Radio Information message element must be present for every
+   radio in the WTP.  This message element is defined in Section 5.1.3.
+
+6.1.6.  Certificate
+
+   The Certificate message element value is a byte string containing a
+   DER-encoded x.509v3 certificate.  This message element is only
+   included if the LWAPP security type used between the WTP and the AC
+   makes use of certificates (see Section 10 for more information).
+
+       0
+       0 1 2 3 4 5 6 7
+      +-+-+-+-+-+-+-+-+
+      | Certificate...
+      +-+-+-+-+-+-+-+-+
+
+
+
+Calhoun, et al.                 Historic                       [Page 41]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   Type:   44 for Certificate
+
+   Length:   > 0
+
+   Certificate:   A non-zero-terminated string containing the device's
+      certificate.
+
+6.1.7.  Session ID
+
+   The Session ID message element value contains a randomly generated
+   [4] unsigned 32-bit integer.
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                           Session ID                          |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   45 for Session ID
+
+   Length:   4
+
+   Session ID:   32-bit random session identifier.
+
+6.1.8.  Test
+
+   The Test message element is used as padding to perform MTU discovery,
+   and it MAY contain any value, of any length.
+
+       0
+       0 1 2 3 4 5 6 7
+      +-+-+-+-+-+-+-+-+
+      |  Padding ...
+      +-+-+-+-+-+-+-+-+
+
+   Type:   18 for Test
+
+   Length:   > 0
+
+   Padding:   A variable-length pad.
+
+6.1.9.  XNonce
+
+   The XNonce is used by the WTP to communicate its random nonce during
+   the join or rekey phase.  See Section 10 for more information.
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 42]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                             Nonce                             |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                             Nonce                             |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                             Nonce                             |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                             Nonce                             |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   111 for XNonce
+
+   Length:   16
+
+   Nonce:   1 16-octet random nonce.
+
+6.2.  Join Response
+
+   The Join Response is sent by the AC to indicate to a WTP whether it
+   is capable and willing to provide service to it.
+
+   Join Responses are sent by the AC after receiving a Join Request.
+   Once the Join Response has been sent, the Heartbeat timer is
+   initiated for the session to EchoInterval.  Expiration of the timer
+   will result in deletion of the AC-WTP session.  The timer is
+   refreshed upon receipt of the Echo Request.
+
+   If the security method used is certificate-based, when a WTP receives
+   a Join Response, it enters the Joined state and initiates either a
+   Configure Request or Image Data to the AC to which it is now joined.
+   Upon entering the Joined state, the WTP begins timing an interval
+   equal to NeighborDeadInterval.  Expiration of the timer will result
+   in the transmission of the Echo Request.
+
+   If the security method used is pre-shared-secret-based, when a WTP
+   receives a Join Response that includes a valid PSK-MIC message
+   element, it responds with a Join ACK that also MUST include a locally
+   computed PSK-MIC message element.
+
+   The following subsections define the message elements that MUST be
+   included in this LWAPP operation.
+
+
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 43]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+6.2.1.  Result Code
+
+   The Result Code message element value is a 32-bit integer value,
+   indicating the result of the request operation corresponding to the
+   sequence number in the message.  The Result Code is included in a
+   successful Join Response.
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                         Result Code                           |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   2 for Result Code
+
+   Length:   4
+
+   Result Code:   The following values are defined:
+
+      0  Success
+
+      1  Failure (AC List message element MUST be present)
+
+6.2.2.  Status
+
+   The Status message element is sent by the AC to the WTP in a non-
+   successful Join Response message.  This message element is used to
+   indicate the reason for the failure and should only be accompanied
+   with a Result Code message element that indicates a failure.
+
+       0
+       0 1 2 3 4 5 6 7
+      +-+-+-+-+-+-+-+-+
+      |    Status     |
+      +-+-+-+-+-+-+-+-+
+
+   Type:   60 for Status
+
+   Length:   1
+
+   Status:   The Status field indicates the reason for an LWAPP failure.
+      The following values are supported:
+
+
+
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 44]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+      1 -  Reserved - do not use
+
+      2 -  Resource Depletion
+
+      3 -  Unknown Source
+
+      4 -  Incorrect Data
+
+6.2.3.  Certificate
+
+   The Certificate message element is defined in Section 6.1.6.  Note
+   this message element is only included if the WTP and the AC make use
+   of certificate-based security as defined in Section 10.
+
+6.2.4.  WTP Manager Data IPv4 Address
+
+   The WTP Manager Data IPv4 Address message element is optionally sent
+   by the AC to the WTP during the join phase.  If present, the IP
+   Address contained in this message element is the address the WTP is
+   to use when sending any of its LWAPP data frames.
+
+   Note that this message element is only valid when LWAPP uses the
+   IP/UDP Layer 3 transport.
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                           IP Address                          |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   138 for WTP Manager Data IPv4 Address
+
+   Length:   4
+
+   IP Address:   The IP address of an interface.
+
+6.2.5.  WTP Manager Data IPv6 Address
+
+   The WTP Manager Data IPv6 Address message element is optionally sent
+   by the AC to the WTP during the join phase.  If present, the IP
+   Address contained in this message element is the address the WTP is
+   to use when sending any of its LWAPP data frames.
+
+   Note that this message element is only valid when LWAPP uses the
+   IP/UDP Layer 3 transport.
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 45]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                           IP Address                          |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                           IP Address                          |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                           IP Address                          |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                           IP Address                          |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   139 for WTP Manager Data IPv6 Address
+
+   Length:   4
+
+   IP Address:   The IP address of an interface.
+
+6.2.6.  AC IPv4 List
+
+   The AC List message element is used to configure a WTP with the
+   latest list of ACs in a cluster.  This message element MUST be
+   included if the Join Response returns a failure indicating that the
+   AC cannot handle the WTP at this time, allowing the WTP to find an
+   alternate AC to which to connect.
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                       AC IP Address[]                         |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   59 for AC List
+
+   Length:   >= 4
+
+   AC IP Address:   An array of 32-bit integers containing an AC's IPv4
+      Address.
+
+6.2.7.  AC IPv6 List
+
+   The AC List message element is used to configure a WTP with the
+   latest list of ACs in a cluster.  This message element MUST be
+   included if the Join Response returns a failure indicating that the
+   AC cannot handle the WTP at this time, allowing the WTP to find an
+   alternate AC to which to connect.
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 46]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                       AC IP Address[]                         |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                       AC IP Address[]                         |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                       AC IP Address[]                         |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                       AC IP Address[]                         |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   141 for AC List
+
+   Length:   >= 4
+
+   AC IP Address:   An array of 32-bit integers containing an AC's IPv6
+      Address.
+
+6.2.8.  ANonce
+
+   The ANonce message element is sent by an AC during the join or rekey
+   phase.  The contents of the ANonce are encrypted as described in
+   Section 10 for more information.
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                             Nonce                             |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                             Nonce                             |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                             Nonce                             |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                             Nonce                             |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   108 for ANonce
+
+   Length:   16
+
+   Nonce:   An encrypted, 16-octet random nonce.
+
+
+
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 47]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+6.2.9.  PSK-MIC
+
+   The PSK-MIC message element includes a message integrity check, whose
+   purpose is to provide confirmation to the peer that the sender has
+   the proper session key.  This message element is only included if the
+   security method used between the WTP and the AC is the pre-shared
+   secret mechanism.  See Section 10 for more information.
+
+   When present, the PSK-MIC message element MUST be the last message
+   element in the message.  The MIC is computed over the complete LWAPP
+   packet, from the LWAPP control header as defined in Section 4.2.1 to
+   the end of the packet (which MUST be this PSK-MIC message element).
+   The MIC field in this message element and the Sequence Number field
+   in the LWAPP control header MUST be set to zeroes prior to computing
+   the MIC.  The length field in the LWAPP control header must already
+   include this message element prior to computing the MIC.
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |       SPI       |                    MIC ...
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   109 for PSK-MIC
+
+   Length:   > 1
+
+   SPI:   The Security Parameter Index (SPI) field specifies the
+      cryptographic algorithm used to create the message integrity
+      check.  The following values are supported:
+
+      0 -  Unused
+
+      1 -  HMAC-SHA-1 (RFC 2104 [15])
+
+   MIC:   A 20-octet Message Integrity Check.
+
+6.3.  Join ACK
+
+   The Join ACK message is sent by the WTP upon receiving a Join
+   Response, which has a valid PSK-MIC message element, as a means of
+   providing key confirmation to the AC.  The Join ACK is only used in
+   the case where the WTP makes use of the pre-shared key LWAPP mode
+   (see Section 10 for more information).
+
+   Note that the AC should never receive this message unless the
+   security method used between the WTP and the AC is pre-shared-secret-
+   based.
+
+
+
+Calhoun, et al.                 Historic                       [Page 48]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   The following subsections define the message elements that MUST be
+   included in this LWAPP operation.
+
+6.3.1.  Session ID
+
+   The Session ID message element is defined in Section 6.1.7.
+
+6.3.2.  WNonce
+
+   The WNonce message element is sent by a WTP during the join or rekey
+   phase.  The contents of the ANonce are encrypted as described in
+   Section 10 for more information.
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                             Nonce                             |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                             Nonce                             |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                             Nonce                             |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                             Nonce                             |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   107 for WNonce
+
+   Length:   16
+
+   Nonce:   An encrypted, 16-octet random nonce.
+
+6.3.3.  PSK-MIC
+
+   The PSK-MIC message element is defined in Section 6.2.9.
+
+6.4.  Join Confirm
+
+   The Join Confirm message is sent by the AC upon receiving a Join ACK,
+   which has a valid PSK-MIC message element, as a means of providing
+   key confirmation to the WTP.  The Join Confirm is only used in the
+   case where the WTP makes use of the pre-shared key LWAPP mode (see
+   Section 10 for more information).
+
+   If the security method used is pre-shared-key-based, when a WTP
+   receives a Join Confirm, it enters the Joined state and initiates
+   either a Configure Request or Image Data to the AC to which it is now
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 49]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   joined.  Upon entering the Joined state, the WTP begins timing an
+   interval equal to NeighborDeadInterval.  Expiration of the timer will
+   result in the transmission of the Echo Request.
+
+   This message is never received, or sent, when the security type used
+   between the WTP and the AC is certificated-based.
+
+   The following subsections define the message elements that MUST be
+   included in this LWAPP operation.
+
+6.4.1.  Session ID
+
+   The Session ID message element is defined in Section 6.1.7.
+
+6.4.2.  PSK-MIC
+
+   The PSK-MIC message element is defined in Section 6.2.9.
+
+6.5.  Echo Request
+
+   The Echo Request message is a keepalive mechanism for the LWAPP
+   control message.
+
+   Echo Requests are sent periodically by a WTP in the Run state (see
+   Figure 2) to determine the state of the connection between the WTP
+   and the AC.  The Echo Request is sent by the WTP when the Heartbeat
+   timer expires, and it MUST start its NeighborDeadInterval timer.
+
+   The Echo Request carries no message elements.
+
+   When an AC receives an Echo Request, it responds with an Echo
+   Response.
+
+6.6.  Echo Response
+
+   The Echo Response acknowledges the Echo Request, and is only accepted
+   while in the Run state (see Figure 2).
+
+   Echo Responses are sent by an AC after receiving an Echo Request.
+   After transmitting the Echo Response, the AC should reset its
+   Heartbeat timer to expire in the value configured for EchoInterval.
+   If another Echo request is not received by the AC when the timer
+   expires, the AC SHOULD consider the WTP to no longer be reachable.
+
+   The Echo Response carries no message elements.
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 50]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   When a WTP receives an Echo Response it stops the
+   NeighborDeadInterval timer, and starts the Heartbeat timer to
+   EchoInterval.
+
+   If the NeighborDeadInterval timer expires prior to receiving an Echo
+   Response, the WTP enters the Idle state.
+
+6.7.  Key Update Request
+
+   The Key Update Request is used by the WTP to initiate the rekeying
+   phase.  This message is sent by a WTP when in the Run state and MUST
+   include a new unique Session Identifier.  This message MUST also
+   include a unique nonce in the XNonce message element, which is used
+   to protect against replay attacks (see Section 10).
+
+   The following subsections define the message elements that MUST be
+   included in this LWAPP operation.
+
+6.7.1.  Session ID
+
+   The Session ID message element is defined in Section 6.1.7.
+
+6.7.2.  XNonce
+
+   The XNonce message element is defined in Section 6.1.9.
+
+6.8.  Key Update Response
+
+   The Key Update Response is sent by the AC in response to the request
+   message, and includes an encrypted ANonce, which is used to derive
+   new session keys.  This message MUST include a Session Identifier
+   message element, whose value MUST be identical to the one found in
+   the Key Update Request.
+
+   The AC MUST include a PSK-MIC message element, which provides message
+   integrity over the whole message.
+
+   The following subsections define the message elements that MUST be
+   included in this LWAPP operation.
+
+6.8.1.  Session ID
+
+   The Session ID message element is defined in Section 6.1.7.
+
+6.8.2.  ANonce
+
+   The ANonce message element is defined in Section 6.2.8.
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 51]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+6.8.3.  PSK-MIC
+
+   The PSK-MIC message element is defined in Section 6.2.9.
+
+6.9.  Key Update ACK
+
+   The Key Update ACK is sent by the WTP and includes an encrypted
+   version of the WTP's nonce, which is used in the key derivation
+   process.  The session keys derived are then used as new LWAPP control
+   message encryption keys (see Section 10).
+
+   The WTP MUST include a PSK-MIC message element, which provides
+   message integrity over the whole message.
+
+   The following subsections define the message elements that MUST be
+   included in this LWAPP operation.
+
+6.9.1.  WNonce
+
+   The WNonce message element is defined in Section 6.3.2.
+
+6.9.2.  PSK-MIC
+
+   The PSK-MIC message element is defined in Section 6.2.9.
+
+6.10.  Key Update Confirm
+
+   The Key Update Confirm closes the rekeying loop, and allows the WTP
+   to recognize that the AC has received and processed the Key Update
+   messages.  At this point, the WTP updates its session key in its
+   crypto engine, and the associated Initialization Vector, ensuring
+   that all future LWAPP control frames are encrypted with the newly
+   derived encryption key.
+
+   The WTP MUST include a PSK-MIC message element, which provides
+   message integrity over the whole message.
+
+   The following subsections define the message elements that MUST be
+   included in this LWAPP operation.
+
+6.10.1.  PSK-MIC
+
+   The PSK-MIC message element is defined in Section 6.2.9.
+
+6.11.  Key Update Trigger
+
+   The Key Update Trigger is used by the AC to request that a Key Update
+   Request be initiated by the WTP.
+
+
+
+Calhoun, et al.                 Historic                       [Page 52]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   Key Update Triggers are sent by an AC in the Run state to inform the
+   WTP to initiate a Key Update Request message.
+
+   When a WTP receives a Key Update Trigger, it generates a Key Update
+   Request.
+
+   The following subsections define the message elements that MUST be
+   included in this LWAPP operation.
+
+6.11.1.  Session ID
+
+   The Session ID message element is defined in Section 6.1.7.
+
+7.  WTP Configuration Management
+
+   The Wireless Termination Point Configuration messages are used to
+   exchange configuration between the AC and the WTP.
+
+7.1.  Configuration Consistency
+
+   The LWAPP protocol provides flexibility in how WTP configuration is
+   managed.  To put it simply, a WTP has one of two options:
+
+   1. The WTP retains no configuration and simply abides by the
+      configuration provided by the AC.
+
+   2. The WTP retains the configuration of parameters provided by the AC
+      that are non-default values.
+
+   If the WTP opts to save configuration locally, the LWAPP protocol
+   state machine defines the "Configure" state, which is used during the
+   initial binding WTP-AC phase, which allows for configuration
+   exchange.  During this period, the WTP sends its current
+   configuration overrides to the AC via the Configure Request message.
+   A configuration override is a parameter that is non-default.  One
+   example is that in the LWAPP protocol, the default antenna
+   configuration is an internal-omni antenna.  However, a WTP that
+   either has no internal antennas, or has been explicitely configured
+   by the AC to use external antennas would send its antenna
+   configuration during the configure phase, allowing the AC to become
+   aware of the WTP's current configuration.
+
+   Once the WTP has provided its configuration to the AC, the AC sends
+   down its own configuration.  This allows the WTP to inherit the
+   configuration and policies on the AC.
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 53]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   An LWAPP AC maintains a copy of each active WTP's configuration.
+   There is no need for versioning or other means to identify
+   configuration changes.  If a WTP becomes inactive, the AC MAY delete
+   the configuration associated with it.  If a WTP were to fail, and
+   connect to a new AC, it would provide its overridden configuration
+   parameters, allowing the new AC to be aware of the WTP's
+   configuration.
+
+   As a consequence, this model allows for resiliency, whereby in light
+   of an AC failure, another AC could provide service to the WTP.  In
+   this scenario, the new AC would be automatically updated on any
+   possible WTP configuration changes -- eliminating the need for Inter-
+   AC communication or the need for all ACs to be aware of the
+   configuration of all WTPs in the network.
+
+   Once the LWAPP protocol enters the Run state, the WTPs begin to
+   provide service.  However, it is quite common for administrators to
+   require that configuration changes be made while the network is
+   operational.  Therefore, the Configuration Update Request is sent by
+   the AC to the WTP in order to make these changes at run-time.
+
+7.2.  Configure Request
+
+   The Configure Request message is sent by a WTP to send its current
+   configuration to its AC.
+
+   Configure Requests are sent by a WTP after receiving a Join Response,
+   while in the Configure state.
+
+   The Configure Request carries binding-specific message elements.
+   Refer to the appropriate binding for the definition of this
+   structure.
+
+   When an AC receives a Configure Request, it will act upon the content
+   of the packet and respond to the WTP with a Configure Response.
+
+   The Configure Request includes multiple Administrative State message
+   elements.  There is one such message element for the WTP, and then
+   one per radio in the WTP.
+
+   The following subsections define the message elements that MUST be
+   included in this LWAPP operation.
+
+7.2.1.  Administrative State
+
+   The Administrative Event message element is used to communicate the
+   state of a particular radio.  The value contains the following
+   fields.
+
+
+
+Calhoun, et al.                 Historic                       [Page 54]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+       0                   1
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |    Radio ID   |  Admin State  |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   27 for Administrative State
+
+   Length:   2
+
+   Radio ID:   An 8-bit value representing the radio to configure.  The
+      Radio ID field may also include the value of 0xff, which is used
+      to identify the WTP itself.  Therefore, if an AC wishes to change
+      the administrative state of a WTP, it would include 0xff in the
+      Radio ID field.
+
+   Admin State:   An 8-bit value representing the administrative state
+      of the radio.  The following values are supported:
+
+      1 -  Enabled
+
+      2 -  Disabled
+
+7.2.2.  AC Name
+
+   The AC Name message element is defined in Section 5.2.3.
+
+7.2.3.  AC Name with Index
+
+   The AC Name with Index message element is sent by the AC to the WTP
+   to configure preferred ACs.  The number of instances where this
+   message element would be present is equal to the number of ACs
+   configured on the WTP.
+
+       0                   1
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |     Index     |   AC Name...
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   90 for AC Name with Index
+
+   Length:   5
+
+   Index:   The index of the preferred server (e.g., 1=primary,
+      2=secondary).
+
+   AC Name:   A variable-length ASCII string containing the AC's name.
+
+
+
+Calhoun, et al.                 Historic                       [Page 55]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+7.2.4.  WTP Board Data
+
+   The WTP Board Data message element is sent by the WTP to the AC and
+   contains information about the hardware present.
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |            Card ID            |         Card Revision         |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                          WTP Model                            |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                          WTP Model                            |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                      WTP Serial Number ...                    |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                           Reserved                            |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                     Ethernet MAC Address                      |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |      Ethernet MAC Address     |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   50 for WTP Board Data
+
+   Length:   26
+
+   Card ID:   A hardware identifier.
+
+   Card Revision:   4-byte Revision of the card.
+
+   WTP Model:   8-byte WTP Model Number.
+
+   WTP Serial Number:   24-byte WTP Serial Number.
+
+   Reserved:   A 4-byte reserved field that MUST be set to zero (0).
+
+   Ethernet MAC Address:   MAC address of the WTP's Ethernet interface.
+
+7.2.5.  Statistics Timer
+
+   The Statistics Timer message element value is used by the AC to
+   inform the WTP of the frequency that it expects to receive updated
+   statistics.
+
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 56]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+       0                   1
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |        Statistics Timer       |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   37 for Statistics Timer
+
+   Length:   2
+
+   Statistics Timer:   A 16-bit unsigned integer indicating the time, in
+      seconds.
+
+7.2.6.  WTP Static IP Address Information
+
+   The WTP Static IP Address Information message element is used by an
+   AC to configure or clear a previously configured static IP address on
+   a WTP.
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                          IP Address                           |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                            Netmask                            |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                            Gateway                            |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |    Static     |
+      +-+-+-+-+-+-+-+-+
+
+   Type:   82 for WTP Static IP Address Information
+
+   Length:   13
+
+   IP Address:   The IP address to assign to the WTP.
+
+   Netmask:   The IP Netmask.
+
+   Gateway:   The IP address of the gateway.
+
+   Netmask:   The IP Netmask.
+
+   Static:   An 8-bit Boolean stating whether or not the WTP should use
+      a static IP address.  A value of zero disables the static IP
+      address, while a value of one enables it.
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 57]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+7.2.7.  WTP Reboot Statistics
+
+   The WTP Reboot Statistics message element is sent by the WTP to the
+   AC to communicate information about reasons why reboots have
+   occurred.
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |          Crash Count          |     LWAPP Initiated Count     |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |      Link Failure Count       | Failure Type  |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   67 for WTP Reboot Statistics
+
+   Length:   7
+
+   Crash Count:   The number of reboots that have occurred due to a WTP
+      crash.
+
+   LWAPP Initiated Count:   The number of reboots that have occurred at
+      the request of some LWAPP message, such as a change in
+      configuration that required a reboot or an explicit LWAPP reset
+      request.
+
+   Link Failure Count:   The number of times that an LWAPP connection
+      with an AC has failed.
+
+   Failure Type:   The last WTP failure.  The following values are
+      supported:
+
+      0 -  Link Failure
+
+      1 -  LWAPP Initiated
+
+      2 -  WTP Crash
+
+7.3.  Configure Response
+
+   The Configure Response message is sent by an AC and provides an
+   opportunity for the AC to override a WTP's requested configuration.
+
+   Configure Responses are sent by an AC after receiving a Configure
+   Request.
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 58]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   The Configure Response carries binding-specific message elements.
+   Refer to the appropriate binding for the definition of this
+   structure.
+
+   When a WTP receives a Configure Response, it acts upon the content of
+   the packet, as appropriate.  If the Configure Response message
+   includes a Change State Event message element that causes a change in
+   the operational state of one of the Radios, the WTP will transmit a
+   Change State Event to the AC as an acknowledgement of the change in
+   state.
+
+   The following subsections define the message elements that MUST be
+   included in this LWAPP operation.
+
+7.3.1.  Decryption Error Report Period
+
+   The Decryption Error Report Period message element value is used by
+   the AC to inform the WTP of how frequently it should send decryption
+   error report messages.
+
+       0                   1                   2
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |   Radio ID    |        Report Interval        |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   38 for Decryption Error Report Period
+
+   Length:   3
+
+   Radio ID:   The Radio Identifier: typically refers to some interface
+      index on the WTP.
+
+   Report Interval:   A 16-bit, unsigned integer indicating the time, in
+      seconds.
+
+7.3.2.  Change State Event
+
+   The WTP Radio Information message element is used to communicate the
+   operational state of a radio.  The value contains two fields, as
+   shown.
+
+       0                   1
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |   Radio ID    |     State     |     Cause     |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 59]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   Type:   26 for Change State Event
+
+   Length:   3
+
+   Radio ID:   The Radio Identifier: typically refers to some interface
+      index on the WTP.
+
+   State:   An 8-bit Boolean value representing the state of the radio.
+      A value of one disables the radio, while a value of two enables
+      it.
+
+   Cause:   In the event of a radio being inoperable, the Cause field
+      would contain the reason the radio is out of service.  The
+      following values are supported:
+
+      0 -  Normal
+
+      1 -  Radio Failure
+
+      2 -  Software Failure
+
+7.3.3.  LWAPP Timers
+
+   The LWAPP Timers message element is used by an AC to configure LWAPP
+   timers on a WTP.
+
+       0                   1
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |   Discovery   | Echo Request  |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   68 for LWAPP Timers
+
+   Length:   2
+
+   Discovery:   The number of seconds between LWAPP Discovery packets
+      when the WTP is in the discovery mode.
+
+   Echo Request:   The number of seconds between WTP Echo Request LWAPP
+      messages.
+
+7.3.4.  AC IPv4 List
+
+   The AC List message element is defined in Section 6.2.6.
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 60]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+7.3.5.  AC IPv6 List
+
+   The AC List message element is defined in Section 6.2.7.
+
+7.3.6.  WTP Fallback
+
+   The WTP Fallback message element is sent by the AC to the WTP to
+   enable or disable automatic LWAPP fallback in the event that a WTP
+   detects its preferred AC, and is not currently connected to it.
+
+       0
+       0 1 2 3 4 5 6 7
+      +-+-+-+-+-+-+-+-+
+      |     Mode      |
+      +-+-+-+-+-+-+-+-+
+
+   Type:   91 for WTP Fallback
+
+   Length:   1
+
+   Mode:   The 8-bit Boolean value indicates the status of automatic
+      LWAPP fallback on the WTP.  A value of zero disables the fallback
+      feature, while a value of one enables it.  When enabled, if the
+      WTP detects that its primary AC is available, and it is not
+      connected to it, it SHOULD automatically disconnect from its
+      current AC and reconnect to its primary.  If disabled, the WTP
+      will only reconnect to its primary through manual intervention
+      (e.g., through the Reset Request command).
+
+7.3.7.  Idle Timeout
+
+   The Idle Timeout message element is sent by the AC to the WTP to
+   provide it with the idle timeout that it should enforce on its active
+   mobile station entries.
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                            Timeout                            |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   97 for Idle Timeout
+
+   Length:   4
+
+   Timeout:   The current idle timeout to be enforced by the WTP.
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 61]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+7.4.  Configuration Update Request
+
+   Configure Update Requests are sent by the AC to provision the WTP
+   while in the Run state.  This is used to modify the configuration of
+   the WTP while it is operational.
+
+   When an AC receives a Configuration Update Request it will respond
+   with a Configuration Update Response, with the appropriate Result
+   Code.
+
+   The following subsections define the message elements introduced by
+   this LWAPP operation.
+
+7.4.1.  WTP Name
+
+   The WTP Name message element is defined in Section 6.1.3.
+
+7.4.2.  Change State Event
+
+   The Change State Event message element is defined in Section 7.3.2.
+
+7.4.3.  Administrative State
+
+   The Administrative State message element is defined in Section 7.2.1.
+
+7.4.4.  Statistics Timer
+
+   The Statistics Timer message element is defined in Section 7.2.5.
+
+7.4.5.  Location Data
+
+   The Location Data message element is defined in Section 6.1.4.
+
+7.4.6.  Decryption Error Report Period
+
+   The Decryption Error Report Period message element is defined in
+   Section 7.3.1.
+
+7.4.7.  AC IPv4 List
+
+   The AC List message element is defined in Section 6.2.6.
+
+7.4.8.  AC IPv6 List
+
+   The AC List message element is defined in Section 6.2.7.
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 62]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+7.4.9.  Add Blacklist Entry
+
+   The Add Blacklist Entry message element is used by an AC to add a
+   blacklist entry on a WTP, ensuring that the WTP no longer provides
+   any service to the MAC addresses provided in the message.  The MAC
+   addresses provided in this message element are not expected to be
+   saved in non-volative memory on the WTP.
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      | Num of Entries|                 MAC Address[]                 |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                 MAC Address[]                 |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   65 for Add Blacklist Entry
+
+   Length:   >= 7
+
+   Num of Entries:   The number of MAC addresses in the array.
+
+   MAC Address:   An array of MAC addresses to add to the blacklist
+      entry.
+
+7.4.10.  Delete Blacklist Entry
+
+   The Delete Blacklist Entry message element is used by an AC to delete
+   a previously added blacklist entry on a WTP, ensuring that the WTP
+   provides service to the MAC addresses provided in the message.
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      | Num of Entries|                 MAC Address[]                 |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                 MAC Address[]                 |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   66 for Delete Blacklist Entry
+
+   Length:   >= 7
+
+   Num of Entries:   The number of MAC addresses in the array.
+
+   MAC Address:   An array of MAC addresses to delete from the blacklist
+      entry.
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 63]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+7.4.11.  Add Static Blacklist Entry
+
+   The Add Static Blacklist Entry message element is used by an AC to
+   add a permanent Blacklist Entry on a WTP, ensuring that the WTP no
+   longer provides any service to the MAC addresses provided in the
+   message.  The MAC addresses provided in this message element are
+   expected to be saved in non-volative memory on the WTP.
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      | Num of Entries|                 MAC Address[]                 |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                 MAC Address[]                 |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   70 for Delete Blacklist Entry
+
+   Length:   >= 7
+
+   Num of Entries:   The number of MAC addresses in the array.
+
+   MAC Address:   An array of MAC addresses to add to the permanent
+      blacklist entry.
+
+7.4.12.  Delete Static Blacklist Entry
+
+   The Delete Static Blacklist Entry message element is used by an AC to
+   delete a previously added static blacklist entry on a WTP, ensuring
+   that the WTP provides service to the MAC addresses provided in the
+   message.
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      | Num of Entries|                 MAC Address[]                 |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                 MAC Address[]                 |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   71 for Delete Blacklist Entry
+
+   Length:   >= 7
+
+   Num of Entries:   The number of MAC addresses in the array.
+
+   MAC Address:   An array of MAC addresses to delete from the static
+      blacklist entry.
+
+
+
+Calhoun, et al.                 Historic                       [Page 64]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+7.4.13.  LWAPP Timers
+
+   The LWAPP Timers message element is defined in Section 7.3.3.
+
+7.4.14.  AC Name with Index
+
+   The AC Name with Index message element is defined in Section 7.2.3.
+
+7.4.15.  WTP Fallback
+
+   The WTP Fallback message element is defined in Section 7.3.6.
+
+7.4.16.  Idle Timeout
+
+   The Idle Timeout message element is defined in Section 7.3.7.
+
+7.5.  Configuration Update Response
+
+   The Configuration Update Response is the acknowledgement message for
+   the Configuration Update Request.
+
+   Configuration Update Responses are sent by a WTP after receiving a
+   Configuration Update Request.
+
+   When an AC receives a Configure Update Response, the result code
+   indicates if the WTP successfully accepted the configuration.
+
+   The following subsections define the message elements that must be
+   present in this LWAPP operation.
+
+7.5.1.  Result Code
+
+   The Result Code message element is defined in Section 6.2.1.
+
+7.6.  Change State Event Request
+
+   The Change State Event is used by the WTP to inform the AC of a
+   change in the operational state.
+
+   The Change State Event message is sent by the WTP when it receives a
+   Configuration Response that includes a Change State Event message
+   element.  It is also sent in the event that the WTP detects an
+   operational failure with a radio.  The Change State Event may be sent
+   in either the Configure or Run state (see Figure 2).
+
+   When an AC receives a Change State Event it will respond with a
+   Change State Event Response and make any necessary modifications to
+   internal WTP data structures.
+
+
+
+Calhoun, et al.                 Historic                       [Page 65]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   The following subsections define the message elements that must be
+   present in this LWAPP operation.
+
+7.6.1.  Change State Event
+
+   The Change State Event message element is defined in Section 7.3.2.
+
+7.7.  Change State Event Response
+
+   The Change State Event Response acknowledges the Change State Event.
+
+   Change State Event Responses are sent by a WTP after receiving a
+   Change State Event.
+
+   The Change State Event Response carries no message elements.  Its
+   purpose is to acknowledge the receipt of the Change State Event.
+
+   The WTP does not need to perform any special processing of the Change
+   State Event Response message.
+
+7.8.  Clear Config Indication
+
+   The Clear Config Indication is used to reset a WTP's configuration.
+
+   The Clear Config Indication is sent by an AC to request that a WTP
+   reset its configuration to manufacturing defaults.  The Clear Config
+   Indication message is sent while in the Run LWAPP state.
+
+   The Reset Request carries no message elements.
+
+   When a WTP receives a Clear Config Indication, it will reset its
+   configuration to manufacturing defaults.
+
+8.  Device Management Operations
+
+   This section defines LWAPP operations responsible for debugging,
+   gathering statistics, logging, and firmware management.
+
+8.1.  Image Data Request
+
+   The Image Data Request is used to update firmware on the WTP.  This
+   message and its companion response are used by the AC to ensure that
+   the image being run on each WTP is appropriate.
+
+   Image Data Requests are exchanged between the WTP and the AC to
+   download a new program image to a WTP.
+
+   When a WTP or AC receives an Image Data Request, it will respond with
+
+
+
+Calhoun, et al.                 Historic                       [Page 66]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   an Image Data Response.
+
+   The format of the Image Data and Image Download message elements are
+   described in the following subsections.
+
+8.1.1.  Image Download
+
+   The Image Download message element is sent by the WTP to the AC and
+   contains the image filename.  The value is a variable-length byte
+   string.  The string is NOT zero terminated.
+
+8.1.2.  Image Data
+
+   The Image Data message element is present when sent by the AC and
+   contains the following fields.
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |     Opcode    |           Checksum            |  Image Data   |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                          Image Data ...                       |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   33 for Image Data
+
+   Length:   >= 5
+
+   Opcode:   An 8-bit value representing the transfer opcode.  The
+      following values are supported:
+
+      3 -  Image Data is included.
+
+      5 -  An error occurred.  Transfer is aborted.
+
+   Checksum:   A 16-bit value containing a checksum of the Image Data
+      that follows.
+
+   Image Data:   The Image Data field contains 1024 characters, unless
+      the payload being sent is the last one (end of file).
+
+
+
+
+
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 67]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+8.2.  Image Data Response
+
+   The Image Data Response acknowledges the Image Data Request.
+
+   An Image Data Responses is sent in response to an Image Data Request.
+   Its purpose is to acknowledge the receipt of the Image Data Request
+   packet.
+
+   The Image Data Response carries no message elements.
+
+   No action is necessary on receipt.
+
+8.3.  Reset Request
+
+   The Reset Request is used to cause a WTP to reboot.
+
+   Reset Requests are sent by an AC to cause a WTP to reinitialize its
+   operation.
+
+   The Reset Request carries no message elements.
+
+   When a WTP receives a Reset Request it will respond with a Reset
+   Response and then reinitialize itself.
+
+8.4.  Reset Response
+
+   The Reset Response acknowledges the Reset Request.
+
+   Reset Responses are sent by a WTP after receiving a Reset Request.
+
+   The Reset Response carries no message elements.  Its purpose is to
+   acknowledge the receipt of the Reset Request.
+
+   When an AC receives a Reset Response, it is notified that the WTP
+   will now reinitialize its operation.
+
+8.5.  WTP Event Request
+
+   The WTP Event Request is used by a WTP to send information to its AC.
+   These types of events may be periodical, or some asynchronous event
+   on the WTP.  For instance, a WTP collects statistics and uses the WTP
+   Event Request to transmit this information to the AC.
+
+   When an AC receives a WTP Event Request, it will respond with a WTP
+   Event Request.
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 68]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   The WTP Event Request message MUST contain one of the following
+   message element described in the next subsections, or a message
+   element that is defined for a specific technology.
+
+8.5.1.  Decryption Error Report
+
+   The Decryption Error Report message element value is used by the WTP
+   to inform the AC of decryption errors that have occurred since the
+   last report.
+
+       0                   1                   2
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |   Radio ID    |Num Of Entries |      Mobile MAC Address       |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                       Mobile MAC Address[]                    |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   39 for Decryption Error Report
+
+   Length:   >= 8
+
+   Radio ID:   The Radio Identifier, typically refers to some interface
+      index on the WTP.
+
+   Num Of Entries:   An 8-bit unsigned integer indicating the number of
+      mobile MAC addresses.
+
+   Mobile MAC Address:   An array of mobile station MAC addresses that
+      have caused decryption errors.
+
+8.5.2.  Duplicate IPv4 Address
+
+   The Duplicate IPv4 Address message element is used by a WTP to inform
+   an AC that it has detected another host using the same IP address it
+   is currently using.
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                          IP Address                           |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                          MAC Address                          |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |          MAC Address          |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   77 for Duplicate IPv4 Address
+
+
+
+Calhoun, et al.                 Historic                       [Page 69]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   Length:   10
+
+   IP Address:   The IP address currently used by the WTP.
+
+   MAC Address:   The MAC address of the offending device.
+
+8.5.3.  Duplicate IPv6 Address
+
+   The Duplicate IPv6 Address message element is used by a WTP to inform
+   an AC that it has detected another host using the same IP address it
+   is currently using.
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                          IP Address                           |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                          IP Address                           |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                          IP Address                           |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                          IP Address                           |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                          MAC Address                          |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |          MAC Address          |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   77 for Duplicate IPv6 Address
+
+   Length:   10
+
+   IP Address:   The IP address currently used by the WTP.
+
+   MAC Address:   The MAC address of the offending device.
+
+8.6.  WTP Event Response
+
+   The WTP Event Response acknowledges the WTP Event Request.
+
+   WTP Event Responses are sent by an AC after receiving a WTP Event
+   Request.
+
+   The WTP Event Response carries no message elements.
+
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 70]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+8.7.  Data Transfer Request
+
+   The Data Transfer Request is used to upload debug information from
+   the WTP to the AC.
+
+   Data Transfer Requests are sent by the WTP to the AC when it
+   determines that it has important information to send to the AC.  For
+   instance, if the WTP detects that its previous reboot was caused by a
+   system crash, it would want to send the crash file to the AC.  The
+   remote debugger function in the WTP also uses the Data Transfer
+   Request in order to send console output to the AC for debugging
+   purposes.
+
+   When an AC receives a Data Transfer Request, it will respond with a
+   Data Transfer Response.  The AC may log the information received as
+   it sees fit.
+
+   The Data Transfer Request message MUST contain ONE of the following
+   message element described in the next subsection.
+
+8.7.1.  Data Transfer Mode
+
+   The Data Transfer Mode message element is used by the AC to request
+   information from the WTP for debugging purposes.
+
+       0
+       0 1 2 3 4 5 6 7
+      +-+-+-+-+-+-+-+-+
+      |   Data  Type   |
+      +-+-+-+-+-+-+-+-+
+
+   Type:   52 for Data Transfer Mode
+
+   Length:   1
+
+   Data Type:   An 8-bit value describing the type of information being
+      requested.  The following values are supported:
+
+      1 -  WTP Crash Data
+
+      2 -  WTP Memory Dump
+
+8.7.2.  Data Transfer Data
+
+   The Data Transfer Data message element is used by the WTP to provide
+   information to the AC for debugging purposes.
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 71]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |   Data Type   |  Data Length  |    Data ....
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   53 for Data Transfer Data
+
+   Length:   >= 3
+
+   Data Type:   An 8-bit value describing the type of information being
+      sent.  The following values are supported:
+
+      1 -  WTP Crash Data
+
+      2 -  WTP Memory Dump
+
+   Data Length:   Length of data field.
+
+   Data:   Debug information.
+
+8.8.  Data Transfer Response
+
+   The Data Transfer Response acknowledges the Data Transfer Request.
+
+   A Data Transfer Response is sent in response to a Data Transfer
+   Request.  Its purpose is to acknowledge the receipt of the Data
+   Transfer Request packet.
+
+   The Data Transfer Response carries no message elements.
+
+   Upon receipt of a Data Transfer Response, the WTP transmits more
+   information, if any is available.
+
+9.  Mobile Session Management
+
+   Messages in this section are used by the AC to create, modify, or
+   delete mobile station session state on the WTPs.
+
+9.1.  Mobile Config Request
+
+   The Mobile Config Request message is used to create, modify, or
+   delete mobile session state on a WTP.  The message is sent by the AC
+   to the WTP, and may contain one or more message elements.  The
+
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 72]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   message elements for this LWAPP control message include information
+   that is generally highly technology-specific.  Therefore, please
+   refer to the appropriate binding section or document for the
+   definitions of the messages elements that may be used in this control
+   message.
+
+   This section defines the format of the Delete Mobile message element,
+   since it does not contain any technology-specific information.
+
+9.1.1.  Delete Mobile
+
+   The Delete Mobile message element is used by the AC to inform a WTP
+   that it should no longer provide service to a particular mobile
+   station.  The WTP must terminate service immediately upon receiving
+   this message element.
+
+   The transmission of a Delete Mobile message element could occur for
+   various reasons, including administrative reasons, as a result of the
+   fact that the mobile has roamed to another WTP, etc.
+
+   Once access has been terminated for a given station, any future
+   packets received from the mobile must result in a deauthenticate
+   message, as specified in [6].
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |    Radio ID   |                  MAC Address                  |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                  MAC Address                  |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   30 for Delete Mobile
+
+   Length:   7
+
+   Radio ID:   An 8-bit value representing the radio
+
+   MAC Address:   The mobile station's MAC address
+
+9.2.  Mobile Config Response
+
+   The Mobile Configuration Response is used to acknowledge a previously
+   received Mobile Configuration Request, and includes a Result Code
+   message element that indicates whether an error occurred on the WTP.
+
+   This message requires no special processing and is only used to
+   acknowledge the Mobile Configuration Request.
+
+
+
+Calhoun, et al.                 Historic                       [Page 73]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   The Data Transfer Request message MUST contain the message elements
+   described in the next subsection.
+
+9.2.1.  Result Code
+
+   The Result Code message element is defined in Section 6.2.1.
+
+10.  LWAPP Security
+
+   Note: This version only defines a certificate and a shared-secret-
+   based mechanism to secure control LWAPP traffic exchanged between the
+   WTP and the AC.
+
+10.1.  Securing WTP-AC Communications
+
+   While it is generally straightforward to produce network
+   installations in which the communications medium between the WTP and
+   AC is not accessible to the casual user (e.g., these LAN segments are
+   isolated, and no RJ45 or other access ports exist between the WTP and
+   the AC), this will not always be the case.  Furthermore, a determined
+   attacker may resort to various, more sophisticated monitoring and/or
+   access techniques, thereby compromising the integrity of this
+   connection.
+
+   In general, a certain level of threat on the local (wired) LAN is
+   expected and accepted in most computing environments.  That is, it is
+   expected that in order to provide users with an acceptable level of
+   service and maintain reasonable productivity levels, a certain amount
+   of risk must be tolerated.  It is generally believed that a certain
+   perimeter is maintained around such LANs, that an attacker must have
+   access to the building(s) in which such LANs exist, and that they
+   must be able to "plug in" to the LAN in order to access the network.
+
+   With these things in mind, we can begin to assess the general
+   security requirements for AC-WTP communications.  While an in-depth
+   security analysis of threats and risks to these communications is
+   beyond the scope of this document, some discussion of the motivation
+   for various security-related design choices is useful.  The
+   assumptions driving the security design thus far include the
+   following:
+
+   o  WTP-AC communications take place over a wired connection that may
+      be accessible to a sophisticated attacker.
+
+   o  access to this connection is not trivial for an outsider (i.e.,
+      someone who does not "belong" in the building) to access.
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 74]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   o  if authentication and/or privacy of end-to-end traffic for which
+      the WTP and AC are intermediaries is required, this may be
+      provided via IPsec [14].
+
+   o  privacy and authentication for at least some WTP-AC control
+      traffic is required (e.g., Wired Equivalent Privacy (WEP) keys for
+      user sessions, passed from the AC to the WTP).
+
+   o  the AC can be trusted to generate strong cryptographic keys.
+
+   The AC-WTP traffic can be considered to consist of two types: data
+   traffic (e.g., to or from an end user), and control traffic, which is
+   strictly between the AC and WTP.  Since data traffic may be secured
+   using IPsec (or some other end-to-end security mechanism), we confine
+   our solution to control traffic.  The resulting security consists of
+   two components: an authenticated key exchange and control traffic
+   security encapsulation.  The security encapsulation is accomplished
+   using AES-CCM, described in [3].  This encapsulation provides for
+   strong AES-based authentication and encryption [2].  The exchange of
+   cryptographic keys used for CCM is described below.
+
+10.2.  LWAPP Frame Encryption
+
+   While the LWAPP protocol uses AES-CCM to encrypt control traffic, it
+   is important to note that not all control frames are encrypted.  The
+   LWAPP discovery and join phase are not encrypted.  The Discovery
+   messages are sent in the clear since there does not exist a security
+   association between the WTP and the AC during the discovery phase.
+   The join phase is an authenticated exchange used to negotiate
+   symmetric session keys (see Section 10.3).
+
+   Once the join phase has been successfully completed, the LWAPP state
+   machine Figure 2 will move to the Configure state, at which time all
+   LWAPP control frames are encrypted using AES-CCM.
+
+   Encryption of a control message begins at the Message Element field:
+   meaning the Msg Type, Seq Num, Msg Element Length, and Session ID
+   fields are left intact (see Section 4.2.1).
+
+   The AES-CCM 12-byte authentication data is appended to the end of the
+   message.  The authentication data is calculated from the start of the
+   LWAPP packet and includes the complete LWAPP control header (see
+   Section 4.2.1).
+
+
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 75]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   The AES-CCM block cipher protocol requires an initialization vector.
+   The LWAPP protocol requires that the WTP and the AC maintain two
+   separate IVs, one for transmission and one for reception.  The IV
+   derived during the key exchange phase by both the WTP and the AC is
+   used as the base for all encrypted packets with a new key.
+
+10.3.  Authenticated Key Exchange
+
+   This section describes the key management component of the LWAPP
+   protocol.  There are two modes supported by LWAPP: certificate and
+   pre-shared key.
+
+10.3.1.  Terminology
+
+   This section details the key management protocol that makes use of
+   pre-shared secrets.
+
+   The following notations are used throughout this section:
+
+   o  PSK - the pre-shared key shared between the WTP and the AC.
+
+   o  Kpriv - the private key of a public-private key pair.
+
+   o  Kpub - the public key of the pair.
+
+   o  SessionID - a randomly generated LWAPP session identifier,
+      provided by the WTP in the Join Request.
+
+   o  E-x{Kpub, M} - RSA encryption of M using X's public key.
+
+   o  D-x{Kpriv, C} - RSA decryption of C using X's private key.
+
+   o  AES-CMAC(key, packet) - A message integrity check, using AES-CMAC
+      and key, of the complete LWAPP packet, with the Sequence Number
+      field and the payload of the PSK-MIC message element set to zero.
+
+   o  AES-E(key, plaintext) - Plaintext is encrypted with key, using
+      AES.
+
+   o  AES-D(key, ciphertext) - ciphertext is decrypted with key, using
+      AES.
+
+   o  Certificate-AC - AC's Certificate.
+
+   o  Certificate-WTP - WTP's Certificate.
+
+   o  WTP-MAC - The WTP's MAC address.
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 76]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   o  AC-MAC - The AC's MAC address.
+
+   o  RK0 - the root key, which is created through a Key Derivation
+      Function (KDF) function.
+
+   o  RK0E - the root Encryption key, derived from RK0.
+
+   o  RK0M - the root MIC key, derived from RK0.
+
+   o  SK1 - the session key.
+
+   o  SK1C - the session confirmation key, derived from SK.
+
+   o  SK1E - the session encryption key, derived from SK.
+
+   o  SK1W - the session keywrap key, derived from SK (see RFC 3394
+      [9]).
+
+   o  WNonce - The WTP's randomly generated nonce.
+
+   o  ANonce - The AC's randomly generated nonce.
+
+   o  EWNonce - The payload of the WNonce message element, which
+      includes the WNonce.
+
+   o  EANonce - The payload of the ANonce message element, which
+      includes the ANonce.
+
+10.3.2.  Initial Key Generation
+
+   The AC and WTP accomplish mutual authentication and a cryptographic
+   key exchange in a dual round trip using the Join Request, Join
+   Response, Join ACK, and Join Confirm (see Section 6.1).
+
+   The following text describes the exchange between the WTP and the AC
+   that creates a session key, which is used to secure LWAPP control
+   messages.
+
+   o  The WTP creates a Join Request using the following process:
+
+      o  If certificate-based security is used, the WTP adds the
+         Certificate message element (see Section 6.1.6) with its
+         contents set to Certificate-WTP.
+
+      o  The WTP adds the Session ID message element (see Section 6.1.7)
+         with the contents set to a randomly generated session
+         identifier (see RFC 1750 [4]).  The WTP MUST save the Session
+         ID in order to validate the Join Response.
+
+
+
+Calhoun, et al.                 Historic                       [Page 77]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+      o  The WTP creates a random nonce, included in the XNonce message
+         element (see Section 6.1.9).  The WTP MUST save the XNonce to
+         validate the Join Response.
+
+      o  The WTP transmits the Join Request to the AC.
+
+   o  Upon receiving the Join Request, the AC uses the following
+      process:
+
+      o  The AC creates the Join Response, and ensures that the Session
+         ID message element matches the value found in the Join Request.
+
+      o  If certificate-based security is used, the AC:
+
+         o  adds the Certificate-AC to the Certificate message element.
+
+         o  creates a random 'AC Nonce' and encrypts it using the
+            following algorithm E-wtp(Kpub, XNonce XOR 'AC Nonce').  The
+            encrypted contents are added to the ANonce's message element
+            payload.
+
+      o  If a pre-shared-key-based security is used, the AC:
+
+         o  creates RK0 through the following algorithm: RK0 = KDF-
+            256{PSK, "LWAPP PSK Top K0" || Session ID || WTP-MAC || AC-
+            MAC}, where WTP-MAC is the WTP's MAC address in the form
+            "xx:xx:xx:xx:xx:xx".  Similarly, the AC-MAC is an ASCII
+            encoding of the AC's MAC address, of the form "xx:xx:xx:xx:
+            xx:xx".  The resulting K0 is split into the following:
+
+            o  The first 16 octets are known as RK0E, and are used as an
+               encryption key.
+
+            o  The second 16 octets are known as RK0M, and are used for
+               MIC'ing purposes.
+
+         o  The AC creates a random 'AC Nonce' and encrypts it using the
+            following algorithm: AES-E(RK0E, XNonce XOR 'AC Nonce').
+            The encrypted contents are added to the ANonce's message
+            element payload.
+
+         o  The AC adds a MIC to the contents of the Join Response using
+            AES-CMAC(RK0M, Join Response) and adds the resulting hash to
+            the PSK-MIC (Section 6.2.9) message element.
+
+   o  Upon receiving the Join Response, the WTP uses the following
+      process:
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 78]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+      o  If a pre-shared key is used, the WTP authenticates the Join
+         Response's PSK-MIC message element.  If authentication fails,
+         the packet is dropped.
+
+      o  The WTP decrypts the ANonce message element and XOR's the value
+         with XNonce to retrieve the 'AC Nonce'.  The ANonce payload is
+         referred to as ciphertext below:
+
+         o  If a pre-shared key is used, use AES-D(RK0E, ciphertext).
+            The 'AC Nonce' is then recovered using XNonce XOR plaintext.
+
+         o  If certificates are used, use d-wtp(Kpriv, ciphertext).  The
+            'AC Nonce' is then recovered using XNonce XOR plaintext.
+
+      o  The WTP creates a random 'WTP Nonce'.
+
+      o  The WTP uses the KDF function to create a 64-octet session key
+         (SK).  The KDF function used is as follows: KDF-512{'WTP Nonce'
+         || 'AC Nonce', "LWAPP Key Generation", WTP-MAC || AC-MAC}.  The
+         KDF function is defined in [7].
+
+      o  SK is then broken down into three separate session keys with
+         different purposes:
+
+         o  The first 16 octets are known as SK1C, and are used as a
+            confirmation key.
+
+         o  The second 16 octets are known as SK1E, and are as the
+            encryption key.
+
+         o  The third 16 octets are known as SK1D, and are used as the
+            keywrap key.
+
+         o  The fourth 16 octets are known as IV, and are used as the
+            Initialization Vector during encryption.
+
+      o  The WTP creates the Join ACK message.
+
+      o  If certificate-based security is used, the AC:
+
+         o  encrypts the 'WTP Nonce' using the following algorithm: E-
+            ac(Kpub, 'WTP Nonce').  The encrypted contents are added to
+            the WNonce's message element payload.
+
+      o  If a pre-shared-key-based security is used, the AC:
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 79]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+         o  encrypts the 'WTP Nonce' using the following algorithm:
+            AES-E(RK0E, 'WTP Nonce').  The encrypted contents are added
+            to the WNonce's message element payload.
+
+      o  The WTP adds a MIC to the contents of the Join ACK using
+         AES-CMAC(SK1M, Join ACK) and adds the resulting hash to the
+         PSK-MIC (Section 6.2.9) message element.
+
+      o  The WTP then transmits the Join ACK to the AC.
+
+   o  Upon receiving the Join ACK, the AC uses the following process:
+
+      o  The AC authenticates the Join ACK through the PSK-MIC message
+         element.  If authentic, the AC decrypts the WNonce message
+         element to retrieve the 'WTP Nonce'.  If the Join ACK cannot be
+         authenticated, the packet is dropped.
+
+      o  The AC decrypts the WNonce message element to retrieve the 'WTP
+         Nonce'.  The WNonce payload is referred to as ciphertext below:
+
+         o  If a pre-shared key is used, use AES-D(RK0E, ciphertext).
+            The plaintext is then considered the 'WTP Nonce'.
+
+         o  If certificates are used, use d-ac(Kpriv, ciphertext).  The
+            plaintext is then considered the 'WTP Nonce'.
+
+      o  The AC then uses the KDF function to create a 64-octet session
+         key (SK).  The KDF function used is as follows: KDF-512{'WTP
+         Nonce' || 'AC Nonce', "LWAPP Key Generation", WTP-MAC ||
+         AC-MAC}.  The KDF function is defined in [7].  The SK is split
+         into SK1C, SK1E, SK1D, and IV, as previously noted.
+
+      o  The AC creates the Join Confirm.
+
+      o  The AC adds a MIC to the contents of the Join Confirm using
+         AES-CMAC(SK1M, Join Confirm) and adds the resulting hash to the
+         MIC (Section 6.2.9) message element.
+
+      o  The AC then transmits the Join Confirm to the WTP.
+
+   o  Upon receiving the Join Confirm, the WTP uses the following
+      process:
+
+      o  The WTP authenticates the Join Confirm through the PSK-MIC
+         message element.  If the Join Confirm cannot be authenticated,
+         the packet is dropped.
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 80]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   o  SK1E is now plumbed into the AC and WTP's crypto engine as the
+      AES-CCM LWAPP control encryption session key.  Furthermore, the
+      random IV is used as the base Initialization Vector.  From this
+      point on, all control protocol payloads between the WTP and AC are
+      encrypted and authenticated using the new session key.
+
+10.3.3.  Refreshing Cryptographic Keys
+
+   Since AC-WTP associations will tend to be relatively long-lived, it
+   is sensible to periodically refresh the encryption and authentication
+   keys; this is referred to as "rekeying".  When the key lifetime
+   reaches 95% of the configured value, identified in the KeyLifetime
+   timer (see Section 12), the rekeying will proceed as follows:
+
+   o  The WTP creates RK0 through the previously defined KDF algorithm:
+      RK0 = KDF-256{SK1D, "LWAPP PSK Top K0" || Session ID || WTP-MAC ||
+      AC-MAC}.  Note that the difference in this specific instance is
+      that SK1D that was previously generated is used instead of the
+      PSK.  Note this is used in both the certificate and pre-shared key
+      modes.  The resulting RK0 creates RK0E, RK0M.
+
+   o  The remaining steps used are identical to the join process, with
+      the exception that the rekey messages are used instead of join
+      messages, and the fact that the messages are encrypted using the
+      previously created SK1E.  This means the Join Request is replaced
+      with the Rekey Request, the Join Response is replaced with the
+      Rekey Response, etc.  The two differences between the rekey and
+      the join process are:
+
+      o  The Certificate-WTP and Certificate-AC are not included in the
+         Rekey-Request and Rekey-Response, respectively.
+
+      o  Regardless of whether certificates or pre-shared keys were used
+         in the initial key derivation, the process now uses the pre-
+         shared key mode only, using SK1D as the "PSK".
+
+   o  The Key Update Request is sent to the AC.
+
+   o  The newly created SK1E is now plumbed into the AC and WTP's crypto
+      engine as the AES-CCM LWAPP control encryption session key.
+      Furthermore, the new random IV is used as the base Initialization
+      Vector.  From this point on, all control protocol payloads between
+      the WTP and AC are encrypted and authenticated using the new
+      session key.
+
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 81]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+      If either the WTP or the AC do not receive an expected response by
+      the time the ResponseTimeout timer expires (see Section 12), the
+      WTP MUST delete the new and old session information, and reset the
+      state machine to the Idle state.
+
+      Following a rekey process, both the WTP and the AC keep the
+      previous encryption for 5-10 seconds in order to be able to
+      process packets that arrive out of order.
+
+10.4.  Certificate Usage
+
+   Validation of the certificates by the AC and WTP is required so that
+   only an AC may perform the functions of an AC and that only a WTP may
+   perform the functions of a WTP.  This restriction of functions to the
+   AC or WTP requires that the certificates used by the AC MUST be
+   distinguishable from the certificate used by the WTP.  To accomplish
+   this differentiation, the x.509v3 certificates MUST include the
+   Extensions field [10] and MUST include the NetscapeComment [11]
+   extension.
+
+   For an AC, the value of the NetscapeComment extension MUST be the
+   string "CAPWAP AC Device Certificate".  For a WTP, the value of the
+   NetscapeComment extension MUST be the string "CAPWAP WTP Device
+   Certificate".
+
+   Part of the LWAPP certificate validation process includes ensuring
+   that the proper string is included in the NetscapeComment extension,
+   and only allowing the LWAPP session to be established if the
+   extension does not represent the same role as the device validating
+   the certificate.  For instance, a WTP MUST NOT accept a certificate
+   whose NetscapeComment field is set to "CAPWAP WTP Device
+   Certificate".
+
+11.  IEEE 802.11 Binding
+
+   This section defines the extensions required for the LWAPP protocol
+   to be used with the IEEE 802.11 protocol.
+
+11.1.  Division of Labor
+
+   The LWAPP protocol, when used with IEEE 802.11 devices, requires a
+   specific behavior from the WTP and the AC, specifically in terms of
+   which 802.11 protocol functions are handled.
+
+   For both the Split and Local MAC approaches, the CAPWAP functions, as
+   defined in the taxonomy specification, reside in the AC.
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 82]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+11.1.1.  Split MAC
+
+   This section shows the division of labor between the WTP and the AC
+   in a Split MAC architecture.  Figure 3 shows the clear separation of
+   functionality among LWAPP components.
+
+       Function                               Location
+           Distribution Service                      AC
+           Integration Service                       AC
+           Beacon Generation                         WTP
+           Probe Response                            WTP
+           Power Mgmt/Packet Buffering               WTP
+           Fragmentation/Defragmentation             WTP
+           Assoc/Disassoc/Reassoc                    AC
+
+      802.11e
+           Classifying                               AC
+           Scheduling                                WTP/AC
+           Queuing                                   WTP
+
+      802.11i
+           802.1X/EAP                                AC
+           Key Management                            AC
+           802.11 Encryption/Decryption              WTP or AC
+
+       Figure 3: Mapping of 802.11 Functions for Split MAC Architecture
+
+   The Distribution and Integration services reside on the AC, and
+   therefore all user data is tunneled between the WTP and the AC.  As
+   noted above, all real-time 802.11 services, including the control
+   protocol and the beacon and Probe Response frames, are handled on the
+   WTP.
+
+   All remaining 802.11 MAC management frames are supported on the AC,
+   including the Association Request, which allows the AC to be involved
+   in the access policy enforcement portion of the 802.11 protocol.  The
+   802.1X and 802.11i key management function are also located on the
+   AC.
+
+   While the admission control component of 802.11e resides on the AC,
+   the real-time scheduling and queuing functions are on the WTP.  Note
+   that this does not exclude the AC from providing additional policing
+   and scheduling functionality.
+
+   Note that in the following figure, the use of '( - )' indicates that
+   processing of the frames is done on the WTP.
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 83]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+      Client                       WTP                        AC
+
+               Beacon
+      <-----------------------------
+            Probe Request
+      ----------------------------( - )------------------------->
+            Probe Response
+      <-----------------------------
+                       802.11 AUTH/Association
+      <--------------------------------------------------------->
+                         Add Mobile (Clear Text, 802.1X Only)
+                                      <------------------------->
+             802.1X Authentication & 802.11i Key Exchange
+      <--------------------------------------------------------->
+                                  Add Mobile (AES-CCMP, PTK=x)
+                                      <------------------------->
+                        802.11 Action Frames
+      <--------------------------------------------------------->
+                            802.11 DATA (1)
+      <---------------------------( - )------------------------->
+
+                       Figure 4: Split MAC Message Flow
+
+   Figure 4 provides an illustration of the division of labor in a Split
+   MAC architecture.  In this example, a WLAN has been created that is
+   configured for 802.11i, using AES-CCMP for privacy.  The following
+   process occurs:
+
+   o  The WTP generates the 802.11 beacon frames, using information
+      provided to it through the Add WLAN (see Section 11.8.1.1) message
+      element.
+
+   o  The WTP processes the Probe Request and responds with a
+      corresponding Probe Response.  The problem request is then
+      forwarded to the AC for optional processing.
+
+   o  The WTP forwards the 802.11 Authentication and Association frames
+      to the AC, which is responsible for responding to the client.
+
+   o  Once the association is complete, the AC transmits an LWAPP Add
+      Mobile Request to the WTP (see Section 11.7.1.1).  In the above
+      example, the WLAN is configured for 802.1X, and therefore the
+      '802.1X only' policy bit is enabled.
+
+   o  If the WTP is providing encryption/decryption services, once the
+      client has completed the 802.11i key exchange, the AC transmits
+      another Add Mobile Request to the WTP, stating the security policy
+      to enforce for the client (in this case AES-CCMP), as well as the
+
+
+
+Calhoun, et al.                 Historic                       [Page 84]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+      encryption key to use.  If encryption/decryption is handled in the
+      AC, the Add Mobile Request would have the encryption policy set to
+      "Clear Text".
+
+   o  The WTP forwards any 802.11 Action frames received to the AC.
+
+   o  All client data frames are tunneled between the WTP and the AC.
+      Note that the WTP is responsible for encrypting and decrypting
+      frames, if it was indicated in the Add Mobile Request.
+
+11.1.2.  Local MAC
+
+   This section shows the division of labor between the WTP and the AC
+   in a Local MAC architecture.  Figure 5 shows the clear separation of
+   functionality among LWAPP components.
+
+       Function                               Location
+           Distribution Service                      WTP
+           Integration Service                       WTP
+           Beacon Generation                         WTP
+           Probe Response                            WTP
+           Power Mgmt/Packet Buffering               WTP
+           Fragmentation/Defragmentation             WTP
+           Assoc/Disassoc/Reassoc                    WTP
+
+      802.11e
+           Classifying                               WTP
+           Scheduling                                WTP
+           Queuing                                   WTP
+
+      802.11i
+           802.1X/EAP                                AC
+           Key Management                            AC
+           802.11 Encryption/Decryption              WTP
+
+      Figure 5: Mapping of 802.11 Functions for Local AP Architecture
+
+   Given that Distribution and Integration Services exist on the WTP,
+   client data frames are not forwarded to the AC, with the exception
+   listed in the following paragraphs.
+
+   While the MAC is terminated on the WTP, it is necessary for the AC to
+   be aware of mobility events within the WTPs.  As a consequence, the
+   WTP MUST forward the 802.11 Association Requests to the AC, and the
+   AC MAY reply with a failed Association Response if it deems it
+   necessary.
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 85]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   The 802.1X and 802.11i Key Management function resides in the AC.
+   Therefore, the WTP MUST forward all 802.1X/Key Management frames to
+   the AC and forward the associated responses to the station.
+
+   Note that in the following figure, the use of '( - )' indicates that
+   processing of the frames is done on the WTP.
+
+
+      Client                       WTP                        AC
+
+               Beacon
+      <-----------------------------
+                Probe
+      <---------------------------->
+             802.11 AUTH
+      <-----------------------------
+                          802.11 Association
+      <---------------------------( - )------------------------->
+                         Add Mobile (Clear Text, 802.1X Only)
+                                      <------------------------->
+             802.1X Authentication & 802.11i Key Exchange
+      <--------------------------------------------------------->
+                        802.11 Action Frames
+      <--------------------------------------------------------->
+                                  Add Mobile (AES-CCMP, PTK=x)
+                                      <------------------------->
+              802.11 DATA
+      <----------------------------->
+
+                       Figure 6: Local MAC Message Flow
+
+   Figure 6 provides an illustration of the division of labor in a Local
+   MAC architecture.  In this example, a WLAN has been created that is
+   configured for 802.11i, using AES-CCMP for privacy.  The following
+   process occurs:
+
+   o  The WTP generates the 802.11 beacon frames, using information
+      provided to it through the Add WLAN (see Section 11.8.1.1) message
+      element.
+
+   o  The WTP processes the Probe Request and responds with a
+      corresponding Probe Response.
+
+   o  The WTP forwards the 802.11 Authentication and Association frames
+      to the AC, which is responsible for responding to the client.
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 86]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   o  Once the association is complete, the AC transmits an LWAPP Add
+      Mobile Request to the WTP (see Section 11.7.1.1.  In the above
+      example, the WLAN is configured for 802.1X, and therefore the
+      '802.1X only' policy bit is enabled.
+
+   o  The WTP forwards all 802.1X and 802.11i key exchange messages to
+      the AC for processing.
+
+   o  The AC transmits another Add Mobile Request to the WTP, stating
+      the security policy to enforce for the client (in this case, AES-
+      CCMP), as well as the encryption key to use.  The Add Mobile
+      Request MAY include a VLAN name, which when present is used by the
+      WTP to identify the VLAN on which the user's data frames are to be
+      bridged.
+
+   o  The WTP forwards any 802.11 Action frames received to the AC.
+
+   o  The WTP locally bridges all client data frames, and provides the
+      necessary encryption and decryption services.
+
+11.2.  Roaming Behavior and 802.11 Security
+
+   It is important that LWAPP implementations react properly to mobile
+   devices associating to the networks in how they generate Add Mobile
+   and Delete Mobile messages.  This section expands upon the examples
+   provided in the previous section, and describes how the LWAPP control
+   protocol is used in order to provide secure roaming.
+
+   Once a client has successfully associated with the network in a
+   secure fashion, it is likely to attempt to roam to another access
+   point.  Figure 7 shows an example of a currently associated station
+   moving from its "Old WTP" to a new "WTP".  The figure is useful for
+   multiple different security policies, including standard 802.1X and
+   dynamic WEP keys, WPA or even WPA2 both with key caching (where the
+   802.1x exchange would be bypassed) and without.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 87]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+      Client              Old WTP              WTP              AC
+
+                    Association Request/Response
+       <--------------------------------------( - )-------------->
+                          Add Mobile (Clear Text, 802.1X Only)
+                                                <---------------->
+       802.1X Authentication (if no key cache entry exists)
+       <--------------------------------------( - )-------------->
+                     802.11i 4-way Key Exchange
+       <--------------------------------------( - )-------------->
+                                   Delete Mobile
+                              <---------------------------------->
+                                   Add Mobile (AES-CCMP, PTK=x)
+                                                <---------------->
+
+                       Figure 7: Client Roaming Example
+
+11.3.  Transport-Specific Bindings
+
+   All LWAPP transports have the following IEEE 802.11 specific
+   bindings:
+
+11.3.1.  Status and WLANS Field
+
+   The interpretation of this 16-bit field depends on the direction of
+   transmission of the packet.  Refer to the figure in Section 3.1.
+
+   Status
+
+   When an LWAPP packet is transmitted from a WTP to an AC, this field
+   is called the Status field and indicates radio resource information
+   associated with the frame.  When the message is an LWAPP control
+   message this field is transmitted as zero.
+
+   The Status field is divided into the signal strength and signal-to-
+   noise ratio with which an IEEE 802.11 frame was received, encoded in
+   the following manner:
+
+       0                   1
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |     RSSI      |     SNR       |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   RSSI:   RSSI is a signed, 8-bit value.  It is the received signal
+      strength indication, in dBm.
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 88]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   SNR:   SNR is a signed, 8-bit value.  It is the signal-to-noise ratio
+      of the received IEEE 802.11 frame, in dB.
+
+   WLANs field:   When an LWAPP data message is transmitted from an AC
+      to a WTP, this 16-bit field indicates on which WLANs the
+      encapsulated IEEE 802.11 frame is to be transmitted.  For unicast
+      packets, this field is not used by the WTP.  For broadcast or
+      multicast packets, the WTP might require this information if it
+      provides encryption services.
+
+      Given that a single broadcast or multicast packet might need to be
+      sent to multiple wireless LANs (presumably each with a different
+      broadcast key), this field is defined as a bit field.  A bit set
+      indicates a WLAN ID (see Section 11.8.1.1), which will be sent the
+      data.  The WLANS field is encoded in the following manner:
+
+       0                   1
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |          WLAN ID(s)           |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+11.4.  BSSID to WLAN ID Mapping
+
+   The LWAPP protocol makes assumptions regarding the BSSIDs used on the
+   WTP.  It is a requirement for the WTP to use a contiguous block of
+   BSSIDs.  The WLAN Identifier field, which is managed by the AC, is
+   used as an offset into the BSSID list.
+
+   For instance, if a WTP had a base BSSID address of 00:01:02:00:00:00,
+   and the AC sent an Add WLAN message with a WLAN Identifier of 2 (see
+   Section 11.8.1.1), the BSSID for the specific WLAN on the WTP would
+   be 00:01:02:00:00:02.
+
+   The WTP communicates the maximum number of BSSIDs that it supports
+   during the Config Request within the IEEE 802.11 WTP WLAN Radio
+   Configuration message element (see Section 11.9.1).
+
+11.5.  Quality of Service
+
+   It is recommended that 802.11 MAC management be sent by both the AC
+   and the WTP with appropriate Quality-of-Service (QoS) values,
+   ensuring that congestion in the network minimizes occurrences of
+   packet loss.  Therefore, a QoS-enabled LWAPP device should use:
+
+   802.1P:   The precedence value of 6 SHOULD be used for all 802.11 MAC
+      management messages, except for Probe Requests, which SHOULD use
+      4.
+
+
+
+Calhoun, et al.                 Historic                       [Page 89]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   DSCP:   The DSCP tag value of 46 SHOULD be used for all 802.11 MAC
+      management messages, except for Probe Requests, which SHOULD use
+      34.
+
+11.6.  Data Message Bindings
+
+   There are no LWAPP data message bindings for IEEE 802.11.
+
+11.7.  Control Message Bindings
+
+   The IEEE 802.11 binding has the following control message
+   definitions.
+
+11.7.1.  Mobile Config Request
+
+   This section contains the 802.11-specific message elements that are
+   used with the Mobile Config Request.
+
+11.7.1.1.  Add Mobile
+
+   The Add Mobile Request is used by the AC to inform a WTP that it
+   should forward traffic from a particular mobile station.  The Add
+   Mobile Request may also include security parameters that must be
+   enforced by the WTP for the particular mobile.
+
+   When the AC sends an Add Mobile Request, it includes any security
+   parameters that may be required.  An AC that wishes to update a
+   mobile's policy on a WTP may do so by simply sending a new Add Mobile
+   message element.
+
+   When a WTP receives an Add Mobile message element, it must first
+   override any existing state it may have for the mobile station in
+   question.  The latest Add Mobile overrides any previously received
+   messages.  If the Add Mobile message element's EAP-Only bit is set,
+   the WTP MUST drop all 802.11 packets that do not contain EAP packets.
+   Note that when EAP Only is set, the Encryption Policy field MAY have
+   additional values, and therefore it is possible to inform a WTP to
+   only accept encrypted EAP packets.  Once the mobile station has
+   successfully completed EAP authentication, the AC must send a new Add
+   Mobile message element to push the session key down to the WTP as
+   well as to remove the EAP Only restriction.
+
+   If the QoS field is set, the WTP MUST observe and provide policing of
+   the 802.11e priority tag to ensure that it does not exceed the value
+   provided by the AC.
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 90]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |    Radio ID   |        Association ID         |  MAC Address  |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                          MAC Address                          |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |  MAC Address  |E|C|            Encryption Policy              |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |Encrypt Policy |                Session Key...                 |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                        Pairwise TSC...                        |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                        Pairwise RSC...                        |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |          Capabilities         |   WLAN ID     |    WME Mode   |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      | 802.11e Mode  |      Qos      |        Supported Rates        |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                        Supported Rates                        |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |          VLAN Name...
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   29 for Add Mobile
+
+   Length:   36
+
+   Radio ID:   An 8-bit value representing the radio.
+
+   Association ID:   A 16-bit value specifying the 802.11 Association
+      Identifier.
+
+   MAC Address:   The mobile station's MAC address.
+
+   E:   The 1-bit field is set by the AC to inform the WTP that it MUST
+      NOT accept any 802.11 data frames, other than 802.1X frames.  This
+      is the equivalent of the WTP's 802.1X port for the mobile station
+      to be in the closed state.  When set, the WTP MUST drop any
+      non-802.1X packets it receives from the mobile station.
+
+   C:   The 1-bit field is set by the AC to inform the WTP that
+      encryption services will be provided by the AC.  When set, the WTP
+      SHOULD police frames received from stations to ensure that they
+      comply to the stated encryption policy, but does not need to take
+      specific cryptographic action on the frame.  Similarly, for
+      transmitted frames, the WTP only needs to forward already
+      encrypted frames.
+
+
+
+Calhoun, et al.                 Historic                       [Page 91]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   Encryption Policy:   The policy field informs the WTP how to handle
+      packets from/to the mobile station.  The following values are
+      supported:
+
+      0 -  Encrypt WEP 104: All packets to/from the mobile station must
+           be encrypted using a standard 104-bit WEP.
+
+      1 -  Clear Text: All packets to/from the mobile station do not
+           require any additional crypto processing by the WTP.
+
+      2 -  Encrypt WEP 40: All packets to/from the mobile station must
+           be encrypted using a standard 40-bit WEP.
+
+      3 -  Encrypt WEP 128: All packets to/from the mobile station must
+           be encrypted using a standard 128-bit WEP.
+
+      4 -  Encrypt AES-CCMP 128: All packets to/from the mobile station
+           must be encrypted using a 128-bit AES-CCMP [7].
+
+      5 -  Encrypt TKIP-MIC: All packets to/from the mobile station must
+           be encrypted using Temporal Key Integrity Protocol (TKIP) and
+           authenticated using Michael [16].
+
+   Session Key:   A 32-octet session key the WTP is to use when
+      encrypting traffic to or decrypting traffic from the mobile
+      station.  The type of key is determined based on the Encryption
+      Policy field.
+
+   Pairwise TSC:   The TKIP Sequence Counter (TSC) to use for unicast
+      packets transmitted to the mobile.
+
+   Pairwise RSC:   The Receive Sequence Counter (RSC) to use for unicast
+      packets received from the mobile.
+
+   Capabilities:   A 16-bit field containing the 802.11 capabilities to
+      use with the mobile.
+
+   WLAN ID:   An 8-bit value specifying the WLAN Identifier.
+
+   WME Mode:   An 8-bit Boolean used to identify whether the station is
+      WME capable.  A value of zero is used to indicate that the station
+      is not Wireless Multimedia Extension (WME) capable, while a value
+      of one means that the station is WME capable.
+
+   802.11e Mode:   An 8-bit Boolean used to identify whether the station
+      is 802.11e-capable.  A value of zero is used to indicate that the
+      station is not 802.11e-capable, while a value of one means that
+      the station is 802.11e-capable.
+
+
+
+Calhoun, et al.                 Historic                       [Page 92]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   QoS:   An 8-bit value specifying the QoS policy to enforce for the
+      station.  The following values are supported: PRC: TO CHECK
+
+      0 -  Silver (Best Effort)
+
+      1 -  Gold (Video)
+
+      2 -  Platinum (Voice)
+
+      3 -  Bronze (Background)
+
+   Supported Rates:   The supported rates to be used with the mobile
+      station.
+
+   VLAN Name:   An optional variable string containing the VLAN Name on
+      which the WTP is to locally bridge user data.  Note that this
+      field is only valid with Local MAC WTPs.
+
+11.7.1.2.  IEEE 802.11 Mobile Session Key
+
+   The Mobile Session Key Payload message element is sent when the AC
+   determines that encryption of a mobile station must be performed in
+   the WTP.  This message element MUST NOT be present without the Add
+   Mobile message element, and MUST NOT be sent if the WTP had not
+   specifically advertised support for the requested encryption scheme
+   (see Section 11.7.1.1).
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                           MAC Address                         |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |          MAC Address          |       Encryption Policy       |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |       Encryption Policy       |        Session Key...         |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   105 for IEEE 802.11 Mobile Session Key
+
+   Length:   >= 11
+
+   MAC Address: The mobile station's MAC address.
+
+   Encryption Policy: The policy field informs the WTP how to handle
+      packets from/to the mobile station.  The following values are
+      supported:
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 93]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+      0 -  Encrypt WEP 104: All packets to/from the mobile station must
+           be encrypted using a standard 104-bit WEP.
+
+      1 -  Clear Text: All packets to/from the mobile station do not
+           require any additional crypto processing by the WTP.
+
+      2 -  Encrypt WEP 40: All packets to/from the mobile station must
+           be encrypted using a standard 40-bit WEP.
+
+      3 -  Encrypt WEP 128: All packets to/from the mobile station must
+           be encrypted using a standard 128-bit WEP.
+
+      4 -  Encrypt AES-CCMP 128: All packets to/from the mobile station
+           must be encrypted using a 128-bit AES-CCMP [7].
+
+      5 -  Encrypt TKIP-MIC: All packets to/from the mobile station must
+           be encrypted using TKIP and authenticated using Michael [16].
+
+   Session Key: The session key the WTP is to use when encrypting
+      traffic to/from the mobile station.
+
+11.7.1.3.  Station QoS Profile
+
+   The Station QoS Profile Payload message element contains the maximum
+   802.11e priority tag that may be used by the station.  Any packets
+   received that exceed the value encoded in this message element must
+   either be dropped or tagged using the maximum value permitted to the
+   user.  The priority tag must be between zero (0) and seven (7).
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                           MAC Address                         |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |          MAC Address          |     802.1P Precedence Tag     |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   140 for IEEE 802.11 Station QoS Profile
+
+   Length:   12
+
+   MAC Address:   The mobile station's MAC address.
+
+   802.1P Precedence Tag:   The maximum 802.1P precedence value that the
+      WTP will allow in the Traffic Identifier (TID) field in the
+      extended 802.11e QoS Data header.
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 94]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+11.7.1.4.  IEEE 802.11 Update Mobile QoS
+
+   The Update Mobile QoS message element is used to change the Quality-
+   of-Service policy on the WTP for a given mobile station.
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |   Radio ID    |        Association ID         |  MAC Address  |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                          MAC Address                          |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |  MAC Address  |  QoS Profile  |        Vlan Identifier        |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |   DSCP Tag    |  802.1P Tag   |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   106 for IEEE 802.11 Update Mobile QoS
+
+   Length:   14
+
+   Radio ID:   The Radio Identifier, typically refers to some interface
+      index on the WTP.
+
+   Association ID:   The 802.11 Association Identifier.
+
+   MAC Address:   The mobile station's MAC address.
+
+   QoS Profile:   An 8-bit value specifying the QoS policy to enforce
+      for the station.  The following values are supported:
+
+      0 -  Silver (Best Effort)
+
+      1 -  Gold (Video)
+
+      2 -  Platinum (Voice)
+
+      3 -  Bronze (Background)
+
+   VLAN Identifier:   PRC.
+
+   DSCP Tag:   The DSCP label to use if packets are to be DSCP tagged.
+
+   802.1P Tag:   The 802.1P precedence value to use if packets are to be
+      802.1P-tagged.
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 95]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+11.7.2.  WTP Event Request
+
+   This section contains the 802.11-specific message elements that are
+   used with the WTP Event Request message.
+
+11.7.2.1.  IEEE 802.11 Statistics
+
+   The Statistics message element is sent by the WTP to transmit its
+   current statistics.  The value contains the following fields:
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |    Radio ID   |               Tx Fragment Count               |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |Tx Fragment Cnt|               Multicast Tx Count              |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      | Mcast Tx Cnt  |                  Failed Count                 |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      | Failed Count  |                  Retry Count                  |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |  Retry Count  |             Multiple Retry Count              |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |Multi Retry Cnt|             Frame Duplicate Count             |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      | Frame Dup Cnt |               RTS Success Count               |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |RTS Success Cnt|               RTS Failure Count               |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |RTS Failure Cnt|               ACK Failure Count               |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |ACK Failure Cnt|               Rx Fragment Count               |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |Rx Fragment Cnt|               Multicast RX Count              |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      | Mcast Rx Cnt  |                FCS Error  Count               |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      | FCS Error  Cnt|                 Tx Frame Count                |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      | Tx Frame Cnt  |               Decryption Errors               |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |Decryption Errs|
+      +-+-+-+-+-+-+-+-+
+
+   Type:   38 for Statistics
+
+   Length:   57
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 96]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   Radio ID:   An 8-bit value representing the radio.
+
+   Tx Fragment Count:   A 32-bit value representing the number of
+      fragmented frames transmitted.
+
+   Multicast Tx Count:   A 32-bit value representing the number of
+      multicast frames transmitted.
+
+   Failed Count:   A 32-bit value representing the transmit excessive
+      retries.
+
+   Retry Count:   A 32-bit value representing the number of transmit
+      retries.
+
+   Multiple Retry Count:   A 32-bit value representing the number of
+      transmits that required more than one retry.
+
+   Frame Duplicate Count:   A 32-bit value representing the duplicate
+      frames received.
+
+   RTS Success Count:   A 32-bit value representing the number of
+      successfully transmitted Ready To Send (RTS).
+
+   RTS Failure Count:   A 32-bit value representing the failed
+      transmitted RTS.
+
+   ACK Failure Count:   A 32-bit value representing the number of failed
+      acknowledgements.
+
+   Rx Fragment Count:   A 32-bit value representing the number of
+      fragmented frames received.
+
+   Multicast RX Count:   A 32-bit value representing the number of
+      multicast frames received.
+
+   FCS Error Count:   A 32-bit value representing the number of Frame
+      Check Sequence (FCS) failures.
+
+   Decryption Errors:   A 32-bit value representing the number of
+      Decryption errors that occurred on the WTP.  Note that this field
+      is only valid in cases where the WTP provides encryption/
+      decryption services.
+
+11.8.  802.11 Control Messages
+
+   This section will define LWAPP control messages that are specific to
+   the IEEE 802.11 binding.
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 97]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+11.8.1.  IEEE 802.11 WLAN Config Request
+
+   The IEEE 802.11 WLAN Configuration Request is sent by the AC to the
+   WTP in order to change services provided by the WTP.  This control
+   message is used to either create, update, or delete a WLAN on the
+   WTP.
+
+   The IEEE 802.11 WLAN Configuration Request is sent as a result of
+   either some manual administrative process (e.g., deleting a WLAN), or
+   automatically to create a WLAN on a WTP.  When sent automatically to
+   create a WLAN, this control message is sent after the LWAPP
+   Configuration Request message has been received by the WTP.
+
+   Upon receiving this control message, the WTP will modify the
+   necessary services, and transmit an IEEE 802.11 WLAN Configuration
+   Response.
+
+   An WTP MAY provide service for more than one WLAN: therefore, every
+   WLAN is identified through a numerical index.  For instance, a WTP
+   that is capable of supporting up to 16 SSIDs could accept up to 16
+   IEEE 802.11 WLAN Configuration Request messages that include the Add
+   WLAN message element.
+
+   Since the index is the primary identifier for a WLAN, an AC SHOULD
+   attempt to ensure that the same WLAN is identified through the same
+   index number on all of its WTPs.  An AC that does not follow this
+   approach MUST find some other means of maintaining a WLAN Identifier
+   to SSID mapping table.
+
+   The following subsections define the message elements that are of
+   value for this LWAPP operation.  Only one message MUST be present.
+
+11.8.1.1.  IEEE 802.11 Add WLAN
+
+   The Add WLAN message element is used by the AC to define a wireless
+   LAN on the WTP.  The value contains the following format:
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 98]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |    Radio ID   |         WLAN Capability       |    WLAN ID    |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                      Encryption Policy                        |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                             Key ...                           |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |   Key Index   |   Shared Key  | WPA Data Len  |WPA IE Data ...|
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      | RSN Data Len  |RSN IE Data ...|         Reserved ....         |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      | WME Data Len  |WME IE Data ...|  11e Data Len |11e IE Data ...|
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |      QoS      |   Auth Type   |Broadcast SSID |  Reserved...  |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |    SSID ...   |
+      +-+-+-+-+-+-+-+-+
+
+   Type:   7 for IEEE 802.11 Add WLAN
+
+   Length:   >= 298
+
+   Radio ID:   An 8-bit value representing the radio.
+
+   WLAN Capability:   A 16-bit value containing the capabilities to be
+      advertised by the WTP within the Probe and Beacon messages.
+
+   WLAN ID:   A 16-bit value specifying the WLAN Identifier.
+
+   Encryption Policy:   A 32-bit value specifying the encryption scheme
+      to apply to traffic to and from the mobile station.
+
+      The following values are supported:
+
+      0 -  Encrypt WEP 104: All packets to/from the mobile station must
+           be encrypted using a standard 104-bit WEP.
+
+      1 -  Clear Text: All packets to/from the mobile station do not
+           require any additional crypto processing by the WTP.
+
+      2 -  Encrypt WEP 40: All packets to/from the mobile station must
+           be encrypted using a standard 40-bit WEP.
+
+      3 -  Encrypt WEP 128: All packets to/from the mobile station must
+           be encrypted using a standard 128-bit WEP.
+
+
+
+
+Calhoun, et al.                 Historic                       [Page 99]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+      4 -  Encrypt AES-CCMP 128: All packets to/from the mobile station
+           must be encrypted using a 128-bit AES-CCMP [7].
+
+      5 -  Encrypt TKIP-MIC: All packets to/from the mobile station must
+           be encrypted using TKIP and authenticated using Michael [16].
+
+      6 -  Encrypt CKIP: All packets to/from the mobile station must be
+           encrypted using Cisco TKIP.
+
+   Key:   A 32-byte session key to use with the encryption policy.
+
+   Key-Index:   The Key Index associated with the key.
+
+   Shared Key:   A 1-byte Boolean that specifies whether the key
+      included in the Key field is a shared WEP key.  A value of zero is
+      used to state that the key is not a shared WEP key, while a value
+      of one is used to state that the key is a shared WEP key.
+
+   WPA Data Len:   Length of the WPA Information Element (IE).
+
+   WPA IE:   A 32-byte field containing the WPA Information Element.
+
+   RSN Data Len:   Length of the Robust Security Network (RSN) IE.
+
+   RSN IE:   A 64-byte field containing the RSN Information Element.
+
+   Reserved:   A 49-byte reserved field, which MUST be set to zero (0).
+
+   WME Data Len:   Length of the WME IE.
+
+   WME IE:   A 32-byte field containing the WME Information Element.
+
+   DOT11E Data Len:   Length of the 802.11e IE.
+
+   DOT11E IE:   A 32-byte field containing the 802.11e Information
+      Element.
+
+   QOS:   An 8-bit value specifying the QoS policy to enforce for the
+      station.
+
+      The following values are supported:
+
+      0 -  Silver (Best Effort)
+
+      1 -  Gold (Video)
+
+      2 -  Platinum (Voice)
+
+
+
+
+Calhoun, et al.                 Historic                      [Page 100]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+      3 -  Bronze (Background)
+
+   Auth Type:   An 8-bit value specifying the station's authentication
+      type.
+
+      The following values are supported:
+
+      0 -  Open System
+
+      1 -  WEP Shared Key
+
+      2 -  WPA/WPA2 802.1X
+
+      3 -  WPA/WPA2 PSK
+
+   Broadcast SSID:   A Boolean indicating whether the SSID is to be
+      broadcast by the WTP.  A value of zero disables SSID broadcast,
+      while a value of one enables it.
+
+   Reserved:   A 40-byte reserved field.
+
+   SSID:   The SSID attribute is the service set identifier that will be
+      advertised by the WTP for this WLAN.
+
+11.8.1.2.  IEEE 802.11 Delete WLAN
+
+   The Delete WLAN message element is used to inform the WTP that a
+   previously created WLAN is to be deleted.  The value contains the
+   following fields:
+
+       0                   1                   2
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |    Radio ID   |            WLAN ID            |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   28 for IEEE 802.11 Delete WLAN
+
+   Length:   3
+
+   Radio ID:   An 8-bit value representing the radio
+
+   WLAN ID:   A 16-bit value specifying the WLAN Identifier
+
+11.8.1.3.  IEEE 802.11 Update WLAN
+
+   The Update WLAN message element is used by the AC to define a
+   wireless LAN on the WTP.  The value contains the following format:
+
+
+
+Calhoun, et al.                 Historic                      [Page 101]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |    Radio ID   |             WLAN ID           |Encrypt Policy |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                      Encryption Policy        |     Key...    |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                             Key ...                           |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |   Key Index   |   Shared Key  |        WLAN Capability        |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   34 for IEEE 802.11 Update WLAN
+
+   Length:   43
+
+   Radio ID:   An 8-bit value representing the radio.
+
+   WLAN ID:   A 16-bit value specifying the WLAN Identifier.
+
+   Encryption Policy:   A 32-bit value specifying the encryption scheme
+      to apply to traffic to and from the mobile station.
+
+      The following values are supported:
+
+      0 -  Encrypt WEP 104: All packets to/from the mobile station must
+           be encrypted using a standard 104-bit WEP.
+
+      1 -  Clear Text: All packets to/from the mobile station do not
+           require any additional crypto processing by the WTP.
+
+      2 -  Encrypt WEP 40: All packets to/from the mobile station must
+           be encrypted using a standard 40-bit WEP.
+
+      3 -  Encrypt WEP 128: All packets to/from the mobile station must
+           be encrypted using a standard 128-bit WEP.
+
+      4 -  Encrypt AES-CCMP 128: All packets to/from the mobile station
+           must be encrypted using a 128-bit AES-CCMP [7].
+
+      5 -  Encrypt TKIP-MIC: All packets to/from the mobile station must
+           be encrypted using TKIP and authenticated using Michael [16].
+
+      6 -  Encrypt CKIP: All packets to/from the mobile station must be
+           encrypted using Cisco TKIP.
+
+   Key:   A 32-byte session key to use with the encryption policy.
+
+
+
+
+Calhoun, et al.                 Historic                      [Page 102]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   Key-Index:   The Key Index associated with the key.
+
+   Shared Key:   A 1-byte Boolean that specifies whether the key
+      included in the Key field is a shared WEP key.  A value of zero
+      means that the key is not a shared WEP key, while a value of one
+      is used to state that the key is a shared WEP key.
+
+   WLAN Capability:   A 16-bit value containing the capabilities to be
+      advertised by the WTP within the Probe and Beacon messages.
+
+11.8.2.  IEEE 802.11 WLAN Config Response
+
+   The IEEE 802.11 WLAN Configuration Response is sent by the WTP to the
+   AC as an acknowledgement of the receipt of an IEEE 802.11 WLAN
+   Configuration Request.
+
+   This LWAPP control message does not include any message elements.
+
+11.8.3.  IEEE 802.11 WTP Event
+
+   The IEEE 802.11 WTP Event LWAPP message is used by the WTP in order
+   to report asynchronous events to the AC.  There is no reply message
+   expected from the AC, except that the message is acknowledged via the
+   reliable transport.
+
+   When the AC receives the IEEE 802.11 WTP Event, it will take whatever
+   action is necessary, depending upon the message elements present in
+   the message.
+
+   The IEEE 802.11 WTP Event message MUST contain one of the following
+   message elements described in the next subsections.
+
+11.8.3.1.  IEEE 802.11 MIC Countermeasures
+
+   The MIC Countermeasures message element is sent by the WTP to the AC
+   to indicate the occurrence of a MIC failure.
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |   Radio ID    |    WLAN ID    |          MAC Address          |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                          MAC Address                          |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   61 for IEEE 802.11 MIC Countermeasures
+
+   Length:   8
+
+
+
+Calhoun, et al.                 Historic                      [Page 103]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   Radio ID:   The Radio Identifier, typically refers to some interface
+      index on the WTP.
+
+   WLAN ID:   This 8-bit unsigned integer includes the WLAN Identifier,
+      on which the MIC failure occurred.
+
+   MAC Address:   The MAC address of the mobile station that caused the
+      MIC failure.
+
+11.8.3.2.  IEEE 802.11 WTP Radio Fail Alarm Indication
+
+   The WTP Radio Fail Alarm Indication message element is sent by the
+   WTP to the AC when it detects a radio failure.
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |   Radio ID    |     Type      |    Status     |      Pad      |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   95 for WTP Radio Fail Alarm Indication
+
+   Length:   4
+
+   Radio ID:   The Radio Identifier, typically refers to some interface
+      index on the WTP.
+
+   Type:   The type of radio failure detected.  The following values are
+      supported:
+
+      1 -  Receiver
+
+      2 -  Transmitter
+
+   Status:   An 8-bit Boolean indicating whether the radio failure is
+      being reported or cleared.  A value of zero is used to clear the
+      event, while a value of one is used to report the event.
+
+   Pad:   Reserved field MUST be set to zero (0).
+
+
+
+
+
+
+
+
+
+
+
+
+Calhoun, et al.                 Historic                      [Page 104]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+11.9.  Message Element Bindings
+
+   The IEEE 802.11 Message Element binding has the following
+   definitions:
+
+                                                Conf  Conf  Conf  Add
+                                                Req   Resp  Upd   Mobile
+
+      IEEE 802.11 WTP WLAN Radio Configuration   X     X     X
+      IEEE 802.11 Rate Set                             X     X
+      IEEE 802.11 Multi-domain Capability        X     X     X
+      IEEE 802.11 MAC Operation                  X     X     X
+      IEEE 802.11 Tx Power                       X     X     X
+      IEEE 802.11 Tx Power Level                 X
+      IEEE 802.11 Direct Sequence Control        X     X     X
+      IEEE 802.11 OFDM Control                   X     X     X
+      IEEE 802.11 Supported Rates                X     X
+      IEEE 802.11 Antenna                        X     X     X
+      IEEE 802.11 CFP Status                     X           X
+      IEEE 802.11 Broadcast Probe Mode                 X     X
+      IEEE 802.11 WTP Mode and Type              X?          X
+      IEEE 802.11 WTP Quality of Service               X     X
+      IEEE 802.11 MIC Error Report From Mobile               X
+      IEEE 802.11 Update Mobile QoS                                X
+      IEEE 802.11 Mobile Session Key                               X
+
+11.9.1.  IEEE 802.11 WTP WLAN Radio Configuration
+
+   The WTP WLAN radio configuration is used by the AC to configure a
+   Radio on the WTP.  The message element value contains the following
+   Fields:
+
+        0                   1                   2                   3
+        0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |    Radio ID   |    Reserved   |        Occupancy Limit        |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |    CFP Per    |      CFP Maximum Duration     |     BSS ID    |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                            BSS ID                             |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |     BSS ID    |        Beacon Period          |    DTIM Per   |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                        Country String                         |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      | Num Of BSSIDs |
+      +-+-+-+-+-+-+-+-+
+
+
+
+
+Calhoun, et al.                 Historic                      [Page 105]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   Type:   8 for IEEE 802.11 WTP WLAN Radio Configuration
+
+   Length:   20
+
+   Radio ID:   An 8-bit value representing the radio to configure.
+
+   Reserved:   MUST be set to zero
+
+   Occupancy Limit:   This attribute indicates the maximum amount of
+      time, in Time Units (TUs), that a point coordinator MAY control
+      the usage of the wireless medium without relinquishing control for
+      long enough to allow at least one instance of Distributed
+      Coordination Function (DCF) access to the medium.  The default
+      value of this attribute SHOULD be 100, and the maximum value
+      SHOULD be 1000.
+
+   CFP Period:   The attribute describes the number of DTIM intervals
+      between the start of Contention-Free Periods (CFPs).
+
+   CFP Maximum Duration:   The attribute describes the maximum duration
+      of the CFP in TU that MAY be generated by the Point Coordination
+      Function (PCF).
+
+   BSSID:   The WLAN Radio's base MAC address.  For WTPs that support
+      more than a single WLAN, the value of the WLAN Identifier is added
+      to the last octet of the BSSID.  Therefore, a WTP that supports 16
+      WLANs MUST have 16 MAC addresses reserved for it, and the last
+      nibble is used to represent the WLAN ID.
+
+   Beacon Period:   This attribute specifies the number of TUs that a
+      station uses for scheduling Beacon transmissions.  This value is
+      transmitted in Beacon and Probe Response frames.
+
+   DTIM Period:   This attribute specifies the number of Beacon
+      intervals that elapses between transmission of Beacons frames
+      containing a TIM element whose DTIM Count field is 0.  This value
+      is transmitted in the DTIM Period field of Beacon frames.
+
+   Country Code:   This attribute identifies the country in which the
+      station is operating.  The first two octets of this string is the
+      two-character country code as described in document ISO/IEC 3166-
+      1.  The third octet MUST be one of the following:
+
+   1. an ASCII space character, if the regulations under which the
+      station is operating encompass all environments in the country,
+
+   2. an ASCII 'O' character, if the regulations under which the station
+      is operating are for an outdoor environment only, or
+
+
+
+Calhoun, et al.                 Historic                      [Page 106]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   3. an ASCII 'I' character, if the regulations under which the station
+      is operating are for an indoor environment only.
+
+   Number of BSSIDs:   This attribute contains the maximum number of
+      BSSIDs supported by the WTP.  This value restricts the number of
+      logical networks supported by the WTP.
+
+11.9.2.  IEEE 802.11 Rate Set
+
+   The Rate Set message element value is sent by the AC and contains the
+   supported operational rates.  It contains the following fields:
+
+        0                   1                   2                   3
+        0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |    Radio ID   |                   Rate Set                    |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   16 for IEEE 802.11 Rate Set
+
+   Length:   4
+
+   Radio ID:   An 8-bit value representing the radio to configure.
+
+   Rate Set:   The AC generates the Rate Set that the WTP is to include
+      in its Beacon and Probe messages.
+
+11.9.3.  IEEE 802.11 Multi-Domain Capability
+
+   The Multi-Domain Capability message element is used by the AC to
+   inform the WTP of regulatory limits.  The value contains the
+   following fields:
+
+        0                   1                   2                   3
+        0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |    Radio ID   |    Reserved   |        First Channel #        |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |       Number of Channels      |       Max Tx Power Level      |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   10 for IEEE 802.11 Multi-Domain Capability
+
+   Length:   8
+
+   Radio ID:   An 8-bit value representing the radio to configure.
+
+   Reserved:   MUST be set to zero
+
+
+
+Calhoun, et al.                 Historic                      [Page 107]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   First Channel #:   This attribute indicates the value of the lowest
+      channel number in the subband for the associated domain country
+      string.
+
+   Number of Channels:   This attribute indicates the value of the total
+      number of channels allowed in the subband for the associated
+      domain country string.
+
+   Max Tx Power Level:   This attribute indicates the maximum transmit
+      power, in dBm, allowed in the subband for the associated domain
+      country string.
+
+11.9.4.  IEEE 802.11 MAC Operation
+
+   The MAC Operation message element is sent by the AC to set the 802.11
+   MAC parameters on the WTP.  The value contains the following fields:
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |    Radio ID   |    Reserved   |         RTS Threshold         |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |  Short Retry  |  Long Retry   |    Fragmentation Threshold    |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                       Tx MSDU Lifetime                        |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                       Rx MSDU Lifetime                        |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   11 for IEEE 802.11 MAC Operation
+
+   Length:   16
+
+   Radio ID:   An 8-bit value representing the radio to configure.
+
+   Reserved:   MUST be set to zero
+
+   RTS Threshold:   This attribute indicates the number of octets in a
+      Management Protocol Data Unit (MPDU), below which an RTS/CTS
+      (clear to send) handshake MUST NOT be performed.  An RTS/CTS
+      handshake MUST be performed at the beginning of any frame exchange
+      sequence where the MPDU is of type Data or Management, the MPDU
+      has an individual address in the Address1 field, and the length of
+      the MPDU is greater than this threshold.  Setting this attribute
+      to be larger than the maximum MAC Service Data Unit (MSDU) size
+      MUST have the effect of turning off the RTS/CTS handshake for
+      frames of Data or Management type transmitted by this Station
+      (STA).  Setting this attribute to zero MUST have the effect of
+
+
+
+Calhoun, et al.                 Historic                      [Page 108]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+      turning on the RTS/CTS handshake for all frames of Data or
+      Management type transmitted by this STA.  The default value of
+      this attribute MUST be 2347.
+
+   Short Retry:   This attribute indicates the maximum number of
+      transmission attempts of a frame, the length of which is less than
+      or equal to RTSThreshold, that MUST be made before a failure
+      condition is indicated.  The default value of this attribute MUST
+      be 7.
+
+   Long Retry:   This attribute indicates the maximum number of
+      transmission attempts of a frame, the length of which is greater
+      than dot11RTSThreshold, that MUST be made before a failure
+      condition is indicated.  The default value of this attribute MUST
+      be 4.
+
+   Fragmentation Threshold:   This attribute specifies the current
+      maximum size, in octets, of the MPDU that MAY be delivered to the
+      PHY.  An MSDU MUST be broken into fragments if its size exceeds
+      the value of this attribute after adding MAC headers and trailers.
+      An MSDU or MAC Management Protocol Data Unit (MMPDU) MUST be
+      fragmented when the resulting frame has an individual address in
+      the Address1 field, and the length of the frame is larger than
+      this threshold.  The default value for this attribute MUST be the
+      lesser of 2346 or the aMPDUMaxLength of the attached PHY and MUST
+      never exceed the lesser of 2346 or the aMPDUMaxLength of the
+      attached PHY.  The value of this attribute MUST never be less than
+      256.
+
+   Tx MSDU Lifetime:   This attribute specifies the elapsed time in TU,
+      after the initial transmission of an MSDU, after which, further
+      attempts to transmit the MSDU MUST be terminated.  The default
+      value of this attribute MUST be 512.
+
+   Rx MSDU Lifetime:   This attribute specifies the elapsed time, in TU,
+      after the initial reception of a fragmented MMPDU or MSDU, after
+      which, further attempts to reassemble the MMPDU or MSDU MUST be
+      terminated.  The default value MUST be 512.
+
+11.9.5.  IEEE 802.11 Tx Power
+
+   The Tx Power message element value is bi-directional.  When sent by
+   the WTP, it contains the current power level of the radio in
+   question.  When sent by the AC, it contains the power level to which
+   the WTP MUST adhere:
+
+
+
+
+
+
+Calhoun, et al.                 Historic                      [Page 109]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |    Radio ID   |    Reserved   |        Current Tx Power       |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   12 for IEEE 802.11 Tx Power
+
+   Length:   4
+
+   Radio ID:   An 8-bit value representing the radio to configure.
+
+   Reserved:   MUST be set to zero
+
+   Current Tx Power:   This attribute contains the transmit output power
+      in mW.
+
+11.9.6.  IEEE 802.11 Tx Power Level
+
+   The Tx Power Level message element is sent by the WTP and contains
+   the different power levels supported.  The value contains the
+   following fields:
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |    Radio ID   |   Num Levels  |        Power Level [n]        |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   13 for IEEE 802.11 Tx Power Level
+
+   Length:   >= 4
+
+   Radio ID:   An 8-bit value representing the radio to configure.
+
+   Num Levels:   The number of power level attributes.
+
+   Power Level:   Each power level fields contains a supported power
+      level, in mW.
+
+11.9.7.  IEEE 802.11 Direct Sequence Control
+
+   The Direct Sequence Control message element is a bi-directional
+   element.  When sent by the WTP, it contains the current state.  When
+   sent by the AC, the WTP MUST adhere to the values.  This element is
+   only used for 802.11b radios.  The value has the following fields.
+
+
+
+
+
+Calhoun, et al.                 Historic                      [Page 110]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |    Radio ID   |    Reserved   | Current Chan  |  Current CCA  |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                    Energy Detect Threshold                    |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   14 for IEEE 802.11 Direct Sequence Control
+
+   Length:   8
+
+   Radio ID:   An 8-bit value representing the radio to configure.
+
+   Reserved:   MUST be set to zero
+
+   Current Channel:   This attribute contains the current operating
+      frequency channel of the Direct Sequence Spread Spectrum (DSSS)
+      PHY.
+
+   Current CCA:   The current Controlled Channel Access (CCA) method in
+      operation.  Valid values are:
+
+      1 - energy detect only (edonly)
+
+      2 - carrier sense only (csonly)
+
+      4 - carrier sense and energy detect (edandcs)
+
+      8 - carrier sense with timer (cswithtimer)
+
+      16 - high-rate carrier sense and energy detect (hrcsanded)
+
+   Energy Detect Threshold:   The current Energy Detect Threshold being
+      used by the DSSS PHY.
+
+11.9.8.  IEEE 802.11 OFDM Control
+
+   The Orthogonal Frequency Division Multiplexing (OFDM) Control message
+   element is a bi-directional element.  When sent by the WTP, it
+   contains the current state.  When sent by the AC, the WTP MUST adhere
+   to the values.  This element is only used for 802.11a radios.  The
+   value contains the following fields:
+
+
+
+
+
+
+
+
+Calhoun, et al.                 Historic                      [Page 111]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |    Radio ID   |    Reserved   | Current Chan  |  Band Support |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                         TI Threshold                          |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   15 for IEEE 802.11 OFDM Control
+
+   Length:   8
+
+   Radio ID:   An 8-bit value representing the radio to configure.
+
+   Reserved:   MUST be set to zero
+
+   Current Channel:   This attribute contains the current operating
+      frequency channel of the OFDM PHY.
+
+   Band Supported:   The capability of the OFDM PHY implementation to
+      operate in the three U-NII bands.  Coded as an integer value of a
+      3-bit field as follows:
+
+      Bit 0 -  capable of operating in the lower (5.15-5.25 GHz) U-NII
+               band
+
+      Bit 1 -  capable of operating in the middle (5.25-5.35 GHz) U-NII
+               band
+
+      Bit 2 -  capable of operating in the upper (5.725-5.825 GHz) U-NII
+               band
+
+      For example, for an implementation capable of operating in the
+      lower and mid bands, this attribute would take the value.
+
+   TI Threshold:   The threshold being used to detect a busy medium
+      (frequency).  CCA MUST report a busy medium upon detecting the
+      RSSI above this threshold.
+
+11.9.9.  IEEE 802.11 Antenna
+
+   The Antenna message element is communicated by the WTP to the AC to
+   provide information on the antennas available.  The AC MAY use this
+   element to reconfigure the WTP's antennas.  The value contains the
+   following fields:
+
+
+
+
+
+
+Calhoun, et al.                 Historic                      [Page 112]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |    Radio ID   |   Diversity   |    Combiner   |  Antenna Cnt  |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                    Antenna Selection [0..N]                   |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   41 for IEEE 802.11 Antenna
+
+   Length:   >= 8
+
+   Radio ID:   An 8-bit value representing the radio to configure.
+
+   Diversity:   An 8-bit value specifying whether the antenna is to
+      provide receive diversity.  The following values are supported:
+
+      0 -  Disabled
+
+      1 -  Enabled (may only be true if the antenna can be used as a
+           receive antenna)
+
+   Combiner:   An 8-bit value specifying the combiner selection.  The
+      following values are supported:
+
+      1 -  Sectorized (Left)
+
+      2 -  Sectorized (Right)
+
+      3 -  Omni
+
+      4 -  Mimo
+
+   Antenna Count:   An 8-bit value specifying the number of Antenna
+      Selection fields.
+
+   Antenna Selection:   One 8-bit antenna configuration value per
+      antenna in the WTP.  The following values are supported:
+
+      1 -  Internal Antenna
+
+      2 -  External Antenna
+
+11.9.10.  IEEE 802.11 Supported Rates
+
+   The Supported Rates message element is sent by the WTP to indicate
+   the rates that it supports.  The value contains the following fields:
+
+
+
+
+Calhoun, et al.                 Historic                      [Page 113]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |    Radio ID   |                 Supported Rates               |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   16 for IEEE 802.11 Supported Rates
+
+   Length:   4
+
+   Radio ID:   An 8-bit value representing the radio.
+
+   Supported Rates:   The WTP includes the Supported Rates that its
+      hardware supports.  The format is identical to the Rate Set
+      message element.
+
+11.9.11.  IEEE 802.11 CFP Status
+
+   The CFP Status message element is sent to provide the CF Polling
+   configuration.
+
+       0                   1
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |   Radio ID    |    Status     |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   48 for IEEE 802.11 CFP Status
+
+   Length:   2
+
+   Radio ID:   The Radio Identifier, typically refers to some interface
+      index on the WTP.
+
+   Status:   An 8-bit Boolean containing the status of the CF Polling
+      feature.  A value of zero disables CFP Status, while a value of
+      one enables it.
+
+11.9.12.  IEEE 802.11 WTP Mode and Type
+
+   The WTP Mode and Type message element is used to configure a WTP to
+   operate in a specific mode.
+
+       0                   1
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |     Mode      |     Type      |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+
+
+Calhoun, et al.                 Historic                      [Page 114]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   Type:   54 for IEEE 802.11 WTP Mode and Type
+
+   Length:   2
+
+   Mode:   An 8-bit value describing the type of information being sent.
+      The following values are supported:
+
+      0 -  Split MAC
+
+      2 -  Local MAC
+
+   Type:   The type field is not currently used.
+
+11.9.13.  IEEE 802.11 Broadcast Probe Mode
+
+   The Broadcast Probe Mode message element indicates whether a WTP will
+   respond to NULL SSID Probe requests.  Since broadcast NULL Probes are
+   not sent to a specific BSSID, the WTP cannot know which SSID the
+   sending station is querying.  Therefore, this behavior must be global
+   to the WTP.
+
+       0
+       0 1 2 3 4 5 6 7
+      +-+-+-+-+-+-+-+-+
+      |    Status     |
+      +-+-+-+-+-+-+-+-+
+
+   Type:   51 for IEEE 802.11 Broadcast Probe Mode
+
+   Length:   1
+
+   Status:   An 8-bit Boolean indicating the status of whether a WTP
+      shall respond to a NULL SSID Probe request.  A value of zero
+      disables the NULL SSID Probe response, while a value of one
+      enables it.
+
+11.9.14.  IEEE 802.11 WTP Quality of Service
+
+   The WTP Quality of Service message element value is sent by the AC to
+   the WTP to communicate quality-of-service configuration information.
+
+       0                   1
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |   Radio ID    |  Tag Packets  |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   57 for IEEE 802.11 WTP Quality of Service
+
+
+
+Calhoun, et al.                 Historic                      [Page 115]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   Length:   12
+
+   Radio ID:   The Radio Identifier, typically refers to some interface
+      index on the WTP.
+
+   Tag Packets:   A value indicating whether LWAPP packets should be
+      tagged for QoS purposes.  The following values are currently
+      supported:
+
+      0 -  Untagged
+
+      1 -  802.1P
+
+      2 -  DSCP
+
+      Immediately following the above header is the following data
+      structure.  This data structure will be repeated five times, once
+      for every QoS profile.  The order of the QoS profiles is Uranium,
+      Platinum, Gold, Silver, and Bronze.
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |  Queue Depth  |             CWMin             |     CWMax     |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |     CWMax     |     AIFS      |              CBR              |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |   Dot1P Tag   |   DSCP Tag    |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Queue Depth:   The number of packets that can be on the specific QoS
+      transmit queue at any given time.
+
+   CWMin:   The Contention Window minimum value for the QoS transmit
+      queue.
+
+   CWMax:   The Contention Window maximum value for the QoS transmit
+      queue.
+
+   AIFS:   The Arbitration Inter Frame Spacing to use for the QoS
+      transmit queue.
+
+   CBR:   The Constant Bit Rate (CBR) value to observe for the QoS
+      transmit queue.
+
+   Dot1P Tag:   The 802.1P precedence value to use if packets are to be
+      802.1P tagged.
+
+
+
+
+Calhoun, et al.                 Historic                      [Page 116]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   DSCP Tag:   The DSCP label to use if packets are to be DSCP tagged.
+
+11.9.15.  IEEE 802.11 MIC Error Report From Mobile
+
+   The MIC Error Report From Mobile message element is sent by an AC to
+   a WTP when it receives a MIC failure notification via the Error bit
+   in the EAP over LAN (EAPOL)-Key frame.
+
+       0                   1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                       Client MAC Address                      |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |      Client MAC Address       |             BSSID             |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                             BSSID                             |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |   Radio ID    |    WLAN ID    |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+   Type:   79 for IEEE 802.11 MIC Error Report From Mobile
+
+   Length:   14
+
+   Client MAC Address:   The Client MAC address of the station reporting
+      the MIC failure.
+
+   BSSID:   The BSSID on which the MIC failure is being reported.
+
+   Radio ID:   The Radio Identifier, typically refers to some interface
+      index on the WTP.
+
+   WLAN ID:   The WLAN ID on which the MIC failure is being reported.
+
+11.10.  IEEE 802.11 Message Element Values
+
+   This section lists IEEE 802.11-specific values for any generic LWAPP
+   message elements that include fields whose values are technology-
+   specific.
+
+   IEEE 802.11 uses the following values:
+
+   4 - Encrypt AES-CCMP 128:   WTP supports AES-CCMP, as defined in [7].
+
+   5 - Encrypt TKIP-MIC:   WTP supports TKIP and Michael, as defined in
+       [16].
+
+
+
+
+
+Calhoun, et al.                 Historic                      [Page 117]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+12.  LWAPP Protocol Timers
+
+   A WTP or AC that implements LWAPP discovery MUST implement the
+   following timers.
+
+12.1.  MaxDiscoveryInterval
+
+   The maximum time allowed between sending Discovery Requests from the
+   interface, in seconds.  Must be no less than 2 seconds and no greater
+   than 180 seconds.
+
+   Default: 20 seconds.
+
+12.2.  SilentInterval
+
+   The minimum time, in seconds, a WTP MUST wait after failing to
+   receive any responses to its Discovery Requests, before it MAY again
+   send Discovery Requests.
+
+   Default: 30
+
+12.3.  NeighborDeadInterval
+
+   The minimum time, in seconds, a WTP MUST wait without having received
+   Echo Responses to its Echo Requests, before the destination for the
+   Echo Request may be considered dead.  Must be no less than
+   2*EchoInterval seconds and no greater than 240 seconds.
+
+   Default: 60
+
+12.4.  EchoInterval
+
+   The minimum time, in seconds, between sending Echo Requests to the AC
+   with which the WTP has joined.
+
+   Default: 30
+
+12.5.  DiscoveryInterval
+
+   The minimum time, in seconds, that a WTP MUST wait after receiving a
+   Discovery Response, before sending a Join Request.
+
+   Default: 5
+
+
+
+
+
+
+
+
+Calhoun, et al.                 Historic                      [Page 118]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+12.6.  RetransmitInterval
+
+   The minimum time, in seconds, that a non-acknowledged LWAPP packet
+   will be retransmitted.
+
+   Default: 3
+
+12.7.  ResponseTimeout
+
+   The minimum time, in seconds, in which an LWAPP Request message must
+   be responded to.
+
+   Default: 1
+
+12.8.  KeyLifetime
+
+   The maximum time, in seconds, that an LWAPP session key is valid.
+
+   Default: 28800
+
+13.  LWAPP Protocol Variables
+
+   A WTP or AC that implements LWAPP discovery MUST allow for the
+   following variables to be configured by system management; default
+   values are specified so as to make it unnecessary to configure any of
+   these variables in many cases.
+
+13.1.  MaxDiscoveries
+
+   The maximum number of Discovery Requests that will be sent after a
+   WTP boots.
+
+   Default: 10
+
+13.2.  DiscoveryCount
+
+   The number of discoveries transmitted by a WTP to a single AC.  This
+   is a monotonically increasing counter.
+
+13.3.  RetransmitCount
+
+   The number of retransmissions for a given LWAPP packet.  This is a
+   monotonically increasing counter.
+
+
+
+
+
+
+
+
+Calhoun, et al.                 Historic                      [Page 119]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+13.4.  MaxRetransmit
+
+   The maximum number of retransmissions for a given LWAPP packet before
+   the link layer considers the peer dead.
+
+   Default: 5
+
+14.  NAT Considerations
+
+   There are two specific situations where a NAT system may be used in
+   conjunction with LWAPP.  The first consists of a configuration where
+   the WTP is behind a NAT system.  Given that all communication is
+   initiated by the WTP, and all communication is performed over IP
+   using a single UDP port, the protocol easily traverses NAT systems in
+   this configuration.
+
+   The second configuration is one where the AC sits behind a NAT, and
+   there are two main issues that exist in this situation.  First, an AC
+   communicates its interfaces and associated WTP load on these
+   interfaces, through the WTP Manager Control IP Address.  This message
+   element is currently mandatory, and if NAT compliance became an
+   issue, it would be possible to either:
+
+   1. make the WTP Manager Control IP Address optional, allowing the WTP
+      to simply use the known IP address.  However, note that this
+      approach would eliminate the ability to perform load balancing of
+      WTP across ACs, and therefore is not the recommended approach.
+
+   2. allow an AC to be able to configure a NAT'ed address for every
+      associated AC that would generally be communicated in the WTP
+      Manager Control IP Address message element.
+
+   3. require that if a WTP determines that the AC List message element
+      consists of a set of IP addresses that are different from the AC's
+      IP address it is currently communicating with, then assume that
+      NAT is being enforced, and require that the WTP communicate with
+      the original AC's IP address (and ignore the WTP Manager Control
+      IP Address message element(s)).
+
+   Another issue related to having an AC behind a NAT system is LWAPP's
+   support for the CAPWAP Objective to allow the control and data plane
+   to be separated.  In order to support this requirement, the LWAPP
+   protocol defines the WTP Manager Data IP Address message element,
+   which allows the AC to inform the WTP that the LWAPP data frames are
+   to be forwarded to a separate IP address.  This feature MUST be
+   disabled when an AC is behind a NAT.  However, there is no easy way
+   to provide some default mechanism that satisfies both the data/
+
+
+
+
+Calhoun, et al.                 Historic                      [Page 120]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   control separation and NAT objectives, as they directly conflict with
+   each other.  As a consequence, user intervention will be required to
+   support such networks.
+
+   LWAPP has a feature that allows for all of the AC's identities
+   supporting a group of WTPs to be communicated through the AC List
+   message element.  This feature must be disabled when the AC is behind
+   a NAT and the IP address that is embedded would be invalid.
+
+   The LWAPP protocol has a feature that allows an AC to configure a
+   static IP address on a WTP.  The WTP Static IP Address Information
+   message element provides such a function; however, this feature
+   SHOULD NOT be used in NAT'ed environments, unless the administrator
+   is familiar with the internal IP addressing scheme within the WTP's
+   private network, and does not rely on the public address seen by the
+   AC.
+
+   When a WTP detects the duplicate address condition, it generates a
+   message to the AC, which includes the Duplicate IP Address message
+   element.  Once again, it is important to note that the IP address
+   embedded within this message element would be different from the
+   public IP address seen by the AC.
+
+15.  Security Considerations
+
+   LWAPP uses either an authenticated key exchange or key agreement
+   mechanism to ensure peer authenticity and establish fresh session
+   keys to protect the LWAPP communications.
+
+   The LWAPP protocol defines a join phase, which allows a WTP to bind a
+   session with an AC.  During this process, a session key is mutually
+   derived, and secured either through an X.509 certificate or a pre-
+   shared key.  The resulting key exchange generates an encryption
+   session key, which is used to encrypt the LWAPP control packets, and
+   a key derivation key.
+
+   During the established secure communication, the WTP and AC may rekey
+   using the key update process, which is identical to the join phase,
+   meaning the session keys are mutually derived.  However, the exchange
+   described for pre-shared session keys is always used for the key
+   update, with the pre-shared key set to the derivation key created
+   either during the join, or the last key update if one has occurred.
+   The key update results in a new derivation key, which is used in the
+   next key update, as well as an encryption session key to encrypt the
+   LWAPP control packets.
+
+
+
+
+
+
+Calhoun, et al.                 Historic                      [Page 121]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   Replay protection of the Join Request is handled through an exchange
+   of nonces during the join (or key update) phase.  The Join Request
+   includes an XNonce, which is included in the AC's authenticated Join
+   Reply's encrypted ANonce message element, allowing for the two
+   messages to be bound.  Upon receipt of the Join Reply, the WTP
+   generates the WNonce, and generates a set of session keys using a KDF
+   function.  One of these keys is used to MIC the Join ACK.  The AC
+   responds with a Join Confirm, which must also include a MIC, and
+   therefore be capable of deriving the same set of session keys.
+
+   In both the X.509 certificate and pre-shared key modes, an
+   initialization vector is created through the above mentioned KDF
+   function.  The IV and the KDF created encryption key are used to
+   encrypt the LWAPP control frames.
+
+   Given that authentication in the Join exchange does not occur until
+   the WTP transmits the Join ACK message, it is crucial that an AC not
+   delete any state for a WTP it is servicing until an authentication
+   Join ACK has been received.  Otherwise, a potential Denial-of-Service
+   attack exists, whereby sending a spoofed Join Request for a valid WTP
+   would cause the AC to reset the WTP's connection.
+
+   It is important to note that Perfect Forward Secrecy is not a
+   requirement for the LWAPP protocol.
+
+   Note that the LWAPP protocol does not add any new vulnerabilities to
+   802.11 infrastructure that makes use of WEP for encryption purposes.
+   However, implementors SHOULD discourage the use of WEP to allow the
+   market to move towards technically sound cryptographic solutions,
+   such as 802.11i.
+
+15.1.  Certificate-Based Session Key Establishment
+
+   LWAPP uses public key cryptography to ensure trust between the WTP
+   and the AC.  One question that periodically arises is why the Join
+   Request is not signed.  Signing this request would not be optimal for
+   the following reasons:
+
+   1. The Join Request is replayable, so a signature doesn't provide
+      much protection unless the switches keep track of all previous
+      Join Requests from a given WTP.
+
+   2. Replay detection is handled during the Join Reply and Join ACK
+      messages.
+
+   3. A signed Join Request provides a potential Denial-of-Service
+      attack on the AC, which would have to authenticate each
+      (potentially malicious) message.
+
+
+
+Calhoun, et al.                 Historic                      [Page 122]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   The WTP-Certificate that is included in the Join Request MUST be
+   validated by the AC.  It is also good practice that the AC perform
+   some form of authorization, ensuring that the WTP in question is
+   allowed to establish an LWAPP session with it.
+
+15.2.  PSK-Based Session Key Establishment
+
+   Use of a fixed shared secret of limited entropy (for example, a PSK
+   that is relatively short, or was chosen by a human and thus may
+   contain less entropy than its length would imply) may allow an
+   attacker to perform a brute-force or dictionary attack to recover the
+   secret.
+
+   It is RECOMMENDED that implementations that allow the administrator
+   to manually configure the PSK also provide a functionality for
+   generating a new random PSK, taking RFC 1750 [4] into account.
+
+   Since the key generation does not expose the nonces in plaintext,
+   there are no practical passive attacks possible.
+
+16.  Acknowledgements
+
+   The authors wish to thank Michael Vakulenko for contributing text
+   that describes how LWAPP can be used over a Layer 3 (IP) network.
+
+   The authors would also like to thanks Russ Housley and Charles Clancy
+   for their assistance in providing a security review of the LWAPP
+   specification.  Charles' review can be found in [12].
+
+17.  References
+
+17.1.  Normative References
+
+   [1]   Bradner, S., "Key words for use in RFCs to Indicate Requirement
+         Levels", BCP 14, RFC 2119, March 1997.
+
+   [2]   National Institute of Standards and Technology, "Advanced
+         Encryption Standard (AES)", FIPS PUB 197, November 2001,
+         <http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf>.
+
+   [3]   Whiting, D., Housley, R., and N. Ferguson, "Counter with CBC-
+         MAC (CCM)", RFC 3610, September 2003.
+
+   [4]   Eastlake, D., 3rd, Schiller, J., and S. Crocker, "Randomness
+         Requirements for Security", BCP 106, RFC 4086, June 2005.
+
+   [5]   Manner, J., Ed., and M. Kojo, Ed., "Mobility Related
+         Terminology", RFC 3753, June 2004.
+
+
+
+Calhoun, et al.                 Historic                      [Page 123]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+   [6]   "Information technology - Telecommunications and information
+         exchange between systems - Local and metropolitan area networks
+         - Specific requirements - Part 11: Wireless LAN Medium Access
+         Control (MAC) and Physical Layer (PHY) specifications", IEEE
+         Standard 802.11, 2007,
+         <http://standards.ieee.org/getieee802/download/802.11-2007.pdf>
+
+   [7]   "Information technology - Telecommunications and information
+         exchange between systems - Local and metropolitan area networks
+         - Specific requirements - Part 11: Wireless LAN Medium Access
+         Control (MAC) and Physical Layer (PHY) specifications Amendment
+         6: Medium Access Control (MAC) Security Enhancements", IEEE
+         Standard 802.11i, July 2004,
+         http://standards.ieee.org/getieee802/download/802.11i-2004.pdf
+
+   [8]   Clark, D., "IP datagram reassembly algorithms", RFC 815, July
+         1982.
+
+   [9]   Schaad, J. and R. Housley, "Advanced Encryption Standard (AES)
+         Key Wrap Algorithm", RFC 3394, September 2002.
+
+   [10]  Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley,
+         R., and W. Polk, "Internet X.509 Public Key Infrastructure
+         Certificate and Certificate Revocation List (CRL) Profile", RFC
+         5280, May 2008.
+
+   [11]  "Netscape-Defined Certificate Extensions",
+         <http://www.redhat.com/docs/manuals/cert-
+         system/admin/7.1/app_ext.html#35336>.
+
+   [12]  Clancy, C., "Security Review of the Light-Weight Access Point
+         Protocol", May 2005,
+         <http://www.cs.umd.edu/~clancy/docs/lwapp-review.pdf>.
+
+17.2.  Informative References
+
+   [13]  Reynolds, J., Ed., "Assigned Numbers: RFC 1700 is Replaced by
+         an On-line Database", RFC 3232, January 2002.
+
+   [14]   Kent, S. and K. Seo, "Security Architecture for the Internet
+         Protocol", RFC 4301, December 2005.
+
+   [15]  Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed-Hashing
+         for Message Authentication", RFC 2104, February 1997.
+
+   [16]  "WiFi Protected Access (WPA) rev 1.6", April 2003.
+
+
+
+
+
+Calhoun, et al.                 Historic                      [Page 124]
+
+RFC 5412            Lightweight Access Point Protocol      February 2010
+
+
+Authors' Addresses
+
+   Pat R. Calhoun
+   Cisco Systems, Inc.
+   170 West Tasman Drive
+   San Jose, CA  95134
+   Phone: +1 408-853-5269
+   EMail: pcalhoun@cisco.com
+
+   Rohit Suri
+   Cisco Systems, Inc.
+   170 West Tasman Drive
+   San Jose, CA  95134
+   Phone: +1 408-853-5548
+   EMail: rsuri@cisco.com
+
+   Nancy Cam-Winget
+   Cisco Systems, Inc.
+   170 West Tasman Drive
+   San Jose, CA  95134
+   Phone: +1 408-853-0532
+   EMail: ncamwing@cisco.com
+
+   Scott Kelly
+   EMail: scott@hyperthought.com
+
+
+   Michael Glenn Williams
+   GWhiz Arts & Sciences
+   1560 Newbury Road, Suite 1-204
+   Newbury Park, CA 91320
+   Phone: +1 805-499-1994
+   EMail: gwhiz@gwhiz.com
+
+
+   Sue Hares
+   Phone: +1 734-604-0332
+   EMail: shares@ndzh.com
+
+   Bob O'Hara
+   EMail: bob.ohara@computer.org
+
+
+
+
+
+
+
+
+
+
+Calhoun, et al.                 Historic                      [Page 125]
+