From 9801ce7e67acca213e3b0dd3fed5a0d39cc8df56 Mon Sep 17 00:00:00 2001
From: Alexandre Lamarre <alexandre.lamarre@suse.com>
Date: Mon, 25 Mar 2024 19:58:56 +0100
Subject: [PATCH] [dev-v2.9] Forward-port 2.8.1 chart rancher-monitoring-crd
 (#3694)

Signed-off-by: Alexandre Lamarre <alexandre.lamarre@suse.com>
---
 ...ncher-monitoring-crd-103.0.3+up45.31.1.tgz |  Bin 0 -> 407204 bytes
 .../103.0.3+up45.31.1/Chart.yaml              |   10 +
 .../103.0.3+up45.31.1/README.md               |   24 +
 .../crd-manifest/crd-alertmanagerconfigs.yaml | 4481 ++++++++
 .../crd-manifest/crd-alertmanagers.yaml       | 7112 +++++++++++++
 .../crd-manifest/crd-podmonitors.yaml         |  666 ++
 .../crd-manifest/crd-probes.yaml              |  705 ++
 .../crd-manifest/crd-prometheuses.yaml        | 9177 +++++++++++++++++
 .../crd-manifest/crd-prometheusrules.yaml     |  120 +
 .../crd-manifest/crd-servicemonitors.yaml     |  696 ++
 .../crd-manifest/crd-thanosrulers.yaml        | 6675 ++++++++++++
 .../103.0.3+up45.31.1/files/crd-manifest.tgz  |  Bin 0 -> 201592 bytes
 .../103.0.3+up45.31.1/templates/_helpers.tpl  |   50 +
 .../103.0.3+up45.31.1/templates/jobs.yaml     |  152 +
 .../103.0.3+up45.31.1/templates/manifest.yaml |    8 +
 .../103.0.3+up45.31.1/templates/rbac.yaml     |   76 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../103.0.3+up45.31.1/values.yaml             |   17 +
 index.yaml                                    |   14 +
 release.yaml                                  |    1 +
 20 files changed, 29991 insertions(+)
 create mode 100644 assets/rancher-monitoring-crd/rancher-monitoring-crd-103.0.3+up45.31.1.tgz
 create mode 100644 charts/rancher-monitoring-crd/103.0.3+up45.31.1/Chart.yaml
 create mode 100644 charts/rancher-monitoring-crd/103.0.3+up45.31.1/README.md
 create mode 100644 charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-alertmanagerconfigs.yaml
 create mode 100644 charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-alertmanagers.yaml
 create mode 100644 charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-podmonitors.yaml
 create mode 100644 charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-probes.yaml
 create mode 100644 charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-prometheuses.yaml
 create mode 100644 charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-prometheusrules.yaml
 create mode 100644 charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-servicemonitors.yaml
 create mode 100644 charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-thanosrulers.yaml
 create mode 100644 charts/rancher-monitoring-crd/103.0.3+up45.31.1/files/crd-manifest.tgz
 create mode 100644 charts/rancher-monitoring-crd/103.0.3+up45.31.1/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring-crd/103.0.3+up45.31.1/templates/jobs.yaml
 create mode 100644 charts/rancher-monitoring-crd/103.0.3+up45.31.1/templates/manifest.yaml
 create mode 100644 charts/rancher-monitoring-crd/103.0.3+up45.31.1/templates/rbac.yaml
 create mode 100644 charts/rancher-monitoring-crd/103.0.3+up45.31.1/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring-crd/103.0.3+up45.31.1/values.yaml

diff --git a/assets/rancher-monitoring-crd/rancher-monitoring-crd-103.0.3+up45.31.1.tgz b/assets/rancher-monitoring-crd/rancher-monitoring-crd-103.0.3+up45.31.1.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..4fd954a112ca0621d2e81f9ae3de856cb3d062da
GIT binary patch
literal 407204
zcmb5VV|Zji*Dl;KXJXs7ZQIF26Wg|J+qNdQZQGb&V(ZJy^IYF~-+$-ykLq1_@4k0+
zt*To0TGfRY0f`Lw`}(8+Q0a*)(i@1&uu8jeu;??X(i<wVnEg=VV3ku<WtCC0G}p5>
zbW>Ka;So2ov;v%Wy18Jn)w6T@oGI;;9N<VW5t6LdnTWQgaYtQ9JMN2!DaO0x*jU3l
z2M~*H^27NSPlP$}y<YzO9d!<tOEDZ?AuB5#cXHaNiUq9#++Zp@Kz<lWNlTs)MTmgM
zlV*@NB$Y|(<LblC%ggKiHi&k#y}!S|=o5p-!~M}eiWY;5!{_<*G@FC>zWa1ATOj81
z0m8Y}*A79D0v*AJ-Tm0E%H<*lU>ZVEO=NOw3y=>)k$tkn)+<6}EPf*=6r80Xxu&qU
zC~92I9AeNbF;xr8Ja1yvV<%zkN8k{77=Ou6kSY^jd&$Iy>Wz=QyCp%Of^mj0xq~1i
zK0HUJk#*K5BobgU`rtKD+$D|^pM-L^e^$<?K%)sA;_9rCACJr=%rt_Enh3q14rj~8
z=EKH|!TX???s8@Jc4g#UeXcrQMB{w;1SaE%)6@qDy?#cBkx{*VUSC6<f5HLh<dqnP
z-wG3O9pY#T(S=`6nVh)GlH?=m-RYXpWych26{=Gp7Es89T3;m!L!pAw)aJUz!-pY@
zA^9^>lY}7{g%^-agDDbEB36cCU!G4O^7e-9^HCDKAPJ^ToI?ac&bRC-F%O0jA4!eV
zV_&BjiWVV`EB$J3ZxB-AW?}~&ZCT(^PtJG|pOT0_$1lA4`o+=1Wcvx-=jZge2~_d1
z;&yi7-p@`ZV%LF?!|1bTIe#XDzXwLY>rPG0PCLXK3Xjx{u^NGayngl;K*VHxy<Ly)
zBdvVm0rLu_$d+He-HbyH8cJdav^%@JW3OM_H`u;fphbDVFESS@F@N+zL$!Or_-(e)
zjSn*lq^0L?ev08<SO@ynx?bFVb%xlOzBkpZO16;}`DR)H-yh^{Q3+ZUgp*`as6M+$
zt?t;qM2h|!#Ic)Z@dhBbmVyjv@jjc)Wfq;>)m0iaHmKn`VT5U<P2^Ei**$K8x)1Hi
zR$`|}E+6hW!zGB7H_o~4X!Dher|6k)vz3*Kek}`>NxL&8e>C2~(qttHWoQ3Lc^^W~
z=-x{2&qrE5u6EmJp0kQo1i=1Y(KU!Bkw6pX-Zd*ud->y&87bF=j&qrRjg+|yB~zL&
z9Nj%mHejZ^?<0T6i^+|YfAvI~1K%5J{7}qP;%rN;5k_2WWK-~<;bZ^&Oa4!#;L=G3
zs)jHnw?t`XLdz`O5Xu^wq3Bju4`q76=I5$Ul-MUP*83;l`|tawlD%6zxR1MMT1>na
zu{iwCu`+yywHnlV)DTRZrCT8bnM5~37c>-PG;QM9%z{m*G=(AZj66;0i__ObG-lE6
zk5faVsFQ2gj@QHQ<MTO5xx(H~H;1xQ$TG3GRpKP3qR8RGTKeeMH6Iil<F)BNjgJvM
zmZCH2l$G`z(d-dr8YVTLPxCe1k&S|{XKLLoIX)uY@Ti|{AzOKA_!yY)XBcZ9s&O}q
zjU%I5Ddb07;&8hkyp+EMb-jXcaSH+h=o+IZBYm5)RG3K^_F5UU7PG4FT^^;@Z)j9b
zgnhCV-#^RSbJ%ol$Q<)^>y&nAU(QK$c`Z*U35cn59sv^hTyzM=42t??K0Qp*X*jxp
zh1Suyo~=j@qFs(iB)8;*in6!F8cTJ{BbVx#-7IR4Ap*~za=dQ3T)Da*IozI4t}36O
zw`e~<eb7tSCy^$hV^GPs*b)azPWYY;$w;7w)%B`mH22kOyv}gk!<78J-<^=5{88+_
zW%|`<YX4~8{Kcee;T<aPPevT4+AyrK<ZlO&htdox*zOQtXu!dj?%>_v5za`v82V$&
z$MkcoA+3kO&Ic-+7zul`l8+}`LJ%3lh&ylA{t;PbBoT&@u{&)_e(HPN^L#A;F=6GM
zXONlTI(kC9@Hb^sSWz9XIwm-Tw2&9OdkARWUeys30t{wc1Nk0@5*^o8qJFT+kbyx?
zn7zQ_4U|cEhsq+C$kfz<)D$g;niE#V+l7b300pPBuA*qtkRJt6zUa%yy*eVx80ai<
zyuy?<dbd#l1&IW;n9KpBhNet{PNY%HO<7v?pTc>p$%g&05uxr6_qK<Iz6Sj_bDNHl
zgoD0`PYTYQu7gv-`Elhc?SXmZhNoW-i;y@n<XrK$LoNlS*T>uDJ_Ln9{z-i~7HOWL
zyq_3Z-a#`TPgv>j93NtRWFse(?)4{$;!bzNe3-%Q9y7!ngs)msuk$sLJKJoZuO0j%
ziC$3dA;tbBpF#5nfD6<L`$xdV>GP`gpk&F(y#=$r>ErD?YGYr=j45hqu}0**J~mpz
zTW8jR%>?#mn@eqk_e)tZ^a8=W^if5pt}~1OrqbQGHC4QJ^LL+jr^|5`?C3oo8~!?n
z)zRf)zNp5z>^*P$04QGJ_CYRZx!E(_^VFRD&B4(>1ZymCLybd<c77&pL5Qu-eey;+
z15ABWv{OE=t}0$?x0dFW8vaC##}d+kqBSa<?<_fQ3Bu-&%ep@AWlo?aju%uFx0yy7
z`U^z!R#ma8AnxJ3pM#$7XV&Y9$V_@UT3HdW7s+x3v*JiEi`J3@k>}2^oeGN@i3fHW
zj5hGyLXq{U^g*&8^=*|_Y#G|R@9pxdV`2rkO~$KDsxb#-13jwAg9+m$_44Ud;x_t}
zci4CcC^#a7)*sxx@!TK4QTmTuCQ6)K<+mMm>F*xgZf{`jA;_qvcMsbz%<gl3)#|4H
zsf#h9Df9It?vK@Po3iTr$8;_~I3Eor85xE_mSB;H_n1UKW%Nr3aw&|Ir<|02G;m(n
zZZIqlW4wp#xS<Zbd>iKEZ)bWxz}!Zozzm~!d0SVb%f`XLdMEFj&BPv57WEVuxH*Xt
zbB9T}{J3A9x^UPI)IoP}n|W{zurpP^B9<G4sfrz)7rhM+Qs&XoQ}y3@LXk>V{a*Q&
zYMzOvJ}Gy`Wm@8@m_c8@175SjmP*=6Zd=*X<WttRdHRO2{Gz>IM#bCBIcH2Xc#r&x
z?R;PZeJuF6Ghi!tdLrha4XGw(&z+0U|Dq#BX^U&s`ABD{vWveBHt6Q}tm&@?FsVsQ
zUc5C$q(b-WVdL;c$XD%jeg8sF0a2wfTftA6fs(@34G@ZhJeJFM#k|=UAC{!G4*E5(
zj2CRu?Jji^OL+y+?yQcp`B@ykXJV(jlD12{jA&~z&?r&IA!ZX3t*BydlWR5iH8scE
zZBH{l%KLV;B5#Y3S26H_W4^;b+i$R@<R53d0SSvwF(Gi#yKl!rJ(3%Rjbz!#T;t>A
zrB>2-?fLx6q(AN+)5#VV$~VhCT1Z2kXStZatf`0K9)fMa@MFS;C-)H+{INTA=R|h;
zOFd=3J<qN^U-pO8e)54XJa(s<XI5~a-EA*5y4|87MJd^VV@WuTBJGW1WiE1^OOs<o
zaL-cqK%zv8-KIV#bf^TT^`nTThutJ{qaoN;<!e!9qw1#r#K*d;518=}4dWK6d91W>
zy@bD*44wN#zm@W-g+AModsnbdn;4=cM@b8<3Rk{!pKfD%@HU4x>575r-)7DeP8W@)
z{#Ns7FM%nCd1ThU#AC=JV!o(`%v#}7LS1a>9Fj1OWG_+NX2oF4!~6&TSJzcAMSLsA
zCu772ug{|GoU7BASZdXGXO2RuOBk#vtJY)5#Po^Sd#%fO?Fq4n1So};lP$2AnhnXO
zp*fq){yu^fsJ2|Fw8elyyZEd1h`kUK#=eK0VsnOL#ZKbW<cN%;lw&lxbX~1XzN)TL
zZ2Ms0$!6Kvt)h>INSa4y`1pg?reAG7(+$)F6nfBPC>2y0T_Z(|laJ@ksgtKe3X-c7
zoD@|#$lW|5UxL;B$rK{5?3agy)CqLPOT2?oBGW!^S#Z8yOVo^xS>^@Gwm2eG{=;eI
zX)~%fp#LQY%6u?9k}(YhNX_qMC-(jE$@TDKI{+f4%lE1KOB{04(JPtq5x`!MWo{o}
ztX(K!InP?l;9llyzi;;fakARg<^+kSPoDy<PL|#@L^zNI9z1DM&sr-X;#7^|pEa_f
zm!y)KKDx`s_VopVw^9KZ$XI{4MxzaAL23yFd@W*97Z#DUk*0zSN$IAJc1{EcM&grY
z!g0wWB98o|uEL>9*+cD%{OqdB_s`AQpV99=&*$gABTV+0w}!aDA3o9GaNpeSKQ5u3
ze0X6!mz>t`D_hVHP+QXtR02B}tmls62TbcNJ7wB$S4~bdy)7QKth!BE&d##3&Q3Fs
zVK~@A?c(uyX|6IXf)LZ_b5{Ov`fn|G3E0R>2ib+uT^tH(xz%7#*5hXkgszi<vGqWi
zFi9BrgG!75GX>FpdOv_(uq{6Jqr#M3Z|1eC*A7X1AL8PwQ8#>+ehyAG9N?^kCKV#?
z^IsU@7Nkwp@Il`2Wb2)s)bm0g)kHj$<XaC778Q%KJ=vQk#Kn9k%SrW{ZJG^ga%TZ=
z5<Z|wI(jOF)UBKhpoZJjca&P}@FHz_Z$j4^j3b8b{2h(_K4uzY)Ag$}KHSi~X-tYW
zzCIK?J%NJ9;pE=s5QPBwR{Y}^pBiOCiI~`AyU<HBQP5!&H{*xDtMa?I;U-AI9IfuV
zzVa<PwwG~!vRK*(hEW3u(>Qu3t2X^OI!ty$3!$OtB6m(CQTCE4rUYk#m^<jCa(LVx
zcbu5=SmsCp-N)M#(=EeZ87ru0%%}U!$w7^e*VEGu{3v&NI~2Vis;OXkQE!X5T|D(<
z9FzO}5iUjGAr=poHqBO~i|7fXi91Or#rHq9$t2_UvR3MuTe9wXO|-!;KT0nJbl@%H
zW`+o7UqSSO@1EM!KORtMC4#|J2WX95%3F$x&YL4)KwPx4dVKC*O4w+GOv=`$Rz#p?
z`x6%J(N0FKVRxmfN4{hN>uRJ~B$8E2D?*vN>F8(Tv(jwh34wVAh=++iVQVVB_jqWm
zLpsWS+6+ZlvV!0_n${0Y8DW3=AG3M5V3AuB67i}HZ%4IDYn_B~w5N=RFo-oy4MP=F
zr<IY<c3lhW26B0t{vT;lMqr{WhSkeS3Q9<r)npXK6MJv&CdZk1HY}at!>(?j$=q~J
zy64r+21HrRT%}zU?4crIld$I!`#y}w$~MbP(+)w9OnX6)4tSH~Rjv5$1A)o#ea@GS
zd561lTkny=+$$ngn3^5N&*KGc_=nUQn9HDOV`DGw9Th_*x-Oxlt>wt(%UjHJ&K<b;
zOnK~O*<%`lHjr&u8H;MPzbK+3k8JFL-<Hg0$v|*ke2B;;KmCvh6CIi~wxd6*dU)SI
z51tODWAG|7Ke=6>o~CU-KLdJ9O69ddyKpq`Nm7iXQS`=48Pj$s6ddBm73>;2?%M~i
zpRW6_uMylL=BWv+tS0u#S0NG50;S%QbJ|r`(qlS>A}FR9BRO4uyI#*LrdhC;F8ixm
zjIBn}Bf;{Gn&rFIit4mI#tf5@?ISt3TLmc9m`N7)nK_56TO&rOAG>JU{CL%NuQqug
zFYJuFP36+BBV?jAJ+!vMFuRSwiEqH9kt???36#9o77I9D09!MZptYS_!^48)Iu`64
zU|FV<EhzKyE3`}|Q~$-&84w%kDk`h+`!?o6B9+>>2=YTCbB8#?;4HPNxd1xnehjRP
z623I<)2!2jR?K&4Z7d<Qr7CN$aU~y0z?BurFu0L2h^V(n*eshooup8ZSldw1dVtfU
z(6432WQb%>`h-I%k(qGQoT>|<cj;tR=a7i1z3{LGOVmmz&99Eqx2}p2E5P)YBp3Xu
zOm*;Lv96Azmr(E&V=6)Y(M%w)d^^0ZrAWq2AXdRz)!@2R)dpSG@&?+1ti&}8bk;_I
zqhi-VqGSffI&znSPlTnteC79=^caSUl!d~qM0HE77=uRaf%x1iWQ3_KN|-Y32*T9K
zNbJ;vHD1ZJNzw1-<=n;M$9T!<9~Te}LGH#oTm@SgNQ2zw9tz)neMrVk9X3>)Ns25a
z)N#HTZ&W}Sv4FYvkY|`12+Qf0VIrZLWHKJ!8Lmaru&k5h6e??Eq>EQgTr;>UGLaZ`
zCJ&!v=8>_Jj3QBwX36>DnsLm5oUwsb^uFB>IWL&=EfC#m9$9$B=o%5*Bc;ZL%4*v;
z3tB{n74}^fb4rh3(~+ZzR2+SGS>JY_oZU_-y`jLaX3_24a9uIqBR$NVEHpwdlbLhk
zDw*AA)014f9m4&J4g|tRzCvMStVYW%(M|);qR)1}iY%2hms*Z2c_%X=wi#&VV*YVd
z3#)W7M>d&(VRW;C0ncBgdaKVy32<mT;6#hbK6R7OZI6bFlh<nv%5lGfCQt;YD|l6a
z1FGgOq+f}5n=3Te{P)NwQ7A?_vyg&YSYsn>BA-uS?<rXF@w5>X|8z>WrEJmM5*sxT
zjXTC*Rveu$iS13NccG@YmCX8U&|L6UO%-wEH4DX>M=W4h{5(R<JPewmZbX{*Ls?y*
zeyAO~o1(V2@JQaTLZj~@puL`b>G(cToe|?q+pq-+<CjuJW2q*6ieID0NW(%_!&<!r
z)51@Ib~simrntdr!8wYDi`oza%>$3XdiY~4P2v<cv6ZObnyf_Z>4Fpnq+p8`_pmzs
zR<l870tbDHn#5xc%-6Bg&Xquu-n8aE@qyXAVCGvsu6{=kGXsQgv+^X(u;=VpkJ_${
zu35uwZ@_h(<{q1HzI1HpK%g0J2R^WNJce7ug8|K3qdOiR>`xZ4VoTvUX`1$7h_sC`
zx3%qSgtb>b-HUI`&*mqOpE#bwpAX&r2D<r#ecL{S-$E$S)IQ~l5_!lhi;wQ<Qy=jc
ziP2$l?}s@U?DM)%V2O&%!yYE}M*WO2{n6Xag}2PL6{;<6Dr#$lWxo%dn6-Anv&vq-
za8}nWtaBi2R;~eywi4&p!r4ol7tdl%KEXgmzlN+w?*-ll?sVa<bhzXxSsTS{4|q(P
z*wHS^gf*%|fKI0mwQUt@Ua14M`t2|vw!zaQ`4_t}79DBLN|;auw3)HVnemYRNuWEk
zFI3y}^#pp}OZWAJB11WV8A)ku?g;VxEi&_7nhd?nOmZxZP}dVy1F|zX<}d|ha081$
zwHgX(O$a!rG|g*Gl*Gb(#u1h`0WuPn$6YT_Nk<e?J6mC_mfViJ)kQ9}`sw$`kO%%u
z`hBa_4%TnszQ6_Ou2OiBFOG(oxp>Qc4w0?@KBozP3G3F-Ck<Z1c{SK=CL3puY}%kB
zv8I@gT`5aa6~<1kq9i@w3Yl*6F(q~KrFE;v^jCLN^kzr;YQ$DNZRogfZwUyyRn53O
z(0l}?0)r|D@VJX9O{_{vn;2hCT}!TYkpph3;#+dDn|nC!cP9`H1}n{&j`Ve!BDCGw
z`rudzdiaf3s`rJ<+)rG>@~zr+c>BatC(hcP^o=d<nT;HmCKev&qO;x|^7b@cL~8T(
zc*eV&)I)XZh-i`2G{-yH;Ks0QQt4#TrCcw@>^z<jtIHnGoD$&~NU~_06;d(}p<<9Z
zN@D8^+kKi6y4qS7S~*#~KRDm@H@WQOU=d>Vib8*uocKIEb{9i@{;Kg{BSF&REyNt>
z%7jYqkh;Fv<Z}?+dS{YLzO>~XFLEc7C>G}=*u#lIUjAh4s?{AJuE*2KiIl~CbFBTm
z|NZgtd$ap^=QhA42hM3@-tuZw`$uB1B`p$6T{U21aEbDIN%rQO2@5Oztg~$nu6$Q&
z9)#`$SiO^F6V)zrScZ73MZw_co^SKa>1p5t7FP7y8tICUm*>s=+5W7q52tJM=g$50
z$*vp(L`hAISj<LqPWSp}4uozdE*=~$19JU@Ji#R^W<<r_s6O*K=<;ws2uYiZL6Z@N
zo770u(uLp~=%2VF9p~+>LFej%Kgmhy#JUn?9@+_snRykNgRW)^caJCusEb<y-MLt(
zrgSYs4lhx;;M%F`2^=0N_7Ad$!d>ko3`93s>BoXy8PG4X`biN1=yX}WH<s_3p%_&Q
zft6FAa~By>N<L0#XY~W?o#fx{x0oJxy7zT)Kia;!sO<gD58}1?1|A9#p$*?^e&ZB_
za^2>1vDFb$@;=vlL&s%Ny?u~`!Xg17pbn9uIP6>cwL=QBmuE4aW$>$Gws0W3M79cO
z(u!56_at9q?h32tb^}~y#j~4qYQ8x}KBYO+5|42;q=Y^&7BlC2RgnXXtcuhwSn^GB
z1W-*sW)Q8BpD>%DSxocB1<o;+qk4$5t;wS~oj_!4%Lun@$lHY|*4#}g^kH8;RpPi%
zLhUTuN+MT&LZGRe$sf^_II)u?uFJC=Bp;mTVAx8u1y&+=!puOIedB5q5@JPCYWv8U
zhz>H>Vt*(KDrXL9Hp87ln4sTw{SXos+8Y(^4q$1B0;%Rv!<Mbr=ys@a(xXIO`1%5)
z7qef<+{8)IuT@ga8ADt%`0<44HfESzyW9Qc6gg|KE<$6RB<%>Q{!nYEk^WE!iIU55
zh$wOX>FlF`6Pa~x16J2%<Oi4xNIx!H?)sj(rR+?SHjEa2`9#;_b;{wK@ca)Arb_9T
zY^i5#C;|s+X5o?&iM-VW9N!DZF|rgBI#If8UQBe1h@udxrmIeZCe|L5_2(^s;!b!4
zKntN|kMga$W$!UQw5JEYlfmI}1*f9LJqE(T5*5kM78{1pgD@AkG!+TEIo&lY&@%z1
zVPGR+DcRoV_iBUDi9)bh2FXgG8Vn(5ls338umS0a|BV)@ltb8dS)-GtDS$>M;?1(Z
z0p*YGQ#7?qd|^78$7e7#oR#e;kfK|%BlrLc{9ejKJl&aaG6Fd7U2d#68H@m~QH*U?
zvd)U#_X{zAp10O$2;Fbi;sm@U1#U8lK9JRsOeqz5c8h7bltGq)3bbXkVs>Z@`54dV
z2uTRTRZO>Soo?4?Qf^wb+C%#L_imKAjSXGCZfN3}$l3eb3Sc2~=8P1rRtu5O9n#*u
z*snp<9m~{5ST}*p;KGU#Hr96NUx-=fW@6_w6LAj*V?-lM8+I_NZwm4YoY-FPCATFj
zoum&bd;Luuvj9eR3$cs>RkCJXrdX2C#1cH^RPf4^)rHM{VhuB$k~;ES#o*488;i(A
z#T)zj?oOcF>!1}m<1nzpy%_HqzFnAP4pW!lj;GuFMZDS2RD@lg#ykHyeHVYENJLpG
z<6~lgk~Xw9F9KI_kWmC#g&blrgPvhq0lUAs!U&kqWKfA!h(UFwtWF2LBEtM(%3lml
z!ImzrThbtJ(UCUFh!0Vrv`@cx`pSyLaR%@p8o}F9rsdl`itW3AzMNg`0E9J>)lH$@
zlPjUUxN;>DX8zz(>!j`5ouutsqhrx4)?THw=ftkJYef^aO+L6fQq~w=!hEyW)}K8I
zoIY>TiFYv}-@q|F+l@9++aH5oD`|l{Eb|@)2FL(oU5EL|9{1e>j@gVI2JetP>&nAy
zk+4--PG|A3U$w79#C7N%G<G<Q6x6DNRKAi0pkN#J^CW)D^$&pN1<myb`AY$j>+d0d
z!%)7Hn5G|ia2jmPhkoglEBLXHG(aJFzJTnY#xf>V@ja~qtNsp3UX#d4+gq7}X;Ls_
zZb{m$0=`l{WE9S3)h>kKr|B&{J@S;po6%s_NZ7Wp=!U=*`ptKIp<M@LQlvir(YK`X
zC_{l%?5h+Y?>D~C$8NaoW{7aQej%#v6yl}KzHFWJ-xNZe{%+bkDn-3^3VE~S4;yQP
zzcj!{_L4H_!fke`Jz&x{SjVmuHzF`o%Dtvey6qK-iH0TA(oxW|R1c$NOV1sfT!n4E
zeMg!;h@_WfZN<E&O!%Cc-s-(51#X-ME6caq_IK;%?i|E_$5t_WUhlc3P5yQdwZbgt
zny%WIw0FZxLhB!Vw4w^YTzUPWOOCXH;@N-a#iiE5__7&mjO<R9m%8DXou!?LwFyB>
z0t?WR^p%3LrP%G)mK-^GOqmAJ*!wD_s!9{<n%1mTaP_fZ+dqtb5OY+078JG9YWHXq
zis&z7&6fpd(^^?_!SYk(Nov)rb);(JNsv4R_6bmVoR)E@acGAYyHjjCb3t2lW}xsc
z?)`VLfod{KYk?=qY+3E3{!FN*&^zW5v2t@A6$A2RWUV9#NJNh}5y$7}c-h;Y*U!!(
z`e0ToF&ju0s}y>8<d3o!b7-uMSjOj{a5_|~RjWjm652^7RjkdI<C{e!Q4*eBF4gD6
zyH`Qznvzm1(^BW&=r!`mGc=T%OXg&;Qr`xA*4&9h@sF&f<wO@rK{1)KWq)B}B<-1l
zcB28aLkAVevqN8iutVSH9)JXAl=h~>f>mOpwsE3HUGWE4MP|oSOd(wczzoiAL!k;|
z|Clvq3J_yYX_8Kc&yFB41%imYD}-<HTN9utmGaR|34J`-3P+ro;T}5i3@6o^oZRGS
ze(_on5!p4DiL@GjoS^Dd2Eys<bR;on#g5B|xAe`e3(IZ0RR$};BY%a6$0Ozw|G))|
zUJ8stB)+w(btMDyvWwB)_5sAeqhYb#(0z%vZKARDW6>Rcr*FeIDU_BBuXcL{#Q>F+
z*^<2v9iJnLbEI4tZ*URE1N3rmaM5LU!Wh`|0RkOo`1~DI1MTiTm%Lj}V+n!VI`OH{
zot40DZ)}q#7A&vkAeRpG2G1>23}$BaA@*?FT_X8C-J4vnS`m>Demvez#dws{U(qAS
zpvFmJ>B!l_ghV4(*Vs=A9v`_JbUIn=`5_fk-Q%;&N?7dsb<y1;l^r7+Wcyt%egT^J
zNbqe3VXS-1Ak1Xb2(+GA<6=-~R<PyJKXF3>;<Gj=6zU;d3^237#RO}fvi&l`j%q0b
zv(B{P1yR(Z$d)Ym_~Qsx`aJnGPj~V=VD`w4VcY{zPIwsS<#os{naeU2P6ZT+e1T7|
z@bn%(A5b<B8oJjEaX?CRgC39X{AwE4I&0eD@6oZT*aoWZcPv2IE#`a>dKtcB@Aojs
z;`J~@Ly+KI{p=jU^6>-1?TXR|8fIv`^+uSu^heV$=tZXtBkaSj-=Ss#OR{nU-Uqua
z+<P5Ac45F_+)KNZ|K$d9ak~Vfj!6Qv2_5$F(B`Gge^vRcO+cY}#_LVTYB#f7-HQ=o
z#$qg5=|%wC;f2hOO(6T+H+s6cpwx?#B-A03<3swiez;R5vfu_c!d+uxQ{m#nQ-N3+
z*QlEIlLg*+{kv04IGBa7b%Qz3+An(`;22KVh1W1}vIw|0-c0Hph08){?$gK6UVpJo
zJl|EH{0Us{(+g#<J6xxl7g+KR(EyVa8Ilm0GiH2x_MV*+GEBqRuWuT{qhn_&`}Nwz
zpi`q`e*h*vkc=LF+Wu0yufxL5P%hwiQH}$)qE7)zqF5TiEtlQpuuw|3H09*SMjRjz
zz*fZL$BzH%xnJ>_K7%m71QubYIUx7yT@w1n8}uX#2O9il&5u5r(-cwMD&z%~%pHpI
z6GDc`(+&KHL<abWdAKH8pz|wW$s9(t?r${-h>;dR#X;d6c5wxuG-3w|!&!~sX24t?
zFJ#I$35LSK1klJrPWE~U+FV^jX}j2&A0Oy&t%?l%M<N?iLt_t?MOdOw^&V#*q-+vJ
zCnK#)YOIq_Tc}G*Ng8M=u(o8d^;8d6MQc*yx@}C~j^I0Iu|A_%fwz#u+_qr#GxrJY
z0`}L|CkkXb(H#wbP35RU2Vo`AnB+dFxw)S%Z=jfUmEmTTpD+?dq5Kg-)pI+&Ek;lT
zeFa5c3+63f9wCmtF&8%sL~5YxOdtQ+mfxrV-O@hNfs<Hoq@1-9tm4u!{m@upne!9X
zl&z(OilF<e8$!E=X5LQ{)yJn;<e0R)exD*ihRlw!(E0II#!6;KkP9Du;)t<98L^36
zHT|h5UY&B*hP4vWq1@1}D-UX`W|YMI)+edg*&dA3RH3~Z?VM!7pgKVAK;T809JKdc
zC{F;hvvA2VSIIhDYt2h_5hqVc7^N=^pIwLWCRvi?D=+dRbB|j=NY&t5nQ$caFEI0y
z$TJ&`UjdTVFsC7<EUgC(kv|DoaIq=c=udHStPFnJ<k@Nkn+OlI{;*cmxDe!fV^$mI
zBCk^2dnm11VoD@QzxF^?qk=H!T3pNr9gqFyXr<+<K1Ou70NaT?s;{|dS?NI^D1|~H
z54q0R{;M!>k?8d3MDzFvL5^vv5BzNHKn9f-B+8@9(0HCAjJYIEs%#`S+T><hA&k_2
zJNDx4#6?MWw4zc`f!%DzHLzY%UX>!Y)<aj-jMSAEzOG4ej#|>btg_Drx7e~+Y~}P|
zeU>8+U6G8RftWm)8P--GnylCxKvw*9F&G<+CG-~t9gO9_2{?cl{S1@vCJ+7v-4o|W
z1oE}oZsdZ76MT#PHW-_WuE@vFP$=N5FD?&jhVoTakI6$vL>9UMj1=yH*|v58w`jqo
zDgPOLcmE5-N)!S0oKpde|6(8|A^PGtfMIsqNRYq9{9jrXz&}=`+`lZR7GJITB4zUx
z+l1*ERRm(!=qd1)d;6N!kHA-@Y=BfRu%7eY0&hHa9%La*V0!irAlPVVe(<XPVUmEa
z*<1(>8|^Xhvv=nT;^#vSc>_d1K~{Op=FY$NLhZ%kfB#pEf`A|kL0hJxa12c=aT9@r
zEzndFE6^yuDMjUucv|k2OSgTBe(d@EX+0mBd>gzsXX%^{DWU5!{q3nx#J~1k0xzIk
zbdP@>J}exGu1K#)F-fAfD#f~Yf*F?(UDZ)Q`Wsb^h{g$wF?^Fwfidj}bBm2p&-9n7
z=oT)M*iwxTtyPW8$ErGZbE3~XH$HohCxrg9loUFKeNaq>l&`|`sgDso^&|cA!r5Zn
zEL|%4HnTqCQIDO}<m3H-O=X$Nd4FuYE<?|%LZknT&6s03-J0p-;Vf)DS%a35wvqR&
z)7$CNs<9cefw2`j`7p-AIhFUj_gxkKy#K1V&vVDhfCvSIm3s@%o5H17uY<_yc{{;4
z4ReNU>k34hP#Pf<8f6*7MF!-6mO1H@r9f)@$@v~O4K8-%EYm5n1?Mk`$WA@z)mCP!
z?YP4XQT?oZb?quT5O%M*8%N?zjGm38c$0=et`DxQajoutVlJ%oW1x(|X>2&Ae!dPn
zFNiYxx5(eVaSv?S{fhgpm>GFP_1$sjCfIOTgV~<1yeKtP8fP{{oZ+yU75W9ViqfNH
zo8cjUaAB`g(qqfQ;v}V;BI1Aw{Z==*J--2^ZK@880QBJ*!TCpgV>N=d<6<>pdtSEG
z{={)nq$a~{uAQ}2l@uA-=_xQR(#SVNjU~2bo^`e==t(}FYcCX8#x80m*ITZ$<z8we
z&2{Q=iBOELM~24=wr$^NCfc$JNoBL0HMi?yXHtv>N2FqK(1s!|=rr>Pb4Z0&GP)CC
zZ_;~b#JY-lg0}lC4#QH3fO3g^Hgtc!xZW-2d^px}KefGiYQADG^G;jj%&(bfeCptO
zzCW`%KWG&ZXtv86VBIP#tQR4AdA#qn9<6Hl|DIW0s;wAF;S)k>mi48ymLIf2$6o*u
z<aq-K@_b#Cw|rv@{tJIAZ}Iz@tZ?z4NC|IWccJ+Ho2;<dtpZTWc3AjW<t+jz&E8)W
z0RWYa-0*cuew5}~Tp<*;(!C>~Sl}@jd@6CUSQJo2{>_8|{C@zLGKlZ08ejtV3xkk_
zQ`z7IMBDA4L;NjD{?b+e{;`ts|7BTPM*df`2E??X`6d(r+t&Mvy=OmtP1-+TI|?=c
z`d4V*)c~<~UR(FlJyy`4wyq%P*eJfRKSE-p!2Nn>B~Z|@|GMhlUAUfeJ_Tbqa4{|w
zy!Kw8zwO2P>sbGJ*LVo<(mm9b84~et;<7LGB;BW~j2tHZH$4+`Xn*2_h|i#cB0vWs
zONlaPr=cg-a~0u91jXNyw+VSw26Xo6l$h6pD6O{GBvxkrRNDg<LbeAh5934aNUo42
zA#o$O-CZk12u-eg7(3z0{4bRbzxL+fF&lLTGIe@1%5c${5l6YlTjWW>275e*2Mnp|
zPYa+t7hn`-QWGsq<;*n#ZiO}8K+p>~N)-5{?lSpARO%Vv7~yP!K+;Z{E>MXPzW$R(
zs4wriPc5Yt^I*A2DI`N@G7e4xiwyT0f*cokP$<`R1cC||QMGb^BD6WMFpz>;I+QNn
z!FwEDmOW!s(9uc>YEr}=hdgqs5|oj&53@JKS!H{!*CEvBRDzaLP|?hzEs0iwut~>M
zDmK*Eu_d@viAtIUX7ZDpI38jdt2AweHV*tsaB|=~APf}I48@xa(F_JG!_dDVPk*6m
zF}?aOz(v0NcR68cw`_u$tBXkbM2}^OAW}5!q5va@8EixUPcRJB^dv^3`Y||aZT|u{
ze(j>Gv8~`PCLtZKHv0I)NyNEaAJ>fEf6O-XPPAd(qs#^|a5BO$#kd>iPk)ug(Fjzj
zU_7UJy-z2Dd{@jHtR99TZB=xa^(+S~3Sx&ZTh`Ma8BM})ihE&?<YG-HI>l1DVM5X}
zTdh>V?G8XviX$gg4C7XG6c}3^0~@QAXC6bMjwcB(Tfm|%nX6%LA!W~>+exQJNM`#3
z&#=fDc-H)p0c~i~4`Y@%b27wUF!75#J-$~(B#jU_<4;sL*w5s7)8zS7Pt?VsS(hvV
zv^u0V_8D-o42C3%q?`1P`)CDdUf(@7mv9|0e7LUhHYlEc=cS<)q3^#$jSaam!Ly8?
zvq2!7q|1x8V}r6N+-M_vL=e2I@3H3TPqJ13$G~LIO(qjAb{;h6ac;LWzm-<X_Gf~;
zGG}{VxAMM25k*0?*-4Q)Oxa9mU*j)7#a{AGAna;=0}<~<sDs`K1&9q$zR6-EK#H(S
zkg~U7NJgD=u*_mJi3&;?w3pl=qsLe&khbq~qsODHmljr4)dxmY!457&ojb>-bw1)|
zLq_ZvI0>sGHLb(xm2O94?WKK;?J#Am3`;N1;p$niWB*t@of%p3hawpl3hX4>h6U~%
zqKL3!rf=NXRy3Oa87LTd?aBJss*#6*kfh<CLM$5D!9qB9W6gHS5a&2lOIWvr3Hzbf
z+w3<yG#|J%;Q5^)O9tY7QFlA-mKEo6PU}kb;xalEAjKcE@{?-52+jgVnnTTyD-zed
z$_04gN63$}egGQdj$klePY`TNEKuW82$oQlQ)%P(#wCIOUxSo3cKuHcVqOIo`>k;)
zZ^@mHzv^DV_s5yMg%?WhlKYniS>jyy@dyxKI0uVuZvY<IgbGW)lz5T-2b8w{SA%?E
zUmE1c+5grc=2dEdf2>Hke_1Xqp#RnWZ#2ll54`^e4f40WIR8_FEc}486epU>E_%yx
zq*|3_Y3ddKuB%0n9cM)#MczJJq0b-t{3la+W1#um6W^&^%`)-v{B=;!$R9RE_S*B<
ztNbVLv7py}9K<Ht?h?4d<gH_UmC<>e0Vn9Z!&p;--xgg>JX*a~BA=ms!CnZR8ewzW
zLU!(02wjcmDQ@<=Yf;9Q-k}hw_GZ7e(Nx3LE@_bc-AcB0<~nDe0VAykVH)<ay>P8^
z0fa&3o{vMY%^~~V@7O!;9Lx_zt(zFQsy-Eu1c`esPq+I!t^^|oK!w!r`XqM*bqWEp
zR!l^$3}Hc!@u<Z^^~B<8h2!~E0U2P%EEixy&JgM2e!w4i+mI)q7NH&-;IyeP>lZtW
zIDSu?`ajkmar|G_XUzJte%chlyc-{X@vVTb^l|KOPZa!lH}x2Tc@9I)M?eedZ!lYj
zV&E1IkY(b_(L;=XfK2^=t^b96Szr42e_Nk1OAYXk6$$?@%a`^4)&6g+Z^-%oV*S7E
z#r~hxH{^t~JekV|C#|N5FEXDk42s*=P@}8C)bMPMr)AA>5Y;*Q9T*Crq`OlJO&f;K
zN=8-+(~qA4Lm(D~35NiGI~_#HhvmV_;r<Y;@k6FcaJ3wDKz3+SBVJpq2$G~Rvu7Mw
zxoa@CK#S3T)uJe<aT6_Q7*F}}*}+Qn`~2omb?AookhY{@5Dkc#w+vAt=iRlDY!)Sp
zq0(L;b`~qb(MuP0BD#>Nz}(1ROgJ4N@UDV@%r?{Ri`+qa-{->nqR8}aeVwT@M%v#W
z!`j%OYAG$-0os6tw_A=!YAFC_Qnob!LtUznu$}qtdVjl`KsH@n?fvm*)#u&w<L+BN
zFK3T!xG88WJ~)uQ06#4x+|%Z<zbl^=J(3nym*2*HAFs-lYG<H9za9=}|DLBSRgDSY
zW`r8E_5(C6$i%9f8E(-iSVRd4Bm1SwtGb*Jetn`j>HujLTj_}6yP*3Nl0B(^yLHY>
z>G48%qOH|VxvRAbRxM<68N3#chyC+;TQOS4wcWOaJoFk+qQ3y32$1OSw4z0E<ry_0
z69HJi9pm*w91HE_&oh^eZyVRkbqObm*H2G;{M`}xd$(RS2#H{3GC+}c7MM}0Hr+lh
z*)Z>`ds%A6_-j<XXu;M*drOKnjl{L8xwOGIDFcLZW=~A0Q@3o<lBUhLkaoB^2`o+z
zlf0y3?(=Big21>2n{SjE-F_s8aC*HhcXM+-p9OUDzMPHb$mvpx4S6xotP`NAj+=h}
zY1vk54$@*pw}dL0M-d;J*7KY6ex`b}fl6fdD_5t8a?vKB>SOjR|6+4dlnQ(lMf}Wj
z8fQt2YPhXY9CPZV1>b&Rkh+8Mhh7`<i3~!tRWfIWtr6o=@Ll`K?SShK8_2T}Sgrv_
zuA89;lOP=XAJs>Zo76;=-SwA6C);`P-Fg0ax$G|#4|<aCA!^H){3?%1^B|&Yx;$`7
zlRR=lLW}l3NgHxFc&dXu_xq;Ni_h~i8m-=#S$r4ULJx%($O^@{k9aHU=@d$Z-SN7X
zLcTgnU}pSiW03jzSl_}rl0fK6kyoMQDG(_|zJmlN2(YK&@v~!mT@;P%4*i1#i^OB!
z@Sg>4eDve-C`GD)Z4Gxu{syaT<bINIAcjIk;$IYS@R00~@Q{#xz7>EZ!hUzyB*Hw!
zLJ0nJ4m#fnAr$^20&yl6xp+8%zW}qtH-ND&5WUA2_7z+zho1x3hx`n%{}!3xB=QvX
zz@^AgNrV|+RC$Vqx=R0Q?Lge8Isn;Z=$=tv+<T8b6QI9BSgiBED-Q1cYtQdI#RGWX
z-ra9MZIuCxrZ~K`7@*){WGX*xH;BMtz(e=|4WGhkJm}b8IjVDT2<7lV$vF5BP&@H|
z1ulB7qT$c}E6F%IEg(>lIqKeWA92qL0eyl|7~GH<ySy9$ikQs<WDYH_ay0nl5+OGy
z-Jf<yx0(+^KAAR)wz;d#%XBXVgS^s>!*KFPb}+4PXv~UQSJKw;6Q2;bR~6D*0<52i
z&0?IN*?H8nk=sl;J{<CzQYU=s)s)Ot!BhquJ!_RULyH={qfrVjR^rAiIVNbw`)gDX
z@-Kz6C*tu8zO7V2;KWllVB(o@VYh0#E(z>-CXVz+u2xd4>T9;=<;TB7Ta~%rhbrp<
z{!?T8o*}(7$^~lAY99~KU^X33T=j3g$msPE{DhGYHX}DP$vB++l+*FOm6Zgt&~lFh
zlyP7V*ZB}ZA^s2=0Aovk54~ZIUw8udQt#5@c>8vSTpWcAfoXz5&5)2v$}~BOX(X;3
zmIBq;*P32pM`qz7tv@4gMD;sG$)JAIoE`A2V5ua|aF?j6=*tOeLzPk~052o~j+xkV
z+5wr<JD$O9i2YG{)u0PWzHNwqhgiVD=KwL^LXtYze})){n6*5x6AAdp*PZfe`FOe2
z1Ni)ZiRz%`)d(wx<<)>sC0)NZ6&`_GO4NZilmexGKOU45{sR)X0AD#-KtsqE<~J{-
z9roS#KSS(moSFTlrTlv87c101mOGZ9e>JRs;gn$+;BR`fo6H;as?-C>bpZ=7(FOeT
z;R}Mx#66XS1wzN(0)UHw;Rh`3?#B!Kv~^Sj10Uwmul;HJ1VaBRm$(|xJ1e_5Y;F6m
zy+HpRV(=jcen6*^psbE6=+zKP`7B`N&jy0w9=8r1xmwKiW%=)9DaXsla#PuGR(E*Q
zw7S{dZ^HzfKF^aC0aXV&P81sC8QKoG>9?)!=wBNIRMCm5s2e{CI0xXPAlF32K&MfR
z8fvvZO@cj;(fE}z7mY>i0^<l>xehu_qF^$bUW5|c_?^LZLDdu}n83+0C*j>PNK#j8
zvyD%8{J`ou2l_P0*Z!lGSt(X`aXSP2arl<PPHC3?UZ9;PAc_1%#bZOiyrTG##*o#K
zE|0bd1Y?IZd-Qg5Wr$F7Rz5D4QDn7IM6lLuEL9um2+B8b67)oEz~3^K%Dsi*ApGA)
zm|xos-mz~vsRtoivlRer40gu9tI9V?e6>5kYAh9|y~rcTK{)PThSq#FAbXLJdvtpd
zp=wh&-w0zJfD0U@Z##tT?0L2p-#-9t67xR>`og~A-w~8ep#SE*zLH;mX&u4-v9f(p
z300qT75}TbfVeJnei<6YHv#M`jXf|8jO#=Ph;jdKSpEfljhpHd0zg1NR?ki;z;K4s
zQ;QK2Hd?m4XQxFB78Ulp55V{{jM0OheXZ<e<=gjv?Irk6-s>y*#ZAv&ebN(5;cZbJ
z3TOK?#NOFsW0qbLdiXmq6?T@jtfsxr+S45aK}2WCkGB<c!r*Q{litxY)HWU&vToN?
zA%2+n58ea?8ii^}DC2!CA3a-<w31JFG|x~BqsWU=;8ua-=(D`3vYL3}pMuU$_v_Qs
zwothFTOLsx`#5#dN8_LQYV%bDG(HozHbW;UOz}0r-}G1qZYCNASvJEJtVzB(ONj5p
zemh9LT1T?j-(oqi2;lT}bsb^DTG+Wm!JS~ncN&z`4+k3XHlun=(xoeU{H~;8S$Y6I
zg2PwDDxLOzMR|%toOz`r@z*JVeUqZ!EvpYI&-^Ga&I#wJ{NetaMN^^_Z?bNUIOikg
zAk5%ZQ?BH*khqL5qswY_7<h|KqzgCm!f<4msc+$V{=;dvHNaN%QqXjL7aLIx?Kt=n
zT%r#sQ&l!tvJa@R7b=q<Q56th3&M}+oftoJHPAbbVxc)VN<TRdPN(WRWi}wfI&idn
zG6P3|nVr9uKw3IA2PK~cR^9*$g1y^=5RKP^@Ev=X-zoXax&4LtolyUeb1QGC{GZP4
zl={oLIiY@0z{zJB!RK<qD4S@2l};fp8I(=|FKTcD6uDf1HXf<~)~|x*As+U-Xn%o1
zXVd?rVuZ{?{(2-%DTto`?D%|b`!JLHol>KGJ@tzf^dHMhy5PUsx4&6e+j?by?AMC3
zjl>7@cW82-{?}1{L0=i7MU7wp>~|YLKml;9z}c1E=+~|aXBlw7J}!egJ^LF_>O0xk
zdGC&C$*BPw`@i=3u@i?1`Ts3$dH{<Wz*uc-<Upem)3j3&kOUS+dK#58d$=7otY=k*
z>P|c@xYDObVVAf`nhI~gFf90XJndCaEV!Xg*F$%m#QHF$TU^85c$!!k5}P+dmzwR{
zWUkdeP<PU!mE=Z#;?=i@B-aU6Gb)6uFx%kaR^W+eM}(e_QqlyDh8=gDhJ;dPsK}r3
z+ewc>4rAyE|6HV$$6R3PPpuV3mnn-iPmBeVpuRqXY1K6wh|7numr=5xLPm&~+Gv)^
zZumgXPtP7u5q6EM7@EczAB;@=W~b;tx%s4)WJ>LHk<q|5XJ^avNT*!2r<CkMUu*0y
zGL8aoRLAl3vq5pYXQDbQUkGgJdwK*|upw_;dLB~{aTf6l)sO+<@W}=ZLFUF@(E?GS
zlc>Oc%k6+D9b=pt`0!e|23>K0s|{`(fi*i4_w>hBFPP?;39+jnBGRixwn)MuI#2U9
zMwS%QRoIq3#_ts}%m)Y2&m^P<aJV7W*Zwe(Xy@VmYudHphBSO8OOL1oP@|0_&EGv{
z6kP1W$~J~wxeQ@&QX=wj84?yUi1FzjXRI8N#XJ3UKbV{cgKyE_J8hn6BwJVwINAo4
zUChd@uxRY=^ZQ{BH7dnA6l@EnR53xOsr859P2Bv!2yIv(7Ep&WK3BJWytrS^<a{{Q
zaXq!YyQ;jREpm<<r_C-JDt+kSx;{E8U{@QO*(VY0!=3Sp+Ao5~dSWvO-Vx@%+X$@K
zo(eG7gONRYapU2RPl7KvhCt$BG^p8z>|taOj2XTyYB|}+p+@%KEb}&Tif%7F<CR}`
z3$;h#j0^oe<wM+O88)IxsnRSe{E@UDSY9NtNjwtSF$t}Y(44s=QwGyv7dcYs7QRo5
zgu9H(A@aFvFO;PFej#%mZ1?)~$e5ax9-XXcK_$+7-0Xh11~!~^LOI-G5%<zk2s=jL
z@iU8+jZAczVjO&Bpg;W=8tx+S$3qeg3Oz6D{+3S6mEtt^T1?o7fJ1wLPNrixx(QLd
zarv@?h<f&elWX9^$F!Q)p9F-L^3UZ@oSu(vua!>b4}xP2rSyz@ZR)(Pyz7p%U6K4%
zmn~*gRXwk~lyz61a3qQEvAe**tI?Fk>+Pfujp0u8qH^Obg^LcnR+S4c<{eoHenK>s
z^)aaB2DD+D$nIDKV}*n*&HM#9qisDBDe>!!uFn3GOgi)D3_e29)v^`v&npG*FN$sY
z1+Gv<DOzz#7L~%>ERuLr^?`^QsSZO8KN<+y(cc5<Akz<y-28)<j*z@9I)61QBU;f-
zg~l6kYzVfWH=xOM(-$ZaE~4|adWIV^lTnB=ki}nIP!Qiz@2`;(j5;c_H#SP<LsUpn
z%0!_ZqF#*uKxoBKx%Fg>cKvZ{zRagc;XoLJ%l9;%gNN-%lZXeEz7J+s2ef3YC`?~T
z!zYyZL6J{5HXnp*UGcL-`JPg4?N`h*O#(CN8Z(Vk$mI<b18)Ol#<eYktZEwDM+20`
z&6MCT<6yf&YQgf#RSP-hkK5BlDXT*DfNi5e-NwN7;Fe`i=iqv`5(dEiT2<Nv4ttcI
z)qT*DEr{1H&o@LGli&H{_X{g(lL@G=sZ1IXyqG58O`uT+7o1hO<wv|T{Tde;Y+(A&
zL)LS=w@nT6OOTtvX+{hv$pZdWc^)~F{&Ytf8eqoWUMrUg95VXLo**FYcIkReW$Lm2
zIh;x4LF{b4LDE~%sf612QA_(EO3JY(d#n_^&?1_tthIw-xBa%;@7E)}{*5TbIIDh@
z9PwI#cu#@AZ33_5s4a1yL>B4O1se|!kMCm-=JxXX+HQY4K@9Hm?J0uqbN3)ZEG8O{
z*YoXUI_AUnZKt;&Vc3U%*k$z^*uJdxssGxe+oI9o5tNq-1>k2htO_+#Za$DkD2?Hj
zTTaJC346A5i8{PL3^zP1Hc%hi#A<A(Vqt}CC(yEB^X%pobP*|9kaa5lio6>c-yBYF
zMtQUKHkjE)C+loY9w9fI@O7w6hjaRUUeZV^tnUZf%qtSpP!+w4r-+O46)}N6Gm&Mb
z#u#zQ*V#$|oep<9Ze9)yi&s*_0qz=-Hf8onS%mQf!{Jr6($$!yu0N)Ka&>LE6-!Dx
z;~Yx482_GEkR106{2{vhrVn9I1)7tby<PQwm)Rx_su2&9St)O$F`o%@U!QLnSld}g
zN5Rxr{yY;sUi-5VuzxhOmVzZ7V6Y%AE6{l5)tA6+bcnSy<+QP1gs?<S`y@BI3bq7(
zq8@X;(&*g1X7-$Sy_pVa;YKz-4~6iO#1NO>ZGn+9Q#$dz>t!t|=fZ<7Lw61Bj2G?T
zu}cFUo9=b1qIT@C<*rn#DZzK&X!>>eS|oE7D!!(B>(ggg)aLV)>X(ZI;S^zdtn1|t
z*|O`Qib%j8zXzX9joGT`=A>?q&dQ%4`;9mo!kiZQ^GCw#!td%4LKM+3jZGFWa#bY}
zl8Jf_*W0*SF0#2+i@E#xA1b7!qlEIU>Py<d4|PFSKfetM676E>eMM`0+#Tkgo$lY&
z`Lcg?OGjQh9_}!X77;e?7dqGIMcJ__mlktYmDzi=+iI7acPF&ex<;|&MTG<lH08Hk
zmys@=Y8W^g<*OK8bXW@nGAc0}+-;NmnOkaZoKv&Kd>E*`O~l5WHVD7ZX71X^T)avn
zt#4$$i!2xXDZ(w|Ai8)nGJ?xFih_1SP6`u`Ey0PUhcH=27&ivS(T9P9F_*TAzt8+p
zscvOoBf_SwG#<r$k_JSBT-j-k=R})lp9_<4bhEnX)Hri*SQ*`QZ=C`+W)6MltH4S!
z1<Wk+|Ize~(V@ml*R^fic28~Fw(V2fwr$(CZQDMz+pqWD@BNc!GMSnDcviBqCVO@a
zS!amq6=)wFLCdGeDODQ6!sne>MdhMU*q;cm!dEb|nIAz)N!$ZS+aDkqW|HIa)O#t*
zs0k{gSEHf?+0QcQvBA}r#GF<C66TW`$Dk)g9(?3Tb`7)LU{s-*$+Oxf2Fb-JR^{$G
z!?>`Er418L0%jhrdBZ6z;)q|4D<u}PY7u9Ve5w*nJf>v|DUgKU%`3ZUMGe1GVA;ka
z5?$>FADB;wL@;D5u6HRQyGP5R%~>ozW36mIQ{`Z(v>r$GFk+l8GMV^V$Br}M-AW9C
z9&Uk<31>-=GMLyfDu0CvMU5U+CC0HD=A;~m@TvdJmyH@jCIS}(X5QI<!Q>sEi0V|1
zd$p(;{iyJ|dyBfezcjOxNUGf7+_}`CrKM^VP8jMQ1JUZlXIXFfp^Jw^tfvzUM@^<P
zY``g<5Ku-n4EvazQeTmhK*Gn8V^s;E7jv2+6<CuEaz6}kB!)&bE8=ToTkaaX%fON_
zsvJpyC>N$ot-yM~OH%F-hjHaL&pOgHB32|!FMW4u4VpQT#3SM)GinruxTzkLk551<
zfFY(Z+P9*f;dE4_?V9r;y!4pkEO%D#@Kaq?ybO98Hbq8_hKExaTBK3)P<4(amzri4
z-q%Ip&RutKh^IojD_<Q#KV8O}t-&4I7W|l}FZe4yWv(ITq-WpJ0QwCYkJ&1Kc#>|W
zBG*eZe?1xK$muC>Nv1i)jJ6WJtIe@3rW`napHbkivFa4u-h+gKSUw6t&>3ef-FuBM
z(+nz_tW|i1ah)k5xtzn2X+6|9bBGLWHj>XEjbYg3)#@%muUdUTn&3IV=gCUyBqlqr
z&+q1Rbq&?%D#zkWPQ)XuE{Uh$v~^LhNW+qvi+i8n_Akzpy%KtZ{KmVua+p%SaneQg
z&>z_XFOLx>#D0m8z}xutb195<atxZdV%n|{Bda+94pH<Mkqt|A8|i7HA1go^hN?8N
zZM#sG1$z>FE416!z$j$m&h3dj857U0sLYk$vskG*EN{2AJGlVUgxpPj?R>7oQc9=+
zh*G=sI56<tk28-(B1uaP#E{b{^q4^XHQU&#Y$<X;Nq$eNb~4NO9?Epd1aSP|2ZDnw
z9di8=qU11AwVnrFXL~rw$a%Yny>eC~wxUpOV@ns|&!USR$ZAZ9-4Fq=MTH=>N%hnU
znpd<iU0zbnTj_$-ow$Q0AGao(<8#gjRGZIZM>y6q0wS+}sCye_YztfpgIBQ05q)xe
z4RY8w0pegF4d_~=uur~n!A)!4B-;ieMj~3T;Mxre#6+GAM9ox)C>frHm;^hFTP=^0
zfQV`1p}<SSe80W@4?FnUuMgUvu$v`fj{RBsi+Ij|D_CvLpC23u7s5GD72vlenDa+C
z;~$*%_Q3RWd*Fs%2}C`T{+NHqRO>c7{#s<Ezuqe|A3mKJKe9T^aAIr)YQz*EFHAf<
z%wOg_CK{d)&fvzOI&Q{GT!7=HwpM<ScxG!P-ag%aPQTqhUUXslr&}r=^O6z@9UU0?
z?jXO(;f=dh?ngj|#zhKcux!u1n3QA|oRYnf_=1-;OsN+2$H@%ZLnNA~{HFiv{je+s
zBISg$KPV~bL0L&MoocOtEEA=0GteV9%FGC5vy<UiWgU3awLK}K=%gtM`XN?AkTB)T
z%<UI&JMmlNiKsCro_uJ2fM3>Nmb=Y0F2}03T@9RIAR^El>9l20NEz*5-e}dm!@@#+
zzHG8f344#KU%8^5L*nsxoj=VPuUpDG7NzE3ZYW2IT{)KnxzSkKm@4-)rtOI%r2P;@
z?$uH?8`ym<xLEb4aF7kv&ygNe_}$UOa9_I+pzizw(E1$@AQR8}9krvs1pGe&+H3db
zqkRn^r#xgH@Dsope-17X?ik=1e;%+u+|ug(;haD3SbGRO#~?6|rt4ogw-fLV)SZ05
zCd^p&4v@sVwo|w$7g;f{q<;{uC!vfr4$))TE8<z2vmb=->}E%ETeNf518(Cs->*@l
zANP60XgD`>O|gty`TkriKCb2`ZE{9T)N4?W2co0z$r)H;^DwuQ{)K_doox93M5A?U
zY!%Y6lb7%9B`UWRSi|Wvyf2b*R*2Y&Hn}%35s5odI5HH`S|7_Wf_v&;y7w1ISkLAv
zd^%S2|5d)|fE~MYWV(9q4y)G(`)v;q8dmN39t+dhaLz1rP}5g`sF3B;g}Mb5n>_Ja
z8kbG?j#FZ2UO!SLnBK566YO+YR6>^@r!ftYw2Y?ZOarU@TUoce6i$l|{o0Zu94T`U
zhV4uPk`MV)IA^CkB>ysT4kYuVj3Bx6&(!9qQ1Di%fo@4HST!_11<qsH0rd}p3%gqD
z0~LbB;Bxa#ACz_~78YJDJflQDFHIAt$c&1hOh-Cutg8Mg^^aPunpGfe-Oa3pTMH0l
z%iQYz_6Az{%%ICQKJp6K_D%l8IdYgIF*@SLkW3Jp-s=7h(Ia4l6j(>hoaqyVkf$vQ
zq1M@8>){i({r-YOAcxNCmbM8}p-a)9MeS4cYV9=G$I4#kQDyP!Gp$uyT(SMw^6nYz
z>XI<YqSZwpax#MkNI4qGBot88oHvaTnYL^v3s!uqHO271c4Lk&_Q~|_Mq4~)ozF{l
z(csCPS(Nn+Rz90gyRSA>_Gy-#@xaTSZy(7k)YO93i;oSGnLN34|2||)+yg9tsIA_0
zG0!cYBj0x9SRKCOvz8rIRfIXV7pM)}117K!y>uK&MVzlec`ysq`av>OC+H&8gyg8J
zAa$hBSK%o8r3<zPgtTg@TDWQy<3VsSZh!7C1<u(ABov8ZtWD~Y`&IG4>XKpos$p7~
z)+Y3+(E<MVWe2oAzGmG`sK&vo(`o&q(-k`H8I2nKS>4_tpi_IiWWxBNF(y;#(P#K9
zsL>jNJr7;nt=-u9Wqqi^H|z#I;$UG|YjE3|$rA@2*2@ouIq)yJ6Zbtk*Si5pc|V||
zf>YfDM?LB}GA`hoC>6Br;tdu=dR`&C7>Z@g%}imDjO8ANWdMBQPZLv9g(j{~)asH-
zRiadJC6fMtj>t@!53?EF{RDFP$r0Ol_omv)4zoAAs2;1{w~#yopi*F;j{M0~@XMK9
zggj;IaTh}-1fk}$b5u^cjw-SIPsQnyG24sLKS1hjH4bdhsPxvlH3IaJ>lG)1s-d5)
zMrDj02h}+EL7<~S`?;x51H4A<20lhn_z^0T5IaMd-_+pad|8y+Tw?M`c!7o@sFUVB
z(j{S9hq(T3b}i-5yqC*I8hbi6`hvYZI!9#U5Lxe8zxp3kYYe7s-Kk?GHRjUCYRvHZ
zT2Pw;^iVVx(3eXSp38;Jj$3P5HDo?%^dJ=?FFm|RYFt^;XC=KAl|<bw8_UW3(vG>v
zHf2)orJ$d(@vhz{!zX!!DS~9GfD3q0T_qTgjrWd)Kq9_dq6_9f2M>WKT<a_2Dt+b2
zz2iM^I(s)t6m2kF`}4Y|90_U*xllWoFz182kT)Fc?_u=dnaNG-kaM9u=bgn$x!1X`
zZduQ5tv2=v9QLQ|ZHL>X+{f)Q05dtrcx^zJi}#0ZK-gY*jc*##dtTe)m{Yh}y<6++
zkuU9$JaTt`|9IxKyLH~OtL*@(K7qGa;NnEOu{(qbFow;D;tF42`>JOryUm@Wd#*)M
z;|OzMxVHJQ9r!w~pgFzr-UaE0qXML?0r-)!!RUwklY*sSs2kG$YM}f`TY&V#zrJbe
z>$Kkn6>MRZre>|z?z8LsKlE+lt#rwhw2ZanmNp1x{w`Wk7}_9Qn<Coe5K;QozcHQo
zL9}#+>q19qKX5&WR-f*8D_A{;xg(VO4rzX+xw|2R6fCR4XYjN{i4|>VqHGXsyhJNL
zX!rXF$os@wXocI}i^GkfY;z0fdk?!BLtf?K(*KE8NTE*srXf($2Op99<Ew9krI`rv
zOkm@NA(Q~|ytm{Co&W(yf_Rm|I!3a_qZB8BzyxVKrvj1=!o$NKhuaTmEarCw@hwik
zCFl!J$OZJ@ZXm!q;;$l_e=O!#^4in=)k+8a*VhB^KkM^%UH*5~!U6qf?dk&mrv=k$
zht#LGtK~38vIZO@fk+3T<tOV0B1j}KMhcP+umMO1(PD;VD*)wMgnV{sAfo_YfPB_(
z3I_{ag#4SZ6X;1RX2>twkJl7!9Voy7>KUiH4i@ML^&DdzZ^OV+st><l>Zc?BYfxp<
zA}~e?!2wEGx(C27D==oP0BGFcCyf?24#cFvPZsI(D+5mxCJtlqlR=Le&%?$kAvi(_
z$_msCK><j?&@k2w^&tUERpIv`VVlFHtYP{6{$O?X|AeAc2mk+}^+8{#OZ8`C{}2im
zr|n}R%Kgb)SchhgKbW|vqs_FX1z%l9fNO;#&3M>MS)s*kXzG|YK1_Zz+Ayy7G|s5h
zMo68VnIn=Zn;kN_*33QidDw+fxEve#4<TK4f!dWx?Vctq!lG#9!I{i;J9{M-bmR6=
z_Y84ovoLc-9TbGCr>VF0$LdlN^r2OuB+)NWv<g>xJxex9*XlteW<E1DE1q2iRSU-z
zQn)*iy1Fe-tAixYGDbs2GDUjEu^TSwvKy<g^sngSj4h1q#||0I?N|XDR@MTd$9l42
zeX0V8O<U@q?(N8ehekOF+d<7yiif0Dih#7q5V~-aZU9#<k!Ye&<(;S#(l&vQ7IX{L
zwz!Y%ihQeO=wy@8d=RIiXLBZlnZ+XP#`w&~cHvjdtZdOBoB}@jncw2#?sWS}7tY+n
zyKrNw`m=+s?NQCu>`z1&PSU0As813gokVRv=3g!kE-baJ(C)7@N7|m3WSt-Aj%Kwd
z__sVI`$OoK99w>P>PaQOC-}%)51m|KyEzl~vW4eG_Omc(hi=#y^)gSJWtWw^9iPyR
zxW+1Ai%jV0MV=M^di#uE&LOWF7?`ka8JiS_(Up#Y<8rfVE5&N4)B{`3OTZ}U&aP$o
z+CyeGmNL~mO&2)uGF34C<_i${YJ@V?{6~LF(28Z;3f1<$>sE7YYJ=PLAJ@C9`_JLV
z)K#-txz70|IK<6#gC+CnQdrzc1_f6j$FMR%s9l6`CIKQOWHdx%;*AsN9OOqb#|lG|
zFb^dVMO`((j24v0_9PjN{TMV7LUkmL9cbliQ^?%Cp~|J$r=m=&_!Gh;1AnE0s6v-*
z)UA3SEaFxRot$>X^lXM%tHoViJ-s}Nd=EJf`8}~<u>Y|Q;a1ir<~6=MnakQs4^31s
zaenIq_+2My5h@q3(A#46Mki=51Xsp9xYAe@?Oq`6OX1q}K}#cZOF$$*K`Y6PY^mB}
zphO<t1%mrtpkI9>#>LNR2`gM7LpAEEj9+E&Xq;D(HZnsZQXK`hO%{r&b(sD0ucMH=
zg_v#Ty{JhpP44I{u}o5!oW6=e^oaK)D-t+alZ*t%LSM5DGn?t?(<cg9j0vn!F>km^
z{X@E}EgjA<`31_3zF4}&t}W9D<L=?C44KY&EXEjnq%fo*%tRW?qNOYE=;=H;3~SOD
zzr#W7O5$cLOBTb+{NvX1_`bZTR(eJgvn`=aH_jrbU7X7}fcfPQL3;;34{K6yw`C-I
zSi6epjSVsr&og(G0A4wlR!U9Gn0oeCb}JuSKsC(bxSOw60Qd2p?$L!@2-t&jpPLZR
zVCS1L*yk=tpx^&C5w+^0tqpEEop8l@wLsFTcPs)ux}1CAF&+2+O0NtI;Z2FNqzsd^
z3AqCzyU>eH!(^fA(Fi=L70!gMOA&C-W+K9D#+(a5WZP0&1C%%P-){2VbrmpMN%fd%
zj%m^HpnHYdey>I{R763FvlMJ9KSo#b(Z;poOag(ipk354{Ex1|<GKjkc>qZ4=#LU0
zdb1w|ILrjl>}7Ms{GH%{>}B_|F6%f>A61T`EgYupAR3hr^5#6-d}!VYi?w>Uahp#Y
z+OYJ}z-@3=4nty$6n^WA|BTorvC<D()IUDuqv?Y$<1vUK#wW-kDI$0ix>cmQ(9Ki3
zYS+;c4@e<w<s+=g1As83z=C`cEdKnv`h-(&$H#`pu<(7x9qHhy^$%&V@lClNtqIj=
zX3yM75|MNNrGJt_Qp!iy0NDL1c{9FVs^X<h@q}}b@YI-CFpRar>+y~h_V4s{{g{DT
zz4{Q~hu6zK2cJkRy!h;!03V)DDl_Lzs~nI_8Q3nWON-Cv1<gvwxR}`;EFFw&EJZO3
z-g187;eM8PisOdD4Nk|6?_5u`$=gS54Z!M-s2}jSa6I=6<TF2jdX2N-gL>1HT;iH0
z*|$ThM(m(ng!ocDL4-=E1Qd@3fn!LVD+yN>oFY9UcAb<#o7<EWw=?F**T00^HXsY%
zW0Jg8LocbLWUF_h?X@!t$(VMJ`R>*a!5tCpqpD6Py*+dh>@)SBhV$=rN1oH#tH-`y
z^IO&EULCav_E7#;va-EY-c1Vh=Ti+3=Q|Jp&e#66cJQN4Zop8<?-U67DzV#aG00Q^
zy0jjFu42w)7;%PaU_vlxMeX71_`wG5_ds{DSk88v=)K~RB`Fs~xWLY~%vG;97xrG-
z#=PW1FPPn>nc($XN8s3~!m}!9jG!U8?lfR(=@TK_a@zRpa)oBgQERF;c<-qUcgXfR
zoW5t5x~s<v?-0T{VwJnhe0Z3Q+q0T9maqQJs#ue&*DN-Pp6|8kSbfk(`XPLny#PV2
zxCJXO)#+k)8k7%;=-ly$?3@q=ibzo*?}4$or)2~FuR37f7e3nO_iN_@(bo!Pjkacu
z?`O9hm=L?rDk)qh_Y@wvTt;~iL7WObM77WOqGi33g0XF*%v!cr4M6p0EF@Nl%?}EW
z>J{O){hv3~jllS5S%4CmL=v>4i%=te)C;FPp|51|IH3`yr4S?g=ZMn(%4oMJ@QieP
zmTG?1jJ31d`!9ZLXoa*z`S`WLhD_W5hD;s<c;vk>eOj+QUDt>IQxu!-R6gN(D$r%y
zNvY3`1xe)IK=4a(!F`Je8BM3hhDXJ8(2+sImT%}ThVr4aUbI+|2NS_j|Kv{*nZQkU
zh8cOB&ME9xF$FhgS5z(&y)emKCWvTCL8cG@THXybS#VkJ!>(c;bInB_^ho=_9a&E#
zvLWz+P+$>4Y%=jDJ>m}=s<zAIBf>r})pFLEf5)&?`@(S!ikCVi(HiA@?$@E~$Hy<B
zg74S49Qb5l?c{80^Q^=5L)SA$wRg(X?Q#DqcrH9mRgMW~-F=71N`|s2E9J7HsEC{)
z9g*RriVK2tCA9_fKp2D1EUFiEIsAM((^dnp(Xh}LJx%BSnbd)f=?m@UI|AErhbKli
zWqhy0cqyxEy+{D3d`k+Pr41JbEDOV7L{YlL#x-N5oMX9Lg{PT{PNIFK+qXAziq`n6
zr1FlQlF?L9g9N!m^e(Ve&^*5}B6@P5)o%uMB3MGBIY<27n<>uIy*<!tlQ3XZt@~NN
zYIm0Yn)bsBWheII-M#GnqBzYXHn*1P;`R%+T@9}!@ZB=kr}^jo{9%ceeUT~jtHoev
zBi6*zZqRUNOcm^}!|vL!CR_wBY-NC4v|5)Mqkm2)xq89_%B&`vkki`_u2evotwkc}
z^3rLVF{EAwR9z@peQC=NifuLEN0M<sT19JVh{g3aW|pUC7*jb!%&MCCY{rsD3ef?L
zuDLDQxW+GYfL5AjBfZ=PKDD*#J)4xdu*{eAL-zp$x{cPmu!g`GMt7A7?F5M4+}gH)
zepddZT~5~L(-HmI)3}^D-y}I?G+ab#lT~|1v1f%L!|%B+hEidX5xudnT{4lFG1|FM
zM)Ve6TQVb?S!AfdMu@$#xWm+3aEX=>W_oH-96QHih0JBcX5podJ=D`#AneRpmjyKC
zLG=vN5xy`AVP3QUwe?Jb?o=a(By&dgB<Dx{q;w88w8gw!xMt}WineQN*lL|`Tlg`T
z+?e8&bw(&eIh#&Pd27oCTZGoRr@6p8INw$BWa)93meg8UgQBX*q=#rClG5DST)rOQ
z*q^xNLO~~~WsZ1<zby8(xx2IWPTYLQKvs6mPaUg>)6GFd#aY3%8zb3tZ+?wBjBvZ0
zYraU3B`B$RU+jW)j;G?j8Klv@Hrj`^;jL(;_3wGWDQMoc7>3R{ZsvYu$2QAQgf)_4
z$y=Out$Ih+1UVlqG)-ivXqe3<P1*$IRF0MCM8;cJ^k@Eck~Se_^^0AL8nnlexvXMP
zZ@F<yL%O5FiscN0-XWulv7<v(HWF%)-S`|QuLLJHkGZ1vrYpEw&1r~P^SW^0w}2fu
zZTOO_#VNek!aZCjd3d-%{X9CStGwEZ$I=7Oyu9_V;!Raui~!^KLU~fsv?^5;woN|@
zvn4iMlA@?m*5h>Mc==2^^=2?gID`&@|MR%BB#{Vu5vzbFjay2(pza8yu515z;GHdj
zZ!0icRX{Q=v|d(qo$Xm!icIj_`^x5@Okv9Y8s{X5kdoY0^EFE_Ur*TClr${;Ys}cu
zGSQ-9A3;MF@{swFjkt0(%BmGJ31{qPrOUO{hl8_xV>(-b(dDyE=~oX?bQJg{jY>5&
zW^C?>VEbiH8rGCRi>%U0=<e=;Xk<QO0i+lsqMfMuN>IdrjQ#48k)(fy5m3Jw%Gu;1
z#`A+B#95f1ZrTgtlC%`Js6ee>TvqV*PGT`Ek7xpZ0qN}KU(q7k%Yq%EWOKn2HvxA#
z>HX4hf>$sD6RMre!~6mM`Acph+NWGjkrhcqX|30(6&GjdDl99Z*@V-x6<V42R;}C&
zoCyRr>KYqDxHikWv^S3amzg1&)?|L%S`z8-;&#^?RcVRt#_^791UX%9T3Y_bA{$JI
z5fzK4sCjsGd1CIYP7)#{@1CE*_2XIkSzT_fGvOLF9`{UxlIAk)6a`XHcTZ1`ZrZXv
z8dlk~hjIth^;Q?pCB{ZE_hZ6cgY9(WWD8TuNk^3=_a&<a<YQrIQ7tVRyuwoM)$XrP
zr$u0a1MY?cXmqRN2SI^4?powpRmiX?d)3EoHfwRZ^Z`3LMBGHijjyifMO(h+^t}v{
zNf+x|q>8XU$c<_v%tEvGZIT)pZE{6V3X!I)bmhgrVIb)Sh~yhyY@6NpuQ0MGlv3(U
zH6v#d9CpWymAR`j2JXbMRoa-t>iY^dwRjpY^Arab5gObBwyseVCVwA)*#`@)*#=Cg
zCq&&yPDvy>xGjLwfw^(4g*1S0XniujHQGmMM;JZEQHg%9kE|3_9Pt-RZEr2PJo#sJ
zb@jeihbtdaR|B{5ke>ij|LucqQ<o=7!8irV7U^gYgkn3_M%vQt55snpU+*D(|Hq0m
z72*(VJ5b>eN#M78SUO4yq2=Zfb~@9jxJh-qwh4S+fgl!}t=ISdXw3!$i<MhH4Bw`a
zm(h%*y`_2S(1UIJV%$dTBW64}DjprPG#j^ZhL5fW4F<=`;Bo)(wrECQJKM|Q`?o#0
zh=`1zI*;0u(91KA3sr3vWWJ+QI>m%S=3}5pNFg-(=|XaXeo~RCT09gE9T-%+m9HFb
z6P38;78@!Nut_MwEK(e^@2uKq1!NLnf}eCLJQc7g_@BGxL(lb1%UX;J#JbxqL=KpB
z4>k6VYSwFO^$Cv!BRuT|*5KcZOxR`T_e?RwcfTY4;MRAphAxuDy-u)jiHz7t1Ym9G
zAuQo1LV6gGosM66WP#Tqp^r;Ol^h+<+)UkEapztQo_#O#T0`NMzOGFr%vd?-+v3>{
z+3<ml9gNFp`?b$S92VRH_TyBtHnpCe&5zjIoUhg0=Vu>}!(WcXQ`pp2-D5B$<R4B`
zZn6xX*F6^aKRg#S5pFX{?kEz$Ds-bxbjxodZ)PKh576{o&CfO_Z)${5`D!?Zfwbp2
zG=m!j91`_!<^#U;|MXopfXakh1E@sO=HbG{n@t_p{;X{3WIbYRyFeIAE(WZ@hVb*L
zKJM1MQ&r4L&C=#kxFZ+-GLkmc5qpAf!|qEe-D-U5ca^sd{G0ZCD7$A0%IsdCxYq#9
zBArAE6o!;3ukSe|N~{q6c%F1fI_BNnYL=Cl7{0H2O*D2&uvF3~K}B~Hg_}fwC8FEZ
zT7o57y@OxpEc+AKQffZluy;kW!)ZrlHgsEndGU*7?l5S7j`r6lmMp53R5qtukvE36
zkssrlk2mbdOYo!>DvEwl!^;F%Z>kMJm_Wg#gIx0>+mrQ;To4V9e%))Iu$I?|NZxeK
z8I;>G)y7&}y>3Tcw{P&l+XZXRtNHm}>{LK)YW~?Zdf1Nz*Te6k{(fET@BjY3yw&|Y
zd_P#1d)(W$N-1T3u66yW9dFF#j>p0A+V<wDf`gqAPseg#Y!LE|NE-77tHj8Yd7d;O
z#HKn?mu%!xzaT6qBRD&Z7iOC?(L(cVY;YPm%vsEY`lRL+()IHJIPE7t<@W0WsJ0&k
z%?SNqW6E^cgQ<I=#WVBsjyYa&>Jwa6!!hBWM6TkLmFkeoQiF$v4xyZ6&ZfHRliYRQ
zTe3Rtg3cy|ESO@F4s84L2XW})jI1kzu;GjghNYY~^Hf-wsJu=-X?o;L?5i_b=LR8z
zDd|6{Te(Nc^42fC=be!D_{}lwAF48$i}<9lEge0&<Tl0Ah3gs{l`gAg$-g;C*OC30
zaYGgm(qI@C>AgR@UzE<k7%&{b`Xm!OBw3XmZXylf^wGa0^jL#1Dw7Z@l4w~SLC~*7
z1(KcTgJ-PWxa6AbRr;iXUVC=1)3&teaUrjwTZA@}6KI30G#;j(T%Jw2R9;qVb6~Uq
z6m(lTJAYUw1g_Se7k=<DTc6^?iWD1NA6$FZzN3BfFvjcSpT`~;*%xlyh)Bl;3qo!4
zzK)`6FGFbENmj$INXH{)a{Ka;9}_Z3f!z#N1;geQqTpWm54z6ipSb-DxZT)5EcX|K
z2cP0-?UP{oAMD65X@t0SRzJykAHnAY-|XEPd5vPEt612iS<`ho2ZB!dO|qx~t04<9
zwOtY>&=acOCa#QzZ`4gxzyes2Gt+b-N#`LvNwJCQjScC2(V8Tj3aBLNO^f1HhBNN=
zRX<bWSLLm{>ox36)OG*hu}a<ZMx9kuS5Rx*87@&S?9!HDlgsOB4$ht&SpgoL0O?oG
zjC1`R&2VyT_ac8nwe&tb;E=9quWM72x~C)n5a8i3Kc(|>wq0Q(;g&={n&MFlytpn*
zzf|KN7Z>?_32e<fkW#gdq`EEBMo}j$>g2>4O%=9DHpNyOL2ssRBY;(EMuF1K!;O5O
z&x0){O9SIz*Q8DEVGB`ZdmbN8{s=b+3{XX-hTOGQw}7d%v@+N;Z+fRnYa<dFj02^+
z^U+pPP^}`AnxMAod4ds|&VWUCZtH3BWViuQEvgra6l9a9FD5-QUW@HO238XZQ6@A8
zdJ1hWGj^yHr)H_8naJxR4c=Np{YPKt>P3h*@czwbmLq3+GJWw@+Y!45U+>AG_GEys
z&IoCCG!3rmCgE>NMvI^*J>V|hu3G9Ak9>?#80Zz;>l8em0#n}RS7<K9($HnA-ImZ9
z!y4ybJ%Xm(abnmJYQ$t@U9@!cc=R^Do)btu87v0?g&~qi&HezL_gVtB$D*2*B!9}S
ze$oDe5x&$kQ0-T3#6d2Jv@NeE3gsJ|a8V-CpDyzCcvPC`G~nzYdQ<#ozAnqjG0;uw
z+eB*}so#;OXyGtYSu4&6WKWSK!m(<Q(2m#MhS{*8Y=YDsFe`{DT3&?8XEdi4v-%M$
za9=QDoll+EX|)CQd6mOI>?))@v3nmmqvWJwKy<@9ex&0Dca`4Gwx&nlL#zrzl5P@U
zN^^zAq>-b@OG7Goc|D&`vz!GD^{|>QinhXpJ}rwD%u*v^vXbMi(t3If-C4oLTc^@6
zgPXb5Gi7GH6?viKJ7FG)DiraNJamw(UglrSc>rcU#p>U%FC>i4Rrh+1L1wz!9s^c9
z8L5}PP|H{~hvyz!9n5KpEOk=?i1;W5R_(nY7--{>of6kKH{n=lr_#NxDj9Ux+ACi8
zv-3CwrbIq<f@kN#?2QmY&udd;QQmqpp`N4Apwz0Sk*^|Aqib}~q_90ia5Ax@+rY_U
z&66gx%(xpCo^=byibZ}<Eg|7fjk*#kZ(HZqICrc`-K2lG3C=Z4<o4z2#}2Df%mKSU
zr@r5#zB3MKF-WLK_Xpd<yEVPuproQ4o$qHbq~b_332@%{M4vQ4k4>$utb|U?<54Sf
zwQ5Y(-ugZ>s8r1QaY7b$9c8s94qOVpmww=<M<>guiVRc_owaryTQf)R0D_NdGiP55
z9WYTI-jkNs)D37&ZQZ3ZkR^YXz51zhDhi3z&2|~Yxlx(Sp94;(xTxo4n~cWf3686y
z<LD`C`%V|3h6Mc~+!Q=_#m)>qhLhKjSNVLkbElW0JCqR48adjzeoP0pp`J>>>wHme
zxMt}IpBs8q*{?Jwy@p;BsXzO}#9aDQ7Q_p^QY}x3NKGbj7FL#v+2c*lE~JZ2)5MyG
zH#nF<lrA{_$ZcXpBgC2649-kXt%I4m<fIB(l?;J=`<(;vDEgzID1MNxJ9Lbkvnf|&
z_NmmtYg3bWkxnKi+PX&x>#;WJ7n#DQ-f4kTRY|(jj|Eh>$=hm8rEPutuclJRULx^<
z+<L0avl(>9ZHKpB+VdLh*mw8&7{Y_hLei~D!P5yPnYIZZHK8&bB&aw?TF6P!nGgT;
zW4SyJ`8YRb|I^TB)M%Wi1w*GQ9Da9TEG<0j_Kb;nDLni-bK~ROiT#i0eai7)X{#R(
z_m)`iS8X&qe|M7`JI?Op+!gvO`#5*u<KBM1xdngB-+jwnxyktqyVur60p+G@`GV>S
z>8gvhYCk(R#%s^z89D>$7*tJ)x7=LK`17W1;>zL7yy$cQfj@Pny#8>`n(Q?QFPcg-
z96|ijd*0joOlaR_p67Z&?H&pD8mBlWUMIqQMRUB^PT;p6T1i_$t@n)e&88J)9EM(f
zU@TH+JPX{sqdP4XrTsAOwx*o}rQ2T~Yb0wJu8(}#uD~i;X^70K-+FZ)2iR>y8>pGY
zAoV^72p_wMBZxZ4U}Q0eK+t0X*eK}MFRbKMo#Q@MSwsdfo&_CD`J>GLq<tWIpzNg9
zXA6c=$}4{#CLUFkETyX`oleft@91?y8B?Ij201#AQ>z0;=rN@_WNq78k3vYINiXuR
zx3KpRNzaLxm}5nJZ*)rDEF~yxvqe>v@rKFIDzJXkz!eTXML(lf;SiZ~g3`Lrg`l*_
zb4VeKnV=+0(|}AA86YL19j!MH>+hbAh0065Dul##)tIl=gR4GDAz0V0RJD2A0Rxvt
zFxHk-wduA-x)ZX`!WJI>Xem41c?l((M$c<kZDpZ`K%rN@m2gYx8Lr{bS$iTSQD)q=
zJIZfnQgv^3h29#Ju+N26{}@Xibn%WtesM^Nn}K-dkj*7}rZ`z2j`wHN=uq+1A%iJ9
zF7;&P$v$WE5T-Hn!~uU~ubAPX4UI49<`B6({Og-;%9{p`-@?PIN<Z66Lnz`<_B$Du
z$821oU?*TE#7M*r8;2agVFO6)UgCgKO3|~;kh4wTvvtf1CSh6~vjxs5!?z8<62m(U
z^i2AprLSXREeillJZdThQ|9Hgfq3^>ykM<7d(J>rOj4li1wK4<SJ;=UE?$>2)cz%1
zJLL9b^IvL5ynX`dhsQCoRbx#EKXXSQC*Wvnk4#TjVn38}mpf8q7LaYX|8V$yw<H^$
zaHc4wc$!|X$3DnM100}@CW$jjZy3ol%V-!$qeW%6JpeA%Yj$E1j_!&yYSf7jm9$>t
zm@5*$`0c?~TJ@~CR`gBYYC_EEfvP6t_r^lb)Yc@3u=_Z<Cx$$j;3s%FGfMujH{avo
zff7g{xDOqcc5OM(me7?&{Ji7GH8tMMxnDg!DN3gpY>Ap?vtlEmW#sRhPBd&u%%Iu<
z_&_R`-=UShbM}QIJCa=(g~+BJYhM(&iU?yq<Ta``MGupdA&JKXG_tWl5HR3`)H;fn
zg3Wk_DqiC+f?VCs=3(#h^eAIp_0cU@O|hzun7b#+yG+C23=OrgpnCC;<z-p5B^vv5
zs}s9Z*Sm{zHfSl9Nq;p!G5zw%Dl{8S?iFI>VDCoR&-W^WKXG`)j<6{{0tqzBh#oo!
zg}Gl9MH!l!B%b^Z7h?~JlmNf<QD5T)YWwETUneH6tF$v^aUw#Fa#U?QB|3{{TUN^B
z?mwAwVWz?og7$}|_Koib(dC-ZHQrgU0e^R@<!LGaKq_W#eP7&ELhaJ5pZcvyu6#C%
zxiQ`yzT>WC!FHvj9OXHFQrVLdS~aJTIX1rAn6)}%^y3a+-nXB2dpcfk+4V%QViyf@
z4Idx{1xoy?)EBu#DJ(#LJgo|)N^?v}(h{TX(w4gN0QX4dykCQ-@!}!?E&t_&kdC@Q
zX%Em|JmgIZa2{UP?rIBVm~8V~keOoko&E~}jT|S~j4+p_8$$C95(}qRbSTEuo>*}@
z1Ja(=o!b8y2~=sK!7em>AE>v*-(C)sq|j6D7lbGwd@)SA(bCvJ^_zt7Dsgk7-j<(M
z?IOTlslq5Pr&}==YAuSBSzJL>nVyQW<Rs6X46)wgU>BP#!(JWiAHMMm{TWZTO!xS{
zAI9f>n+?PJBmwx;>Dsz7Toc`{roO4=5JxmH;F2_R_MZjYzYSppH1AA&oUyJS6$R4?
z9y6h8Gv=7zS=~9Q^LD$Sv-OqLjpK`lKa$fQ`sA%?J_6rxy5_Mi<1q04Hk56DLv8N@
ziiHvjPOF2@U=?kzzx<0(=KN3qY)5c1r$>j3y$0Q2W@`{YVq2$B+nXfW+Zb9H%eB>Q
zWkezoV0e3lX(DhQbB9VvdIYWiyp}-@lo@JP<BU?@>XbTpr?Shqk|-O$usshb$WJ@T
zp?hnpZ$h3jMGhH3+}bOn^~@{2_s2;v!Z@@b7<Af>q1mq91(GV<W`di;g}9l<7|3)-
zw>p>X%lQi+w;1-JCjRM4)cfK6VhaHn<oZ(WTwSvE@@u-XQrLB)YW=iH>|z`KF!k{e
z@xql`Otcd)=u@i&x4Z8?g#95i>&p=5Dg^EW6iZafr%&54)#3PDR5_7Hq}l-6eN=L3
z0f&@qLesHOCn)`-Q27w^Y*hNesN{`t@iWcBXNrZ-Gy|V``f$?u|3tBz|BiBh<1kN;
z{zpC(b^Gtw=IMVO@PB3)7r8|rbJ_e4(kyy@e$8UjPdsOTmG_?y<?O%V^Z#f0ztF#f
z|C_PTm8dnt>N+u1$NOH=_Cl5Ue&=gSuZIG^Z9>A-+sjgta5$m%3iJubb7|^R+f=|e
zb@Zqh1@+iL&6$t$8L9`qeM`p+<{sd4ZbrwN!e<FI$LWQc#49Ep>?9-bfyZDNQnaJX
z897Mxi4(7y71^yD)p-!QbsJrUG}1XUzbDA)cGxu?(3-8fBr-ze&=AwWZ|9;Heif<_
zCY=F?3Y1v-%+xC7Nit>C)WmaFHi+cj`@`Mm%RAL1^<x9N@;%<nZLZx<c^0t6;qO2)
zP4o&#bWOv1$t$do_rU_p9a<7_1&<iAhnTy`UuLVgPEsg~N}^5m31}!|5D>EcwGy1q
z#Rq~$Q4ZG0cmVU8kl56D1nIq2Of|K1?py<Wx%wFLwGr0k4Aujsd%n`$pXbu`b+gja
z-R`unyU^VnAHL9^*XeaLGro4;&*!VF$Hz{--mim`i)r}JtI}KH&h}y7FXwk$&j%s0
z_{PRrA6(oO;;Xf9l@HV_RfHK9GdCeVKR6-w22?C$xqVUDEErcUA@OJQb~}li{szVq
z;@t1Vf92Dw>xasfHhf7+*(~6m>%D>0MC{tw&|4TQ{US*0j_o(c?rV*p=S#{)xnjFx
zRg*vAT39n(EixQ$B{g|+L|O6aQh-2Khj}3*vwzVN^%Sbiv1?jui{`Ed%jlbD=~ut-
zHN4f=ahN`%#;_8-jB4@-j(uo1D}p}XRQ)Ew+e8_oeNg3%`QbO*-zaQOAq7fjceQ-P
zsL7o9&!Mia<JOE2cUV<gw{IHK>wlS8b32Ru`Rd`{6+&ROfz@Dp4^g%1*(>r;?Uj0l
zeHaA+{}#t5GgXvu5IU4!br}}r1yoU>t0QZ24M6GG{l5Rv#K^U`Wv<YnZ%0#9WnJUd
zd_7`fMG^FwssG~3Y^P|fF^}ptTcC^%<Cy=KOVBx|yIw@1-6g7vw5g+1Yx#{e(9-&e
z(%l`bO9u7s@sR9@+{{=8)!oJ6sr9l~_viZHX>-!`D0>M;M0YNr_}@yK;aw3L2DUne
z;&i|Ge#DlO!h|O(>|`DZBlZ9hsUc`JrE{vp)`=&j*gm`fR_gIXLp&?o+FKr1e;VrM
z6OXDk5XIG3!%u^X5NOcxA(^HxpUq^3yCK&BuT;t5rh{J|K5Z##pLP-{wdZBx>yr@E
zmoCTsX3bTGwzs$Un{R1Xx_SwB)>C@!Ka)RB3mrYJA_k+$-d<1Py&Crq#5=78@X_=0
z1lSr49PJYk!B4)J$~221h!0Nr9M11>kI}+MK$h(uq&xZlG#4bJ#nUO4cY^=vQznu>
zOmDxfs6(u8?)wTzk`=XN6uM(4^|Ch*m^+fJ%$PJk88=?j-3s%n*$UKdX(6MN(659v
zV4=NbBO2~(F=$H0Q?ON*>lzhIhE!;&9^hN&O>o)t_nwBhC35=A@IhO`mt6a;uBvPO
zQmct^c;K{>NM%{PHJ7#A7BA&~2o77%yg^$QamhN#CsNGiq;LBPq3ZSIeY{-8C=rcb
zn`!keIap~r<oB2xV|V*Mqg2t;>0$FSVo_iS3$klbNbC&aNpdVGD147(#bq<k2UCx0
zb&xhGGKrBl^M2_lO>Ov|90o64S`Wsm69ju_oC?Ty0jnPvB3Zz~J$4v?Qm0cSaORnX
zw=w<6)`7!*0d4Uh59UZ)k8(K&`nG+~?+XeGYj!h)-~>s4-ovv-wPNTju)w@o$=w94
zoPxTqaO9!TVCoIBJBvW9;0d*qNRziQVvn#=lw4V6QxfTE_rfK83&_e~%mK6$xRj)2
zbaGf-(c-+9XhZu$Bg{tOHWMBv+&s*A)qIX5X#Ll!0`X*~eUe*CA)#|82hxn%<;qp!
zHoJOIe9{iZiVSkn4vvOKD0$|eo8CJ?qitFV>GEA-0MN>daCY6cgp#xH)JO}LBr~n4
zn6SkFj9mD-o^BG=Gb;Ku_!MH+30S)iFdu2K7U7zP<|?X~SD??1nR7XvXO|;y!AyWx
zei}+2l4D1HK~iS70G3GF(;WCIk3iC(hZyMIc@{rvrx7G~u?~dj12i*K>oR|UvU5LG
zW<L;3diG0pHcebE6+xxNu>7sbFazzJ%tYL4*$IeV78AJ<+4Cug=;J6$DVxK~&GfkT
z$`?m}^xNGO<)lQhy26-@_p-Q=rECZAm0TwPR?4l6G%E1=I=OHr0eYGxN(CL^>yPmT
z3jyR`dgPZ7-KlB$X8fVh3`$;C5#z0BC;mH1XidO8BM;{Bn~<CDw#oRBG0aa|^4z$*
z5$S%HeVh=%6dH(Z!-Q4XlZ}j9Qp%1;Tc^zSGL!Yfnqm>1h9@nF1QayC@PtTIw~iT!
zK`LpSR`Po^n+{}s(~kubozZFAd2OshT+CPREVQnv2R$c|9PeW`3c$UWB*RZk@#`4o
zIdJz$5sQcN!Ekc3W5hrOtE@yjz*putpxlI8&^u)E#wea`gJl$IGD@P#9x>7-_dQdG
zRI7wC?4z6TS5bi6bcflf=<Off1nasKK58iGfY8PpLTYe)!^lri-wTxE0UX-tVaecU
z2pNzqq1MkhfrGXMBh6dtYe)|KmB}I45XM3R%op!4%8$lfx8(U`IEUS8wum0fDHfK}
zWfxrVza*Z0#&)&z?|k4+Bc`;>uUT`BgUOP|Dru)Vv@41`35yhEuhMtP9=7S;rlxTr
zC`SeN8dCZbP}j)S264f;pw=J-w<X2HD@tedz(hA0)x2vmjlC+jObe^Xn@=;Ed0c1u
z<Kgf%m{hf)fx?0^75bJ~BnzqAx8mb<&k+Jdh}%+vlkM<XTA5k=7EPqyNFMwipvdRg
zEfuTIA*L;eN(8G}vW+Q%8}B%Ukm3gFtTx{mZvg@VYf{v+fyHjipmjFfj1tbjyLpnj
z<*o|AsoU%mRv*i16?)c`k{VVCfe#6U71sJ14%I1GYch>mLl8(ciG)SV6BNL0Aci-1
zFsyq-NaMQWI8<RenM4Ro&}zR$XpE&&18k#K*){A>9P>n+Wtxn>f>0<QZzi&1I$9Q8
z|NEA`yZE?CrA6ZqV1Z{&J%UGOH0N$pdMVd&IeC7oPXh*UZTDBc0dZ*;jK`f*izx}8
zJ$qx-?euK@-uupXk{Dm;LEP;lVvW*$(~T0-k>J-lH}iRr`4CaMABhj{ClSMem++%x
zN?hKYLAmg~2#qY_PpFa^my3qDv^qRsAPtd=L{u>g9Y*z`xssZw#zk}ywdw6Yu%&iv
zx1kz)^Ha2yv#d}0F!0>$O9b5-ZVhKyVY<NpDEOVy;s=%Z1p0g=`Ax!=rhIItaB9O;
zw|-R|CSfs&59)nkM7>4Nm{pin<3Tkm<pW62A%KH|k>sMoN&s?owxb+2>_Uk-Ls$bV
zD)DtTKfx+Y+E(V`a<&n;!K5DtAMon@KL<U0)+|S1A3j6gay4g&FWy&LVp}i7Hy?;E
zJYF$vw_m4WA3YCV&f=xN>N`X{huzq=ThCd<m#?r7-p6I)8!nE6p3YyR-vE3EJ@^j0
zxyB;De!te;zgj%^@3*DQ-*9tI|2O{Y|9>-h?{Upb7bnCHd>!YNtTBbxyr$A@95W3N
zixLcIy)3|U@;7aV!7QEvOfmJm#J%$guBeg&SLvn_zn@&r@{~qteZ$R=cJ$O&31cj-
z8gkFEHH-<7()_KCl&tvU0ZJ!aUn0n0=H&njX$(CA63^PWPbrClUirJbv(l~{797ya
zOZq`?9s6wbQfxDHIB2wCPu!sfp+zenX0}*RPh0&s7GM-T9O9m%!#PTI2+uoxlC+ro
z^<Wyh1Y*9!A<$)S-Z8An6alqKA`=<bASp){3#$wG_w7_#0l{TtQc5E^H)K^UjuM`a
z4bYR3q^)r&o{e0Q{Vy=u^%72tFGnH(9W@557psR1AmK{!=F<S1PZL$=Ezo{v(&g5f
zJ`z+;3KeHqA)${VU>kGC6qMN#@H$ugX8;_(YcIxYGO2+2FX~-WEN1PV^(`ClTJb=D
z=u7In#$R_8@`}<+TYGL@y-vHf6&N-Qf=ME-sbO1zdkH?P$S#*5u7Z;o1d|}D4qG%>
zGpUB7ID1e^>C-S0q4}>o6f6DDl`8v(FbG&Kf$gS(ypBbp{JB{AaVW*Ys(`Ofbl*=N
z4eRM^PRV(SXiZDaH<79|^>iK}1*4mM2FRUi2L7E<^u1&9*2tcVe_h6|vw_~3Dvqr9
z=9)}@)5)hl0nw6C>030UFZ2_~G<S#}w*f+ntthQDT2Vcs`Pj2ysaL34^yXRIatx_2
z#Bas%GjUHtC~W?=KcQh^ve89k@qBPpSAf#m+8wDm7WbgpWr(tU)vGOuKe<rbhU0+O
zoQJ54C(q+us&*b7=7SF3TX}{HAKUvbTmj!sDQM*dkjcO9I1pN6uF+hQ)BC)DbCU_P
z9l_HR3@T?A@&lz?(oMluQyH0%W>;wrjKDKK2fk^Z*4wv8x;s6n6|%=jiBzjMbB|_#
z+m&bckvba|W22;B9X|5B`m`sibQ;vI<IY}ZEPVt&G$?BW5-b%Y4AW9xhjK!>FS>k<
z1C)ptDMiK9rHa?*yG##5G4Ek}#12MpxbhGF<5G4v1CTv>D~PwhqQXy8dm(PUV*O+<
z(Uc1~B+`)y$tB)lG>zU18qpz6pV@Ve5Vs2<THp;!$Y712CZ6aG#tjMK54ZSB*EuRj
zex08U>WT8E$dXRn>1f7H2@DUAS9+3tPOY(l-=8lsv<^s0OW(+=1tQ0>wENfTBG=*p
z-M8#cE54fdQy~OUntR+n<XZln-C9nfS86)MZ+DiETfN#-mSN8PxetkqJU0jDi2KkO
zTVqkBVR&FB%heYP4Ild$o)`SZ)o`G>xPJnU3b2ohf#DQwfr_4Ky~RJy^Y<VZUrlj(
zM)>b0qm?VrhaB{QX9!98!{(q5aT3&>!}skV6``6T19$#?CQ_A~9UL<?kTr*)rFE<g
z(2~)$t@Izc5lBOgh>YR3oB%14rir|a2O9`k4&%0Sd5tA{Ecch&RD62pAintaP|)=)
zIEcWXW3$;YN}mUi$x<YX<Md6N(w`Hd>^`<lO5e)z`eTK_@M;mo=<{8<L#w-8YnfXN
z6t}www($!J+HuyIXc|qKw6?=&6l^k<_Ci>28vi`{!&<rCZZ~+w17%Wlw91XQ)`{fD
z&_)Q|lyrST(U!I8{ww$~VRmxn2$@PPEb9K@P;ZI~)w@oiu}~b`iQTf^JSdY&6uk$9
znw|2DD>l2@KE$lVuZ*a>eE9Y$xun`%h`_=X^^u5eg^0B2qkmJ+C~#%{d|B%_o4fNm
zkvFTavh}~YlK|CS7T~xXPt5I`&7;g0y?!ih<*NBL`zrqdP$=+qqYx2J|CWNsHZpC*
zey9=@o0b!Vnl$}r##iWd3^0aUCE#6Lg2_~_Ku7<=lNm~`HR3_-_1ayXL5~|dW#h<{
z2Ff*T06}+^X355rY8vpRu$>EU-dAF1qMCQ1zw!sbjntU5EWHmkEF_>ZV(-<_)-8ds
z=PXq<ZUUjNci6+?0;nAgCzTuutRhItkD<r9reBr5&xmt?70;cPZaBXiIfhXLC5$Lv
zciA5mp_ZW<$`aXu+eF>au5SF;4S7!&A^zAZ6P1pe%rjUG2JhK4f>bqofiyLt(o=)d
zwT!=lVUa(>+(^#VA1y<?&>&&?^M9IrDS;>9Nu|Ji&wH*LdCmoQ7}L}=*y7o&Ah}o$
z4W)F*y_$qXcCl|lFSa=J*ZexsR9_^D9IZ#qg5Zn6dE^b{tO&SYZ$4G~?HfsDH%STR
z{sCx%3{2wUKpP{+gQ~#vc*s5y#2^>_tD&SkGBwD)wv?^$KU?{w$*od|3oi*<z~I8^
zg&v@Tor5(Se9UN$@PZw~Y#?kE+@W@~gDWbe`9L3=Lp7pN*yNkJ07;}nP+zKSsTeWj
z2A<SvRS~g#?cvKHXTdlf=it~6xWt6BT&a^>NMIErq-<Ou@7%pKpw<OPZ4I9(tZAm0
zlH~b8{k)xuat%4e#qdi9Y;vJVFX_TUpptF^w(&AOTK56Gj?(5A9qj|ZUEA)1n;AR4
z&t6hno4XR=a-EI{f#m@ExV{YnEh<WWxdA_cQ&tATCI7cvXA2%sTq05nHd@7?fAH5D
z789K382s7T9GD;8klMDy0*145cW`r?YGq25mOg#^SdY?|%IqIHGX_^`Itnu<wj<i9
zP9p%x2dnt-i)}TI9ag1mOC>9bB`daNzb+W4$1n@O$J!hsTD7J}F={8_5EMb%Te8oX
z3ibopwQ)PB#O7al4<?G(_zKsoZNAo#g{d=5=BzXiIA-_nN(b5@Zg#z2JV6JGCPkTQ
z{qKcqPK%SE)i<r=u#+D=FF7qepQnBtmx28A4T)3kI=1{IEIpZatSH!D{-AJR56AV7
zmP(}(lkoD1ZuriPKmjye!R2I>5$X6m<(Iiq{#IQk*l`)RvuR4vCp(PxC2;t6OSiI#
z1A%AL^y^n{a&$wheE86j2zAA@VHg))w`+y@T&9aM)Ix~qOQv8j3Qbio;o(sMsdnnA
zU!F&_$-Wc*Tf2JDbBL2D=U-fO4LjX8gB{kUnE6hfrIc|cSGv5oHIdsbkvI0l2PJ7m
zwb%t@6pOC41SO!TC{Z5*SrDjxH=1;T%~*)-c!9xVioDGUlXFPjFqEJXRJnUUn4|3d
z(N*y5OJzUBLwAP5twE6K5ZqjzMJP`j@Bd@%o`PfxyLCaAZLYFy+gN4Wu3BZSvTfVO
zD%-YgTUoYG?SJ>#aU!~}y8CYC%$bpq7dhjb<9psQuvI36LVrtH&YLBhXJ+ZJR=9vl
zQa<T8BSksE3N77_W{Gxo*KBtqG!zctDyN?CQ|$21{!V|8yK1LkNDcCcJ*8Yj7^yOp
zQgcN}9gLkWN7h-aYEIzX9$bf_RIDu5@UPHrHf!$rVw=n}G}YG7upOc4art6SN-A{D
z4~?a^xID(E#ZlDGKMR$I&TZgwf4bN$G{2o&j%F39KPzGEh_G6ojo^hXpB%%vw+#zv
zjm9CvHX)>Mx8dPfN46OsUypwl;<j}xT!pliaasH2gM9~U1|tdhj!_@1EXtS;Xn4cT
zH#Ng>wGqEOgW?|i9`^_|Tl9^@If6qPAFjSF<v2u*^Y|3`F0o31K+ES-f>b#xMl7g~
zw&D)l_wRIfz5l9F*Vpgvkdz8koQI~0CxIX4`lBLMRNO~7$Mm0<uSPmjCX#`-b1@R(
zUVj*+JoKex5+UZGf_BQN<_(hedvcQu_UWaCy-eXR@^|;?EfvN4#}i4nJCR*?=1Z&!
zY<0Up=Vm<ysgOHYBs$bX$2-&0fRVAQMGj^zFGR*FdUU&e?yrvT?k6~|5m7{E1gXz=
zXq69LjJUH^YH-XN-BoS)9yS<_#Vv^ejqhBt1z_*Ph8OTCvZf0%oq~XJNhCf1o6*Tv
z?*yq3d$AjW4i$97+PS%X9jSzzity!Q0^vD*t`D;`h@jzk-+O2LT=PXoobYbhO%8y_
zmcOoPl&S;)>}Thx-O;j;%GNU5Z*1zfwaCtdw$^vL%}xU;_TW{K<`4|Y`xxDZ5zt#Q
zN!qYVS_qBn1j?9kAPK8hJr>SphFR^IVf<N|BjRAEw1;ei#BuTses9aVZ;6K%%h>Qo
z-KY6Jep~Ah=+l@uz+-;=o@>lcb|};eyz?{<)Ug9QL6S~*R1~gHJ4GBU7YLqn>3Yl8
z&$DDAKT!_J(6TBtmP+97*CcMYi|p^b+*SAQTqIF03W1*ofC1IVt+BD(uaD!J@4t?B
z1F>AZ+n@MFyb!^jqDT-zqX}5IaU!Tb29ITt1#wlgH_F;E?E2Eh3^gADR+@TxrgQM!
zH3_St%HSRpMELfkJ(orsr^|W`@ByY?w!a87C{}%2&&MUf7l*K>iej_h0avE=?_~U_
z!SnO*Pr%YZ(3vh@qmN$+6AMmT3#ME;I=bzZ{uF6fXyuKQ+e5js>{yxor*63dTH;(%
zo=cisIzZ_+F#-Mil1GL*Y4Z_T`vfOqTgSLg@0ai!qh_90Ut{NN8^4qdN*b*RCx*HR
zQ)|EZ6RzMLbA8%Zz=w$<ntw*XHvLWDQ!3fyTQEu7iO=HKetF>NfaMCXJ#{C51JhPX
zu0VN>f@MS-%4VW0prqMiQN&IDh@nXz3Q50lc##2(zxXEiya|-b476%d9ZfTi->5|<
zc*=)pg!Vmlxe7_80`u~+{KsZBSbFFy*YkZT|5LA)lkf3ldOtwy;rsMK_`c0-n3?u*
z{C>GyTRS^*_4Rolnp(;vcv+L*33qXd{NeKtJWt1=GQ{TQxu4utZm|KoLnCyvBGVI|
zt{l$&b3118z30l+#2k6CC*=J%-}$sInKDRbr)C+Qc__XrX5H5-z{=+j`KBZs%^=M8
ziwwWqFlh9+En8^UvY>Jc?+IT&GI<ag*AhlUZfHA_cKbLz5bz%}vZxzMs|k(w>5nz=
zqd>V;1%k4%qEe!MXSoIj%Ne*_dbKx#c6xJ!m#xTkM(PM6@}Q*&wp#gxbGOq#wnc)2
z^4<MGoP|wzXw_Kbw(jh(M#_LiY+{#My0F1}p!h*+ew4A`eE6y(as=WvXEtCuWmeM>
zad}<K5-M>V`_t&K$#fw#nh%pNu1^*MsxQm6`S4m`iaM=)T@F&HcrHiv_kl4^`Z*xG
zB*>D*X4l8pUUi>1--1jDov?2Qlc85R6s?Z;)f>?2HeYN!eFC`&CPZ_cR&3u=Q{7+q
z9*;}#+IJGw$l<E?Hwn--)`t)s&<z>TGM6P|D4rw%mre7*A6^WB6r&-6bYAWDt@!oe
zF$qL&UsI%kreWpn55JvG5%Yp$(1i9`jz<T(KNNKMlXagX&c!KKLPu^Bq@-n1h^)Gq
z-!<xZ)HIX*4e-XuOVlmT>QGD$>ULf4&4n_Zk8o}bNh+w9_iFcBqB_m~lC|Juf~zN3
z$u@Bbt;odwo=WJ<tt`h~uj-l~=X%v*tOV*R)&3g;9(2;>(dTfBOTIz~+@E@=Z0t`d
z%W8B2!6#;l${^|-3wh}-O8v^|^a(@xD%Gv1?(PW7JM6x^ufKY{)m~BQ;3bKKI|V!|
zdI>`>F`z;hY~&4~7Qk-IUj$nqJQ1%bo?jWB9S?2paTEZ4G1F451Uxbb+S_J?^IKRL
za5zM6Opazm)EmJY6l&d9ng4pjCvv!rcA!`>i^2%DmfARrwu;5v%Kp_#&0GX?1~b%d
z2<%Y=Q(M0BQ#%v3J%@S0T;=ITLNxqD2;R9Lo9xu&Lj-!;`yYqaNW!re>S8n`2dTSp
zCn?Q|NVRf~#^6|hYwR3X(;o88efq8M&{rGGpJZX;z7@c%)AKRf>nSLx_^@&VJp#sg
zqGajlarbd(J=2$X)K9@@eVOUU4JlaJzTTfDKkn3D2-Ur3Oscd1(*n{QbCg9X=`12`
zYv=qz0|a2DgPEp1FQpL3&O$ATWN~B|3J*ETO2nxoerDJh$7qK;s;XF9Z{G)BS;9E{
z6;Ee$hocztm-C0sRojTmV5qi{GSp@Rxj>b`cyz4EZU2J9RGO?6lEI%+Th%`SBWCu5
zPdwYc*?g)&RoROw**qM>c1jGtBP%uD{IX!la5j(h{}A8OBn=E%Z<}f#Q)y10ZOr5?
zb8uaj$xprk&2&xt6M9aS;g<ND?T$RLu+BuuD*?B<oFkn+d9?9(`>gMn<Hcvz;$Fmt
zv}cVYefB0(CVECT{=@yJcSawMUt+m-`~p>?jHGKu4uF+w>5rrF4R5q5gVe9HoOCg!
z)7sZogp5NZEGhTs{xQ&u;1k_?rOQQ{BUU(yg%>XMGE&cw1gd_b3V6mf-PM&!TMd5*
z-xZ8Bn!BruO!^j<HvUDOB7LsHXXy)O#`8zIil&-Tt=avj9Cos_eU*Fg8n=Hj5eC`b
z1BACK5;9N)>*hJ0=49*PE^t^dMV(E^cVtKCFJ9IJtWkcLP0!vz_|5t{;ZqjgS>-r?
zO9f9_1jxUA`uPg!?i5?UiH#U8to{yEH{lMwlD_k+{@+X&ta&m_*}Xk^J)CZK_ycZ0
z*UQRuI#HU^j7{R3kM^+>i&L||X7)+(?0SgK4QL7Mg9Nw|61Vy)S^E4^iA9-~u?W?Z
zzg2KhjY-=^J3@xUhWK1~e6w)son9QcwnP4AGa)&}6@i;~+g&UDt;kKcI=T(&GVEHm
zTL;1k>M{HZEP$f74HCWy)a3KiG;AI&H7u(cL|msn!j|b08XIuyTPvQ;S4V)y!)1YQ
z=iRk&UdiEOfi4;Ocwi*=d&Kh@7w`J_$dAbSZ=UsYIQ`?bexO!cARqVk@9v+|BRPc!
zTLJ`$cE_h~h`Ik;eSO~F!u%Hj%U!+A`G~mJ)5ikmXK49?=?v+tjj?S59GQ`{xrZ9_
zaQjy?E}N2SySkhR5=>skP#_4j3W(87Ogmw<(#|zvp~7*2FdS9zX5})gf0(^d<o0uL
z%`v1GZ<@T5Hefe)Pz?NkFkC%T9GG4Uws0NP7F$jyfnmBc;{QdsG}d#PLx_MaBJU!S
zn;}ePuk*}hwb7!I4N(FAuK<^hxmE<<Igjba_Dck#5aw*nl)}TxwyI-kO4NC?p^4a|
zP>@H=zqSRLra2z*cNjGUWY+9}6kZDv7@e{#GN?mlm@zX95Yu_aa7oxZz`9ZG1`qwB
z8y>Ic|1;mBwis;P_t>I84&LPDh>H2PQyd$*hgbcf7*2JLPHMlXbt;cDndb_(d3Rtd
zi7wW2z)T~|ysB{*T`Hum*{}CJ)6S-pd+pK_IDd!AozG|rbCayzv-;<3He?y&$Rk{t
zoGHEfXEWv{6h0k+{jI+SK=);x`Qxr$H}c=t63Uf4-J$hmhC<qwfZO1Q9X{O{Oo>8{
z1QAZ<gRshnjHfk;w*jX^_oZzL%E%!d*8-;jil-IR>OUM8yc`oh91=n4NaNeYU2tYa
zKkZQ$Iqx_LHVZ%O-2Icwh0x*BNK5(H^6uvTh|F%MsMTnSwX9Ue6+}tB;{76+iG=aB
zq?__VImj5k{&fP}2wgNCZBau3<+Dra)bTG~Msy~S6L_p|N_TQHs~t;!+><yp1KM#s
zcq6t!knPe7%7MIz*2d@cE|}zDf*YvUG=I_XgF0pP0GB3Zw7%+X8r`||&{Iv%#omy?
zkT>VOoHBfhdPnnvaw^x=xL&x%n{7N)OPN0-Q{91$_o&;Q*@=b(?u@SH;V&;0*egTj
zwn-57H~dm&t~@dnHCVTWMPD_(Gi+O-kkra}cSjU&A?)yYkqLmBEl<yIO>HTqu?g)H
z8%G8&v}O=7h`|+TWTp3%d#Tu#bQ?)AqPfS?4-4^Mgpn}nI!&vBmubqN#6uD$`Di~B
zBuG+fJ=IIWdIDP&uNebbOWpSRao@_!7+b^C*)2>>k%r-KH!rMrg@*oFI%;t-?b4Ay
zR~1#(I2_Y$t{g61Z*G5cpvwtNd#k~VnO81W5P0ZvZjhsf`nJk}zE|1&$s?<Fge^$W
z$zV7~^e~{P%mS(?%P`a=h~@Wr7<<X21o`F8`s%OH+qWD5$0jbTOmpRNqQZ_!G_Bhu
zI`fuWmP+HE4(z!|Q(*}~yTenvW{(5d%1szL@0>Vbmz~=A8Y;k0D%m^VSGWHVb{N;r
z1J@*0KO3dp86OTlh&Hm}x>HjQ^Blhz>?q0Xn$jp78$TV)n_ckw2uH3TJ1%;>|K9G{
zbw{w`mkx0c9-{^Y$N+2BmAFPJ%)@*=FN>$j@l8oEQsC?`mb(jq_Dbfx-@s<_5u$@G
z?()G)$6TPb25B#z2&D!(53lI=w1u!vwENG?Ofvh;?7_ogBnma7&t>U^(S1S1qNo?`
zOR=;jRh`U&x8`)E4SYvKR#<4Viw`{n8*lNqS3o8!be9DLBgu$d4N-2j)Hl)qr6T|A
z*d432=Vw&839(mdGASwRR*r?(N)lz3RFVA4NXJ@omg7%_Uu$);jY(1Ds16N`+yX}Y
zPNZ34e*8F!6!5ysMdo{v1bXRkYg-$tjc(Ug-_&=CBku2aNt!+d$%XIVfwuygb)h)R
zUNee~hHHn3pHQ(Mb1dkp>6$Wpzgg7X{L1Pi^d%-3&Fu|)_13W(Lu@=*_gqzQ>VNxb
z=jnJ)<LC~Kj~)ZVWJthj73FBWa!IIgb}R<DEjXFqqeISKi)k{m*$*bUX;7%=OO@<n
zj`*9vwbgTFSRw&zXnT!iJYXL0fJRAb6tfpl$0iTPjyR)pMrmYsLZ5n2(QRBwkxg9O
zQ3x93r<LN=xjof8E=QX#kAn8w);F^m;2qcNa2$j-h9CwDo3UeHxnp#JqJpxK<nDMb
zZmBs6Hrd&wB_R8D_6E!^jdQF^a<LZucKo>1Mg#%1zEU$^m!!Ayo~f=Le$}YiF!LvN
zv4dck;cSFt@!BmW$^{hawZ)pp!~Y20?wEt?eTZ`v9`6a3H7e!9ukDcjV0<CEjNCIq
zYk>VOCb_JbOG+lG=}^1_ie>6|`7q1u|8T1R18|L`p8apj70de{Y~}vJWtI`k_j5cF
zee<99T7H1mkND#M$~G=>k2)2w0U2Ui@cRC_?1z6n|2QxA!`BmKyO{K2k^jE(e{9%)
zf204ks4d&dIt4?=+hOwNVwKrp*L!-8mm<G?a^mFM%VLsn1eyLC>^av{S^8_+WWX1F
z?3gqa_4q;csgE-N-HX7nt>fj_A@ECncE_s1M;R>d$(6ap3oZ-%Bpc+3XMY50l(YL8
zIaJm8UtTRM@*5AD(-2JC4u*eH7-#Gv-q0u8k=M+itJYewnCOwiL(Kg^T}!?M)#zqe
z%!ZsQFyd*mQ_Hj$$+R_7<4@h$P?Cr5Pxl{h@AMP&&rO(Wk0diUc}~FPIiS`DfFK%8
z>?&w%UDHR|Tbz)$!D6g^I!Z_t&lvKDn7eU+*)pN4G}^qHSaV$xCfX<zluUn}EZ0lv
ziI7>eqh$&S@a!f$0Yf2CTCW{Tbv3g){{VlE5uSW)wAKHQ&$Qf?zgO!%E1qaps|d6H
zOy7j~0O5t$n$WP4=k!NsabjIHhr|IG9Cs2n15J%5fAfD*>?vo~G>nw1ZTL`@a{obi
zs`rId7qx9=$7p4$42&eTJ#^ffxUV&boi8sR=8x@;*G&CJZDGxFx5;$8lhqZ<73Cyh
zNd*C09u|U+&b_21?<vrjW7o0M{~1{ys;F<7t6%*tQ2$n2&t>w070*WgI;<lkH2$g8
ztP1^lUj>wkXdi8a{YjlS>WANWf2X)UjT#`A+tcz9qb76eH;=x$K~y(F+-ddCwqwhb
z#aQT#i{Dim)YpjMp%4zI6`~s3XN0EN$WBFwX1ByE^3x~?1RzC1W2z$SB)qS*=KfRV
z2iH`juO)AE2|{n*o;0lbW9-t~Hdo->x2++exu)}Kxe-0FtN``O(RcN2wp}z@UqEw{
zBUVoT>rnX8CFqpb(>OB0@#2@ew8dZfmVftF5KF7)%6E5gZkg2kXCtzs^3$Uk)OY9m
z=XNW;U0)kR7cHsRqdetU5uJJ9(tA}7L;I3+jO?|HMHzwd{pf8c1xe4;*eODiM(jai
zQiCvB%BS>+ty9lRG5rJqtn?EnrX*Ilwf91<0ZcT_7oL@^U<#}6rr)L&Auv!ABeIQO
zKI<uL_k%8j-YGI8EeAkC0$Or3er=S}YER1)w-=!%Z(WXuExK!LZEtUHci(dEEOj#O
zoEIztdlUA@MSs2RBKu=#-e1m9eH#u>es|i55nvY<3bEIlI5{Sx!(MzdmuZy1lN_H2
zJDon@o#KR#f-gEgN_C3tH5Dae$1^Mb>w?|uQzDl?&g{6asza)88TbxJl98}s`+d(&
z>1$^qG<zsfnLS~7F=n=*yB+RTy&0g_)<RA%p;rlS%0_#~Lo(ReX4sfStZ1#K+%+tk
z3a{EyIVi9ynC!Y9;5!3<OaAvG%NJu2UuFZirlzi$*i|XU@qyD;GKF*D&Pvf{N4i|#
zIXGf1>mGAa!ZqtSk6ba2kEH`Rl)BqX==pjDuT(T<W2V`!{9w6pU)XzYl-&dLl1f8g
zr<>i&h*g0xEXcN5A)zyrFUhf}u;3$_i-^a(09HMr#aY^-*d#{I()+EWB(3Rtas;+~
zWi5oDP7vmubtW*+4YGD{h;$ws_w?@oj2g2d>0iMa6bDm#?hah`D_HACIT$C#2CR#D
z@Q<wr5r1f8WUJdjBxfj6%wE1#>SY5Lu?6PMDuEVQwRH4D)gupudJ`Y$omq4e6;Fhv
z1jhXJVOzA7qNK_So014Gr&n&NJ8&*GV_wkhfaPQ@qvQSRsut(NM0+}WjWBD4n=DkK
zaLdTQt5yqSL92je6_Uwpr&Ram0#es5KGbQo^VREwZ658=_>>*WWf_!|9b65K5bEr`
z+wKP;vn@th>3;_l;NX?l;oOEDi6y6DY0);WNoHD;F=6vTSUD&SJ)M-Q02=yr#55Al
zDR{?E2p=h!7U9~4#%h|F7l_Z!nNua*C$}Rn(QNQnVJ0d+vO{MPF)9wvK-LJxi+sds
z&j8BM#~7I21ulPTmk|^<sSc#5V@xwN+X{cM^3woS_CRnAW}a&v9!)|4RYA3di2Ut|
z2t%#B%p{^)#VP1+PE)yI8Ndv5)M@M=Ih*~ft<1!>%6F##ocn`x<&;FJx`MdOw}0`&
zi&@T)tGO<~th76sY19z)4f0{^LiCJFlq$NyH{WB6e*{qgdgNE|U1^#5mI7gjY|36&
z5u>d*Cw}|N7>yu;BM)W?Tku<-4yh#3@hmUea{NR>(dhvf{akRtw3<lVL!>o0lTB<p
z(n`)}TgU89iWBv}b)_TQO)gpzNU3OnP{}Z9Zk)3dLsZi^ZRHQ?)}1MOC!dNX+ha1f
z3ffr3d6;kBIqBTePkN3cc;Clu6hL~fsfK=t);gYf9^zd}<ovO6D60JQI0;1IGAG3j
z$c;H6I6v7A>^_B@8J1`Jz&|QA86{CQ?^vm_``)R2`V~?|j?pdD+h`zumV+EDoR04<
z(lrA*Up2HeFhuh$5j6z<L5x?}uSKfyU@onU$YhvH<P50RP}^6cz(I%Nk;ZNHbyP?G
z%G7WiIAd`k=Bsxk<tOu=Tk1j@y!~!%8#M2wv_BSd6&KtH0Es8Rv28v52VaEas3|S8
z8?OAL5Srxi3dR{e?aJa#vQkBb+w^^!$4%z<$w@+Zs!_3{hLqkU^mPiY0YX>-*i|Ue
z9a-tfs?u3~2+>V8ZSUGlGvA7B)1n%R=8NnmLD$*71XKbY78N~2$nc;HmA*w*i6VxM
zo%jU9OY}fd;`Y>_6ej}C7IrTGc?;<`(g(i>81i`zYt@=FxG8Ir62WS&Y%{vx#z!u3
z)VTgy%k>YYJMh4O+Ele1Na@>uum&4$MhT}scXP_R#qJ8A>D!zOHorgBnhc!jrPZu5
zLLU-H%dGWvTq@J>wltd6CeYAYk_q$H7wACSkW6m~FgSN;@a7Fi3FzW1vI%flP&I)I
z2zW~+COBp-3L7|IMCM6EON^Pl1tAE&UhEWy%ygW(0gr8acX0_5Y71uJprX&b#zYV7
zIDfnUu*kcPE6WSpeVQ;q=y|@242a9QV?FGjSWij#?An@X?quc~_dRxfQpNfp3=!>|
zk?52j{@E%u84Z4Ga5tNWo(mIW2A2Hbei1Vmd<{EIrX>=}A5aQEjMT^?{z5FBb~&$)
zORL2PfzT8^PxvMMM~6{sWUiz-s(ukiQhjoJ55CNa<0edZZ+4ola*pd&9|@74XN9O!
z$G!eED@-Q@938(?Uizehm`q=oEU#Il@{b6|F^c*i{cS)Mr%6~$!jpP`IB|E$Gj0u5
z^;k&Fa@im%Oc?N>STv2~h&r%bt@S9M4ZC<^-Vk>GvPxXN4N$NKi<Ygql(J0}UI^9q
z!3Tnth{K?_@2bV<e=t^#&fE{PT5b7ndqr~P`GV`P^Zo<1yiZ<F<K%wS)d30be}L9=
z&VP89_i4rNO;^W3Z`c3UT>lNY1jZtMKKFkaFTVd|2!6Cy{{IQQ{s(aNx)!8Mkr4#H
zPYB7@nWE_4GH5nVm<Iih5)5j&DkgCDv*<v^DwzRJGxfSAdh`vdtdfJ!=%WAqFtw8F
zDTmeaftMxi>}{+W&R9}2<d$b+5+5q10noxsR&jWM(Frq>4K|p5*~dm1#fX9?wlW(~
zPNJk&`?<SYX;qGh4e9440b#aId^Y+jwi`Mh)Z23;9ne70VV4hc*es}Jtb84bGD)0_
z@XRyd9;P^l7o5CET2BBTOu|;c&GxwjJ8dnyhIBY0Vb&>SBO)3klqh1548iw4PvlgQ
zU53ZyG?VheSG3|OQA9X^yx6GP>X+lWDO7m&AaSmj@tS>j6Tuj$ap8T~ykvn$*NQh^
z2iScYsoU=$_c~KAw$Jo1U~^KaIU@>5{T0DFSbm0$m@R^=3&ei~Bl5fT;k~9%iKzpq
z_x}*E==H5_+d$Mx2ZKjnF%&ic?*7TC$ggbex^;HD?ATXfSu+Zzh`FRiZUr1B`YdC(
zUxc}ePT>)aL#aA%(PB@hn2Zta!6>CoBTI%9ybDn+_r6qV?j0i|W4i>j{}B`VTPh};
zPoSTGUL>vw{_e`~_2OB-nz8XWsX!6CX|eGxQiG|E*%Pc_cvHj>rBmC`uQQgRcS7D4
z(|c*pee5a+@}0fn(2{?)(FDLOpYaMxOHHF^-H^7}M;_nQ`TMj37(sePX}R8(<^kK+
zmJ>&<Qq{Vr;Li>3klJGWc04~j&osQ^I>7OQj+NP32aU_~$w^BUR%>&6wB}ICn{Jym
z+WO77rY!#aLTwX;3qfZAz9NC9kZ-xlWo$$QHsWaI2_<}d@2hAHayz}SSrA+{@22ZO
zc$K+Ub6H;R;|kGDCd_)2Ku<8Focp&w81s@&8jhCg@VFGWW>Zi!fe`@mzG>Qc&pP?;
z__#*g4mUMItIpCrh7ECBiN|01bWn<el6h_9%=6~ck)pz7K(B!(XM?T$8TQ1qycI;S
zOpGj2TWKBfFWOzn#akk<OuR(tFFZqrcq5UEj7W5|UXBO+P@JY~zmPrGvb$-ZtkHWh
zlD$<`e#V-s-?nR3FLp9bIbb7V?HO<azdMa5vHPH-JH(l@d(P0}x8cN!yphP*tkBfO
zlYC)$;NbmH763XfvAJ^VB0R89ly}7z%)ecZrrnev@PP#7r+60B>l+0EL?Xi)K&7<w
z%)FbSavaNgE{_)l7LFOd6b@R5wY^^o;Xu>e687LW@*nJ0a}s<~GvI-Haz)%~wVtyK
z^5y{kWHNI6d|adM!(;6AB^4%-!P#8bU#ztJ?BfJp2v^sGK~~a%$#^Otey#=v({x3u
zdM5QYphV9<3po;P#pyYb-7PjdSBOtJm}Ac{va+X*L4T4I*gMCc5E%oJmLV%o!DBXN
zm76UBGd-jguc5VFyaVW>(UraYp8PPBiEd=ZV0&(Wlu6@wUdDqplnk$N`<asN5<R~A
z+ie;Ni)*MrTzfe5#ttG>fc^MPPQ3ERF?5PN+59+5%ZA+dR4BK<O|$ZsnzHdkAq1*+
zWD)j4Pww!_e$QIQHWTH|KDtf9lA>0ERThqBV+Nzc2o4pyjD_QG90UyzA^l<fTp!O{
ze51i~DSBG9rhB_&nlnUm<W5?azMv@Uy3D{eg1B&7IWx3OwH8*jfJnr5g`deyuAy;=
zT--@LioQbV<7!mh$Avmw%4};k+j{;aoD}bDSO+2mj_J9S`aQ@HzpLt^&^rpzm@>!q
z(l4oS6#{)Z8@QT#3Og{iYHqXt_5K37ss3Df6yoi$d#lck`VZW4sH~G5Ng<C9P*Ga`
z`C}klCMUeFuEEkv39Bc;E}?hm>$yv)z=8E$vID?YappNvPXw{fBa4(eLxh*qZj6eY
zxn0av9Ur-d4^gbh)Y;u2g{rs1yd1NPDNf~@f5(Qq<i++y@ov-*W~4jNalCKvlYCb|
zB=`{n)W??82X3l=GD`O8xuzau+Kum!rVxAU{sKD-X1?<*4~?>#QSg}8Sac((-jInD
zLwaBvmB><9QeYi5%|*T3yU2;$7JBA-*LC(~tJw8Aq4f0y`Ihi)NhrjgfmjHi)-pS}
zEj62+gr!ZiUCy{~eL#Qyg(aZuM%GT_412LJYhWiO(7Va$O$%T}SQ}TKAAKb5tR>^v
zihEa;n@u#go4wiiHb7VmM@k&jJ!u5#jwa|fz+9Dk<B!?MV0WQ<L_J|k!Cba?Cellu
zNTsB`6h*MnY{2yA81LKM<dl`SA){K`#v52eVHD6VF7Iu;C8{M=mN%QlDp11Rav}gh
zS|8rS?A|E4y=;S>h}#&k!OSJ7%J2k*`nM{`*sj!jSs^>3EOeZAuR$}3br-;@8K&F@
zw;fVVujZT!Iq@*oRUw9jIM$~e^^)#ip{#d#XcT75gL9NyUNySHl|=u{TKxq_cx1P>
zT(V$oA)AzP@T-y?d8P#xlFmScZ}Z$pdKGdCTZpEhxYD{vmz@>`*)q+Rv%@%u9kv>0
z-I|Xa1x&p;XW?tR-V8Pc@-S+IaUE$4qcH<z0gj{oP};y|qSsS_dZ10H%4o`Z=`Mi}
zk==n)CvCP9xb5v^=ewmbga^Lct{F!j6wn6$_I&Fiu1AxJj{ZT=`UbvaO@?znqpUi*
zegzG+&|naLhQUWq!kV1ijg)Pzp{sc`-Skq43zJbLqmFf^r|B8)d7Ed0>&kaYIv8BO
zSheeG7pM_IRA8x9%hd+JCXLPJ8R*S(Ps4k-^q+yQit?$`LM7v%wP@`G2GmMz$38jK
zzEW$sG;N8`nDv98`Wwq2Y2maj+yAqn3~1J}Ejtdb%NnU9g~Zk5@Djn%v+;fcS<dT|
zDI)AN$<(qWhnY|@<Tz9uaDo<7Qi4mjNt|JYj2kC2kA6c3NJf!~$LIizQljxgYH@(d
z87m-u&#qkf84*g=C%9JnlUgHcGX><LtM%_R451ab*|vfKnj@%_SuEbYmC^{1{-NoI
zUrn=WO(m^tEaWOJ*F=xj0So4iRZSAuK-IdcW2#m>*e4wfbAu?1=iN<Sr3scI{Tffh
z!<>D(G>-=WsXjep(D!`a;wd>iQt;JjsO<q<jY5wv!YskF7l_hPQK4$^^VWZ2lg18}
z{5MddwCJ2z+^5JiuU!%s_Cq7pQ5on?&!D94wi`mMv``h#+@x{WVsH+&JL^~wJxqZ<
z|CO4Ie0BlDOdiN3$lsDjZ#g(6Ch=<c!<Obe07NoJxhH3}W*{qkQi+CfKW`|Sfe!HY
zWYwghfJ%cI0;s#j4z_w8RGM-Tte%%4F6YeCXnLfb*_YF?wm!)*O1O%iE4FV(xU4~F
z0x#0$+K-dqK0cE3bx{e})fh}<O{|41vlJ2|#8NP4cq_f!!Q)Za3eDZSsd8$qr>f7V
zs*bBG+W<1;$G)?CzBh8s%yYAIe4dS-MhJX7-#&4_4mf_!d>($?ZZtG3EL?wmJVj<!
za0uKq<aVQ89%FnzE}XdnrV!Ibr>FVfAAd?!DwZoN@;$=0JH@DJ4GsAOy_n)mu)_4f
zbd5`WWX#RzVcxu0`Sqm_d?S&b$NKCSC_=dc656gD+wm(tl6s!k4>5SQ4LK`(wm8Wt
z`NYPD<f5s(f2+eb?W?K~@WRgO(ok3UlGk#eCGd-P(JpUDMHK2(SoNd}6>em8>)=sO
zS<|?dAZV{+FS11Wt<%`a=M|bGb=%~}Cgk-1+Ap7Aa27lJ{}kWrO4))FP$iatpSP6Q
z>+12VN5kC@pqK3c7O3#rP3Sh0!)zLn!aj|aJ&FS5x$FW}Gd{R^9_@RoL)j-gpVuLg
zY9cXm8)g1k{=2o^FJswt4S!v?r`h{_D{ijO0SyhGB$y3xCKYR{11TRO!q*(l@LrjV
zH;-Qd9M(hVdE}tGvp>KAJA^}fyo9FI8eO{?J#X}9lRo<K(fj_3hBlq)d_R;f1my~+
zI@A=m6HUC-nw}b8Uq4#J!Z4~9-@7_&epobcFfCs&+=k15B>hIfzYDb5Mi><8%-;L>
z@V+mP^j&ZY8NzU$+Ic6AV2X;)Ik@4|VKSGmH8=tt9;ZF(jh)^H)=ERyvF^L@bRENu
z0R<~4XDzaPAJ{eCiPudxMI!b7*O!GKeOmY-Jl(R33gdh|AnKd26V=VSR(aS$kDyVN
zNMIj(>dWMN<>Rr(XOP#k1tP8+8R2c@L<Vz4WZ}C__x!}0TVx*$^MUl^QBtOlfNhMq
zQ&gnA^*r#nG`(=e-h!?|37JwgxV5@aylfd>zn2N;sT<R=;cR7Pty}JC@;Z<DjW)`k
z9Te3YVnSo*t$Se?q()Z@d1?8IyJ~d&qk9FMc{_-@i~{7lf{9_QY4atErh#vqTlVj)
zt=A%+UL~*&Xg%#U{2p7)97ypxYH(TFD`#aF!2(ea<{{Z#TPGyP0%mHBx5CQD)4i1j
z``y^)Q|Ka%UIKWmN;YN5Sh>M-T03B1<<pDh89_kdy`WB~`n$FZT+=v{Bb{lt{NwF2
zyejU`mHE`CHG8I}n;NAtf%3qEZJ;Yr6Z{&WvbK$+9kb%LoshcO#b?di-P5LdSXZpN
z_^@_>TsJzm9u08j1`dZ&L4I+u3M$aB&3fc-Cp5&a|BFLlIAz^kopwe8sR5iNYMg&D
zK11z-)xVmL!?2KWWo<NTw~C9ltKpZlA8WlJ`#K%Erozy;?P)2Gjw6IEf!kh24Ernc
z{1Y&-5|UcYS_oU?IpX-Tl8>d`ofA&O>a52iJqDRtMslYE-7g!!6mFWie&n;#d5exe
z%sX87Hvois>o<?$mFeQEzOzp?)J!a-Y+}~}0TO=QmX{-0cRa1WNz2xA94(2{n>ZF-
z?GArE=+ZCCOo4p!FVK#o-wwj$Y?zJl#Qzq)Mj>6Wqn>BHJ1aq#-6;0pOc+OweAKgJ
z(0h>{;MaoC8pLCmJu5T<|K7*_>2U>KOEGr4HL4*0her{u{V7w{Z20~f@1n7z(@oAW
zN@YR;8c9o4!zdjPBdmQ{R7sDw*VdyJZmsjDCyugEXQFYgHK^mkds^=4PgrB2$ITy!
z=4lW6iYXPcKs&Y+s?2V#G;0{;m$%D-`O7|W3Axq2aJs&nB4mviUeAI^K=@(0(d<9|
zbu-u4VjbW2ex_zPEqLt?a_c;vYIH!;(iUW1odkC`eaBBE(>S=OgM{UMAZm*MFmsFI
zy-Ai4Q>Qi%zIAm*;TDMMN7M876y49ORM(RWqkWP}dM46-T%+{E2TYro5%e*TL*NU1
z1mA9VTVQ0ijSrXS!SVZOcsoY#kEbz5i@q<w9`94hSYGtO8s~!su$4n)q<ihPVzwz<
za1Fw!@qAv!1HLI9YP0^Sv9{a({CmaNPS(X2<Dp{n;+A0TPW0K=Dq@@Pg}`fuTvXfw
zdu$UuKghYM5q=jpi8WY~NpZM>)#~5MNs%FXfx4FKG2OrSRh-qX>DzET+n_S(_qsv{
zx{N(;?ft!z|0>VXJ(Mx|T1Y;??OZ;iW`DNmBsDjZIR#7$)_R29>$akb;yh8k>LCdT
zF<)p<2scaLj2mV@mo*hJei1hEmtApY?%eK7!xE$QAopULRk9eXT`Jqtuxw*fw>8{;
z5KLma#l^v89qqc0&51F1)k1GxP^$>>B=K1-rJ>`uEWJtXa{-#Cng~IAvD2tJ$$kpf
zF>PVl9oI>a@D4MK_F>5W@Ef$VkY)4bL7+`}{LjrtrbX}fW$YWuy}@uOG9MZ2m66Gc
zb=d`fhmSegGe<X#odyF)q1xV#Pfy|qrC(ML|7ukAi77S}<6w_;&g3p-M3%@M`yH1k
zd+bBISXRLBsol;Yp6_uGrC|<wd3&`uH+luQnP>}1`WG-m4L0_BOn_3Cc0|M`rWz9w
z03rdMs^~Uib<@j1#A@q?>`n%B-lu^H+RIRCf42&%y!oz%JTfZPMID6awKtOJN@P!f
zU`R8)9u<R-h(2}?+*DAkI&D@+ly&H&Wt~QT5~qi@Y5gNZhzAJ{FpK=Z7Q)9LG9QKZ
z5578?D5OOFiay=nyVc{s3t1^VWvGoq_!r5w{;OQcNO_t66E?k&*}g7+e|jtU7KxK)
zPtEE(2})tF{I&42iA;Ay$AxF%gH5VT-K{i37dt&!W_(Je10-?CUsj5vvG*Hc;?Mmb
zj5*txr<PC2z}A2&kEE&k9{2%Ou`5aI;0o#m9$Bj?4ie=}UG&Be0yZWq4jeWrCw6_8
z9;o=9mwLz{T)IDGWiYQV%g_&pb)o}a#n~XJWtM%Lc~GV#r0sqm0r5>}^?lYz#tc%x
z00;`Kal;!y4Mi-O8RNb|DK;J1$)6(S>54!6S^p*wm>f{Cz>DL!&Sl;nFpF@$y+a+N
zb{}Xs6sB4A#N3-iz#m%*>IZoLYa`ifja2`WzX$e_B&>>!IWEzUHtU^+(s?ptA-;?x
zu$m>Knkp-nJ};r>PQvs&ByjVb_aV4~L$EJnJSEqrPLUJH++TE!g6GylibGz!wgI(%
zty!PpYhJE_h{I>Z%6J?vde?{jj|YDp5H)!dIMDdV#%eEeLbtvZSDo$%@pi*?y5kXT
zxBy~`qiTmL>w4Fp2B%VIzE%c<%ig#*E2<<MGBuhN;{Pa(HT!;4!qC`bDyErzm-V);
zF~L+u!cy`kLPxVp+siZ-n80@3a2cz>^cWlQpnr@st8VuD;`s$b=+#=DAc%fd?L%J*
z+f|^AcVrDncPAFw*(|hE@H3)*#`F3Y@-Z&9Phm!KZa+d+7SK{6>W&u<wI^iQK6bL#
zP!c5X>1rmmF~Qp}exKK$01`YY?-0AvL`Zc4Z`jTqUwiw9MH?8Sf^<pgG2-Ot`VC(W
zV}+m?6Ic(yN~U!6qzmw`qrY&Abu+1ZJ{pXo^H10$8vS{aNs1iw9zoiz030=@e}qhs
z8UDR@8VSLhjPo#kQ5GdrE^>O;h(3pS&AD7Z(S6c~%GE2lEZEe$(7ejItd`pjIL9w>
z<cGJ4mth}Fe~B8pcBz%o%`4|PRRShXP^X2zLNzp6d3)E1M)_G!AvWhQ+8Seuhie}w
zWD_kjbZK|@`fZ&fd+0JajyP&}M2&TOs)KfkA;1rjit5*WH=E0FzzR1idn?51xlT6=
z`xt8sz094^ce`!GGdWyn!s22w;f|Og(N0-lc_ExRgk@ybo|&X?r{!c0;wB>7_3%;l
zMw)BWIb_XIhgcF3-+@9@TQAFG8IH%z2b0!=YvyPIyc7X-KZWIBs5!+E#&~%97zP}+
z-H6sifbxtTZjk7ao`rK)8n!+t!f<~Io{fPvU*aYhTYJ?-m;X-qY$L@0;?=fTZ9lP$
z3IvAC4$DT$?Ru3mp!S6Zt&_AmNV*B9A<pFi<4-?SUd{$Bx@NU$o9iK1O+U*DS%6x2
zykjLupxc;pUfRd~?cCBee{BHAp2s8fohD}1``v+EYu{CjPTYn75c%GOlQjd~wWdg=
zTE#R|kBg45U>+D%=f?rpo(I^+0W7)3KxFn=RB+mxEHMFj>L>HeM^$^j(Bu=p$0-|6
z9`fNa_6M1QB5(jcOcWFwEd4lERguBr`G)%KB$0&zjJS}xq0xdksdY6d1P6*sSn~cz
zjtvGJakU{6I$EULXq=sXHY&fl(=)@1<tA!qZHU=2jkQ0h%ps^f<Hye|*21@g+&m}7
zt=jL5&$07-jdqLAS%Iq$^qN{I#b1Hf=r@I+etk#E0!9F^PZB3UaJ&>AMRv!fZ$5JC
z2IVzB6NbN^6wAphrV`0snl_T<(-e2MZ~>LtP7W#^ne#0l=tmZ;&?;ngZ+55^cHek&
zAEdRet@PWJf{WFiJ%10f(l@!0Lon!H0alm0>_db}++B2{rLg2~HA`uBoj)EpLr6W%
z#Q(JAg84a47Z$8QSG)Fpe!9c<Z<Z19@I1HhMfl7%VZjDJoj%onpzgQ_ialm0IaMoY
zEaynUQ?8@^B**b#`{#9;O~`&<1hsRPa@%8OptU-LAe909In07LwC=FT-oG{jRgI`R
zz(a~akb4L(;ry8nEIG&`#kZOF=7ydWv)lC$PLrFK3YdaRt%OuSMn2jC*Z+oD?sTtT
zgJQ>e5mIhHgAg)Dm3YMHY2)~yc1Dmgn7a631)Ia?^6xS~YBFG;q27Xm<SB7hK>v}%
z<#(JK*#8>`%{M5D;7$Rx?(dmoNdY9uz07hgLIQO0(Gzy6*6dfZ7CxSJ1r$F0P$naP
zZn>|kfx*52T~d*6rg)Y@w@ZE!9m^oxp`^2|MhN?i$t{GOn38q{6MM;LBAWTkx7lhS
zwY|IwbJa(+9<7Yx3Sph_(s-YSs|VKwzcbGKxupBZ@ltN=b@HxkAh3^_paQ+-ws`7O
z6U)}+*&4IfgyEENSYt29;<g1atz2T`4>wcWN?g+*`?%xu(R}^|9rSN^vFprd&6FYt
zn-0Hr@qKEb6`3(NVdp^wt)c`*tD;GfR}dmj+4P&SC6lq|6BMBEeNk>pef&C=Bks)Y
z#y(vuZU4_73Hs5YkceY9-m!HW*rY_0GE*z1;r3#72O*wukRHSd7Oav3AFN|0@3fJo
z@)IL49Ql*O3~7jIO-^H14^vxba0R#!EJYVW*0xH*=@SBQJhBe_yuusOi_4Ff{cIhM
zRof+SsW_8&wnGquQaz7<)+R4Kndw=hvi0;2q0Xvx{0x49&%;g>&rGy6qR&<Q{oO_W
zOH8m=dV~c0vO`{A;_V!zA+72jIniTlDjQs4jW4WcSJhf)`vyKe+x1QU`|u;3C#eej
z0wo&9Y&)<}{tw30D{j!(vZay7RHmbvvV_RyvP^a;$qeb4|89M^z}XX#0_&|GUI@5T
zwJDDGP2Ov*@miwO`x{z=^z*FKj1TjL-0VkTrf&N}il<ra1eSgz`_?%kbNT7Pg42Yp
zg$<E%c?yo62@UVHCTYxm4}Zb^ue~!lZrgHIg{Xp@I=W@1mIcbq1DG>5xCdO8t)CUY
z+rs5l9Vt+V6wy2hyMrh!evt&nyaj%$=f?$4pO_ptp#huiHj)$$6Fsw@zi8(ZQae~c
zZKbk~+duoMn);c^K!l6Qj`b|(GgyGk6G>RcC|Wb3-=hD&^G!7uX|hv4vVJ{zW&Gz`
zAMB7i3kiUgn12%!ZzLIj_ZiLQ22aBRzk86hj8-{8Lwbj0m@B0g?(kJ}a@sJhcgtKT
za>H{y2}X&c{211@#4V;>rR*gv5j8tm{1~6!g{{Y+{g727lP{WaB*i|XY~uJrwrA&~
zkG2Vo%LC?WW4LAW+O<@SY{(WUCu_39O5YP#Bj+ktbDY|C^acP*2L+iabPG{f5GSzB
zDE=~>Caq!-E2;^^iwU7i0q<fL7=84b%7%93V(lj<G3qg<Saofx{^S>??s&G|mUT_J
zwWbnX%dU+(y5{6$bgikH{_UOBsCu98Zv2%N@IZ1gDzaDw*IsH$Qm5X%x6!cW-Z3o<
zglSQJY_Y6R9EPU`l!)w<bZfbZXO;tktD$;ZH4+u_L58<&x$_<gyQ%C7_4`8KqvCBx
zW`X4{dVTEiDSjE*iYL(7B6fo^gst`D@S)(}N}ng_1WPD0oFcvJav{gDdh}ojmEc3|
zfWUgy?~X@{mZw}_(+;*-YkW?z8uZ6(>pl|#H_<>#{aNEPQX#2X%wHNpXop*TThrhe
zN%nP)dN<EkRr;)~T6M_$%lL=7u0XEmm!uDe$j12;f*=dKD-`3y%~L1ftnHIdKNFOH
zY8x5(;d8n4RHk!p&A{m@b#o;pol0BTt}I>?W(iR{R?6ACV5uyv8((x?{PD}W9r8Qo
zs88KD(9?!rX8(kw?RrUoMJ-AcM|sSY=XSix${CwKPLk9wEh5}rIGaxc@D*r_J(wOP
z9oQI(E}v}Ml|)5Ql|LUcep;36IIJC4`c1jmuvtQdIoBDOOsQM_uFhklYaL#UE16`Q
z6@r~pY5Av2AoT1<_yHW)=re*?MK<iwe#yV!*=Y(B3A9eSbx-#!hjR(nvI9z=c(}(s
zbjcqJz-@Uq2|XQqn08E88GAr*?wDZ}AEwYZ9HeM5-U3S?t?1ZN$>8qT*b=Q5GVg?R
z?b#^gmPI5_ymInluDP)1UF*K1TBCfCxvXw^mr0vyyz=ajuf*B8VktIW-?lqo6ZoWP
z0kL>dPh16%RIZ*1ApYA~^(J@yo?z>M@BsTV+5&RT4G-nrrn7(M$_e(3ZirjTzF{gg
ztkgE7pNh{38Q6k#%4S;QL%2tohhqHeGBY3(LC`gsc4In3O-Yht@!FBQ=3);t{_&i`
zrfmdpwi-6a`kcRsQQX5eAj|ZPTiz=<+sq^Hx!uAfFcQB?ICbq0BpW>>=yA)x22!5(
z+y=`y+F+a+>R4&(t_aoE!F0(D4asHTfXc@UM%vSBD<jJzv7PyiJs3TUHdqV#C|ZXB
zZF)>MaKk_ED^+-v674*M?c*_FCH{x+uyy(vu{zEzq5LqlMMT2aC^PJ3$@k{r^9ejh
z)F3GFj|(xer8MwXKM(_i#~kg}6^YRUE6o}L{8n)4epYAV`o|1T85roc2VJ@c1>48b
z7$#2X-EMJnc6X%{G&LP?gwg!3c83?hpPpcycxfRM<CQ=4@4YR=EFw;Q^MnNEXlHI&
zCY<aYHuYzh>;55sLZNKyyc#z7kSGGIS@oyIrl$XQd&e}z(8xzL@=VhE%Mbki)P*f%
zM2FJNdYyHapPAO7@8Bw7HF>Q!XVGnAJgqgCy9$bPYYL~NZ{O(^Siio%XV|yh3Xcze
zTC1y}!&0^Oir&=A6qvCNOT2haTw4s)%B8{dE6hNq#o~F>J$voc6bonfb<pK*)n7K;
z^Ksn)lz1nK&*x!1nFp-+<Io@B_#+!lP6b5H_tC^|%4s7;isLp$=PM$N(p)V?9iN{;
zB|NYyobVLRK%NnDKW2#<`a8)>^Bnr)#n<gjx&DH85O_4+;TtVklmfOwW2>`5Kfbcm
zWo(i|csFqqaDv*0laBCseF<X}+Xfg8K{e{$^ACiqHeCAt@lp&cT(TB9y=M&(mnL}h
zS2oCbzU}Aq*+%(fK^OAB1zQKD;n6((tg!I^a)CSs7N4j%l!z0}oGts8Defd-%4i{y
zZ_CSHk0TA!A^~ABLB?zW%YdsYWdVb>Jp+F2H6|E=6EQ+!GYPL1S^;Y313P%<GPGAG
zbr?G%E2JSC&rD!9!(TYmP*f||LJG2Cq`>S*l|mIIgBhIL%%X|T>Lp;Pt~3gX42{TM
z1Pc7!as5MEfG7eW2sl)*2hgLFt8m)?YOqv|7F<pi`)3*tHA%D39GWe_RJY9JSEe&)
z8GG<Etl?GU&~#_am1sCk!ECVuxT;>^$SHeIv+c&S;G*Cpk>pnZ*A)|UMJYwHCbyY~
z35eT0ZQbFv|DvymyUER_|6cjo8c)qT)eSbTP?ofa{4y#S^eJ<LcPJ$J=K{P(j;T+i
zH9c0Lv4R<}i;tmXW*fDs?mX~MT?HN#57$wfsKV8(`N#n$b6EV$<_afL`EglD%(HkY
z@Ha=Lk!#ozswO8jFI}oBlaJ{U*A9q%%FEFQ5)buz^JcsQumPNhh8FBDXxC<xF7gH4
zKECnpujDxr%;3^Mk6FT@#<mVz6k$s#B{dix9_h%)RmLrQmk}r%3>^+M13U-)JqVff
zrs@V1&Tk^30fo!;__lVmibflgvDA&m<)aFV5@BKpTI7{d7P<`T0j+PWwhKC~J+;a0
z`YIUS4ZUXx5*kiI<h9DOwq`#mAvW!wQ1ZPBdVRAebjEP{P6F6bi?dZ?LRN$k%O#Ky
zn(YNbwa6L=P`!J`gQ#9_7Y`IpQA5+)`y!b|`n&K=PfO)R)q!%eGHN%ROc}q2N@}Zw
zMe$0#ZdIKDJI9`jhz%A-{uMvi$DdZ1x+I8-e(uMJWpQc_-fS)SVHf%P>~|?hz`v0S
zI!e`oMk13eO=kG`RBL5v_+ivq>tAN@3KLsmISweBru@kroX+-|j>~2GeKE(3TKm1`
z_Qtp|R*-o+8eI7$mwDL{Y&I78nghwlV#Gr;nd~V%vpOJzIt^o1Yq;}R^PkY)0e^as
zO*VLCi7+WHs2J<{#l0#k<9bCyg~s7?B10e1G&FjE5SCToDv^o^i}8<k^&e>vQPC1t
z)kQ|tpfemcD`-_J25~&Z{-uYhjR{?ou#wGHqM$v;H6jF=u%QpZF#cm+-8FzxLp6YF
zpz+Hsd3(M|?vYn~<SE{F6{foeGk4R2zaD(sqH3x@9nMfUV5-A@mK@H&1eqyAn3R~F
zK{(`N4dVa?J*T?K%>jG=Lw%*pzDLpL<pI)JTH5Q85p%yN;vl6kGwinh+g|Dn7uu_o
z=%Hj$X|Oh1JU%mlf+*sGHDEo7<rS@D0l`Rld{p9q>oT9McrhF-Wg#piX}*P+Q;vjE
zma2_8U@s|jHi@u1b|)!x`e(Bl*lz~Sq+~ILXsA@s)B{GeghJ3bBWw`u^iz_DHM;+y
zOcv+2!TN~$I7&6uLopR2;_Ik%H=|ENv@_>oF(e5+-eqNB_TR<^$B~S1;|JDX;;1)~
z<RWn=#+XOuoaTENkI3Q7W#o*J5VK*-VZ%2O5b<Hm7BL3sd{ph*J&pQAsDDnw6+&{L
z3@wP;6{<T&#WBw9104aAyej$pW(q0GPp~8~M^-{@62kHU#H`RlVYH6pQuT9z9<72{
zLHBWiZ)t*9CIrFQNxBmcXcj`T!Y~<H3f$mCl$dywsCYQJaQ}<7bL!5l3$}1<JDrYg
z+qP}nwr$%^I<{^5jcuD9oc_-F3+HN$vBp@pdso#nYfck_@Rwv+=2)0z@s9~IA1IN6
zNK$2GsnteDXFP?pWOct6tfTzt1^(an<e1l|h2W0s<77*UvSh?rKFbzl@nTG#Fe3T!
z7&GQ5qh@qbbBSX=9Uh+w61>R@UcbNP;%YKO=TQxAk1WC@UGf~aa^W7l$9eE?CuXmU
zvO=34fnsu90&KZ@<$BAwaMjJJ%Hs6Hd_rl0%9FJTz8I*90~1gQc1<WtC|z=Rm$Pa9
z#0!sRS`Etx3{Qv;WwyqEf#54AI*<*K%ZT<*i1wWmZkWh>puL;n&yZ!G7%JG4(O<DN
zXWNuyM>;5wggT-2b00Mwa}3VhbTwMW6>P#015A{0g<7#iswT?bC{(f|BiIlHnli(#
zm}bxu!VQ?Adrl&^Ad-=+@vPcqHgYQ|STX#`jIlDISpTjub1KUeEnOYV9)X`4jk5%2
zFk_p9D_Y`}%He8d`+0a>u=r$7tTFK(WpuyI(#KFId%ii{o8SeICiiZU?T>S$WPr_x
z8;;9pHAmW{h2tb6qxrL#O%F(65Qb&wHb>}6xe4`%ZVD_0a$?Ou(0-cODA7TaZVxzo
znysJm79UTKxBK@!h-#gssin~X$WOv&x!H^qR$9x3GRS_4RAbOU^Kqj_Pzyj!I-JTo
z9LYNz__bcIi*?$1h8p@}<+ikTrr`xQ8o#4`y*dj=YS8uR`Ud;hMw&<c`aWJ#W21#~
zB}KDSrPrY38j5qB_usYbPLy=2cPzf6t7?b2%WImoEBe}$mYgrE0tt<TU@(TRYNV51
zr87L}_o{<9?wz<~(={ib-jQszBnP%|`ek91rQTI7Rh!SU1{AOBY!lQ#FSGE-N?rxX
z2L->uQn&oZ0DB}$$@O@q7Gs2_U3N#48ie(Ct<{j6)Pk$qWp;5Es0&f!WYbEEmq45Z
z9VHUhdCC0;OUfuB#g)2ro}}WaQdy*SZ)33g`FBE4vsUtt%}Q+SWAht<H58i4wgYoe
zG45Cp$snHQQNPx{#<v~hGX0ME7>jRI8m67&wVsZdaxQxtXH?bjH^V5u5h1=|(6G1H
z+&+HtyTj}BtT!yw@`hJgr3J5Q00yCo>{u$r%nnhut&D}R>sAbb{VFxLN>J^}L^SBC
z{}j=%ZbOewBVNkaUmL3k89%*{3{j$X%!U<>_0%bcmcpnv%1TNzW+$QHZYWuq+bm-9
z*@V0vjvpjm)G3?E19j005VVZN##k%k6u7PA<ZqCKKHrMfyJ7zXfJ>M&-?KH#o!bhG
z)>yQJjB|cjEp|HpRE=b6+~gBi()DSaQ>+cT^s0;^ONp6>bMw%#9{Q(e=JyI7noDIT
ze`EQ`akQ#C>R%%kRrXLe=F!1~)IaH%mqVzq;E?KDf6M1p^c+uL*YpEtDzj-Nn)3#J
zP9LB$S^2_mUnhuqd_p+74-d5Q9OruxXudtD@I~qKvu|=ezG3lo2YcM+J|>My&M{lc
zYXof-tkKj>0-*zF%;num2#>ESS5;&kcLra_eA3_c*W`W=A8xf5XPBJfp09kt4G5-o
zW!Cow{sg<48D9YPB38PVv1{7s?qEN)LxhL4NiCH*60*CFFmTt3?^1;!<-4IcHMHnU
zYv$m(q}fC?kWvkQ``LVj)a7zyyuWLR`#ixWBC_gUH!1Bd_z0_qDbi5^EdI5~ogu=5
z>|*5oRBit|_=de-6;vvU*Z$SXuN88Ke>%J$o_!s-;d`f<@ro#xn6f^-dcqMzf2`cE
zz|R?ooSOr51yy|fyUTLTaWOSGBbrcHLDXu)!u)pMzR&Y#MWDvb<Zp9z4n0}JX!;Z`
z1-;VLgGeaa%c{%r=XqkUpixELmWNmWkJge=?6LKWERY-n4fBkjb+~-Y8C?Mbdv`6?
zdop5G{(oxck3NaZs=NKa##h(EoBmEe&-%ij$&ER8HO58_@m}!yu38n@kTQss8Q_78
za}(JVM9@@18WF-(f5b&JIg$*FnH4E4hQ_%)|CxFHG`zm-I&P}vd-%QR2OjdAN?5TH
zPs~bR`sTe<t;to@TwBnRu5UMI8%RvU5g{;wOH3rseBbT{djlio5CS`hIbFG}Ia`Ga
z>m5ArME`y0a2<%7Abo?#=I*cDiAcZIP<tge6@8Z?@T$x8*%7%k{LxzQnn7uC^!SpI
z$+*A5Zo_G{x`@rh5*%JXCq2iAhi@7Ls{AoqI>A8IGdhf!rOK*%L1`gGH${jIHnZg(
zZ|ENYNcbmXQD8YEXG2}qCJ4~?-X8N?YsF~CVB0@0veMfxn{^(F<|#%3T$M!yp_8vG
zI^^j^XQF8@E!BdUW_78k^H#u9F?zgOo_ScNo}$i)mFhrN%<?YnYpngH$vXP4*5)OB
zZHs>sC1mP08Cku@Z7%Dz`vzE0&!B*xB#upN$KfW|<+!=Yc=X*|bt%c<%(OBpFEa#I
zCMb*?F<_FYs0405RCE1G{+THWFja5Fu6e78)@j7(pG;vWjLJz8_NeL0jRv3MtkG!T
zYIG#VB3^70s8$V4U%|`=$5b5eN061%;@s6F$u}ETIMmdJ5leyaG!wU>x)GtjSrR^u
zZ;(kJyKmC-Pmy2?<_+sIpTbQm@OQ%<qiR44&8VqOOIrBspim_Z1huJQAml9yASe;X
ziqfW5;FWz+fIB@vAOzaW7PK{|bP_!i!kV!dwbwk?>WSR}1%6Ub1WQp1*L%0;7_%T9
zM+0(`xhyO-cA|XfKX92OU@CsT5KT&ySvEB-Fx4D63Q9NpYo$p~_R-BYQaFetTPy!t
ziKzt*i}v`06BBmQ8?lD+<b_a^4l#Mx2|tq-x;G(w!VEiS%*a`#$R*sgzQkKCsZkA&
zOy5+ZY!XOY$IER}__!2qTtc!Ar`wfoG65za@|_$p(K9K}IY}>sjdZhQf=IF;Bf-2e
zjX$Xo(TiE8b>_F^EH<{?u{_qN2}7BLorIB^L=i4e>2o9}!O)Nv%Gf(06CWPgs<B6!
zIL(W%gI{=ZlVIa(;(B8JAPOFK-q?c7+%Cu(X^rS(=X2DGF4ez9D-ay(;=pQzyd}Zw
z5E2_6;9|A9%;c(P10zsms^4ThHq%WoZiK_KJ<ZA&7nl!BsIbLO*;yuDsuBI`KVdau
z9ydd$*_xuip8%Bw=N<}=Vtew8wv$<K*im|o7?R7k#~J<q#0{y@4+Vqv8?sjT*QM)l
zDb|q<{xK7rl$Rg}Xba|GFq~P8PqR?YLPF+V{;Jo&SDTc`g~|OOhcumtZshHeJG$HT
zT_xMjcfauUhT6v0Wtbc;_oj!WG{BCaRD_J%WFGT!sH+1j%Rz1S__t>?-)$=`Mpjam
zBnQ4PLp_M8tQWp3^>L3<ReNX~r<L-FsC_GJ?iz6k*h*{$kQ;Y_m~8Q#uK!e3<ODV?
z{HCRa%tJR4f`xrwm}9MD&vT_^|5?wm)rLR2^^PP8pL;7YIH|5uf1#Iw!I|Ae()DH#
zP)`h^3?=NY^Lz)%7Z>q*iK9yc=MJk&E-%&>nUGLh{$teWpLNA##nWm|F=P-DNX|*~
z2H3eMwWy|4NhBwimz&MA+{UW;P-!@f%Usyy!%5cnro70@Nz~upB|q6MKT?07CQLs{
zdi%NXAFnehfn0Z?Wyvxhvn9(r7p~iZL4^<vfBppt9gq)ZZ%GCMVZ41z{xj2CHSrJ?
zv8ceo9YXgzk-Pq#_6&XleU30omHp-J{Hz)uR5itxsZB?K6@F=HsHxbo>asIhK5l8P
z@wv8BPq@mmBS`+`5p)V>c4`GzR}?!4y^`7QvY#$J$&|*O)1^JW13Y&q{@Iy9FLpxI
z)uEuD#L5XpFy5Ij2_pXs4)9XRnDGkh4{E%Ues-i;n$NesLDl2H%@KLbZ|By13R;S*
zGs%>)^L?D=*v_Q?wFQ+aFwY^y6V33)hE{In=`lkmYD?1$I?L>@q?8!7==XQ~4E^^v
zmJht#3R}d1?14BG?T%eEX|flJ;5~&b;T&y;leG_E6xfL#=+zLy4yA*U$dDbGZi`bj
zfhK5{OwsGpRA$z3pZX4YJM>Sa=t+nBERFox>AQOY?8fQ15KvCZzk+t5G>vTUYnhz3
z?GwZ?)@~}To1=AM8W6&7=nND38;Edf7t?GUbV_9^>o$vkM`d7!P4(K6ixr1N2WNw0
zw;*@7?or&_!tz`e2oh)V7zXAMq44Wy4JTAVdgd{oeBw<kEgXD@nK%VCl;s;|c`VCx
zql1f|-^R-ujL&+C<RczB&eP&}_E9q~H>k)%6%>>+Y$HmG>S6%;raVq?$|iABECbKF
zClC;&$<X0fR{k`+F|@EWRBj?77ym>>?}#%%^6>{6O*8{SK0>2TY%ap;LZX%u(Kf`W
zCVdI&M3nkkI$o5S9P_wzd=sI)`GJ6T+11J7$07(V-fJP^R-7!I$oy2fLZiDA4Sa6V
z$QG|}-D56!!P!y#1`C0krf26{KZt$VemL?Qv8}a!uNmD{%({h$yex@2<HSBK!%c+L
zTTJYzt_bY`+p33@q?B6`uo+XZFdS~DfjTW!RgUSf=if@}YEBnGmC<pyTNwY{qfZu;
zx(%(RzZDR(Z?Rz=K69pTxCR2#q6d7~^2I{6MoYaVR&Ut0LxgB+)H6uu!j6tfO4l&Y
zmW|;8=u$7jK;Ug$-Sflmg#K(3(gxyNn1f`<p=jUYPItAq_n5*}k2|?3s-0eqBRuvn
z11stsaq?lXAZ8wcU%d|0GB4H}9(T0PebFY~z!^pm8C<+2e}8q_G~Ma5Euht|dGu38
z8wKrIb+ubv+(j{_s>?pDNjwV+{0v<e+C0JfC>T78SJ0d%iui>aLw(9MCiH?$>qEN|
z6b1o-3|>)#T9}H8St8VHPk|)X#0l|p0QtS#=lImjm$$qQUsdfdTw9Q3uA2x=OR+q?
z9`OSuP%t=_NYo7D7y;Fi#`IQ#DGC)zAzg8~v@26rd>V=}mbI-hm_5qz2KK$}|0i%L
z3OOo9mCkzS-DJAE4%+Wm#a832##l(K`QDYTwpRS61g&%7pCr1q!*5XHm_K@+?Wi>?
z3j|Q!#mXlNRx5uE&W7*Sde-d{)yVPj57qq{72tQ&K_@M$STR-8kIgo}x()NCn9J<(
zHaC)BiwY{%%fFD&vTh$K1vp{NtmKQHVcHJ8Y_iqDwN3~1Cd1XfNYSZbKqHOfj~za%
zMV!A+1UhUpFZ1IOg7_E@wVOi0Yy%Sy4J@;<`&NP&Ci=ri=Q*j<L>jvh47vn}1vm2l
z0)S|mjW~!sx3b2^BAU1RCbWgJ<pcWynWoD_wwXGJqzlpN5e)8CDEX){3F{u0#bgGc
zQM}9%wc}?jFBvr)MWT6k%X#~m55lk28iM&fy`0>fS{?guNiXm}>G%C(Rd>F<8L#V;
z!F+DY<ZE)1EZPx2(DDLszs?nnSIOn&^Kx=<FZlR57kgf59_7W%#YqxSR*NjWMpdTR
z{1vkvLfwT<$Y9oFjOaDDnbmQl=&QR!uTQVnxc`Z0bYQxP`m~`Y{8szUaC7xGJ@e1G
z2ZMx>S&6L?u0CsEqKX&DtZzN6rYy{oCom#)TQ%)=sy!Drb+I!78yYEMTzSksxNjA;
zw_8I0AZlXL&6hv>jA3QsMRYEHY^sV<v(-dXs};7IFwJV?+gf>EJZeMEKoh%kn3%?q
zQR*DgqKFZf=1xTDa>Y`2m`>fER5TTqYP+u&c<Iq<o=ig9BS}T0zh+%<E>i|lA!m&V
z=uNrH4t(I%Fe>d(U|hoFca^O0NLnu-Y85aW<Fj|<Dzq==Nolt{3poP8!oB06K6I*~
zQ=o^DaC!h>&rwt->Xnsf&f(Oom39I8RzdTMgxVR~1i+}^c`%`kYZ16LqL<(o@Tyf*
z@3^|iRHC|BKoJ4I>>F+M>R6v*A+^}_sw&FnMhi0no9@@o0Yks3WLncSCRe-&8`&Xf
zR%`ETv<q9p>?et?8NN1-uq2}2p$m~4&Bi<~<sPC)NmOv<EDN!ala@=3RmHF2I6X+V
zY9f)qFBi~MdDp%4v*4kk>(|rlpz)rl`K}u?zA>J=UfvivhshDq5`|R6wdM2APo~_b
znp4omb5>>iGZ#<&aLciy1@ilt<oHK0y9*jMLZ7;*ub?d?tGkbt0%qmxDn)#ksM+7}
z!*_H4N!DlHFVn@diosGGmNv<RH|#rJGoPU^^gFFl%{ObzfjpA0!%tkIwWy0nqUzlZ
z@Vd6$^2JhEs6)B@uPZtKWgv&XHA?<cNO~}ay>p?unDCnGoIIrF&~>SqJe>UL_CGGo
zg)1_rbl2b|HGACXuCvn)xFIU|ETR_5f97qDSlj?^U9djO_0m*Oy}zmwGGXt$jSS1I
zW!L7Vop^s$KLS^0ceKz@maGcR7ohEq-~$WvG7!wuae?-3L!+{BYB6r2J!lNp>{W*A
z;$GMWpHJ@%){r__R?!u|i`y8AoztFrX%=*7+q;9eN1SIN?m=PgC_a-0%3~s1^?8r!
zrctHUOb%c1A(L5ZmRXr9O;82pL2NQ}aG1=TAt$3>FhP-Y_n6*M&FAGKi{F(^{VuOA
zySUHLq0yma)sxFiY1bl~?nWw^DDNeDAc!V<`?|E(^Ld0@KGGquBIsIajF+S=;g0fb
zsv2=gFe1Z{ro`A1h6t2J0RfShA^|4$KT{E415|jA&?(=FNxw&6>|SUTU@B`5-L4HQ
z7vDxvzbYggnV9y~a@My&5sIvSx+FDiqNXl28CwKZ3gE3P`0-Z~#n0izPo%Dd#C`d7
zod%(m3w4GCWd1xca-yMVr7R?&#q9h#q-V-PA3er@)(Vp_LV}Ql876=(hh9`n#oMiy
z{M*RJcUqZ%-IU>dC*k0NRuzzW*JwKGQ3sbtk}DIjR79s&5})h~8uuq4MuJXH1LC&u
z>sV(S3~~}imsd#(1wW7ejJ}A3zOR#MhU+61f_B`~DAJ#py-X0EJ3&;`zmjyxOERhG
zFi%h2?#cHdNDa;P_nrVDbu(&&mTx8y15oz?B_;P6Dt7&sX7z!Lca0~#X4;qf_TZ@p
zK9w#HvAxK|;KYbM_DtkX$JpEHYmz$6cx;kLg5E)c6+;ceI;M^Jjz?;k6R+|IFmd$Y
zU=b2(^r}C8&)duONP(Qs-<QD`!5_*poSAU4Fzn+m7XN~xjk8Mqy7P)y3jf%^wgJEr
zJTALp7o3vsyWJ<>)1>a$XIT2c@aYR3K>o5AX^IK}liQo6JR>ntL`T&N_f{XN``{HQ
z2-ZujCdk~6LwE!(+~)l~eF7q`PC&CNXH+*Zmw<C4HGiEjL=>;gBNA+Ku2<Zag6T2{
zt5?(P=fGlzZllHk$L(A^Ko!5_!B(Anr10YgqP9$2U5&QleIjE=A@ee#S85^tMM@V<
zI|k2pcfA>%YtnK;a^9%LzfD=SA5KkX?>R~Y32_+d&EeSdWi-hT7%5SGm1(p}5V6;5
zc$iN`9M0dc;2e-Uq+&SXb+Yq7o(DMphG~^DLGHH<d!Fkx><WiNwoC3Gm9kOt0c8i>
z`iZbTY|Z8{o_c4YO_t;Tcvjss`pBU@J-VbWH}w7<Ouz-ss+sTgDv%f`rwO3Q2(c!W
z(u2;7Gj}!Eop1UJm<9K|-Yz9U6&+}-P!*7IB=|iMSDYOws&tsm-@iZedr8g#L~f^-
z$N&E0*dx)O3)8(=D#mI=tQ$sh6bvatL?a39EXA}xQJia9c0~t~a5R1C0Q+67kQ4vP
z01!$kg3i|?0fPsk?rW)q2_EN4ip~8(D@%T>A8i3gUQ;XP5_RSXPqEX6MR04bh>*xe
zxNYcMo$bC+?7Py5&&@kHSPdo;0}8REBGJQU>P_1~6)eb6iJoly`4rC7&L{{O>pK<1
z+S(cRLYwUtTitQZ(`OhK{0pn5ic{<$_;{rPG*>uQL96d;t&Hd*lt`>oe6`IbL$Mk{
z`*pZREpB~#A~%7(J16$WgB2ee|18ojh3g&dJF<C(i);3At6krEq|7xCnB7X|EGavq
z$C%>^FFEVf9|4mdm%_40LvJ&67~sw7yKq@vh)_shRI>6+G6OzLESYg%pYo8#JcHT&
zY0xgHGuBKs1^6JQfBaU|XSN({vISq<VwS@?HAWx}*0>f-0l;p*2)f_YJn!pQFY`wu
z`}sCcXW#!g{2sF{)>#u6#+#-v=XDI0ac&qTYCucBoqZJB34VDM%=?>sbb>IHS$1e!
z7tZ42NlB2sR8T9X%6Oy(xB==wP+0`8%CJdrVNy&hdl_MuR?|~u>4NqWefby=ufxCE
zyK9+(K$Vd-(?X>P!#Qi)itTII#R!JgUoy=io#5*!gKgi0G7KH4mTmx>9@!!6N4r+=
zP@UXi<?+c#26$J_G-7<rhN#EwhinH{3+3>G*3d~MVOOIgUEn2!KhB3XK0c8)PL>IB
zxA!kCEh&dQd^}9iM<#?M<(T?3d>bS%D7}4N*~omazF(>%eYaPmWky)p_5Q)PKt=#!
zJHPDH_kAn_7PahyE*E3ZsX^LzVD5XnYGU*pAT2p@4AwRvX0ml~prjH4CV*Kkxm$OO
z%M3yXk}wnk%AcW5=Bib<A83MM21|5}g6alwq~tC`Nmc|c92zUxV~>$p(J!e;hZmy@
z8-lR>rNLz*(u9FtwPXBSY58B9D1G;oC1&wZg7daYdYlC2G#43p959bKO<)NNh&ev$
zFlJ_x@T44>s|Op5J6gnWW)4R;O|i><xaokQAqZ3xGE$g2LI1ZZ(*zJ7NY%>?h-o#A
z&ThBqc|fl%?c6Gefs!!<{q<mNLDA9z(%o(^q0O+Tce0*>?VP*_GpSttXNE-(tIUpB
z8AcH~m<3a1=Zv{%f82PSUJ*eZ4*17@p{u!on%|y!0}y=w2BaC0Afl?0#anl~YrYb-
z>QaeBtVi9T5Gn{XES$_Llq}WQS8jz|7HVd@W4#|FDnjGVa%Esx^1!YwW!lYU(nKk$
z%Ak++7lb|Vswc{%8&81YkX3|7UnUr-aHqXBGiUv-SIE>8mjs+l;Wts@q2a8@c9YJi
zwe)$6`k$ClYFVX2^vApXm0Dz*EuS^tA*DoSx$Oed7$`I<9WNOZ89kh`nCxh|6p9O&
z$a0#nRolEB3*XifU<T_~EQforM)(g<remxr_HAiXmsfR7<MrIg)}1o%%0I}=o<8j-
zao+5%Bs0z2WMy%gz5`^u30<7bevb0ai;KbTL6|I<6<%u4LOJCLFquZ@-U*XfnFp3>
zU?UUz&gl;3pb>PFQ4^FiYl-%T22-5c4A=qOEdvQ`r?zraTLExpG9bi;w^U@$Iy`-y
z1RY0hGE`1)suYsj0kzLw-^tUccco7PrXE|3CySd-vP})?Ya?sOE1DXkUOj?bWc7pp
z9L4TE*C#O*I_auDl=QNrsfgBP@C8dC1tXCNxx>%xFn?{g>wFX^2Kx#<i_e|W&ehlj
zr*i&|*h``^mIYJqP$D`MB!KYsTnZDXnUB*Fg~-KWVr5kj2yHER<h87pPHdX;QgUGJ
z`(^WV>xCU$x0T2XQ6-VnRyg!hr%}mqMyl0mu?;<M0VX4C;{#xiv7mb0%-><T{-Mh|
zh-|5LezEO%+9kxMg=vZNF<kf45ML$PhqAs*0={afCk83RsZeddun5kjm;@!qEF}dZ
z?Y(yYWfI_EP0EZz(0uhWn-;&b-sp?ws%)9&ML<sb7G&^KL(m9f{nw$J&@<#TwG!kB
zSS3x{9{G&*;|#&Z#sq@nu~joDbi;N_c65ybyZ~`;21p2&MZ=_pFM^OC;0ze19*&kG
zquCAtgSI$rwX&tVndGK=e4N_(Y-p7N@Z3_DzOXI4o`VIXGKLfG-EBO@eWmHu(}8M}
zvQTf{nSiH@l&4dh^b%7MjkG%aDJ-RtaJ^O8<X+)JDBl3*TKSaPru8!hE+717$LAM~
z312S!?8bXNwKQy;6~mC-nkg#Z)<)2^ABAI*010Lxiok&D%V(h^frNmO8=ME}L`h`E
z+bysjs70X>zQ49IPGif4W|1bH)j)8g=FB;eWuPaAPXU77TjQ1W;DX3hfsLO!vmP{<
zuYc)yIk0%q*-oUDS%npp$<U!7A``Fe=oxQ6M`Z5q4gV+8215qwq}JCqXopj|Lyt!G
zelbMl?ZoPLeSM9i34TGBC4?2o#R`ij1}Y+vhpqeX0c#v~Baxpw*O-#)?RLcYT+-HS
zKATDm$}WalpK59>N|j`lgx0J?0k#p}Gfqh59C7FyVfiKrr`fW0MBXo=NLdm~0$N()
zz$@`<zNe6r(t8rSP83v#fj0Xg4q}cF#n&--rn()g(d3Lqb<-(d4+jQ3e1ko4XM>8W
z^E1Sd)J!OhWXoD>i((b@3e{N3N%y>exzLauqz%6JqznQ3+BrpaZ7NZ}RL2SNG7-2F
zhD~zEl@v<$U=j9!H6&vzr4og^IcL*cVdfa*>DPqDR~m?m_3al}<)1LqZRsdjm8B;p
z|7h?Q%pQx;rA_bXTuWMRnHumt6I|i0X(?$y-RorD(NWt^(56!D7&Gb2Ouo~q6Ipgx
zM7DpB88)DV%;WbTZQPQu``N<O=7cT{sfo`1rj}akg&Q|(Vh6bFG%>Km^`tfb$)L$k
z{BeGJ-TmR>`gq*mM=USq|2}*T_s1W?@8kY>T&R2D_w#pg@pv2B)%!XAcsS;NTd3nt
zc|L&nxm+E>Uz_qLLE-%O)Sra4uJr!C@fS4bV4**RhAXtl6_9O{{x8DgjEtp4e1l3v
z#fIX&nrjT6_ORSveGlJ7%0(glrY}L{WegkTn~|{S+BBghPNGi6zqH}|`|f}k+#tS!
zUygNdl1ADMIO{M$16cMv{Y7qoN&o@78yPS@G*`o{cgHMU1IkG_vy5l5dU@A}W21<@
z1}tW<BFZdaLJ>LV_pKrIvb2x%oeHQgR?0e35)Z$YLm>0{lHfr4{SE7y<4|41MoLUN
zZDi6StfBo|Guf0%Q5<Gj9GH|VvQ<g?j}u!lK%-Afx2pii73m4zL{|O=7_=&Dd$Q?M
zLFPcdh~%mnW^FdLz)P>V%ZYWVdPhYpb6}NOxQD+y%oYCv{~kdrv(Mi(<{C)FnHWU_
z!!CXCsI=m+$-pc4#wnpF+uL!!D07N9!^v(q68*4i1_IcjTr7eW+1ljaY%5cfi8p1P
z4!z7kRvy_@ZVZ=Z!MjRR3tr;cPq8ARY($4$UeB6{S|}e*)cal%_PVM4BED@@H6zgW
zK#}2L15Jl935d~Ayg8|sC$ou4r25(vT?z_rnFyZH9H5fWHAJYxA2P!@P^+8lOFz;M
z#RK^DO+R55iq|wNm`(~arx_c?sADJqO1a3AiE(h&<gubmCqvasfTzWi&VeC-a40cE
zQe7%fia@f#br)mQ12;mG%-BCv9RPxlaguH(2U%a1)~7Ej&XgCLeFtLOo0@{DxZ84_
zCmz)jy;PPw=9r)tXqcndpw|Q`I$YDHE-bwC6#5CmBUql6=`7z)=z!z}ILb{yqe0aO
zDrB(f!%;@_F2S8u;`#M);<joo{~LV-6p(rwMPRj)LD(~nzHWtY#vL@3VR|rb{RpQM
zP+L}Rm8n1!D({_#?lN#GAR8b0iBok<iL|+sm9w}&Y0Oa1A!{4rcP|sGA39|MLn`Av
zVP+ncp%QAKY39I$nzf|y$c^gpT6Cao9`{m|77S>B18)nJN{wq%yn=e8Ae4KXB8Jg~
zp)b%GcYQg<P20>zhgr0#VAa1sov~f-6Q{ZBKd&sbkI1x7ja{ENo-`u;*UM^f|3DzZ
z3I^NauZ;p;DF@*Ck&xpKbt4EH3U|^pMZk~a`}U*p;Fyig54FT%QiD+e3Nu`-dk0?q
zULkB=A*Y0Ld~)gECI5@KOZFd@5Ba+3fqcJ36!8m46szD2_Rj!2_5AB{=|p{6O*S@D
z55GZFMnh9l;(4ufkfIuoIBoC^n)Nw0n?V(KRvm_7bn4>7NjCUaH1woVtwsj2a09Yt
zRZVKbfLkDXxJ4d%Xzwv}fr7oY!DWRQCU=;q?-D&|jC-<fg-}hQK5Eft?zSh}Cj!7U
z`IDN1cBfQR01C}>A|XQ)k7gpcI(m<xu~R8J0>2rsc_RtX?3|NQIyz!F?m7GRt09&T
z>9LWNO0H#Ldy0+8O5xhUtx*L8tp%mbTj%#;j*-MFQ@k5q6>qwkbS<Q#@UCbk>mMW;
z8?cEJcng7%$q?AW%zh3RsWisY3LQg7b-i^13%FAFHr2WQpfn8v877)|9dicd6q%BC
z!_q0q`Nci15-=1TgaBq^VRb??;RGAGDQs(}c1)IV)(3WXkcdpiE1UUBK)omU64L@q
zq_gW+kBdRsnI6KeDsxEp89I+iK(NsORn}4z0?dS;tnLI2>IDesNoaowsdZ;^fQHjJ
z`8@>O3HB(IK*}FRPhu3^YOF~3KTK#!!VXNYtR`tR<eu;w9z!z5v;8K?)qop_*fZDU
z`+U~@76uI6PO~lRO6bPMgCtD>&}uvcP~G(Q`b}ZHwtwOgUgK1&A|}N=%TbGFOyfpi
zL&znhQmNR~qQ3?K$rT}q(pn#*T>QiA;h}qa(L6JWZE8(5o*fgN{ndEjZnQoG6T9_5
zR4ZQC+Dzqbo7ovS*RDrW(*nt2cO46wQS>B)Df4=ux;B)Ne_j@OE~wV=n<3s0cUY@;
zz--zR3PL(nUW{~_3e1n(X~D-RhHgaSGdaRvBKX-*jRcD~;>$h$Ol&|3GGFqQX2le;
z&=;+Iwvf>cq}e%>J_n^0QDh8HUU_`TYeUe!p-{90@zoide>;k&Ha1CooR~f{|3MO4
zgdho6p9&-1urKq3%XTw_Hz{z`t94+|_lSmo=aW=1@6`SnS6-AX1n+En)A8PPqPLX^
z6+frV{v{pjUnR>QX+`X<{iOKT8WFDxW{qN4yzVWKNETlM9rApwV%Y$@B39)Cl{1@1
z65<30e-ePC1qCMU?G=lYtFPBT^`gTO{8PWkx6W--2fcJv5GWNC_|nJ7!G>7(g7=Ms
zcEy0lt{$q(^i^t-G{3~S3|VqKDRQdnO!v5uG-(yemSw#9VKV5~YjPkR94u(W8uD4i
zy361KP&NCkqN4ydqwmO{q2X7dS59KSUb!gMcOKHx;hWbhgR};+fkf>8^%qgh`Sfd)
zOw9EPgHv{++X=HrvPo+tE<oxU*m6Y-)9)pF$#vknpzlAt9}4KBpcLg~()^h9G=8$f
z;fi4c*DAAg6SE8kd>qZu)59h6(TGOcAm+;|Z_OtGJlh4C<o?!29#x_MhKw68km;Ri
z5d~<12!&TPM^W067;!#G6L63X!psG$Y-Z6E{}m9ZgVL%CMHW#m+28~Mhb+A$`pB}z
z`+6Ha4FPnpRx&C}ozo1XiRx8^3!XTT;PqA%&5QSxUMRmVg?>r5z(UhFQ>PR;Ydc{e
zOhSm=Stnvlaulx5;HGwfn1E_I(yX|}Xl2(Kq(VYkYBy(^>D69l`jsPQ?=H5UcgA@g
zx#*AR+}D{QEk*!RHRhwt4S<i7=ek-Qjwx-BL^m+NRl!n7nKjMi-K?u3Fa3N8dR9V}
z4`T&4XgVB);6#e!Ga>Yiub?~@Nu{@PV0|l!|Baul1_*MdmaXqbManFp`-pdg5x0v&
zPF9ML+@n<72Q_;X{z_-pR_=>kcwBQBoLN09$(v$O6WmaMbQt%n-fAeG`3wK%Hu@Jz
zoi`^Xb9p+MMJB5@V@NmRl=+9^yv471#~TVXu}wx0En(&bdd2jv4x2i&1f7Eq-i16L
zrE_5!ptj~k@M#(#XU1I$%Gttx9R`wt`V3Q_&F<I<gnSX<V{O&P{eFPb=zRrhDTTCw
zG|v~1hht2Hl|1xl#QEBrL!t58-ifp7TJe4}SLD6}O{%BC<nJ^=D{LhM#OBPGq>n$!
z?ZwVF$&Tw6cg`>`UaPBmt{Z@j&MSAv3pAO%h$#@JKvS7%8bXRq&JxYz6jwJ^S`C|k
z>Jrt%y6-QhB=Ondw`rW|&S;a)fRL%}!i7|UgzW+A-WRAT5!lmhf)!6hWJe-yGPPOs
z@msDPWFYAh;5WB9`f;e0$+>IWryLoV00siKnmpe3rgobS#FoR9O0vcUIRD?ox0^td
zaMkq9XCtYdMwu<9NZ7sOE>c=_%;VJ*%t}1ME|p*9NXr%0W8`p8LR?{XW!{Dm{Q-WK
zS!4_@l<TyZt{WT~pP`*X@WQGm)qJPS>WeF3RKjPm(@XM0SV}TgS}lTVOi&i>;+SpO
zf5YcF3R@!QYR9Yxk(Gd}<H_rMG*feirD;&=@icp!M$^Fjj@mWhTBOo;!9XY4t&}8m
zz|fC&QbMd=xcX%zW6;ML4c9=~{@j3P{p@75=3{<PaKyZO$Fy5kMV}o+i|U@sV#1|8
z)B*1!nD~b6emL(9SfePGNkaz-7I+!iCRjw<{p+l48rtuF6?q-BR0e?j0BJX9p9NDC
zC6=4aXwZoA-DsQ*RSGpHkIRzSuV~R#y25^53b{XxLfmlA%GguV6Trr%N1Y0H$@kE5
zoUIISabQ=l?xj|vyw&{LWBG-F8=^j?S=K@0F>SX-<@t_yv2t=+KLMNNW-uDkyIckz
zPH5Yc8&@mPDxyKKSxA$B$U0Z&yA4_ZysluZPe=u`lY<3YJR>&}v+)$Xhqfi?I>NJt
zUaW@zsMQ+pA&1pk#Kz%lEG8RZ(HPk6gJ1@NJ#E~@|LOgESQ84PwMpnPE}gHFp55Ca
ztR-;y;w?PQZ8T67wH|}r#!RrxC_ilROh1I$j~P$Nbd_7RdbOU^Z{a-#3hjHTPD()S
z&@k-8Ro^E5f@SD451%hV_E+&PSumbhPUe?`qV>QACcF=IZhg>albMs~a7|T4o<&lC
z*O->$FpoIudSVeQ!peuBtpB?mCAJWeool-;`Jz~TXrY9jq8*m+B?K8p^A&C-A=U?%
z|09uZ%kD9phuuj}6)Gs2Cl;SLs79bPqeGsq(~#OZ2B=Yziwv))G)B{s7Apf}Ld;=r
zTitbBi6kq+S5@5(;Ve8FjdT^+slG<|kPLKx%$XtT?Y@uLR?am8oZW_Y05ZD`df?Y?
zH`0efiq&j->nQh?bJMSJ_vSrewZvUvmKeR1v7^|ECw_XuO^3bC<yF{$WgNwUzqh7I
z^?$i#5+lJG%h<-DAUMhbuPrtX{u$LCIg8Rs5tU$X)3yd!lCaHn7G;lD7M>)}yktUS
zHnIl40#q>R(IsKGyAu%JHV8K6OOb>|)U_Hkg%s@mYB6wvLM_l#iWxb>rzm>ZcGR{p
zj@p>3M5#*J@Y`a}gqwtch@PR7jP&LgUt&0SR(2Q$D_&~Mm!5F_s8eIs2Y&Ac1XHD3
z$;?I`99J9g!C!(r@TJSBwMpQId}}^xYcWjwmX}h)QI+9*m~*xDOYLcqI+*Q^vD-Yq
zdF0ZQD*OC%Ww#S3(&iaIcR>1i!Sa(HZYL+Ja@PgNE8E~Z>abjO0Y6;w)>CllL41X+
zQ$DLG%V3dH$IJaUA1a`+;h;&DxH($}^C)W$*%pKYJ|ByMT(2rNK?iEnj;O<kG64~Z
z>hZXx@Q0+cWF*xuSCx38cnAf|!%JvTQVmX3S2#aqf_OgV@J%P!wFG3VUr)AR<IZMg
zSn-|>A_Oc0V{T`a5<<gW_!9L=D8h>|a0f!7^rHKkY``wf*Rp1{Aj;}LMw%SG=cJKR
z^TZf7uRXVBs-e%EVBH8to`8W@A)sZ#-lds2>v27eEfR`~Gl8WQrN5W|ZiQ6S<z+Bc
zpLwvkNIPh?|I^SL2b?KTTL1i-9pn@S-#=e~6t-A!XXCN(vKmN=32QEOe4HW~ImB&v
z5=x-UN9uZR%3_Q=-qB9nLEsK2WZTRJ((p)CiWRf!Ex|oCY(zN{w8`PnMdmh|Mtfn<
zlK%pS=~`LdMp^Xm?5w27X`EUnJn6+~D7ZHJmo}fZo$5G{T6+Cr<b{<K+S8g+Xd0-5
zK{j;S2C29vD3W#IY1-f1#8_923hO;jtqvvp=kM)q$tp6p#m;&53^!r)Cmlw1fS^=(
z*1Tc`IW**=ps3uCcx@MV9wHW;M>j7N+p7v9$U?Dz$Lyq(y&X2-88L7J*>eKf1;Il2
zIB_H-9X`mA8JKZ1bw?e*Q>YPIuK{FD@P|{;M-da9HnT#t0fw&pl@r==U#s4|9eFXN
z+Pj<9hLADR+-<PPaT{O{I7&GomwVvS;CP8Mg^)ARTxQ;Z{eIGu?qOH0vIc)!*{^(x
z>b|8SYOU)1cKidpnwz>RIh$4;L!cI!<g;C^{5v6cY$v7S<GKn7f6YjfHgbPtd`2{p
zdT>WI34%W_azu!_F>WVio@u%>DGuSa6z&MWfvErj^NL@=FZ0_BO{;B5F5@3RQMmrb
z8X;Ak43q_7X5*G_Dg527^)8rn4QP2#-F$vpwLXEY9KATNiVNCY%XTo9l@Atp`+M+#
z@9y{&UTeb#F0s)Z#c{IE8XeYQnL;zCv|vAT)?kpqYh6+aZry~>(C!3$LuTJ0t4h*H
zH}x$ktu$jHie6=O(%$L^=q~OE?-QSv*T~~1XBlLI>!iZ|nyBzJjh<AIU}tDelFRtn
zC?I%i#WS90gzB|lykMvOc-f4`6b_f{Ge#GD>*7^`&Qq(P82r)vE6xDa;2vyjaSfO{
zqsua_X3Xr}yCAC>TpqQ)u6a&BrH|~$_Ha6HMID6;{W1{^j_fsVDb^hQbt*EuGDD|Y
z)ymFWn~!N@8(Q`z>CjUnB6|ZD(#lz`^LWhs(5TX4BHNSQGB*rxIH(Nm7GZIHp3ajG
z3W3aGSe;1`+<5Kz6@)L{m|nXnVq6{*-jGgLS-sbu+RL#`ordnkKB=pII<h>9jgJ#x
zs6IZyhsI~Zox(yJ`icJ5QpF=A=j7&H<mBZBCo3@_Zu^={_3(D}4^7{L(^t?SJxuQV
zt)C8(ITGp$_oMrNWc-GKrk%8qgfS~@f(zH&uOx6X^VYYC-|Bkz&O}twMY!{nFZnnr
zox+T5qH>~npL$F;eyHJ`#A=Aqk$u&#v-CLdMX*@}Y!3(}IOQQu1++AMm(A_BVb$03
z68bR>ptrQhja0SStmBY0lu7OnS-<G(o#O~ORxC<V3ngZnxC#pU5jTIwO+=@s+w1f3
z_xZj5gL~2MAg`&Xj2#%U9UKmOj*&2BCSlf_j7)|?Q)MCq2A4}oIw{>w;5kE``fC6D
z(~YeEjB4>7t}t48y&-=&Us3}XC0zbd9V5$i!Aza`M?d*V+8_R4ctPgM&-kKADhfMN
z=H!M!MIP_Tpg-Tg8Nel$KpuitMWAm%O%W&(XJ?JRp+{}N+RKcyvz?MvH{4g|S1b*3
z+Wuj7^C2A7?zdBw{~XP75@+_ao`-R76=k21%rmlg-Z0+VRPSm7bw3PH%OFxKgU{5U
zso$C03iK)!<lvfZ(8fQ=VdZ*uyoqwPE9=pAi|yMOTa~N0X`M)c4X5jGfOuOeC>k$|
zNNJ1^7c0qa7t8JT_540~p1LR64Ha!*(udItV-{bP64_M0+Gt?!)>4Hqq^M@@aI79y
zLNfyB>Us1F_(X-Gh`E%Ad%POUvf?`xRi3yBWaV+%_GXcf34EX6_L-MD__7#%$3hRq
zf}`L4=}<Sfnm7tF9(Iz}hRaX%Vx0)b+0#vxXdC%hnf?ZORAj5*Tr@RsY&!+;ZJPy2
zPl(m_PNrbO-Bs39U%zgr#a51KomAr@?$W7Q7y3}n<6$^KDr!a>t)z4^1CY6fHpmw}
zq|%ahAA)9t!umPs&GF<?;`vOG);GdFS3ml)uD0|B>-l$loZ(9?2lTri1;yD(>Peum
zW5o=VxIQ&6r#&4-dd*M%f>>Qk<*6Ro(diH>oN4=r8CDsIGC#gVmK8k9qs7y5=}hs{
z;D+xU=0080ax}NJa@WjjCmyC438c*_7pX-DrL)Us=2bE<1jL--Uwx#;gf)4tmJZ2L
z8<^kd!#6So3u@jr^=Yvg2JwCleIAa@cSVeT<Gk|hTl9g>9aAau#O@Ck)7oh#MOXcs
zf7$kpr`<0>11}GNI_2w^$Y%)I--xTvoVa-EsXt=s08blq1~uN7r3VMLIK;9CIq=R8
zgl^1xe6K!A3t97ep~n+7l!jKVrRf=(0rv2+Ufs^}OYe|+x_0m0)9|T{Jj+)w{Hhsb
zml_BBs_TC)ctZ|uDJ%`df2!VUJtnB-s0kt8;kE2JQKf3A8v1b|%>IS+wfcgNc1NF+
z4L}V2o)us?!7SxV9WIF6yq_B@F>x=G-RhP9Udli(%oDvYH=h9S%r^3AEvsxmH!Y&k
z#Gr=FW+VNPG57w=Kh7#e>-ylg(%QT0=|E)G_kLT_UiF$`Yt9T~pVd>Ul4!=Hm7SxK
zlrBB3xu)l2kedZ{(lDJW@W0)0Hi+tcT0yrtWtAJFP6tJ`TIA&hHdHOwZk~R$^ZR_!
zAGAM0S4YZ1t!hU=bT);_4?1zHM9lShC!TSBhcmrfwoqcK=tEYwh8(1*!TejVMJvmi
ze|efNAezYU;|P<rwM4F;13~`tb&?C$O46f#doX)3eYbX?2G?+dYN4r)rB~%yxqejt
zMg&J_Un16-*BT%DHEwKd>xIKqb`*Nr2X?-bErY<!dv|*W_%*!CgNIS##s7J&hw$;4
z?<<RIY4|S(h<|+Z7mN^2UC;if0(vq4%+F8;#q0j$Vod#1zsCpsFl>PqINF4jUF)6A
zG5)-()!tvUyhg@#Bh~t*GpYOi<Ii#B=H2+SwgQ0HwF@tI(()FHC!uF4c*F)*>A67Q
zote{5VpFGJ=!o4({5<c_;$M9}gsbQ{VsyIKS%Mr(P3I&5aRSU|?~2jmpYSd*^UZo_
zE>%h}T3y$<>tcFsa)+DgXESw@t_zO3#G!Lq^>&(C<Ggs+*Wb#7ZDWCdQ@dwzXmK`J
zg}Kt#ds{~%=?r^oK$@6aJ(e|Cf2Qy{>Gj|^=P-gmk}WJ*(WtZ<QunSoi8zqyj%WQ~
z;Ir9qeOs(qG$44+^SV8kNk7ZHm9?J5JS|E(Ny}v2sb|A|O}`&`nxU)~LPHS;HA>H|
zj-s;2%A}YAs9biVysj7j$z8m-T`K9jRMR~HMOl9ua+{{t!-8KjE23-~ml&iX&ZfQ|
zAocRQH@b|aG;t+ALQ05xp|(b5Ica+)S^Qoa4{v#`HMp%&O}X3*HjG`v)q=DesK+0E
z-v+eqg||GnrY9k*K#;Qq_pHOD8lFBv(!B%ojP)A8VS63?iW45NIKD0oKOt&m)pkaq
ze6s(_w_ry8%kt~C!A(r@OcS|OKX(X-`YC+V*f0`Y*Qn4rDZ1++Zjwg<fs=9u7}E$2
zqbc`nzT5cE-Q|$m?0AT}h9=zM71d8Qu3KtKtg=!Q@(k0oI!~8|q=?$WAcp<$#+P7c
zd3m{oH_z8U<pK0E?S$qi=A{S}-}C$Wdd6qn<7#1opApO;l}Pm<#z4qh$O_~8t@>`a
zWfX9hesBo9U#%Xo9mm*FD5l@(=7$AqJRp=pRP@Xxih5p+hb3nKB<^l~D{T#6UA>3=
zsm)Mcpu1+YV~|1WGbV|0Hpoc%22ZREKGHJOL4qNw!BndH9h26n`c`P>N{InR*r{)B
zBD4Z%4Ij5L(+(O~25SgB8iysyCLEYp{r5{Rj#@GRGWj(s468V603iBC{^woauw{B*
zn}!@O>s1PCVpL}-g#FhoB*k}bY=h8+=wecgVeeM4G2#bEfrmqAfjw;H9t%iq7l9q<
zejXqn2VK0LvsJ$Wr6G)>8ba2F5slf|R72FPw{m+5Di*u8b_&=C8s?|Jj;1PxDpLXz
zd01>(%;=;+imE}xIAO!El`8RSNK7qrCz@h)Y*~*M`BPgb>k)r4AohE;^fi|75PB^f
z$*eR(GN8OQE*evU<y6z=r!$O-z=~ocb&u>X2kTvJ2U^tyDI4Zszl(jQQpnIJO+~jM
z22d<UWs^%K<eZ_PQDLffjO7Z?w0w{Zy}92%Bw1i_C6Oaj#8|N*Vh!6@CLQ|B*t`Ru
z>JCP7r{+xDj#`N#gj$dAWu2`h3`!0Eyn@a2#nNRdVH#f}<wApUzsa5L3*;pNi#2PB
z0cw%Nhl`n;0?}fsk(gYcbcwbu$da70BZ!t8^jk3q5*eOqI!}owqM}?tUnVfqg^UWZ
z=se%M8ZD4((pJ_BNml+c&H@lT9@c!vD(j839iWz{HJ1RVu*BZkqDs4%aq0VImA}`s
zr9fUH!?oz9tOQN*xX3Wa=xGbK(?25If>14@s7@#AYCRE&=`xLxE!Ye!-I!Pw++{0b
z)QQAahk%JBOw9;iIfV8^S*IU-Ne^Guo1)j@r%|A9^zZY{L7*ob41zjQ7J_iV>cFcN
z>JjbPSf^z{l@7DKc!bJLL9)Q}3xQv4n{C7a(uLa$!;U|<{m#9z$OOLNG#wMP26`u(
z_XX@WG9FOm5QqWZ$8jB9ro9WV=$|D2w27a`mi5wtks2FLrD^kqss(MVW*1@)x|buf
zFzNwR?AZ^BJs%HNQm3D-IxP5+NKLU51;}_(J0!J%a`=XeZd+(X(-6_dHP&4R7Cntf
zR4Z`xYG7V`L_%1^ZL6x1=6PpmPBXDifQRRnqRMUp$E`L$zqICMP8aLxPVWALMMS~$
zA2Sb6116=dJ2>2I0zQ7Z+vv17S#~omFYI|r`dl!B7QZq&+Yk3Z)}9S2%lx99-S+;K
zwy!GK5_cZvRA0nXu|~e$5mwma)->*-VN~sEI!_Zy!#JjPjqTMAqxs(j){M6Uzumly
zlQ;qqcGGab4tx<-+wdD8Rj>p!EyE=LglvWc|I{E_Wer8R5$tQD@4JVFG0)4m)NG21
zd24>(d|zWpCK*2$$-CVT+dPhW5^5bpkcR^+9x-e>ZYZ5`thF;M?pr`3Gx9fPmtEWM
zHHn%Mb~d2hB5<3<b+52ntgGDw1UphK+vVw1ZtCgStg8e~h~?Rq^x#;g4=2<W<vVb8
zAnB}JCf4~mhX}CI^+rCn;ZfLDBq!G^s0(~ZnAS4Zunpw1Lrq#z>MEn>JXU9RzsgjT
zuPWX`1YZnV6FEqnYW{yq&+S}x(~KYg$Il0_{?=MsA9J0y=|mcg%CCw}t*{5TLJaVX
z*I;@7y{6^rU`tdN6BX#{s;Dy6#nxo?pn|Vz!jiOe$Lo4rG)VgJam7Gj-R}N>h3RlM
z7MD8xQ&uELP~}h9l_pNVVf5VE-8WZb&+G}B!*G$HextB-`OD+DcOB|CJ4xyP^-Esb
zb#R{wKM=we_$}-Vxsf5e(qi}6_|90a+TL1Vc@b`=`AuuIf@DUVc)_P|O^l$@#dHkO
zvmW%;L})7;p)~Z?BvMqVXtj4Br}y!fqUEh6UTIUj^166AY<}y1&lg3jfA=ZY_@%A!
zN?qX;tUS%G!+%KKW(_FV0<C_e9IeWxA3f6|JF9C);H9AiG@D3m6o9b$T{nfIXo0H{
zvybrDLSg}&t7C7pfDGRi$UR!;v@U#<^o)J7)SK&!9MlP>-XkqPAQGglF;#PFfigTJ
z>XE3*$|Us<)7)&~2F~9%^Cl|cAvKd`(iYM$P50vEOg>jXEvs2-%SdnymxJ|Ti=^yt
z28aXYYh9%2^=ow+WRpHPLn{!mVx}PO8jX>pb%}5$uZuya-C7+H49bAqgYRE#jHiDx
zorTh+DJ|H{C#^lZ7xkU7Gmz5*be5U*4hn%NtZ5rGkSVFONb3q_=sv0@{gnJk{yF&C
zr0M{Nq%q9gj|O_<5N<b<L~RYy|Lm*e`!hFfw!{Dnj7udD@!APUmsjro`5&_0F-VkP
zT^1c%Yi!%b8r!yQ+iPswwr$(CZQC<%_CD{tcyaHKuKubjx}!TPs-r6_zszN_Y%h`H
z{A7zygH+iv#6y^Ep@evDUDZN8CFR4*L~1v6%O#SqTvwyF{RY4d`mfsfe^O`Mxzu%p
zNgPG^E8;AJeI5hh&X#^yB2KWnl*S~uzJ^5?uVI*;_5Ja$dRj>_i0`H}q!pB~GGkmD
z!}9NV$H!oUmbM*i5e%#lHQaPXr<6<-=lJCO6?C_a+yt620?7=ZjE};K^_?&u<bE<v
z;kYn?rO>>i)1$U(*K~jJ8BlcVF;tgw>#JV{JnboUrfXTZ|3eg}-aG~2yjw<OQkZ{<
zmYaE$`SS&>-;$CTl6I442~0&rJw)1sucIKob!%!+mwOJ8MIUJLhr;NVs!1!c(M+T-
z!h6lxUZt|oc-D1Y<ZsAGSSyuv6?)~%hE5W3pV1@Al#N=Np|&e}rkC=35FnW=O09ag
z2qz*%M6o%@TwSY4smj$~g(ggZ^9sD^JG`J`pD|me<opPW^bVK(-#2ZUgXPTHt_JwN
z{_OSzl!2a7=|5qJz-?-lBdz!#N6AvyMsJb10p@qXOlok54`y}2Cv(pT=_+cIJNyq%
z{}2?o=&Oa?i<<21D=}^Zjo<@~T!55p&+&Og$={0K6gZiP>pBvymhBGJuIz)7ackW=
zXL@L>6tUn}rwe|#o5cAwxC$SEzHQ<-XnCy$QSUJ5Lu1YDV=2N`dD7;vY>BLLT!yhZ
zGY9>AgQ>t1H#>;jo#fCr{PGz#(LaqGD&Uy3_>e<$8fUC83G%w_=ceU-Q6cmZhy(on
z?77*Wv$di#h=`1TcIAa3vPXC=@`JYfX*>ArJHid8vE1zqlJAO9E7<9^^}LSOfni8d
zc-n!`CM}W6G@Si=k-8s$EFSH~(CH;<kmp^(AYeKI+)mGmL9Df*58u3dH}3Nk-d~t>
z5pcmn`KCst)W(xg5rbxRh)ukN@xkgt&&Alr1N}YDP)rvmq^E62P$KSy6Y7}-d!3BX
zc8RF*vs%DYgvv#9!MNFdyJoUcC1$KTUJvbeTXIx4cJaE2xUf|2%ZmUtu_Pr<+sD4^
zRK~)T76-=w!d*DL#7pJEv4TVPJNWhsi*jxRc&A5lOL2zQR1qfqyo6!_T3|$&5n)JT
zs1NdVsNR<n^lprn7htKp*7!Lo^={q)T)%TuaXi4S(UbeMU?m`tQYYC-A&|T33iL{c
zKo`wP1pRYFd^+hnMN7NuH%CExSn@u7&~?B^TZDo!XzPWNv7LViqtg|F&T$L0SmV|H
zILxf}uk#rjx)rnjp~rMXhUAPpVPUtbM@xJZJMgxohH0^8iXaU5Hm8b#`q1TgB;uz?
z5+X)P9RPtEwBC`$pc<Tk)yuYDeZn@wV!_|S+AQw}5ZDGd+4KAP=&9+fK4+HFY~6=(
z6K>uMK&)M|`Zg1j`l@wvsA|>)oEYL4i|@2|c=&5;#&E-%8yUS9-aq#;gYdk4fvdER
z6X}LHHyAI7x5-6n%fjRk)&-6GaNppc-?TQR*5$|8uVEZpYue(YsyJ&}6itr)%!<C%
z?}&~5fh)dM*T9vOkeTDl)8a5(9AEnlGx<p_%N1vXYXY6~GNP=?oA7CJ=B8rLi^*#W
zFPau)=h~;Ed_52*xf`4Jqi&=}S@4rX*Hf%9CvhQX?;OW3>D)Z{rkgWh@bgk*$UBpO
zF*2&U|J;ZlI46JB)%RW$lZ-Yrhy|(mhM3xsn3@(6{>InW-%z1>@~v8HY&$zNKLHSr
z>qR@uZaV?3d7=!var=r5TZZZlTb(4@N9hYUJ7yx0!^I8Z+aj55HwX<|mQWw-w@nDf
z1I!}=#5W{__?m+`#<M*{B9Xfo5sEfMAdUVN?9I*GHxfxn)<l@Wlo{n}Z87q1lv?n6
zE0R7oQ|rLc`PK_%@Qx)o$aODS;4-u?$UhGX8?nM)qRMmM1<r{UU;i7mfpA-quex+v
zzu@iIbS&iD(o#9l^^yfv9aH%I)nokUTD#M&JgCY%%D$J2PZ}v95elQ%d+VFCrxQQT
zD3(JCnuQd{jn$+zKq;!(%=xc|vQ=GWe}&P_;Kyl}+si&e>I$?*^dlS?TQ-?;08uTi
z(D2};GIEvPTR<W!wQdejya-mAS4=lzZp+YXu1jt6#jhhLCJvEW6i#1M($;SF`yQ67
zK_)QDmE`EQ6?x-a`E9O9gurH*8Iw1E^@;Y&Oksj7y1E@j5c4*64;Ftqf_wf<nAHB9
zSo&)ql}Z{3&_oSlU~;M%as$e0uiR<(6N>C==C*^pWT6)1{p#nV+QfJg#DJ&fgcIx-
ztPQjBNM_qote(+y5X)rLDra>$tb<KEwbnPVWn_y*nemltA9BMp>g|r1Wps<`?LxCh
z0Y67Cj7)~qz2<4OeiwsD-dD>qR@P0=?%MhO&}}N9*Ng<-(LU&J+6;>FAJ*6OWT#+}
z;DL&X8Xdf|B%tMj2($}aGu@4T_|7%%Dtl`PF!7xzHatD_YXZlG@ftPra=0<~HaIoE
zK0s6~QFYXKLT+2Mw<#N(FmO=js_p2$;BI>Vw$oPvv4$N|rxDVO9P<=l5MbEoZ=4K0
z6VJ2+|CC56=)VE6#fY#D=?qzDQYz4Dk~r>0`nZ)%Zq(&#+?`o89~VzgB<c#{Xq5(t
zu$%2g1Q3O-<f%;Q4RY^l6*M(c+M*ArwDN|m#qQCQD43LK8sQ2-dPein^25^ZL-iW>
z7C{?cz70^!*whB)XOYx-ar)@1Nv$)+RjP*@3Uv|@q2l}#8MVF=Tz9A7_2(M%3g&5M
zn(e}-HNNwsaSmOqTTxlFtfcl`9f$RLN(}Y6Y#PC$t??<-l{25aB?6xiRgyrIAgV5;
zvx-2?Q4n)s$gWVydH6xO9BqjPedQb#Nsj+^+mdLTF!>Jl;8H`Q|DuVZ(U{Zc!-<u9
z`2Q5~H3jRphhwZ?<#C&~RL)xd>qO|e&CfL?FeR(R_Vx@CeZ5&b6jJ1Rqq?q1*mm!X
zIeMP9f~;E4qjLyFTBU9J;i%`7T)@B(cxkE{<zR<a-v-c66iD*=>)pzKb1i@CSXmj6
z7q5}e4M&whbT6WH7QHpG_^)bckTwAdgw>QOt?d9MTbkMVuyW8BxoaixutAMy)y8q-
ze04zf99m^q%RtqmJa^}X@#*K`yj<L3&Eop!WNB%1BEp<B2X*M#v1g*N>DSbWo@5o(
z*)fN>To`>5-t*uvjC($M3`-s(7VZIBRc{r#4B(m_=Kk(|X(`pK=4tvuRkf619iW(0
z?tL{DKDH?tDZxILNZ!RVGksK3Gsv!igT{1^9!8>&9I6U>Wg=50ilZvti`9_P$tao=
zhfq-o#iACh%G34h+(J7HZuGV_Je>i9FT;XmATiu>J#XhoQ7qL?-IRfE!Kes>>KT6Z
zr+U0cwSKejQA1T4o4qdIVYnZ+Bn0-e-G;Ec_H(%l%&UkX(q~mC3%n0Tb^scWe*TPo
z4=3nzogZszUS#kl@Y*T>GCLalpY9#=7(&*@eppE&q2>Z%ZwHnM0Ulg}8F(LiG9ZAg
zVZ25R8X+OT?}xixzi-p5^V#Y|H{;4m2}A63riXh*96#soD08eLU3D*!!iPz1!ni<>
z2qoVa#*VZqVQU`<rpiQUe+fP(Du>UAL6f@T7wL(xqg`gT_nwRrhR)eh(CK9`c-Yc1
zdh$=w!QGQ;&0uz!ZrJc5h0>VbZEWgH%QA9ksvHzoE=`b4VQY{ll~A6mhg!slCWV4w
z_X-kVYw&NVe`hGzFk7CPVMDeoJlTQ6v0Sf}f^*fYN%>gOq1%BTMW5@^>0X(5@p#L=
zderso`YhPvpzz=*RX=fNfd@}%Y8gN=Q!xs=c9Ye%q%trR<AgoS_UCei?X|<7UQG3Z
z4fEYKD<`J|=+1SQ8T2-Se1CXQnfX}p?)R9naG#*X+O1gB_fkiGzkz{ForU4;P4b1#
z==A#Dub~s{Dl)D<ehkLBKufMB5E{)KtMifRgKvT-2ORenO(_Ii-f4Hc+rX2ySv{vD
z^dxdv(fDaf?a;08QQG8*E!`5BBxU?=b^D4Hz5q6oC63liuf?V%=Z6_q6%3D+s;Wdn
ziq`K-B}Q)f6AJx4Eu}+9<R-myC){-#B?bG56ew&~ypBH_NV4@*QPEJs@M2+?M(xH?
z3*6ax0>`yh227qV=jq0?N%*Rjn1nopsep4%I0`6TM~H9*o_9?hST5ywn67`9+Q|Ot
zr{T$NM0G!kFH}^io-nZw!Akg^Do4Iao(2WZk0lO+sNEo$;0c#R>veEmm%UND$JiY;
zpy>vp(w3c*S$p-#O@P{ZFp`a@BwXQPebs0@VaaVDuP;9W3FBj<(?B>914*hbUtytG
z+S7zG@%QML_WR($I6c^pBu@s0U9XWP1;xOjE+?%9T`6%dt_@j6Uw$lfw-!2XHBFVQ
z++;-NG$xuxZrg-QBf+9`m{U$NA<{T0y87JQd8W!-y7aNl7+Q3>YHIx?pwx(O+?BeE
z>3EY+G>Ssnoey+qAxrC4CTePIQH1L}`4^Misu@C6To4zy1j0}LH2F50s6Y5`(vrfj
z88)TbNq(<$%UZ9_lXI4-zTxL4p_KnE4>?9ZP&s;dq2%N3zDbZ3+bZJ4J^({iWA3kr
zZQj%h7ej=_14{-fps<oO-IF5eZD|fi-qm(avc{Upi$$qRo!NW=U)o4%qy~Kv(2|En
z*0&{R%3`MlpmLuM_=qYB%S#7}XRci=C0nvLcl7h%eMe92d@l}}^La+p$}-xu+kfe!
z(WcjF-)D_a)mms{I4ntbr96AflJfh0IRSK%5kfp9yw2W7CEo>w^;E@baSdc6MhXX}
zK9~nkm~2veAwH38Bcx*QF(a1RyWydjUJ0b3aN`;lwAxiPyE^q%SGFCvn%jBdUG{Fc
zW2F*WptgJRc&cC9E2b%r*XC2ok_H{aR$ph7dgm6<5H$c=Odm+aFU>}$iQDxkdrIZf
z|JL8oqxDZ@-ygL5-8zgan}AjOltD|Xv6|0Q`?G6o<9p$0Pd&UhNR}|IggknzSAU(^
zW*vmhR9JQ`A{ULPjR1`Y<au1ilnu!NI?$)D<Hftq)Obk2zzX$H90zgi@;xg}={uUN
z+Ol|5!X1<t+IC5Zz5NxMtF@gUs|7O%LY6Y^#i9P{2N6PR7=uMXMav7|Zj}hAq;y#1
z;|5*ZwESJ;9C%r$m^Hko;dF{ogd}v4v8B=Towpjod1;bs@3C=pteQI(H@tG)oV8>#
zerdp|F#ZaAo*kJ9&zQpP>*YH4hJFe#weuapN^Q8@DI=4yZV8N%Bl>yy;eJ2NqZOa9
znm!y&B-=l-N*wznPIxopm*g=n_y17~-%JA4niFO?#QH_dOLV=SF+M##Jl4NoE*~38
zba}oGFB@ifdA;8sBW8L&KNA+nWV5;6?vWhc^}3#`HI$Y9IkZ2tEOWlZY32N#2q<(l
zY~)!C7f*184h}8i#EC{o;UAs$Y$-XQ%Z`?{wy&->)w5@@w9bSa3tTQi<E^f#6)l)M
zl{X~x5jl--a7Cf28|<L@bbdY!PI+Ux?^H=r>tykSVC3Q3ayL@;>8dbOhjRLxCY_x3
zr&iB_+3-lM0y!ZajU$0?^WXckla~uCkEhY@XB27?WxE;=k+C*%Ok{=sYuD-J3DFeg
z<47Lz57Yb?LVQD1AxZ|I82k52s8b~Mr~mKX^Zkk#ijBq5sjVe%=l*bH54DAOgi1#o
z-c%6CXzy_bv?HTpXXdY@)wg5}1kfj!C4w$<KyzPW`tWGv>=lN>*s;~#{>NZ^(l6+`
z!`)@ErIX+({Sg(y?>-PxOw0}wPBGdmqTq~0**Szl|8Zu5ahKxhE>vtu&Bo0?m0fY{
zyWyOSqR4kB{N<N>rLh(dqF0ijXNcSo|Fdt_u`dc*wHo{*9HFAFvAbayf=z=V_SpV-
zs=scWb2MjDKD^ml6gC%D9{^|HZXfQajFk%5<)%rp!Js__+vr^0?d|S-b*Zc^5i@6x
zi6q1X>d^~;KkQ2`SqG3_Iho?0l5_&4MpS-2=C2C12viKPVJnplTmm@5S&nAtARm9?
z)E9oz2+sJxL&g`=h<WBGodJ|1Ud`KSPRWK{Y1%y-XEtCuv}hieLdYfxWHSYrTNs~N
zA+=c_W$~PlWSWLuvR($Le&%c%!n*DeO)mv8d?vzg%eFz9+>y(Ezsx7?dODvC`t&^Z
zdUj$6(p8LPzo8!ri6t|kBXy^;K|rIFH=%P8H}a1NUkmcl4W6iTrWHRlJBaPetx%s#
zwio8MA+>Y9q#tC1BNNw}%YY=*DCuw#Tj(DuQXpqQZeTX5Q@W_{B~|w>4j`8GUjLz(
zaXc*s#pA*I<PLV-<XSU|lAtuB=SVDuI*3Os$D^Sa2%V<n(5UFW(dVILgOP*_+MS-0
z+LeH*q**)aM2#9p#qmb8Frclcq2I0Jwy#rU08Ty)cwxkT0PLKrM)~FgdS0PJz~UU9
zEspnYz@hJVb)-5OBi}OvT_FUOom;4%hiwltp^Ey1x@rjV1BU|}8ib>=#xsa$6XqAn
zJ-ef0zB05aJT+9$S-bdZm5wT>z?Ujw<fgxz+)z_6P${j5^;utY#M@He_%X$4pU&E0
z3D_HAoXCoQ*I!6b;EVan18$XF-%Yjf&!*#_G=~Zz(lL9xp~W&Qu<?YWK+5{UdIw4m
z$LQ7NKb~!KJg)4yAZ<XYXj$*%?fTlKF+}0-ah*%h187IDdDhsqjn&5j_qy}kE+^ku
zLT~NqxEvcfxC#{d;kagwjC|Wo5wcvp^vr`e4-MU1^?>DtcX0vDxNgiW69fb!dwq=9
z&EvLW(QP{esyD3v$}phek%H5(L({S=V&lsYCKTP|lx||_k{|bQs!lwslPi@+V!Vb*
zjTkc@f0s~Pg2L<t?;wJbl`yC{;al|KWbYm6=4AFS0X3Hg<XCx0)BOaWd3wIKD;plK
z*CxTk$1=83Nj4>%b~{KB`XDtqUKSbkl6jLP%I7kpkL!~w7c6peV5XDns904Ltw5~8
z@zzl1Pgi;C(Am9BXj~mpJ36<I|1SJMWUEpmtJYrzovjp~wZLn*SJoV}s&Ty^waBWm
z{C}mwZPYMi)GsB}8l7=wk!2kPqm<IIZ&B$TK@upcb_NYyNDSK;QP5k#>o(Pj&03$w
z6%M0?{X<A5QWd-u=r#HJnX<eLGY>kH)FbFS!S!7NFtq1Mafowy$d6raB5BM!!BS#6
z$xK{qj|dM~u;0^EfetXI8_{<UzgYq+JFfQ!{g989do8Y{u_9x}646i+Y%l5$jo}?G
z-+9~!hJG^)1t`1}Kg9^67&t!D@BNQP4$G$*haHk#13T8C{rm~Y7x05%w-r3dQ2dY2
zh1ev1c1m{@ldJ0ev%JcG963tL(E{-GBZcHcJ6fnu6mI4V<=@-CWPoKh0~N7!(_j-$
zaR@)T_9J<{U!uh%oj%laA{4}K1xuceYo;EEGobS#OQ2}(Vw(Ya!s3nc$=%TD;TkIG
z=K*y$>&R%It@v!yU9BcHnV7PBncd00vg*{;f>jiScP4G&Y6Ui25&Y9^KHP08Owo?@
z1*$CPUL~xAmIB*Mv>y-7TgpW|3henzf>LMuX|*?+)f6t{RZtRs$y+{fvOe5gpL<S^
zBR-$sX3meMFE3dyuGe4OFW)+DK2$&5zqx#KK2{eo1ArbAdIa|l$<2W}AGQQ$Xyo=z
zZPW;}uwKjIQmaZJ7Jj!5!%C;bnEZEUj>jsVR$JY_h%M+$sF7=YKn#n9BLa~uaz(Us
zH<%K1p9bqyv^x$y8UcY#mfx@HKHO^z;>J4>qsUW9j>vKgY4LVEbgb2ygraoSR25Pr
zjuul}HHKaX)<%t35eBT80trxT@C<%5ugRmCC$&8~mHvaN6fOQC=JYD(W1^)z4hJe`
zLeKUVcrgmNp#oislnFBRI|s#J))$@BcGxU4X6lT=&!g_)?}rm@Z@DlrTMVP@k9)@B
zBCO$sx#C64C(XAQt?*?W+MVdJ(i9q@S14Xwj{=JijyKfuor%QiyCMFCt|%U`1!NY8
z10*-72c#hUBjWH*)iiq7;K}BC4A+bGykl5!VbJJBK5q(AO|w%!8$Mk8cB^28j_5Tp
z97A8+RJcQLpcr_Lw0PbVCyqqn5VYEoFHes#LV)cY4>Ncn)3~HD3ju`AKUHzeP}%wv
zsw$Am_@e_<Ixg&=>r)-RFqi?2S_cTbqm5&lg;^KTGW`dNO9aGP?R1j8<@P#;WOf9E
zdrrd}LT0A+N{cc20$|_)t$B4%@}GlC9WaGD63~ui{7=~jI6wXQc6;X$bfHq?MuXJ9
z>|QzSgO*!8KQ4B>&bPTJd%&8aXf<0RE#S<CE=)tk_@#If&?9rCQ~c5khx5z$AVvT_
zt+hb);-{=jZiInbn`vCIt9CZxE#hlQ7zAfkni+<+tOE=XE>e(l4igqMd+Ol=XK_)l
z0$2u-=9p$}k50H+4BRB#8z~$kb12DtY}GUl|DHbg{gI_|Di`Y@CsjrQhr0+}E6E|0
zQ#-2|2@Z-X(vdddogOFNPJMn};U7lMPGf$PR9(GC=sZb2r1sqc1~KM6fzG}x9Tgho
ztU&yY%4y3<gMz8@WyMjTi4p~fshT3jsR_M-1k&V>J-CUIWk1qR`G7rPnP#^zB>X9u
zSmFJbm$;@(-lp3AEnW@U?sQ8)99>&`axnnZ6pl)Y>9(&@GK+`}q@Y@3du$0`+S_Hr
z<Ws@hk0`-A5e9z`<erl4pTYx<$pnsV<4F4;Y&uXjK80Me)~^8fYL)<L!DBx-#a@K)
zuk66-`arBZQ*Jv$?LPrbUR=dJFVsHc!CC)&)y04GZSG(?`^;p2cdah4l79}^zy1`t
zE6$V2y@dNEzf}CoTF+iORpRBM()noZ_tx68IcSNYy8K!O7G~Puij<@@Uquvh3}h%A
zGT!Hr&3txgHdd^`$eOO4q#=eHCi?gByi^?k`pR-f5f%))uc@XxQ06>a=oYN+pG9Ne
zs4yuuTW)LY!MwquLHEcfn-=uQw3mZOAO2nqO2-iMjlmJo{CBm@4J3obLI@Y4HxziV
z5F<0!oxIjJxi5>+Dy6eVg7oUhDwTRz`^?-nywH}HJj~quR{D#1)E1_BE@RAu$CHE=
zNr1!xtJ;_w$?Ss5=-`)R;$#r|y@*wWhO=FCO82&Xo<cX0LKuR!;l4<|{fFt)S$nCG
z{N0t_GX<q-zhx4hq64{p<q_#74EaU{Fnjj6|Mqr6HE@a#urD;hm5N&E_Ht|ukC%*2
z>Jv}K06$V{w?&*KB|m#=qoCf|=dic6IN&gr6zyue2GwOS3rR!OfS)S+ENsb(@6DRo
z7f;b;g)WIw<5=mKN5*%lqdG4TIOncDO#VY%3Jy+bb*VoIeAs7#!a(!q)v!tJdldxc
z>$M^Ev-IpU@ES{r?;~v6kz9cjtV}j-b0p$P=fjQRX3x8Gl}E=4kFJ^D_P2;Z+Zc%m
zs{a2PW6+>`>SNF}JHEFLh5%YP>uy(`o{HSJW8g#Au=YvfdhzY1(4-d4k0~Fh^A^Iz
zZBbSq+308aC~+u+dt+@B&!Sfr?tY%;&oHsHYOY$eyqT`pbW2V>3lfbxk{c(J<IUR=
zc!_o>Md09)1ysPn<**~?yf#Zz8?i+?D@6pNZ##7A;-lorkujC$lh-OLn(g~(KR5vz
zSueVSy1Nw@4Z*?OWGAvMH57$-nP$_Lpu9O}n>9(_kjr`VrkF-8>Vwr{tF8uciB@<n
z?eSC(wLfY{yjKr~o8UcRT%2dJmutLN3w*qdIw@!_<DRIFj0C0o%|v8P1<_dYGkot;
zpr>Z&(~X>dTEjh`Y-+Zz-cEG7h<?L|^$OR%>g%<I_a@bw&kLdhY4M!hqF-wF+7hhp
zKX8{{U9}rfRfKmF`Zup4_-9w85=pENtY*wqr-m`zjPiuuiQ-N%#WO^=TOJ0}oYaPm
z*DEAPkDe#KFpg6fHztsgH_afwveS-UKC(PYRRVl@!;LN#>D!ZkKIaODD^Z-BDxlZ(
zU(991G$=x=Y_V1CBUj~?I8`V`Q*=NMz~_UYqUAj~=<JyaZujNx^Fy$70Yj3oU>2f=
z)~ybv+6y1lxMj`N8157fn&=K@W1^wS?q~Vh3X~+(J^p}{&5gNHpR7^Lp9X+Mg`O@$
zO%$xAIRR!t4{UVrpId!;=}+MyT~iE4^;>4s=Dl(z6(M@73k-SbL;45^G+{LKF_uD%
zq0k{!e+&ZOkL-*Ny$x?H>-v%?5~@drmLP>#24O&l&qIVQNnD24TMCjlz1SwDogFem
zfu%6~Zc{mQ<0U{gt|@mn+&XUfyz39`zqJ21Yh~vS0h5iv@lAmKNkr-PaXKJCS`rr%
zDY_)ZDXbGIHC+`NS8>olq7KWTdQ`Y<36=>=ZU&Fn|M1Gb68Q)Mai;$-*}o29ybxud
z0X&W$#XSOB7T^rN>XS{@SSl=zq=e33Ki~7$MuUdXEz`ck$he|o$2^^`nZrfxbL7a)
zTHBK3!F6yT0%VQ9#BEG}4KnIS$r*cR(45Ltzkil4F;M4zh$P30FcTc}-8iV;mwSGK
z%i8ymR-D=hJy31T`=n@k<7<He#o^@{wqlb<ehIh8Os2{zhv}CGSj`?@o9hJJ$WOn2
z?1sqPSQ+zU6cCSIFg@J3wh*hh>woGpa<iU4*@Y6={L&yLww)geRn=F|Ts-U)9ytrv
zcpLw%boq&D8)vR$*E+n(J9V=4F!;+2h<4fbnNz&%FDsD{XE8XQBz!%Mk;NykWsb#B
zlnqX-kte)~lRnJ(CwoCr_%h<r6s6L$==|acum3lWFhOQ&nv?1M{B}|zoAdAPEhWdt
z;r;OP@(e8}b^-kCZe6(|d|Xz>^?TXlgeU$&(X>AP(T3|_sWbaONJ1a|FAOIMg`*C(
z?SAv@^f|O}cLwPRUNZjwgA(R--{v&+V?+w(3WnXDB4<fVZzxs#V=;C<0V^$9Ok-@^
z(s+qxES1BCG=tl)>6lwU!amLZgIYlW@tLcKLp7Nl;uph6^c|WFkJp*(|DT8gNYKQd
zx2nVu2E|3bn-NUdpi^#xYYcPA{7z8plWE}xL7~w`i8BX57ApfG&H-f4F1gnE%z)3u
z!ud|RXH9Ee5lw`~d_OBP$G+C+x%7klR~+PbzvL(hLkuq?00o2vK+<|+XWeVj`&Ar9
zi00s@Z>$TNCslGKS5N2b^_lX;GwGl&(>aB0tW<s{#~L|zOj?4q#vZMy2Iw7p#@2|W
zt$Y))%*JE|R=Di1aSE&di<-@QaI&7#(A_B5g`u=fI7MbYKXud?irTG~U%FIci`2QH
zGpPy5&(NF->JHdK?TVSesh7C4!cv_$tj3?QM^!OxkH<^EvH=P1gQP8~U&j1-ylMr~
zDw>zV#lXJ!w2iub{;QRcG3yD+M7c&iQu`s1nMas9R>Y^GdGn6Ovun&Sv?MD%u*VxF
zR<P@&CD{7A$aZ&UJL&TRJ;p@={J}L&c?QKS@bCo1YHr)u^L@ZH_sK*%Lq#^VTagwG
zmG6xk9Ja`X>Jwv$M%R4E<bM$er8@8&0PcB<LU2}VD6iwz@7v&V%Qe**uRQr36*)A;
zuZrcRQBWJHg5$PGCa2CLE#v*<u_wb7qa%{2#-zo61#w|3KS3^r;Egn<-wi@<G!Ob>
zU>aCVV-DPSjW>m>z_qTqn2O33@in5cq22e&OPQc~#rr1BxpCH-E4XQaRt$of9*`=*
zwL~|9&U;%8548H3`*0mJ+Rl4x(Hv*{*KM_ar8`{6O<yq11AQ}hQ{F>z9*qM+d)6tt
zu!!GO<mDS^AOBg_4j6ihSo$IpNR8uui2EOuITDk;Q>BxLv>x}VKJyPw`z^DpQ+!S{
z=DR{DT$^2JJX#U5!k%|_W>yu<u8LS)N6|lMDimD@UaBi^BwNCBXlh(;{o`qq`^ZkZ
zQE%&duJroC93QtVijniKxaxE5`TG3#;<@tg<;L~rWA%%`8iKjr(tcpP`*f;0bxI;O
zs8s$>eB^O(^w7i;0FJ<%3T^=f#st4`CjE%hW4J9lEQ<xm>Lk7z(SO#j^Jie0mCJMJ
z)M7`orRh4X4Zsluji&NNbt$9C;zkd65Rz@8E{GT@^jK@zK_D2ysp5}Jp*F{Mw$*Fj
z{ReUJ2g@+hMQagb^s={&*jQXio|OFG8M#Fu%WE?R^Efr_eKfzY&1zX7<&bGnpCZfA
zhPD37*f>zAwF~zwR49bxU573hFoiUNc?nyWp?}m0P^Uhm@GfF_mo=WRy4om>kjah<
zHI&;17IZ3u4`2KAhe>ENb}Vf;Jgd;oTz>ZrgTP4;Rw3=#Bu_Gbf7B~0NaGgR#$%3b
z@0txl0^8|xaN!leL!{y&MQQM_wxqB9^``;!`WrB?T{I5wK<-qS-IOK}i)MnwO`j2h
zkRv#RBi$YZyCXz02iPcffB~F8J@{TqK<@<q=n?v=1B?j=R4sOpN^}6_$X?<B-?%-*
z5xbiMHY*2QDt3rOG$u6R?dS#|5qK-9{oR&#1|cX62V4Xi2;V=5(}OGi7^HC(A-`xm
zkbO5QJHv?XHA!bQwFCBYW0-L_ON4_)mMjQe>>E)aqq}FlA=K#B7PbNX@Qk<{l5{w^
zPB8vWTe(f#bT={MSSNOaO+7%QGXVU3eZGMWK^U?Uo97ZUVgM*xcoHc$ADL?x{Qf`4
z&(^yEL;<bF4pa~)sn&;lw%%UzAsXru41nYcjgx1*C;QV%D(76mo@bSZB*Ui~?Jf}(
zl*8*>6lN|=e{LRiQ0fh`uvegsGFB3r%=VBZ_eCZ5jTA!1#{4P2S|E{dYfy)Z*?&zy
zbZNf9%lh%y#)SO){aIdGYMOU&Qq5|z|9;q`82~}8sk|EAAwMv)hm)fZ(V7{Ay;<3>
zhQiNP=+%J#YFc8qFt>*Gz3M`yvIx#P&({*}i~Z5h3?)tswWcRDDAj@YJ9&!Lbah2e
zqoFr?j@&iW1JTSI{^YdtgIIIpe*LHh>4DdNm&54eaVlH7kHL4MsQUXc;D>0X8^O(p
zkoSJ^qUz3Vh8mvY3ArxbkFxAqU4>g!j%)RgytcR{*rU+HBiF`5ub$zO1XX2aoV?*7
zqQ*s?pOD{~bg@`@1)E>VPH7m-jz4a)=q^nUcRR^lxz=3RBUax)9Nb%YE-U7-aK^Wx
z4yDe(gA@wEn^go%I5)@S9x49QyyCRYF7Ec4^1fN+RRs?QWd>8}Zv{7)MyU-Okh8*x
zE@wuej!E++CvE4)R?Sl_>`M(C4H~V}vig1{O6<i=#uL7}W!q(X-&1Q>)<u@LS)J!k
zxgE>3pm>*pPRu$4h`@R)A^DB%L)w5g)AL)N!vG&P@h!oF5p;X+v3|yZpCxFXagI!6
z2olzD6K<3f0}1aQc`o-gnOzo&gqm~*U5WiwRrt0UE|L1MgNh0Fcgic^e9(~Y6OgnE
z-13UYOhL+coZPm(gY~Wpi~pQM=$}g}uISW^+>=#D1RAKCzCQ)vNvHsEeiy(9V5R+)
z(jYB~QjWfpKvdKUFh=%#+P7eyw}j$d|BQQCGo-*@Ex#i1h*Oo~Susx8qxDjZCd^$D
z!UCk4&_MFZuv#UJr2YOeH*2AFs{Pp&4<;Z=PLK5(Zh|v?6*FTw;jn`1da43W+H`=*
zc|RM$s~EZ;8OC`nAb2fszbXMRK1F2rWYPdC4)$Z12Dk|M>BqdH6ursbc?K{hiu6HE
z2mnUv%3S@-89EgG@)GF4BUWj^DO|G+46FX4889Bu9MlaF>^BKe0uNej9xx4X;;o$3
z@GK&{4-vG!N<w$o;ObUBwGN~-AMz#%*%c|X2|gVbu)jiq8f#LeW^Qq(#m?X0LJMWF
z#)S&ZV1)-I)XfM1>Z_R&+>_frZnG1!eb6FqY;mVY-0u)!C>yAY-C;==U-$zJ_-rNu
z<jtKvCOa$;kU?fh(Elu<;z~#`@Vrjz#NOT{A08+edX<DIVO8TMR@dd9H}vcgieTtz
zjc2iWZPl+u7Kr=u$W8&m;TLCky4@>xNWP^~dM`sT_AG%rZx&kL)eNVM+Z=)@m>lxL
zL=f24P!S-Iw(wp)tQp8GD&CQXjj)bQvJU6HO)|KqBObD4Es$M69EOIRh5eq%=WJ%z
z*wqXl-@M}6Z%?5D7>~+jU2_#sT7YwKl-#%Y(r0lKazq?7F=$%UgB;amKw|!vy1WAu
zY(ZkliPcVQEPYg{5o#TVR@<<K_+O(jMaC<bO`jQQVxzd6yatIaqQu7PMV@44aZ;yv
zu7s6(rq~&lCoFXh23^p?TGwJcyEqPr;!Ey4ySR~bRtf=$gH}W^j6tVSbQf64wD`HH
zXjq0GWEOFLhOvu(kyE_cbJE5cby<QCL)#@>^0Ih722GD)jnGy!jJE9A`NUUpOjPoP
zIU8Nxw3P;LzOmOO3$a7>R$yS<PJO5B;Y0K5%q}Buoz0uDufoKakeLfIumtr75&<?X
zRAPBMj2y#`>uU22n=ByHLyqkbQ0gvd1%7&OV0QGY9}pw~;PB8%KA=bGI=Y`3bMHW_
z$!)<f3DY&}=b&>7VZU^+Lp(8Uy}N)CO((SmGHv#lf$3Un@obAB2M=C?r{>dp%gevD
zE?t+KlpxESl&ufr72M4a<KMRL|Ed0O?{CllgkN=AU-f!P7y!U}G-{4{zq!-T;nyRD
z-y(JM&6UJDDCIM)E7xxo70(=N#XQ?n>SxMnx0LE|U{(2$V8bWxUlb}Ij6-M@D8pxh
zk~V3~wMKFw9Wj8WuxZ&WU7}SI^y)W#7Cct9>D(4exJ?!@8cn7ko{Qzy@)fC4{1qP2
zdP><Ue&Gax@OcLD&~`fg0R<mroh_<-&t50MC!C(3Mm4^dD6!l`t5o=!l=z)W)D<Kh
z?Ryh9z0GmC(Ve?ca-cBR{x!+H+fZgWb#<Nk6-F>K($SzI4vR_j9yMZzTAtK1@JXCk
zbzGV>KjgJsbIj}7_z9IUJ1t<qpfnYyBWUFg%7X=-Z0to{-WQ+xjv%4{fzPEcG^ZBd
zkxKQ$W6DXfPQ#N~vd=5F_Tm~Qj-;Z+v0ca9X_K;yX)&mchl&s-32&v4^@bLm`4I-a
zY%;R4vcH<7Os_AGkBv_^2@7<*KbH}7yc{2w4>PhkJYV|{zb%K4V+k|U*<J!Nc(ps%
z<;ucGWF?$FmR*i`V^3uXvhmwdb&--)sm$N+P2sdeSPeV>yS^!-xtxE3p{_Qmiee&2
zlY6J)wW<7{eNv*PY;(xrZRN_q&49ZpJigfNZ0`B_OAL3oQ8`--5&F(qMxg#0JQ_9O
zCqU^2N&wfPL54#ufFROv|FOBqB*UpLG8Q@qQoq)($E&l~ODnJE&{!!(x1V&n)bdk<
zx5z}6MJLcIzsB~twFS|1+4GtJ$!CnSf1`ZsX)5#KQ-MwrE5942G@t&4b*MI)cFJGY
zS0SpK<X;o{$&F@g*l!P7qvOD~12Oxuoq@SfKUJb&{cjlVhJG83q0LRs%u(`Gq`0^A
zIT86fiPz9r=Xvg3Ou?_FB;%4AQ#o;Uxbt=H%b(#3ciI=*!2p-91_6p`OhXL*M(Veb
z&)zOqrk~f)UM)}Byu&oF`eSC@P~Oe?%2mVDF+a@}ptdY=y)SHM#`%M5^1PpKw?9}H
zDWg7LXdG@6jrrry$#~db16-ZY6d!y)>?J<en=Tb6me((ZF>71A+pDeC`3<aXnJSf*
z`Q0y0s^)I6am7E_Uw2w@B%q?Lv4zOWHz50pRW4fZEy?i#s$GDe+e+4VO`2W+wXs<b
zI@Id!|J?7k7AlsnoRQB+TTA;mthcmK4Vv`+q4U2G%pNS!fYy8K&C@Vutj|a=W~3Yy
zBe@m#2TC?>5A0T#RT)6NZRQ$BkD-_?NH|uvkFwbI7}xusr6ql$iE6Txkt~tQaorZh
zr?Yn%A{iFH6nsOKNycQu9$m2COt~2wE0Ll`v>z^=gABsvEGEUC6aP}**yX)g^BFT9
z!i|+_)*!X-|1ftA^5qDBmuZ_@nnQ8FbB+4;!kEeH)t`3>?V99PdGB6LR9u+EU5u&W
zd8511ad)HvaqD$v_RH+yHrB(6-@zbQ3Mq4|pEl(3--RSP-TySa&`sKJsO7VNE6Zgs
zCN-Yftc^{7x_Xze7L7XO`+T0(Cmza>tf5QichnIA!U0O0Ywg^8Q(*%TuSx^yRUEM+
z8I+UO3*qkD+ik}@v{QO2msX@r&yon9u#>HEpl-Pvgm3{gEf|!uvR*@Ir5S$g;h;>6
z1ACt=RR`Hx!6tLijAH)sx7K%FOxB6jNr)*vn#Y@OEFV=(S2mlyJ+E^$4v`z2%FT5>
z(LSOiqI&I;;}p7wVQLZ=XA|_Ag)O}3HWDdId<d`QKT(p-YV%ke9nXqB%3N|)N>r}h
zJIko62cC0Rz{)zT8}Y6Ix(KDjgQ3J(H;Tq~F!St#zkj^uKDOX;^|I9uG_`$E9AaxZ
z6%$-1QzX-8pQj7C${Zv|J1%iTB=7qzR2{o2SZ5k6A2?$q8=E!BsHn2UN`4~znfUuk
zf5j!z53u}&iW=a{W`oBtJO)VSia4wW8}h?J1g(k*lMlOh{T~a>QMDl2b1{;3le7~-
zc5=(rlGsV|X|OhS<ukVx4CyGxXh>Xf^s*W##6@cHCA5C+WFP~CdlNB46G^z}Y6F8h
zJeL8Nw}w#IH!e6hbq6KQ56K&1qlL73>e^OjKLLoC`ngSp*nu5;&DL$zzLBHG!I{ay
zpNDM4ws%4=Sx`Qv2D`tpw6*#zF>wu0xA)zy4p05CZK)dG<JfT#G&8<&Chk45f7rQZ
z*aB#&ytzxh+H}EJS$VmbUpA)guJ?SjL)aL50f4Qn*GB=j7#w=zfN`UNllhZfmpxid
z?1jc@f`cZMi!1?YI3r}O8K4KA68kI9AdM9o@=56aq*a;3hB-&<aayJqXN~Dhz|;gz
zb<u>`pev)yDwQA0Q-~9g5^qUd&WX(hWnvLJ#}$|;LwWcG5xT2MnOh&6Ybb&blB&}8
zCE<rc0VW;nLfHWPHBJXHt2mx!Y;R@gBGJxz?(+Z+B54GisRmlknG?!4Y#P8p*a~?{
z%$tvGPK74CN@g7@D#TyA7m|Lr*>V>W9<w!vTJ1k)S;m_KDK*{+8dj2&Vp5c?2PUPE
zeBxi|qdcfkRy``)4s2u%-YC=agVK_aL~Wtxy`bPkhg!V@?PxsSi#O`vM)F3=K850B
z+5og<q7fgq|J%epll?e!0Ft300+R3h#%KZgq=LCXEA>550t6H3tj^cEXQ5e~Y5b*c
zHnjw7B)m`-W|k@*M{5!(%apxIZ7w47teHk9VGM<INoctDI8ePg6fCFHCl9yGrcv``
zj%l~WNs3cpo_fr!NeMQ;bDcEsJWqouoezB7{oE+xbE?mmQ_d}I+qo0J{5R7L1qeBq
zw&;R@GO&W)$@(dqGEg@Mt5D$bS_SO~+Zo(6vVEYG6T~@$Wbn%=*ToW#Hf6(F6FM6g
z@)o`%smg}JD2(DFy!cU<W?0c-nKLeHtaJ7XC(IY^f}}Npq9PIk>u@c=4)lh?1`}?L
zb~ind*c(tds^%PCw;H|1$J<^ueq49orX@QPOgNIhk{9H0;FDik(@8Ua^NN{UA2eAh
zb#=ufCsgsHTR#(8*CW9M=bTbzHa|Xm#`nD8INVRq8{u|HbKLpObvm>M%()sOl7MqM
zu`zoYpb+RtYt&?h8(-Sq^~qfL-!5K7JivfR{`k_#HH3CmQ7ZmlBBrWe%014i40lo{
z0%X00^fpeUW5o&X1~~w{+CfduqN@*9%3t_NRp;PQBNs;gaB~%ftZ<DxgM!6k#0>JF
zcvULJVJfBsSS83N@S3C+WaJ()52PG5c{%S<<PQHW#-plEI}|#)CNp6AmI#uc8_dl*
z_Oh4-U<YYcOV8=nMFVN9Ukljt!YWjTg4e}ZZK>G8Ng@{jb0J39V0~}qUz-Ryb30^i
z;St|LC0xi>BSoFeSI6;b{B}mJUsa(s+X2x|IqRDJRE|NFAL_``IFR@a7Y$v2;H50O
z#e7l-=sqMU(mV*Mxq_%)H+A^6JOj0e`01kcaPBLTjzUr((o$Wh{<vD<VZv=pIk6p2
zo{cQ=e0;(auYoUdLjLCVRIXgfFkC@;{+Q8d5|2w%TMxYfMDE}wnmI$g91!N(pfKDG
zVGO*@p211(>WDFbQ0X3|1vA5W8zcYjI3(GW*XldU@~<%U+1r6o+o1dr)`|=B0Ds!A
zq{fzGoD~>j2+EfCgvS;k41js-Y(%q2MgWVBAPLoxWLqPv7F2GXCl?DqRZi9~8ZbWQ
z{@uY>h)M$7$vI(hVs`O;aT-SbJ}QN2fiFEU-_3Juq#cyuN%HKXv$_#uta&n#m{l7F
zkHN>tI$5}Oz_~BO&5;8YNdH;M+5;~r#@IUYD8^ZG;QtoR(ehxJ#<}uf0tGP0|F}$&
zfB|k4qa@+2`!J29KIAtrTB=N&siv!wSX-$iZtHM-Yx<Z?vF}MtsQj~~bGW_#=3)(}
z=n7p~wPK0D1WV&&6uvNYE%01C>r;BYxP##y8Z$PwxX?CYqg8X3QU%Q63{&a(KROWp
zNv3gRni9XFT0B%bA@<PIpi>QJXX*wGl5ZGQ_r%Y5N>wLAaKmpSymdL|Qe`TV(x|U2
zmcG39;JdIZZX_%QE|h8GnzKa1A`q|6fJ(f@Yl5ubeD!uaOr}@gqu#)Gkd%hEW+51b
zDN^|0!PB6&{b+_WFZi0qKdDp|O@J~ut*2_k#RZY___$_BHx7^tOc^$B;2a~jh4ud`
z|46xMo?PVV+ceKA%ZBXlJO-V4wK&KIo&~c5UvtS6Q-UTM7<pygw!*nQU8yx(Jp1}R
zxPK4Ptbdl<1v0$nj|DP24Bt!6?{hT_<9tu(#`rVn#<`=QQH-$|1u)Fxd<8Ivp7#r}
ze!m8%L?(Y3Xb@c@vj8VPM{H8%Zk=j~Q~gV_vC*wFW$@dUmrpNK)7wX&V(*qAGA$=Q
zK)!}C()erui8bysQ$ecyOGfq!$xyu}^Uk&p7(z@Y^TH<b)D3e6LC~!%<xV4`w-PZ!
z^2z;QdVs3~uCy{@QsoO~m+(;zJK0Y4JCZC_S;SASSll^6mP4IQoYUixQ3^9Hln%|r
z)z|9?JD|I}Vy5iOWu0Re#-FO2AU<8XC1Z0|O5RrAXmf`&z&c|1K^k{`R0=oo|4ELE
zbW}{d4L@p$riaMqK^K=sAQFkdExo<m`R82;+XBxi2Ui)BH@kNIDv1@su^k~KsdX?A
z;o*_{yJr7eAq=K)XP@q57Qz4(R9YQm1~^18L|&i34+_RCnthHdRmM=ywa&o=L2Rm2
z_gpKT?OtE!X{K!Kf_<t>;S8?u!`e%4dyi5D_G^~X?f|Rwb1M^>*neVxGcSdOw#JKN
zNGhG^F`UC}eI5QjYO=Vp2X(pPpqW_a3&nZ3sI$SbC?D>3zKVgo!2CMS8$M-1IMg8}
zY>Y{RxQbaBm=ZRt9fN>n#LC+%CSu<73Vc@MfDov`4<&Qiv$4$F+q92i+Dh7d3~XAA
zI}ni1`l$$nZsq%-%kD7LfFe1yT&RW~SU1d^5e`sh$_JwGY9GQ_JPx=ODrhWUvzf@b
zTimyq0%fS8Pco1M^>7eml_lM9qQKlwkbD;M{BkjqqZzPIww^_L)wB)j+?pc+f=9A`
zVayfb?d~y0PNS5a<vx!sPeEO8^jYtZ;T&HNfb>g>?o<`^==b*983`jD=22iM$q;3t
zAkq{Ore-Us8%EbmsRmzL{IwMXm>JfG0!e4>r<H6Gl*KB=fMxx&OhlFn`8cRy79#|F
zG*(F=%s8s=_387oBW}&suYN3LwU{KT?Y@{aV7Qp1AK89iN)_{;VuRs)yr7!veEjM+
z2=V;nYrntswN^b~zQb)NB2Q)xTRGMW()c-CNj+dbY*xXUO)cPSU$>+3$Xiaq>Ee`O
z+iq5zgv-TVp?rpO>e<Ey^aA+662lKc@G`F#?1@;AZT6>>l1n+e>A;u9Rtt}|7W1Q9
z%)=-S6Nd&!aMBPo2ZDvl9wtz)nC7GM%8eGR5Ujww3?=GxwNz+cmbC6MfpDdv0`o><
zXNpse<3k}?x$>Fnnt#Ww#7XQv?%Z$bMFcdvHb6||XwbGxRg~7zZ6hB=AP~Apnw|yS
zWHj|ZuQ`{>dlSO;!}C3>>tA!~%@$^g;I`1;#OXvGR{5O4t3(!Y%3M-|7mTUH4aT_g
zK)+2dj{ojQ#|@Ppi(KtTKOMO~R(287gFmmmr%Y%ZP1lp*?vm1kNG3&Oe?G3j*f;9(
z_LkzM7ncA;-V~bNr(PJM<3gyC=MN!R7#Py(2CyN=+`zPpG#oNx3c?OwQa?W-;qKVf
z%($@$OA>O{ZAcHoi$Lm`)fd`lzcW^4zU#k6)Fh4D_eZm%kq`=n^l^3D_HoY>fq<wL
zZwkf#>Ko<s_d8irQ+&@Iof!#z$Hu;UlfTHq9(QEvwM40@zsZ5#ya~cg@OyE(dU}t`
z5C3L9;O8lf$w9ij!}9JQ>+===aQEeLDZcUR<Oz9s6>{^OTzS4V0(1BWPS?3Jq4;49
z*8Aw@HjKQQO2!+7yxRAj`sK|4JaZxMMIW>4<IcPz*|;P8p_mUl9mkVm_VD%HzX4GB
zO<uMhVE6}*49;E-CVx&ofY0y%9!pnzkn6wze#1V9zqYS+Kzm25^Q4mM_?F-<uz=KL
zq%;h4xHK&2_Z*eJ`kz8=1f8X>iowD_({OR{`-!<uzv+HJ-iAh*TE?2)PDTwMuae4v
zM#A_!-0DH73RK^vLMJb@34isAaGg+n9-tppG8J5?mRsg=y?3;UJ%{c5(eopJxiNwR
zf|<u)%9$yIjR3i-`N}N1mGMuU1*g0je=U5JLd4*1D}HI~Xk&m7n=mrCQT(+o{_N0e
zHl-i8<48+pacOBGg%4}4f*$-Jul-l=GJ_N9pGN>|b@UMAKaagiUZ&K9=;VZ}t`>$Q
zecuU~RFKh0ATMf^zk!H`@9;T<N#xR>-_sr6Z}E*1{ojhAbKov|1<`L$CglILFdV?k
z<LFlsv#TIt|6Um-uZrt@^o;I&^xuI0ciR5W-{0Tc|IS<o&);AV7mo_kC9*DlS4~_l
zrY=4g=l22rTdTE<OakGgf^5zQ^_+lwM?Iq-2Rs7dMsUvSv*YO7F7wp8Sro&TQ=A2E
zR<^d2ljet?EneTvP50l<YFYvdSw{YSJ@8f7a*9(w4OJ{`OQ>iT(2;b1KZa#wY$|nT
z!%8Ctm3nk4^~faZVF}dl-wFg5k4pV2h9OBrUA*uQ`u|?>KcoErj_&Uezx`*-aq(E{
zvVI4-fOMI6INje+n%_0@zxOwk?lbwUvw-sW4rL-~tzEhn`0LLtCqZ1CHh-kj8t9Ai
z@qOL>zGUr2Hv&^5wkD{yt^#%P2AwRR7svMye<D;ZPIAejJ0EYh>s^RYgB)@*ch~7e
zYamdDgj^uEdYk$WD?F|n6XHFwl32mE?hUa$6IwfDQV{y_{tG&aDP-6Gn@?gdDq>?D
z?V+=4?3y*N;jO3`eyYvA#*oB!hKOIyLWM;z1(76`!sGk!c@0T8J7@FXp0S?1E2gT$
zl;k_svnZgAq2C88;_+aLUcCZiScAunL>Pz9j9}eyMIkYTe*AtdYJ(<R0x?OPXg-7L
z5+Z|8J!`HZM{rrI8y}TTp}dW$wS_o~r~JfXYLN{E$j=mlhqkZ@0yRW`xa0g{e>;IZ
zMQ{K!@6Z=G-P0-Tw0OgZqyi$T=_yMHL_dj7^s)l#{@a;(0oEirue3X%4AL~Bf|&id
zt+>17*wz^ioh`YhG|Ehl#X7MJKQ+e}^e34`PxVf>+Xr@5QCS(dCS?8p!`M3oX%cm9
z+GX3eZChQoZFbqV{giFnwr#V^R+rKB*ZcnSMa;oW#2h8|+B@<fBQn?8*L|;Q78Ps9
zlY|WD&H}pFrG1)AKUbGC{?kzPbI98dbSPU~^3nm6m1hI1ZACy1+5!Z!O)ATv&La$F
zwgs7`PJDbl;@nG7dEwnYl8Bplb89(OXQ6r|#VpLMEHq2|q-lO}9f1L=F2E_McQlBi
zQ^+BRR=B@ZDODJs0p-5X&9UGlzg>>a=6$obK-?g``45X>nw8ra<G)~1bb-E>BFKF;
zaEybvG-1;#Bh{9{;s`Yn#aV1MFV*fqqqMONYG71*#@B@2@x*A)G#;mhYi1{A_s>7=
zn&gt$&Zq(;B~2<g)Oz1o)H{;rA|}NyqJj-T1Miu8NY4QCUEU=OtF2q=AVrklPA{o!
zq&(D2WLvbz|Lo*6qtDKdc-M5F43kidJQ5S_OXzwd^bg`O@H;&5eZ778ze)JgkT^mk
zRBSL(DX!DWse}7~r#$ceEl=Cbce|j+#7*#f2!N+vdP=1}3V4aUJDS`rS%4c_<Np5H
zN{Dm~pnEOqJfN79vA^Ik&uW_r=ptdk^uduS+|n75*|0?^1xfq}f*n_TwiSz}Qlcp9
z&c2Z1`_=f^-XPXU0XqK;L!jYaPk}C@z1r$w-)*$KDw&C@?>SdRk9dCS+W$*<vSRo+
zYW!IpCtqJIxP>YtMn^WVgpAxf?%&7jdHCUBUatK2-?TXe4oZU+!98xlve`MC)6?xY
zt@b`lN`oAq=l!1PVQveV%|C+|TQeFOl6}VUSY(FojHt8e94Fpwl&fU%kda@fFefN<
ztgH0IoYuJ&0)0Bli^miaJjxeA+H#<G`M@jCzYlD5;Zl2Nud`~4Xh%?ZDN)FMgf*db
z!+ueV@DhQvs{~f4r5c6SLxenx(BSi`z|jyS3N73g<mU@ZOS4HTniry@H_v&(D`_gm
zEH3Jn0HZ_3`Za~$1VLOdS{j~N{@y?PMGssS3o+y>Tchxt)P8n$tdKtZv~F3bw9s&T
zWnU&tdX6V``iy0M8)<MZ$$5BY{#b^B#{yb_Z>vnbL6Q9O2}h=DL+Tzh2zLw*wnv1I
zel>rj>4h6RXze%T5)gwzp*Nu?w?L+5#ZGk0j7bSBv^3Uq8!sKeDnV{|WQuH}3i5e~
zYHD7DVmMk37E|10|A{PhS`G#_Hl_q3NljP`K^8j>H@mOrOC*uH@;+EZ4U!BEP$lo^
zEEqvF93yPr#Z(PYS%3A{eFCB~Pj(@U59Bm;jv!sg=*l~b+)kKLL$g41c&dFGrD6hI
zWed}Djb*-?<Q=WAdWQKXAF8dcdYPF=TDlEoFe>$(bilJ=FvZ98@`%E1z%7``8_aq6
zw}6Sp8)}%5D+p0`IyHQq_u8Cu-}%?wKFV(Nc6S%RG9)g%ad8<#$%&6=NXy@HNsg*Q
zvFs?5xexcBy4|ey6$7`1V8ztMc@Rf3H{Z7EYyk+gR1@6K3!2PEDSH67P#b+xdhH}e
zj&`oFI{zn#MG~woD&#b(CY6j-(*-Q+&5o6!ycf|ok@&hN(?FkF;S#<LosOfkIKC6D
z(?g4VO>(BU%OLg$iV_;RFas1#U~*jf0)T+({-#PqCzf(4qp7afC7zLQHB$wsMgg1&
z3?u-Ol@o>HW;Z?;6@d%PC!FCR(_9lNpWMhJYP225s*!u*c#SHcm&5>jLO`k#NU3L!
z7-?l@Bl7IOFm*nEie-mnf6$Z4f|mw|wAvHj+TPLj@2-Shf?%gqm7rVVlcaGo#BeDw
zA;<@R0l;4pKuEQuG#@^a&3X$K^+U)oJM0}7w;Vd)O&ggwh9!SHHfn21|DCc>0&EDd
zWH|SH!MNBY=?Gu1?_#(vQBc+W-pceI0XeIgGlxUhp3UOUH-Sp*8<bfrO#fQ3Ct;e%
zOYhQ<u9fR}qO<j2v2&mXrh_Wpy~%Qcjcnmhij!}HSNZ1<b=^yCQJ{Z}s8EIfro9Z1
z=rtc5U(+`51nb3+H~FGkHmzG;Nz4?Zw<@MEk6A8$N(oj;N?2bZ^B#rLr`Hj0`?u$t
z1+tEmQnkrA!bo7FZ^Pilr(QGRGvzv?HiqMBJ^>e?9-^iQ3|*fq?b@Q0o_6LGm#Ukl
zA{HGBaJ*In9-=W;>perZ1&xL|avCvp9I>+x*%?b}X))-<cvvr(<}6}qIpESVH9Xl*
zn2zu$p^6vo=472rdz+u10{&OW6@OSZt+sIJfqUo^3+l$RJI6&O#=^2}kw=v0L1~g5
z&3t7T<HmS%sT%|BgGcc2dX5x16vBIjeZ>UG@waVkQg9f`%RLbbKs<)yS8knG#K8!3
z`L~_l(-;(H{uKjaW{F=Ugq^vQ7uOgMa!jQd2XZXwCK33sRL0E=V#f4+<jA7%Jnj%7
z^wU0!B7B-Dav<AKeWK_niEmcmmudV}8Yc=;RIoE)PmYqz`|#_=*)?445#q&l%+x%W
zkKO1{;hqmPyfp)F-}5nZGAxaZuARPqPGH)Nm)?VQORpEctofP$5*B$SAOZ*Ry6%1O
z1Vb|oClqPQjY~R63%}1^u#y(G>U1Tn%HO4*EhQYD_?(4?m_=vC&E$eNZdRdFWzfsA
z_1n)wUcz?VEKUPIVuK>pz(g2HO`+AN_Qp#^+0-Wq6x~-i3LwNfSPNaX79R(+xsZsW
zNj7lKK>wG>!8QSgSh1$kzU9i@-~J$J`S^hx$*AE+o-IRJ8eO1yNT-5Ee~P}8BNlsi
zkfMB|yYK>=U5(!rlxdS`O#(EmW?b<)fS#CXsGQTjv{U?@YLTKP8?}4cqg;G(I}?9l
z|NW%@qU8DvlJ@k-yFVBtA1Nyz?Im8uF6-C{zh`%?^w$G(tdeo^CiLuj@|4`}D^mNZ
zOvJ<4MPJaWDTqp?3?3N5_1gl{(ETeVyNm)P-%h=oMD|Ne`P3{)%4~B>E$nkByo-r>
z1s`j}P19BB;Um^A`!?TdKxHJAoHIjRZ>xjCQh4<>^#LVFINiOM_2_r}ZksseXf-rZ
z@@6oStXN=>-7-IolrK4N00{0d-AcgBCi_ikHnNM1qdo0&ZrrStT5A6IO49;-grih$
z(F^>0Z{GR`+kfia(vvSqxt|>`PO;dSD#9v&{f95Oo*r^DDHT+2lb3jy;<$RU4TyVb
zkx7j<7$Ow?fN?L250caLRR<y#eN}L=10jsH(N{3AynOh&P9|z4<Lc`s*--JI%8==9
zaj84_K@^m~WHZo5n0L}7qvUeqzh8J>cGo!!+O8Q3+?xh=&How+;OZCfRu7$a{XKN)
z1Xa80-p_&87wtr1&~TI!jGvuUE7|hK1<0n;aU$*2Rg?#hXEr>^e4f@Bl&gf>AZXSl
zQDLW954N$9pTm6x$iTd}FUX;g%v+2JX7_wN&1_so|NDe@g&+3~%rGWQDMy#%?I|J+
zwQp-alKp!zMQ&;OZqs9kI=%dfVJ#43(MFcjo~fc-b(D;r(oAd)L+LF{BR$3@C2esA
zUbk#5_yMP`2xyjuLvL<>$T)7!BzhTC13)7~GhA)v*oqntk@fn=oyAPgC(UIG^54(3
zQgvhkC}h1{u~UkNf9yC#G74ayYymuwYp`fHbfoi^HQcR{R!v#dR%o@}Mdsj$QQIoS
zp;r3*qNh(CYT}htcGXd|4eiKfndfpUboa|0Rb|>XSrmM8%ra%`+i_O0=4JlOIay`x
zeo>9oxl!yBjRGU=^R|2(oD)k78`I=Biw4W?x}w<yoVp}V3IOT*+RXR<%y;$%yN3XV
zUERKqvCr${tV<&HGjRNT6z1i8!X&Q>v2>hAkn5uVUNXK{h@r8c<=G;pM3h1F<hxf4
zGg;5~VI!nqiNSjj|9dM3Gip;pJ4jKY%&Aho?Xfb{8_V)o#^ZI1x9G#SoVgF$`4=Fg
zih@c{;$nAj6JpC1Ife$ge8bnBz=iuL6kTIef1UX~t&R+bh0o0M{q!(0l65(imWFwY
zVC>yHqQyS`$`@h>nYyI-R7mzC1>G3cR`W(`YU221vq2vRzQVX(+M3}C0{>P9$%5o;
z10sYtB{9AEVoCvAPdv~RTmnWU5uJx%0=;z@4pk7=0~Vlta#-pu=($+H+i5aB;;r@I
z6Y&zHVYZ01*j4`~X*o_@>;~0}ytmIz+b6t{CMsUC%rSR6eu97R_IRPq#&rQUxEddh
z+hxGjY^tfYahBN_PL;`DA7|;avi7Uu?Y&FY$2a-H>Hg^$B5$Eyx-MRc<bxQzF+9aH
zmhk~c<G@uha4kI99sCMgK0FRb1PtjahsNW5Tbt43j)xM3*4LzzVX*j1;cj1c{^LCj
zTR%be)5YcS<(A>!y}_?veckZ`_b0yj51Z55ARsA&<}qbriQ!o3cR`6ovn~~M9_Y}K
zX5{8J3`fV^|11WUraaMfPd$+hYb=?B?Wu+dG#0zH#^T6q04A^ZB_aXbsh8_I)bn~$
zC1h~LqRJ=IEE(ln8&DW+b9~ZmybvfQB{^3FIzWlC=3h9MS@RiG+-nGW8F2tK>)xG<
z9N&;*gaYZQGnG%vW~p;D=~3@DLmV^W74g?<Wwc=MY_lw!AR+7-YRkQfnoElLhJVL&
z)RpNrcDb`svr{v}|B}#b0JLg`G-QnTQL-0^!yvVJYxz1!+o6Put_k;|SZ&&^4aqsh
zkY#dDk;AG&D@9{VRc1ptFT%p}wJylCC@bf8`BaTMC5kTZ-R@&TPRWZpG#+R;63sw%
z5<aZ^JMIu@e{YdCsTP1Sx&hJ^1`jM_i`!k}*KIQ)m%MEwxVik1AV+L{UvGaAmr5P4
z@8?)w|Ln>4^1K;--@i>v+}|tg_53^evE_y3f4f7idcggvLmU%Kj5Z(%%+B^Xwu#(|
z>B%DI9I~4icsb5FhKF~o?${vBe@9X`rF=Yh_(9RVsA7Bcl%OZuBr3amE5~PE)2;s%
zNY4o7uYX$dMPT_m9S#V{8B0tJhzg>jPF`1l5k93r5$4a;Z=XXp7xo^N?~A7xZ5+~{
zzi`>}!qN|*wJ4N9^UiN`B6{?+e(IgkO(B_O8iE*Ja#2U7E)dry6FXfxLx{|JZYh9;
z?mJRb>&(o@U)*N8V^gx3QPr_X!74mT)3;f1imD@rgziI+aO{Kp0~irsKNvlu>^*|g
zO9K*;>qDmJ5n;@m(mJD7z`IuJnWbs3dntB#Rs5U4KN_~%VBlky2Ja6*UaC`6$njol
zZD~*50{yl&QIXNC-MIWsqHUc&LEj`tyH|7XsZU!txR47?8RkV#n*_XWyp;gtPs2C`
zIYe4z-2|aQyD~7?WH742SenSt@*-iJ;z95_R=R%jV<W-8L@lX(xE$Lr7QrPZ_hSUH
z&6uF>J*2Ms{2x3eVM=y3w7ed%SzHTKMJfl*HpwWmL6ZHdLt@acXYvaRR5|RyYtE%}
zOeE~2%*7yzyNHejI+UGknpC7Q*Qil>@0*C^DsfXBtCJ+9bItU=Qm)3&;Ds44@Yrp`
z-5)C7d(4Hm!?9<o=(7ICQ1nP7K3fTI;?q>piGp`?h}vT(WHntO*bjsC5VsX)=T9Bu
zGMs8(TvE>2ImAK)oT2b*;6x-y9-vE}uKKbCTGt}%>$eM8+?1c8*%QX-`U6Ww(Omf7
z`hsEW0Zfw~*Dx%dSH;TUCMe=Z4@zcE(QNe1ej2Xl!=;F!WkWLsa!_f{Nn9!#2UsHw
zEx<4wr6@Q1khR9zI)A_fu{F_=QWtv4E0<`R;fAEmYtvMs;BXly0W8tlmp>h2wK5Y?
z=$U6?-dC03$f=zt9o&tLSey5tn<Y!aDWDmN4WykSCYb!K?cnO8pelnhbERjRF*@0`
zN62Pm0qlK&qn6nFjQMT;q|d@%?_*Z6lqyeVj_+wF3U{!C265=V<NQ)0)$KJ7yGg~R
zXxcMuz6WIC9}eT@C4nw6yHdHAFF;NEvQL7nlRuRev{<UDtn<cI5%}1C31d-edMOgm
zj!5gvsEb!EeoFQ+fOBMAynMX88yue!g-<c-Xdv5$OOqEU*bJ;Cq8OmaC8)gfP>Bg$
zoQBriz5l2|Hep{fwSCqxbWbGHP0MN!8~p3_Y-j-tIU_rtcQ%gf_bHs-<>URk39de|
zgfV^bg=KUMg{nDjzDb0Ja@moQ)q}(Q2!9F%2?Y#|L19^dRAwnLouY*O#ChhvY;6l`
zwj;+^Y%-slJ+1j}oTC`nmGBLgB|Kte+LnSu#9-8>FKfNkL)+TgU;Bt{5?UBQEDKOe
zYO;*}Nq8~i*T{o!)3L|}oyp8f#-cd6J$F*kgwTMB3wK_D|DE)VPax(->8uU9SRv(w
zv%(<ro4K$u#vV$x$Vq)|w!>ZT<Sb_x>WQ>uZc$5yF)#RNwrjS%{GXWEE=H+>y3#=J
zeVLZvDz7J3>n=q=VpqN7uY@BxORgnYWh$g|Z`_ku@!-#-@~MA?YvwLIb>3#)aB<%e
z(ixF?bU@zS8>3yDitFqver$dx!Jp2eRDxjLVxjDAsTQni&ax?ZLQV!Bv9($f1mXi<
zH1YTgf8>XPb0ETbTutj!N)@D0-*qR=Ne{_V@frW%!Y^h{(hXc!yfpCUR$zZ#*ZF@v
z)Uoo*!9ugTcs`$8tyK}u5|2=ws1o88fC&!{d4CuT*w}@V4E4mqVB<=a7Kgd@0z@uB
z51oCAJQbE6p4~|!f@Py<bGPA=_cFcYSzUYu){v6NKTob*QMa(S39GTrX{#RnY-Ay%
zyL*X4t63W{xH>w9%qqQ;Wq$Y^_+usF918;!C_c083ayG;E!*m4ufhz`5TFVBm~fv+
zD+rFfsB>+qePD&C&F4Sb>wfOU&u29)Lobs}iH%Cmuy~#v6mF*q65H@fYmURDj<?u-
zkQ>on)l?HHN4pr1Ivi?WBJtv`!l}ASMIK4kCM4ok;O^+G<A3XESls1u0`KtH#Zszk
zn1hjt<p(^p(Y2w0z0^}o3)SVFG*`$NLe%LanZ7_0BU>f8RTCVw>?cweRuJ2Ujpg!n
z!8^*7E&H8w3Gmssim2WzhoObRsi|L_@yF|>-|$6Y8w+LEO%}}F9^V32(xN(RqrXwQ
zZOp{80-i!RId`vyO#3?nd-^>u<oDPq)-@S7I^gxwZ!iiDqXuGB0Doc;ytS3XSl@A}
zM<z(O7FHYw_dbIrG9L+;(-ooRR}uem$A-O_$ArBs+zH_9{u=tQ^dN-4)iGh~jt_fT
zpNI>4$sPMO)Mft@;pHRUnz3+q6ZgMDz4-<74t^$m_lLdgldgL4Yk>IZ{{F(N4r5~u
zv+MmmVs7Igj~KlR&KB9gL9&tFgbV6r@w-jXfos>z3KehIYT)UcJymARv_dUQU=T_4
zPNa2mXoK2h!oJw|f%$h5=rurTP_9{Sv4wN=ZYP1?X=)WK6|K-VF)oK0ihUGeqm?<#
zo$Yt<b}Qp(gp|OCNw+QYA{a}+<%m^^lIh0lSM3@(vQ4h%t>&d)Pif4FTJ8J~>LzAy
zLs?jECP^gWCxsQm3IinvjkY<+Mp`i;{6mzTX{nGy6VF4BRDu%c8_Zr{uc~?Ey~#_b
zrGp3`Pca5{;h<Qkn;|QR_IYv&x?57Q<$<C|Z_v*fLe~39GMfl?>Se_tW6?(p$JN_%
z^$Laj5id2QiD2K#f>f}Us;`y~Qr9F1DIbf-v{ea5IoOo`fN_)8m~RHrzAJQvcBpm0
z078nUqQcQiu!5BuVsF>ReK?w2Hss`+P4Texe1^jHO#D-7f_Qb-CbT}gM%LkJfd@Jk
zl%OrErPNW2(G+r82D9+=P0!NHHPet#tO|%O$XXH;F8IwpwUoq!`jK&t*I0TTnN(VS
zVzDG_8{EhQYQOTLIF%I&(<iQcfQ8LNCHM>Z9Li$ukju;X)+xr0Z@mMRTxNvVO*dRR
zW*zfzIr3x!G@E+}pW9*A$kSYqQoi`{0c$qv3!if+o5Ne(X=_i5b-tguU&@&Za;8Yl
zEM~JvGkhAzLbjTeViek06H@k3eGE!g$*sePqeJ+)eIO14Ekajx3*NHZtsU4H&nq4N
zM)<jnYiv@nEXpk%ERBD;;9){abp8&@f>APzQ-kae-IMZL4T}If1I$<D0^62wjLp?4
z^D2lXh-3}+LOrE}-<j5^o0@1MIzOT@m>8snyQ}HR{LpLa9&vASNP)@Zm1j0rp_Pf~
z9chKI)ze8+8OHpr4G>Tgcyqa6fZhm@ce>FCke0gER(l~l!+mOsg<MCy1ydf*2eV9K
zB+cHY594&aH<MEBS}T@Xm$oQJ=B0BV76Hp1UuGxzpRj87IwoF%qo7Yr40{sYSbvfG
zlS60_`LKRYa`|x|Mh4S52<a-6ELuHSNQ?z+VygrejtrcHy87zI-@%n4F9-Hczg^C_
z_zwDzTsuLrdU?#(A{fLc*u(Ec*uK<qGVh5hp$5qYYeHa!HLPXO#1XZOvZ>(QNq{^j
zra~AR;k6H|Yd4}7V(Z#kao+#3x`@ltdd&>7&Z>8kcK^fbV3aJ}r@$VlrWyRJ`e{8>
zwK(gno`svG@5`1Ymb&~xVz?BfO!fS}x+?z{(ud2r;rJ#*<$IkYP$F8+H)LL75*F<O
zZ>>4Nk;BY1RJfT*O!=_*UznRi0~!rs_>rN0Gs=!##mz~v{5r`3^I?RjgYroEc8Khv
zv7S`&1Fstk?*7bO5ZLLc>#0%84vuIEM$d~Mo5QB3hAdJY(0&Au|Hn&sG!GkPHvn=e
z(dA`{;z)Sl<q)#2mE<)SJ0WNAt*^Tf?Z{d{#?=1fP{P)hCrCJEFPc-Mub1cJ{UD|6
zo=bk!&Q>6dX&x;f-Nr`-Ndmp-yE?}GyglsP@kDHm6HZ!x9>_s)!PjF*4ADV2-}){t
zWaPsPrY97aelC~}@=pxouD-5tx|x!Qb!i++K;IB1#_+FTS=vHu9uwRzK(DlFehiFM
z05$GZfvW?*Cr|MA6K|D6W~%gXHR@QVb941C*aDYCZrp*0ko9Q&_Bu~%H=uOnby@aP
zjK*O=wPlc#axD~1z3eL07;f@iV>L{Cd8v9Bd2T^kw^&Ed>4i15<6-4i$GWb=%P$%+
z@!|8PvhVv51AeEwBD8(`&*KZU9gYh(gQvI3=p$l`(jpfz%-1uL&zWWjv`ssz9yOim
zmOt_u#4gxQ4A`=4pPj4RvV^&X_gf0{Dv$0i@&6E{r}sXUWx9*_)%TX**&(my;xAIG
z+UAe(=x9`7ha<LSlxhBqUTq0WmsBC*zXG|!eI2tn1kh7@A0a~sU4W_|JhkbLbDlUg
zUm|esO`?-S3;o{VC#QqjAnFyO4)*}Y=Wi_q9y|GyNP8vzJ7@d2(SNNi`6*wCtc7p0
z0_le#D&6SH)Z9!Ue@X)yCb+R5Otrx!GtBNJmZ}$B7(|<4bhX?wHUU)y8AJ1QjsnQ!
z-U(%R4r%8>Uc1;r<^{rEGO%4_1i$|q@hJ=t2EVTQThCas^7QZBhu};ex8*(kS(5(W
z{9G}ieu3YVQ*kkFd4j(vM-LpGo!8QPLXluKW!9lxmync$G$NLa9cis~JHdkKFGX6Z
zS$nC<5;oY#`sRIADNMU!PexULuy-sg0g24`#1oU^xBof)XNyBRGbZ_$d9m9f=077H
z{yzs_lNdJtb-4fD-;QBk^oe1+^*4`Udjb9$f>8Vk==upDB%N^|#j?7=_UF6*8N0>#
z-<JKKQ+K|@Kh~`+3c4;&3*2+j(kPF!z3Qw6a)jj((B{4#mePY8fLgd<o)v!U(kJaw
zdH=NV;Sw_JQa=@!EnYW-IZ-<IL&9LL055CQOWX$o*V5Y#Updg+GfB{qlYKwLb;n|U
zJ$6?UD2tKJpUyI{9t}oZWs&?hO>~D+?K6s5gB!OO_7%`ap5*r=r22iDA-MT1AGg~*
zi%MZ3)Nsc!M1!UsN?Saq=P8>Tt4qLXV%@fav$cITjlYczbnI5VPLMHNCW)4tKy9mY
znNBMJnfVK9s(Z=r{mp!i6{Q}agTSfm5~M!SR;BW+)_^T)7^4~zZLKJ07%?s|h?NF-
z?AP!yVTl<h%Vg4^!Vd0hg(6{|fITtY8B#|95kZ1Ne8l-!SUPg*4d=(bF+u--MqUpq
zKN-71+4tMj>6qZ$ez-sH+r?4v*Vri~<=EJdS<-vf<=Y73<I#{p^`!k{p8(#s7=vFV
zn3L1Pip8!Kzfinw)24=lb{wzD&L6zJV7OpsedY>Kg+NkByRhTceZZIAD}7Xt=I9vT
z!8swAf?W43LMe`ww}EWSGT!6yJFY5Gu1W=)Ly0DD%y8Y2@<!BOCU@AuiiTxhf=dZ=
zxzBimrTU8&t4XQ9B*6la4!=q{z@VCAgK2OGuNfc+k;y8gX*f@_rJVL`WNZ(o)IP{b
z5n)k9OTWWB3W9xnONl6t{C*PB(AT%9zzN8D38ac^8lv$4yymBS{q<Fp!dQXt>NEOT
zs3e49?z1h1`fzoRG|g?cGMQ58;OaFG>oy2K@tfmdG+aZ_zkuDvnCkIRNe75^w7Q18
zC!qipYEO#f@(R0%JQ|%UENLcDTG@<QXnH!s0y+DOMvQh<O2ZjT{q}r&I<7g{YM)lC
z6Ei0&tnZY>E`yacFl}=W@KsjEW$-}F^6NOHShG5N6%liMaeL(1n>z_MH#tgN9ll?4
z@<443LhL?$FmEH!+9rXsb0>ZJUxycKO_+6zd-<HYC~^<k7<5uKv9Je-)`1;?VFM#@
z$!Ik5_-537sQPU&rDPXE5tQO|1K?pdEWmcXs7^<{P|I9$3QGV?ufbJ_9i&mJJ-Z!~
z5r}}n4aO}(os{%Io!z>^mbs<o>J0F>A^Rq>MSna<hxb1&njq6!nSkaN!N9hc$Vc9`
zeNMSe_RPMX&QC$n-WWJ#0{M>^#8>5XZcBr`jN*Dn3&LDqW#`n_*9doXo3v3&!~E<r
z)36hz-umY(`B4@IXyrOqse+|8QhP8y%!H{G>3g@xH57}&@JWw?R;<BYRf@P1+TAy8
zE2xDrrM^Jr!FD!4(K}9YUmBmV_A%5|POP=fg87o(F2IN8Ds1*z0~8KGVFRw^lJqG7
ztz^IeEzb>0mW8fa>zXeUHv%v9#28al$*~#aJ12k7<MLJQi!n@q-wLX3P-5%pp&aAz
z$n+b!l<V-3ev0FkD~<6|Y{YW<?Z=5*N5UB?iK#!gaw$OOcu%10<0TqGg>UV;$ky<z
zGX<R&buYR5!6_df_%dq>6GkB!3<d@{=@>#8;BJi=3U{up_)mW)p@w&%op!;dTbK)#
zPlAG-<I7fU`po}g4whkUA&QVC6wS>@9<R(p#W1o_IG-GAJ{mwqMotGk8Ne?68anXj
z%t^D4F@FVjc6lU5qFUziu5HR4n!-aYX7sQsKbWW;=+%&1vZ9D~GU{yUy;eIx_L^vh
zWh)o}b|_;RrvYZ9Wm0|=!K9ROl3y-HO(|!`igETag{hyQu+Wfs2)&QdT$`->i^1;F
zO9oazvlg5I_Mn7<4|SLeMXk}z+jcVm33Ug@I;6w(mgF`S^Qg7OqJIZQ@56SU*Zq=d
z`N3OwQh4~`0~A$8qgaJ&w^RT}%bCP6s^q)W5=7@k4Buf}SgkpH`aNz7mQ~i=ThdAh
z9x-uaFE1J9A*%60e+&wNHCR`#zly4X7mPAGnxv?+SD5!^sY@-5UN_@0qDjc09s!03
zm`Bez^})viAdN&(a}nHxK^!IAqXgu^N2>T!v&zq1bc2?73d;=Tw+0Gi`SE{`Gz3nL
ziTj8{z=%LZ-`}V=EqCW5<)NErkPdt;UIjx$&`MH9-Le58e^=2~LErD;wNak#?4j6C
z&zsFGj8P3DgPx1_oJgtUj(|+pz=h0|-^0bCfoN`mhf0&DV@k~|-wfFQMyFl^B40PB
zc!s6V%L=mox1VQC_O?xt=*Kz>JVB}800E9a6du`%=<@M{I%s>(?z=PJhe*myW65H!
z8jgEN<E>R7Jan!$v|e-&iQ(?nv}gQ$ndr{|S(P#r{<KgiLl8)*%B>(WYhWp4OM!<c
z61$c;H&6*1K5S5H#!WkHxTBWl5N?FD;Eab?YpVH_byvXPFt7X+*#01@T?25o!QBOP
z?DxwzgTYmmv=BBGj$wWQgLw$(9&vu=<@#Ki64~b%m0^m^P)bD?y!0X3u-nV_PVgWt
zN!z{1d#wGe?6(z*4O?^I13cbuN>%+}4qQ=)*gWm=3=c(qD=?Fho!WrL6o)5dJcsr!
z^EZajVPiABB`*z2#CcCngV8#sM{024zFUFHt6!%c8Gsaofm`*C{?iieuwt$*n$J-D
z1$m>!H4TgFHQ^j)r75s~aSoX(#3GL9*4v3AnSXIzuIOn5&|S#o;TsiJU<S#-si!W=
z$ra5qszGavemreqxS;fWIc4cN*h8K<&Z4?5$`MDc+~P0f#9qDj+jp_xU8;CA9scBa
zmxitlrHCy8R7HmC0g`(hw*|>(+q58oVjh%G^kIaWO&mNy%a)+;<1GQrC=`Qu9JH$*
zl`Fr+O9N`PGR$YNIp4UYQTAmEtTn%s9>saV|IoqnySE;6I~wBp8zY^u4ADw9B)e(=
z_l)w=tSQPm%W2O}a5<KcfqedgOKdzUi7aR|cSxFGIi&`(1Q&L4t#+pJxP3j#QeH<Y
zD`(20OCwVPSRoZh3uWTtajq!INw$i(saW%ty)ZYq6m%|tm0DZA<SCd#>4ia;!Pn<f
z(YX_ESh82Nu2-B9l+m@Xnv>6_sU2M-Xk8@Q)DX&!_FLQQt6G|drpeR#O)oqSL)!gH
zZK-)<#?jr{By2nz6S`{55$ONvHM8au)hSy}IKzU95V6`K389M8=d|mP+`dW5^Yg4!
zY%QvM_avo1y=7*inqu3h+YvO~VIeZ2mZ_C9l?9F1!iu`blk1l=rIMz1mvNC$c^%{R
zjjD388YNI41%(JM&UAJDnCS<vj6x%_$}&|&zew5Hs!^55jDsbcM}adq)~2@$nMY%q
ziW7@8W4g?s#DP^hdr@Z2C`LMUYTFPK7?ooMRIhOzw)<o5L;OYA`NN_C0Fz(cZykjz
zQG-^CARjn4ry)y~-XP{V>Lc6}ww4_2y#1Jgh;`i?>%1Mn$G_}-;b&j<CA{p7cir1z
zUiGz)Z@BqbeLbSdiF4iiu;BXd*lo<uP0g2{%Y}v;UYyI`t)IaEf6C7)@r|S=J1;*0
zvsjnC-lK#H-Po7C?y>)!;amM7@V|xP&v}rhC~xZAFqT^XI00D#{1*zf8Th#hp-6mO
zDL?b6BU-N$iJd?~wch6lM83WIGp|gks@8@h^t*kvOr-lx?58?BUe+*Epq#y?-tleu
zv$j(Pjh}fY+V3>#=5Z6NnN5ai3{*vcHiD4CJcMJsVMv8HXh@-CB9mMND_)V6p&ubQ
z8}d##MN+{|Ibb-)RQ*Bz6dx6S&;N%_E*Fdg3v}?CA-#+ZUI$Ppx)gpN@Uk@V-K<`M
zusec~>;Dz8bE(d%fYFAD1jL{yD3;|GFwjEn{Rn_UGtgn1OjCo%^d$qkQ?N3j&lHN1
zVT$l0p$8XH1i60vs~jG`63H@^&Nt3}?aXn7l4T`yy*EA?)WFqUL^D~9baFPPRe;B<
z{LvlJPY9rj*{0d1fL1aFw%Z$j5B4_T3;)$iA+nF2;Z1k#J4uVRl{Ez9GT|ap^d)yo
zlhs~Hx&Ux>=FijC@1m_p21CG-PW6;eZ@dmUDso%K@Uji$6he<TtbnZK*rAh_PPLRG
z-iHxMr|1O0t)4&<OG5wUv<}q^54TJQpKLUSPK`x_j`VYhR7b)w1H1C~f6wz5jgCF2
z?LkVJr|KBi>WRcQqIH!JvPL6x3f{j)5S{S;hT!`+FkisHmsfG}zR2EUJFL?BwFD3_
zCs6&%tC(!TwjoAbL7x?}`YE5*d)Z&_z+g5IO|ztam<H2iG)5!r#+u1<n`Hls{*3;@
zr10<xts|0wb5%rq=v^vt#lql#PG|q<B(v{;_C8fFnVfOUd9J?j;xcN7XxE^<G(&w<
zL)wdu#ws|zi$k@{0GHyRWawHv$$PWBh(cJrO6bP@BeGuDu%*U;@9X7zehus%<!ekO
zf(ac}E+L?lCM@Fz=+IW5AE)8Q^T9N}ja_3w2rUwyyu9?M>S)NLkrr+|7CYrz&fG+1
zDj*fzA(}94li%C@JWjPxlh;qs!P#Q3cnWK2G*uN6E*Bq7!cEQ;l(wJ9D!o(?Gl~-8
z62FDh2}I*&fSFY10qGrf_v+ODLNKKA38%Y_2tsviwS-?Eo8(<x={9Za3CMFTf68~#
zEuWYuUn}>F*(7Z*@LQ5BzURavS=1)}+l)9^PE?XFlK4QlA5uW9XqXW@ar0*iTF0_%
z7Tc5H0m50#;^q<3><kuYMdk43F}v)9yuG>e;CFZe2BsFFTu`{~1z{$8%Wd<!oNvXG
zN^X(Br&<^^T=#@S_>Af%UMqR=UYL4t|BVGLA6A8TSaXq5P9ShhTrMI0k-+6hYIlE?
zVRUHCkDmF0f{^wP;y;9w+x{R}(BNXZ3NWhO0(@sT(%8GfU|U?I&LP|o8T|&AQhKnK
zj+3X=;ynk63j$-{@@o!9!-x_%{w#j)ckcxC^cf5*UzH?vUwZ@=Mx9lU{%w7mVb@9w
z6`dC}zmjC3#pZJ8s}JS~G3iQ|Mk$5PsK{S*oY|GMl_Q|`eZ40*8Cg@eiaY&5GavXN
z{dx~clxLcPp2bULAV$ZDW45XOjs{@XS+*s8=$hvb+Clf%;)*d=f6M;$yk=J4(+7ev
zX8vJG$0z6RT(l95mL?grvzpM7PZw)zFIJT4Kc9NtxJR_O?f->0d9*lDY5tW`PyKa6
zlN~P(k)EGR+G?YC3d*)nD>Xw>XBz5D-R_m}K~@FU!w=>gkyv0I_s$!oNFj3%em!zg
zQ$2BV=Z1nez_l?uahB(mHt{LB{DxcWyi7I4W739M7-!!2H0=h4Fg_rdy?MpEx2y6u
zSL0i%M73PUWA?8IB>J^qv#TWI<6r53@svsZb1{dnn;S1*IH5HZZkZpI;7MBGErH(I
zBq>F+c$xFh-bNyLGLZ4vZ@=@ND+wG<`5SUCMA@q^xG#_Ao0;P*``jYfwhdeOWiD@C
zy*N*DS0&^@<#I@3iVI%qi3l>ox4Zxo?qhejnM*C3HsRSRdBDDGFibdFnY0JUmQrDP
ze9AnH&M`|*3C~UsD22RAnF7gRiY_WeMXfjF_YwJ*-1lXwv0mx5-x3<{Z2&YN%uOc(
zCuE|{9)vn{W_s1OM>!5GuOKbQEqj~Ccxrn%m}|pereMu(?L?ytJ5_9a=|2i9#a5mX
zaQ?4ov~yz^NbV8v>$|ov$H$WACHHbB+pzA~!WpA2Z}pGQ5jfwT2DFOkWM+NA%8ne{
zF(s2x1j%{{7Acv<i8v4POCP61haLRm*-R!U*{xP5CE;zb{B`4C<z2aIu(gb(&81^i
zVpc6DwMeIK;b_1<Zb^nwE3*-A=b*yrBKeVO@6j=E{eaz4om-Z?yTC@3s5i8$pwf!P
zQ{0g*fG}nIOTMd>=hcuh(fMw4LX<^LimjLjr_Hl9DXE;Ai2ehUJdN+qhTTerpVK<<
z-%ZCcUgF+#;zr#?FuZhW>?0YmjVLIhSdde3375QhgmhKyOm(X^6vix`K<vIOoWy1n
zFmg>H+K|rjfb#OIbB-GC3p8wbI&n@F7BqP>atIrW`Gv|5DE8a9AYsU&LX^vMkSddj
zNII*+b;DF-{4^VU2R*25*H8k9{YPROaC__fqC-~cf@Svl{7HpileS_o3*L9*=i{`d
zvd&GQ4pOsl!6^m0v~F3+cXkC%jYm!pezhU0y?f;<@bYU1x-<KLVssUhUs7Ui-(6&d
z`?5&Q`{xo%MV%qk^HjFX_N#)TYwfzo)YDZ~oCU1+!9eUPjLQQ7s`<K!?AMWj@#O0~
zc|apxP6cV{A_Y+GcykL)WeNuV@Ikc`IJsDTLh>^>4oarDDwIp5T6u0;X3n$aN2Tv+
z2<(|1JO3tpg{5J3tXQXnDRh#%Kz|n=%C91!Ov~ss{o*WQHNI~I?5AIfwjtyrfcV`L
z0)tg&Q4)T?EFpFt-}im7eH<UrE`7beb|KaY`uzR#J~R^k2K{w$R8^<owngB5)+v6V
z;UV0J1(%!TWR0Mehh`zaioJ}DxnsF5T3=s~8UQUMfWx;1TpjIjIqL(CsduG{T5ct^
zk3Ol6s?!&f%I>$j^3OA;AUafT_AKBP?HG(z-1iCaf!O8R{N1;@aMS+;N%U^Kt!?oP
zae9O<26E-?MG=?3VVcvpk7tzTU~4rsi)^g&d$-lt@)ycl_$IIl{#oAjE0O+d|7qEA
z);kby>#!L@52R*zbR6ZnbI`?2BnTx~9E*dC0t3%p<%i3bZQX?VCVo2^_j^Wx1*>6{
zG;*$X;uRNjR>yk&OR3?6%?#$A!u$uf!gXIK1Dni(cf_ur{WOgT=jFRG#PMVk+`r$?
zZ+a>0a|I?&bqN(VjW$8;fZzQ@>DH}py_N&Wm?!p(GPzlDUWgr$->d9%G08+G-;5=A
zcPKE&X)tip&wI^qW^Th6Yza0ZGUTAi6!VRsclX{;FE5m=RJXe%MsfwKq(&bbeb#%4
zHx69p@ttlhS*VM=;c+QKBHSvNh6DB!Qojb0p-z0k(>TNYbgz1qVDqYC7#&szR=P|*
z+D9tXTspCPk^3``V942d3~rX;$!H`aH`k**Jgu#*Gxsz@B^SWYEo1eX?TW6oMR45=
zzZ@`b2qfd|pr{RNVODSlhN|yW6B@g0q(_ud+p<xFQ|v4)RaHu}8FUCi0bXU))@u}&
z#g)`#y~Ndh(vw3K>FSVShVg$TV);EF{fSVD;#JCX*ty7BcvwXB&JO%4ak)DKZVP1)
zdtHowA>uoi8Q+7SZ6VC2qqCPU0562o-K5bq%03$4Zl9T7(*MpNl1oRI6(K&TrqJw5
z1Sp`{E+Yhjxogw7j8|3+uZ_y&*p#eeiZKrowgl7)>zMDDsUfjH;G-3+;PqcPOpsCA
zJ5tI(=*&Am9xv@oZL6=)BQ+B}#38LtqT2VaB(wX)?fSo|cE3<Le*1nt4mGSE2ncTc
zw5j~|IsMG$5v<F}b3V2B^G`q9hh6b}%d9;L8Qkuh7PbD=gNfXoVZ-#&SYFYfgttAL
z9y=d{T$a_GmOem5<1lLWqn6tmQj=crp8SAZPl-d+qH_hk@g8``DXS05y{@4-X9H%*
z-@<)#hxBTzP(D7R_HAnFhW`R3LDc9Mt-;XYyEGOqj9Hb|pv>S1-5=ipr|Zfnm~M2(
z>BSOU%q6tcB|K8B^p9R=20bTQ5P9_{j)7c+pZ_xAYuJMG^6{lUa-xUJ&9816R0TJ}
z_MHaVRYWM+pXSxNIOAEi9W7b|{mPS3+`Gz7?$)~7OFxOGiu0DjrB&oouWnE_OAUeG
zueoQvo}I(;kv>+$TRLCHBO6uxc_ptr)>S#1(W~&Wr90N%Nn1p>(HEsXtDc#j+>(JC
zFDHcuk|Dj6&sG_e%Tt#owvzO9JDJW?BdH7BL4fH`Q7X}ur;yPMRRR&kXa{I`794s)
zW;}xFd^*f*!yKzi@oSlT>_y|TjbQutSU2{Z5UJ(r2WZk_r=7f$3UL=CXbf}C1;Q3Q
zyHhn)3K59X#&7~w$xAh)>9rClcVZe9XxbeP>lf}}G8%<5%5&X^K<HBA*G3<K80m{N
z)DSk)S6q>$G5E<Y=-=J^oXUVzl38K`;jb~TkSFZ&9gwWB^G(1VUmcbh_2Y-xm2%9b
zT>c@sl$`5lq-$`dZ*D#-xWIq4V8{cQ4Q6|3#Fwk=+eoZcw|hOCPOCu@LBa%;HDGP&
z=KOK8irF~d@TAblAZh!s+Q_Bq(u#vq05WA?ITyaI5_dWsl}7H><C+w<0x>?Zwq6fs
z@a0<jE}nS*nNYqdDvW{kNN$CZ#19{Qhm~vg*d&p@mb>{(iwalD3owkTVcl8bPxU+q
z>s{Y5U1tQd?;;uhv)_`IV25N<c+fzlho3LV@|P824X5_kORkbYnzM#_R@x{FS)$mI
z_z@A}aN<D9@iEsFOsgs_ED*zmqG9+~H$`BJZ}L7-mKx$|{2kBgaz!yP+%t~MJ;YgY
zU$>vn3_xEUc=m!_cG^tfH`_0x;x)Tm${`^7PQRNef_%dCe@t9LPOg2Ir4pN#m%mr9
zy^&_3r$f?&3De-~F5br_67nS=&jK#!#D4U;F=Magt`R7SRAwS&lQj9K|8cJ|SX3S-
ztkBJJQ`N(9C-;mamvcyU%}-;T4y?sul&V42O@tFs6-B#gJY{cTjvK7eDD4Y$%e`qu
zvKc^tY6Y0Ruh`gFYA!#A)@Hf(P~euC;Hi?flbfOLok3*XYCh)Fx%VT?Qc{fcd-HJX
zyN<_Q7X{>MEn9_yfiq`9C>sun!O}tT@d!6I{l!DW*EJz8q?7fkPcNVa>TE#%H3|$_
z(XOn)duB22T7KNxeuv@pb%(OU<VWeUo*O!y7MM;Rh#@9d7HLE<JYpnss+Rh6T<rea
zPRR_L=5eIi=e&I3D~{qUf`z8cOIoESIH6JIT&>He`AfG7^(qBb=y<6o%U#|`?%<K}
zZm%NqT6M0~1VjdRGzBHnYSq!AQ*D>ptMRfYvyio1aOpmrvzXSwCW;}=zCHVrD86U*
zI*N?^T-xL}{x&x2wex_*g4re-PF#wsm^+!5C~|hxfOU95uzT>LBH>8l@RLs$l4f+F
zsrU*@WI5<bXFRTMe^pfJaQ1_Nm@jGB9WFa|Q!2HE3g0zMK~xe`!Sz#X!_t1nfmXM6
zjm~`)Kl(TeNg#iwnETi)fNfW)j2P`PtJ>X*keYSV!F}1bgSUI<@{#ciq#b9?-k{qz
zZgz2*t+onGOFiRRG#Yyl{7YD67@CbYFF&f(;93hnn(%KCWh|M>B1CY)ITJ1c4jumY
zW@(r)IirrkRxOOQT=-yAjUY#gGOv;cG<zYpiWf<E`KEdu-;aV}9w13IQq0)XIimgd
zJkGdACFj)6I-+O@dr!Qk!iM%1E~g>ZYH5>QW#?sfJqrb&pc+kiRlhz}gC(d%YCxU+
zB49m&8qqe`0z3VfT5q-KxnRBc5>5E~BD>6`L&@e(YLAYYK<Kfnkc;%@*#Q|Yc~G*B
z>cCNIv5VH!-bF@o6GK!@5`Ty)q5cBcaj~wjQHW^`Z4#LpG(74`c6K)<D#D_;_^!L-
z%M0tHI&TyGU~B4<DdW0sXl-<d|1$_mw+xxD<a5xB+Ik6#<JDm`L#O(3C7@}5iBQ9a
zrs{@mlZU)-KSv-DiM9WjW_HuTMZLBXuhDnf)&6}SN7t%s1m9EHe$JrJK}NMR^xyA>
z1?+dDIk5%9s57@XDzW#C=4JhQIo25fRPN3u)wP$KI!|GBd9e|b?>)2^Rp*q8q$`go
zqeqGQ$A-nGq{1Q%aacLF?%Om4y*0!<tcKEW5|o@j`K3p{aZzw7?!SI=Wz(=+pOeq?
zNdH#xiIwD-V;uD~B`N9b0!oHt>`ukKuw)l+haRCE7KiAQbqeXTA+t>EsreigRAvvw
zqg)v1Rnt*34JUK5r=OiMD(yP1J+=`Pg`6(0$|B#=(zj!@tgVIm(51fg$uSjOLGhGn
zXj_tx;-oRo8SwW^J4&mc9;L)09`Z}{?WF>pPiB2UYf=RBKe)R4cY0rsk28Mp4<8Sz
zN)m?i_|q*U1xh7YKi~JimxtnlDG`MbUrpBqDEG_xn2!u8SQ7B>oI?dD!R5k?!-9k<
zL{}V9BI}CfwJ?ZVHHRdX5d6|lMX+ukpkY2jw$jYASwGaZczn&sTWz7+X*i8PTRmKC
zRlNI5pB>-;JaQSvugAyn{^b4P_;{o%Sd}Hx5_9c@PV~&pkQ-i&QM%C7J<;~!U)D~<
zIkl`!>J9_li1Iwp@8Bi*`~rXkD0V~#J8*uu8L9cTH%k)Gdcyw3fHDYD(TGBL1DFs3
znh3l%G*HWQnVu5W{D}E~srlV;TK-Mn9T&|s_BnSW=bT++%}mky*w@v^W<`Lp{<u)x
z!)t5CX89cs=3e3qFUs$UrXI_?V(5?s_>HsqFlSh%?R9fa=Q&)I^8FQVQF8LC4&b$E
zFA!b#vHsCqZw>-@oZup%(I+LYfQfegFq{O^f%oa@Yv#L{YF_hrXBPQ!jF!rKJn_fc
z)nIAhcFT`8EH@s*hCc`PUT{`NUZNt$tq@NZ_|~)bi2b>LT+Ygg#X5V9c7|wu?P}7P
zJ#tVZQ+k<IFpU=fQND&zocVsq;CsI;EiCNyb-j-H<Kurl2tbTwy#!9$css#H+=vf(
zz}&+#GyMT4{gp!wU6&rBAt!gYkqPU`UH7eZ_vl0bzUHY9hC2*Teg+@9eklEKzWuTV
z*;~$Or{Szb1jxRj^*O(=;(RWjs{<gr2|t~;E%29W=LSnMIn}Mv`!}%a4D02ZrU7dQ
z7x!8mg~Q=*KP%9mf^mmv`6A0ZnjnsCBk&m`p={A)4OxITb<_X|6lvvO9v6)4a&IeS
zVsM_-zHD-Fbmy6wC7xz)<8P@SDM$(pQ;n$aHKZ}{+FVw-qdTDMPP7w&#SiLGaEc?f
z(c4R$%>>J~QsHPO7qH_wRrk_8>Z^z(Yj&xbSdKsjES|VS6FRtcQHc#Yp(Jfzv9Dx_
zwK1d;Z<NEgbt|UOt72J1LEqmTG+#h^vMX*U*uj{8tl)dv>M_)`(_UQrr`YP>=Ucc{
zlCkIKUs;V^?*HfAc)JJlH4jBX7k-gQ#p{J$##=gj%LtR183N#y@Ol!31En=M0T9YX
zC9?3vb@pcUY2V_>t+eVD0z#FUwu5|qWl}`?pNxm)F|o~0xW6%dVOgY$7`Q4Lzv!Nb
z>)+8RD86WvN2F!4e$?X#7Cj{5yR2-*?HI$M+<MLbfcIM;RZBXHw~o7R7}`P9)_L-%
zZuuSd1b1GxZ(Z|Rsl=0P17Q8Dj>;(XMO$EXI(e-1c7i(>l~4=e$u+WJT_<{@&~jQk
zw~d(A^lj`<S`A2i1?_eO>TMjXQ{fvjK8NRb>Xcm5E(Ry&jF>-_?*Tj8oT=u;8=He3
z)+bJ#dcrB+s`+^?dOSu3hdFI-wZXvK%?C3R$m_9QF5vuUF|g1~{Mo&A<1M^zAprmv
z#Ftf=C+8uurX5}ve!unM#ud<qPXwSt=y2VdPbSvf|D&<DkWA(xl3k>C7%dZpA|+1u
zf&i$PNcLCtp<y2C|AOv0)DM^oiJQ>`vbl6!&p}Ad97gkESg=B{Xk`3Z(*6M{TPo<6
z5%`A5dPt?wV@1{Sb_DfA+q_U!QK!@{&fLyt)-H3KAElZ~m<sV6)4xol%!`O&;{Gwy
z19RZ@!zh-@N(1qy^Gr?LHRggcdko9REFOQQ;8b#;?gVI7;<|{N_N~!Hd<=*!)GlpK
zVCEFG!HvhtCug5^k4w?QH|Ftm4Y1<?70Nv7YRvvp=45ieu)kl-GqC!#!+i~0aP&3)
zgc+bpN%fpL8T>0@fn1713d3D(R#pXL<7h#%n=M84_a%0nzOa^xYu}1ceQxY(!7$JY
zQCJbW?l^6U<=fV9=Q>AQoe-jLwi%f?+niJ-TGj91J7vJ4t?hY97)%(0p-tu~YV#=F
zj3o3(R_uR>dRy9aptn^&%B2j#Kf@T$DR{;#(|MV=pw%QnmH8B)wHX-Acj)ED0P|83
zu)e@v`Tqx&-lHo_U0DUD#{7apBH=B>K1kS6w0iu1X!_r*CZG^Ffx)WPDr|+-cJgkH
zJzqG1?wt*uIu2b!IZ2tM%cwj8Jp4Qx%y(iLcZpkkYez}TxI~uvrns7a6Kku_tcq?B
z#1ki@Ht?A|=}^hI0OYl}<^%Qx4l4gQg8u0B|47hxhDDGZ^B_X%ZL3(37#HS0kbA+T
zFE8iMozZjap=M9CxP`5a*pt4r8lPNa{eRT`RZt{B!v<>Nu7f)aKDfKPySux)JA>Qc
zHn_XHySvlC0FAr*@_qmQD{)S2#9o|>bJI~(nN@YsRn=XYPrfN3+DCX07qoJn;Mx9R
z8cJ1Fw#_j#=`$x^UvhT#!Xav(hygh+j>DO=h$LmOq6=Zs!J|W8WaSU4n?tRqdYj6^
zm5G4PE0%VL^9o&?M@*`3n#EnKh7y@uHp>S)dXNPvrR6K*2$wPF*WAZr&J1Cf?SMcz
zm6E_KVZ$=)4j039#<`O{fP?2@kR)s%2maKTW(}?JaH=ysfaYP87)M;%!)fL%1jx+3
zV4A{<hI*k?O8XG2oj!Kef0}s2#{WW1VMY_s0(taojP+>Fud}K6uza6_emM$P^oQ|`
zgtOT~v{v2dxqP#P`v6Z8p%zo{UVEe^jW5{sPZ^Cnb}ZfNmk$xi;bvZwZWRG>j8JCB
z!=bD{_k`WCOjuDhhov{K<UIE-F~4r@{d}10ow;YFBb%B#T+eDWsP*Ukjb50p;^!Fp
z0|Hh;>30hvs=mt^1J0$L>e!kjGdWw+T?)E35%yn`$O&|m1I2}`|K;=g2?b=4>d&>a
zN4UX1GIqMU?TvXt-oUGQ4YZ1%bWE5P|2-g5o8}}o_l-{z(5q}4Yb`)dTT;cto$$UT
z3GPzwa}&c%a^H5bt6THUPmu@*9&n6^^bE0rXT?(!SM%*kDQ)uW!f#&D4-s}ZyFcrD
zu`9D%bI7sX+RC2K{EcbDE3iKWj~(jvc_%bwIIS-r(@1(!zZC2IKOyvDu91%aKM6h5
zwnB7LLRTHzAgQqBa+2#HGvl>obg~F!zC^=%5?x^>k$vQ_cA7BdlPVmd=geYZp}7yb
zm_Z6BNf|NuMb#Z}rpdSi{3E!E3hhzTwV&P3-|(ThpyupfFT|C$);xtF-`;dA#~UL~
zoxLH0V=l%_gIox#{qXv>-SvQLD-3}Kf_Zilf`jYYViI%q{Ej5GJmGp=O&r=M5KDHY
z=qaK<RGQJ1-z#v|inWX5f6V;<+tKgf7Vi16c8$urvvxi4enWY`?;5N7Dh<;y;T|6U
zOYYBZPJVpj`%h^0E@-0q6`SKU3@jZ1=t>f~nEWgTo%(g$t*Ua9&CWmyrWJ8AJQsHp
z!K;{yM`)z0ZO_78E0cCt*;MW36H){w2nN$i-s~La)OYa>N}@q_t~q)f@-5L#GCdy?
zgdN0n(pKA8BPo&%%#$^o5Ji*o1UozvPl-YHF}pY8nDm22fssv2QaNJqHvMdM9I@2c
zohxs>AN9bDr?}=fc@-$XQnVR}d$Nw|oCrBA_5Z*4{KN^<$01g~9%3X*WkW=1{!Ulc
zUmjL;78zmc&O@AYkQHQV^K%J~%^U1O$iy|&mNO{eoQP__DvC`D2Xb!mg>BEkEwLz{
z_|lejyzT^Du^%K)DUGEzD4pkg2Lz`ECp<`m7&>|^EzClZ5o!qgL8KL#wO2OH&BpCH
zD*Jc4klZNY+Pp(hT~4i(^W6+5R9x7ifwS0QhxXKu+`qp>SHD`vp8v6q3MVN`(TCg1
zqd|r>EYm9RY{WRk|IL^ovDwJww2HF!XD3*?FM<2ZZufr|GvAE$f3=wpL-}1_iEW6?
zQiV-C`O5}Rqp6=9&~RHtjrE8CR51}Sr)E|<{7wN2dvQXhn0VO0EVS0J854K$yTlq4
z0cJ_4wEo;mXa-`KkA~<bd=31Q3$46SpaS^v3iXYnJeLf?W?T)2oi7WPU(D|?7UKRN
zz<h9{dt59M!EcFotO9utkU@>nbKLo2s&*iXend%cg$fIyD27nFXj_US$+5IuWWg~B
zO$=Jto;(CGgIC6!Sc{NN_A;9fQ^(E2in>UEe|SxVl~}Eo=g7LWN9ZaM=@X<B`W6{!
zx|*10Zj^zYr`m?sjJ1o&Vr9JfpRuG@eF$4^MYv)8osA8v&p>1g`j)L6$5WzBiaE>r
z@_3XDNv|N`oc&Bp#+j0sD#i%Ra7pXzrJXq>`c&b={RI4}X!U|ky5;TcC0HFYZgYGm
z82Jk9l&l0P?JAl`W&crmbMUV3k-)oKZI`@NEjlJ;O9fAWcqn<Et0>ri7$EpcM-E?~
zj!M6Qp&GY_+)0=I8=<^Z&;IYb%jyt2EZ_|)oL^}g$-%nQ7Ln(60b6C&auSRYH$FGO
z({HR~V9<5TN;o>cQ9V710+k8YWE|@NJ5XkP|2O4^o?w-cZzlWrHC$*M9v1}ZR|m2~
z`Y|Xyj4C1^vCgwsHow)e@X#yakU0Bhcr%&?rjb@!a(YP#>e}OZAo$rb!Agu(#KN}F
zU_m1iE?J2LmeI_Fs|l%wQo-W7*WUs|eo;9x-R+;IOI+%MB}p<pvjr)3B8tyE{1cnP
zG!h64SXMc3OE^_C2}4d%egZ=XGIbpH&@<$ReyZ9Y>hjV=-4M%tQW{n3ldc{exxKC%
z4^|fZ<)>s=Sp=uw<Gn!7bEO25e=^v6Y_D!k!KV23WhK9XTO#k!fNOHxF&L3vXm7?!
zpztPQajSK7JNwqjuTXlC8S;?GaD!Fu-zS4Atp0DX-cg@%m-9P9kuO;W){!1fqo+O{
z`M|)B7o~0I2h5J_5V0`pAnZgRDQWVpbUz-+a@U7^aH71p{9ausq`E`Xc-{dJNxwen
zuFq8Xml54K_w7BPPJ00vXhd~qX(%KK-VhemAqqoY;phtM?iw$zb69so^`B1N$E(-W
z213@TqErbU3^2Id8CD++G#R{xqR$_JYl9zhYtD8d5HTtoWU%g3+UW%^#Yh)Awzh%N
zyXik2<dvMq(Fmzn95m1F@^We}c3J9-w!_5vToiYD(-qJe%kuo(2p@}^IsgWLXTi6v
z3e|}g3Co9xUNi0oX_g$c;*wp#F>W2kO45Rc<s7t$obP`>n7VA)VNt=#pMaW-+YPB9
zu99Y+!&sA#ztBlFC!3R?rebFQIvI#%y$U;x7yJh9{}u4x`u%?ww|eFNm$pCskBfhb
z|EBW}-y|M6Ywy3PK8xwU#{OgWdmDdVz#2%@x1aa;Uisc}2Ag!6Z$F+A@V%<{KZO4O
z`wVdwyt>mZkCD+e{M<)gN>agq^;K(N<q0?jQ-2jQvYZsB&O(ZjVrhrObd&z%(#h3r
zLR&J~;L>*#kk9DMo>#=7{ksVYw4#EYv7g9i<;*=_Ypqou8i7^b8vfQ5C{J8dX=RB$
z!d{i;TX(ZHC<8mf5o`UZU#b}|Y%7kn3g?^N2OV1wZ!MX=>ChQgv?F+v`&Uk<2KPh)
zV_1GRs_1uog|*HRZ?`hfrZ@L)Qbg;;==y_)T&mo;&1ALqEbn)&2u`TCdtU4^8jx2_
z8I83g>NHE4C_R;uei_|Ckh8C0#4^-@X?n>@T+W$CjHF6Ult#u$J_zP_UmkZ03HaAF
z=UAB*QmnJ6A}dGfhZU<N^mSH5r5D+Z#PO&|(>`d2)Bh_4>u6R$R-uQR|MTSJULfG*
z{rL#z{o3I_*;jR6&+i8Z&(Eb-`T;I{z0YB}zR!_rFR`DizxV%+4KpMP%FFk>PVrPj
zAJ^Ndzro2*I$2ckWbgYV7&*?+P`K?<J0A2+*KOhIHuS>xiq&IHKBr6YeuV6nN3O2-
ztCHGXMVF^$hV<wLguo5C{7QkULAUvx_?)8qOUH>2XfMRcmfA6EvOQK6`E_H1tKQ8n
z$7Q8&I!B3mIkprI64c_PD7Ig?J-kaAOr|Dv2+U@Yy7aLtxASec?lnCyGBO^!-$7w;
zO{kqkKM38b^-3v55inq4d;wX3`Pr-o34xOk(!vjb-_#avnm_uB(LIb~v=GD!?Y9Z}
zI0tw2BRUJ{I<9J!@PMmuvC>yN*6o{M3~p<vzo3(uh|!J$I|GvSkL|IM5XSKr`E2M9
zwq?W{6*C(Q5m<A}FzQ9F{4hw`rV}~66|l5Zh$@_Ec&z(a$fJzNlv(!aE?FeV{a$A0
zr^?qP!S4k1K5t-H2QdnK^EPTh{rQ8P^jKBlG2OsA0U%<e=ET$_`sjEac9$KqEc{A?
zq?c33hIZ~{{e87EK=;G@@!!KC-hH@CfmH5dFnM{ilhC^m9V5paV_SMqk}zaPA?=~Z
zz**{ivM2$}O;H4STi=`>Mc=fCaNHJF5N_#-mG-T$!rDe2-T?ODX0=b%8i*q2o7tO5
z<qsCe$v3s8N3YCOw#GiEXS-C<*Z6%9d4X&snLsWXm86zO%Iin|ME@hq_Y$d2@w--y
zv@eUXv_zqaL94$vpayU(&=+Ssf6&=4&j%Y7tY>}@5#7`nUo2oFA|&4>PtEa8V6FHs
zj%$vP3!S=AP`kdmAH)V8fjPHpQv>L4wExN8E8;LLVT!C}O$^QZ4)Yk$Ad<Xto^mKk
zW2cEbs~UvdKP6F0R^kVBH!9iDZP<29>Le+IZO^rTSO*F%m{t=<+b8W%k$lIx^ix{|
znKpt=HY2%?*SC?Be}*}!E{p5bU9D5=|E~GlJR7`LIOyJYTG>R0tPq77M;QJcuV9hg
zW3~<?IJz~<DZ`HC60nYRowP(U{sFb7;)d&3{=RwS`sM%KynWQ+*Mx|m*V<rg@h>Y$
zLm#P$)X?vHcFVoUBtan(<AyCk>09}W`~(s`_=%lLyaqSQ?=B_pSPmGA;L)+7k&@o(
zD4Y+453l}1ZtWY9l7s>JsmOhF2RK?Kc9<pzaBrog(4tUsA)GpK*j`3Xd_APIC&(u6
z!Hkad`3N^Ff=~As`hJM`h<Q(63|ABgED)k92x>Q1F)dU-?Hx7vq;i5HEps2mBtu`=
z>6<8GS{sBEd{l~x1$^`rs>7mjyAd$IfR_RITWW4~7hce<;FXl5v$0`2JqN3P=*i|j
zGoh}fP>Wz}i2~^r`&v0X6ypLNkyysoOTB~b+u*I1M}#(=e4AcG?<0GHaBY7ENv;S@
z{{TbdlPFiX(aj|ZQX6?P`TF}EbUDMb+%oVup0cRN1g#w>AEWSbTV!g)vON;!x3@pa
zLi$ST+h^GQM&=2X@SYgt?!R|Uos>*fS2-+4{k&UG8^UP*5ISKV!><T|k_nc|OeyDH
z$tuGR6sh?+uKW~bD&v3yiMN257^8z-QrV#IF9Rqx)=3}|D~4l{v7pihCe1tT%=d%c
z<b(0zr6N4US&06I+z_Ki`MZ?4+fQPnY;Ei#mnRw^ZBqf(<zXQgrPaC$fq%ECrIMT|
zoj|td#l+CA%m#e}a%a6SxOn0NE;1bG-U7O}@Ezl-jHZT%^4|N?3^xyAb85&x|IkH6
zahm8|C6?^(CfS0+2p93o0qjg(p2;)g{9}-P@79o{%`DD4Jw+~xRU}Tx$p9__jzZ)<
z_p*@wD))*yA6BU4U?&DgqyA(Qq@J^i+xUS4q>%9%$bj;My5UJ?UXm%d<JQ&~UiBgY
zD05ak)Sk9&OP2W{_ViTWrAhIwS@uUJ-2FicU!EXn?<m>6LZCHAdcIu(M{+Sm?uMSH
zqng{WAsySy9J1o`Vm{dH{4ByUyu@Mz%eL?`$}cDqYgNC}Fh!f7tXH`jp*;7bO^$y)
zP@W|~J~eLlw{~Jp3kCsejC2qri5n6T=%;xx|D{@OAuc5i8ReEAHT=QgNFJ-SJH-i_
zRaG|HS8x}g+*iQKXN++EV&dbcZHbhRV|)gch6R%6?O#~WU8<7_=oT7by>+A;)UuDS
zr&S-^Wh@ld8GSpb@-DwbscM8{c^Wib{6pfp#fD3RYlg~&9?P|b+KPzHv<R9ZDro<>
z<*~^!murAR=T}~Zmk*bO&jFzHoHPg?`Z=dBmAWHg43P0x@d|_N)u7?&yIf|QuD#om
zB(;;IBe2zfoNNO5l7Hm*h!H2iTtVayUxVAMh)X2k+6fZ1V<xB%h^7yk592B{XI77)
z&#}=gR&ni92uMhQWmBsnRtiM*Se6oJ7v~?%sAqE^+3qVKfa!gYexgooxcrs3>M3!E
z8)a1^HOYlTS(7Xp_!U8-oZ7|8q`HD&&#VRH4FjnrmaK_$LxQ{_Ao5dz!~2JhVgBbZ
ziA<UqG1wJVvN2@8gu4QETz$-5+V1F{-#nFGl_RrH74hQpZX6+hl5wvIbOkN!ke&>$
znqnD~2V;9b8FF=_YUrgQs%x7>hR?bBA!Hm|^I|$0F1G4=!D=|3D>L`G?_#W>g-t*_
z#75^$1oHzsLa${JI$eH#KT|;|4fdf>%X|QIz5{bSQ2L+73|`z14WDm78wL_qk{U&+
zKeR+$(5vOtf|`c23VLSWPpp#2EhepUN*Ocan2eS2BUPKlDrr5-8{F8K@^YTWw%J8x
z#WMI4dQ5~M$A+eB%BF6EbI&Lo*4*uef4sUHuGkeeBXB{szK?tc0}X4;_U5})Ml|9v
zxJGLrQP55PO0*H@my*1O4c!na0tWc^Z?Ogb(-qj3p?(36E>JqDZya}PB|X3CS3X=l
z8Rxca*pM<ckLd6Br+pqt#Bt3hzuxt{|6+E&w!&}d-c$Nb=>H4eJ9)mBF1{)J4(?yw
z;>G$)pD%=O5C2`3^FKb`gO7W~Pr_u|<3APuyURDC|4?!_{jZAO!TBzkecq4c_%5pX
z{}lEATeW*1$Dv4B+Gp}(SXGY6>U%UBgSP7A;nygj*L~E^<mKPBM!)i`c9L_2bjzQU
zjK_OdhGF*~eD$`mMP#$tm;9(vqH6hKU<jbnH8Dq>Us#V&p5;FU>&VFEJ(w7N$`D7K
z^<3>BWuuCq>{aUQK_e1xlt_f1z=AYBKYi<azU_^3)4*jLW6_<iuL^!@|LL9nc8FCD
z^b{BqZ-)0c_Sv6L#dT}V^33G}#~5uW<56(^*|)=N5DC*bXrh=?9i>!Cy0k3fWh<;&
zFH*zE3DSY^TSNXEJ5+kinVnQy+0O3}`BKy=0gJc47Q4y><k3SM{SOi!283*-(5Sfk
zdqZ2M<P}<OIt1miL56JfkJ&~#v{dJmt&&W$A%nS{LSg=6?>Uvk)^KQe%o4xty`@;N
zB*HYv^&;8fgtdgVaGCoMGCQD}$F^G_2?7Tr4l1ifU=b|IR`~LC64<Maqqp+iT^H%*
zV9F2;si3ml5e1;%%Y$*Zm|>SmM}@b15?>+OdimGvdBCL-MZYfAw{WSV-@gX1g~Crm
zK*Qa3=xVh6SAnD^u`=z%+uY@D;9QMk%P5!%>7E`v9eOZmzl6!<k;9RLOGvUHSZmpl
zk(Nz27A(?-5y~isA{AcnB1Ek|@La9E2Sg>tbr0^S5*2nM6%#HXGDsi~71siNi?#@O
z=F6x>^mur*3>Bwin?4nrO4rQf15-A6R^)*JR5J<!eq-&vL~nX&xN=IZZ%f(ilw|16
zct@o^r@!Q7?zo7Wjr?(2B5|veG9|x4eXThPMLbf*Y$#)H!VNH!XRp#MUUL^$x$=Xn
zE<5uMd0ji^<PfzgoUCr1n`0E9c78qAV4VcAws)sG94dEXIZP<0Zr58ZDL$x?+ehAm
zud)t)t7yr1v0}Yzr=4Kq*JiVyLfl(9tZ#jIZc7wpd2magHGg3?!EI9?h8r0^32I>z
z$zPr<P>d=lB){c7Zg|EbEsOR_UZR@J+H+4x_g(vnlLV)BQCH8W11ZOAd4W2ujx6I*
z{>nFygC)>Dg_5G!<n-gYOXJB<<MNrl^t4?rn!%fyNOFP<RJ@a=XeDb7SP~k`Dmhhv
zU>p|Y4D$%h5sb>lgv64G31m3oL*gjg5h4P1iKKc!?22a7;qoBW-{yL;F|?a8>{=i+
z6GD!PWoE~C$Bmgx;r1gUW{Lld?HwffnS&E0_(CiVr~a!3f%=Qk9UBe|QMQq3ozIth
z5Oc%ICLSy{xF3H$gXc33p$jB17uTbd!PMFySSC86kxy7#*VK;{me8fV*8#ZHy$IxZ
zC>~J{s`h`cL;%P3`m=|$neWPFD<Rp7mx&14`B%iVPWdS&uW<f6=pr4zhu1gxE#?oM
znNV5?IVL->>&2SqWeq0a+Ji9wS+=dtudXRb8sr+ub*eqAX&@S(c2jVSPY+FdLb`~h
z31tbGc^50x`zLsrZ3xQyA~h0Rgcj@I<@}}5Af#!)l3ntwGqdSmw^y<gm*zgI3D0QA
zrZ624=^NggB@3=3m*HqWk)lM#sIE^?@LhtV#iw67R@77gk-I)Tr*9ZJ(t5?*peby3
zu1Fv*sEP0sNNv3$PE^3Z;r*sv=@(FhDbTJZ@l#!~aIz2rO*>kMsbuo+yUh)`&O8qk
ztUhnyp`m+n>H*x5I534mcI!qtDjQbr(sCSBCQmKx#vraopc{hdMv(%GqH^O!W1{%J
z)nfit(=-tF#<o5yWSuB4(q7&i-K&@eSGs@rx1VH#^iAhz9x@ZN>a<dT80v&Mbq^4r
z(w)e*ZVONkCdH=g<ih#Pf6ACbR?F#~caPIH!(nmn<}+sfGsv>}gOeEg>t+c!_v!6H
z*JkjUGa-lra$R#V>n6mTmFl*vK*f}Rx7@AFez5i^Swx(XJe*C@>c>-j!0!B*9i2Q!
zekjaVerdrcR6x>_G=8XY%#N2Hr>p&i`<$<RS5~;X<uCG5R}Dxn^M*r|9q)IKnq7*q
zPIS1MOn%pU5IupIk)TL(c)QVPHUE9g(A#&Q%wF3vdxPFp&ez*hdia=JY6*kah|YzT
z7E|)cxdm7guRk<orwJ7e{Lz2e$R@=ow_149Vm+BLyQ;{hS|!)2+e)V?CAADEOhC>F
z@CHZe=udKc*{V6eiNVKUu8!2$f#=gx5lc=Eqz|=PV+5KQY+EGY;O?+{@%zjld5UW+
z+^t75oKHNgM)fSHHj1U_G5G<ut8)1VxpIv(JjX!kO($wJp=?dxVun@_5tGhmgnSTj
z0^IcgQdlA`Bq}j7%HvVRYEb%8L{?|y`}7n?c+{pZsWV#au0SDV5rRB1FzFIg^CHfn
zKDH*}{YZ7w9tv_a)~h3FODPTmHv~m;ayreZIt+1FV<I>$>(tL@iF4e4G@q`4VO&0g
zHLP@LQ@Yqb`*S9icM`E>W^umskgE-<)q)hVu2z@@SG@f}07<D7vrY-<51zO|*T=og
zBU!6Vtj-Ha1GtllhvSaQx!{a&WX+~rdJf=?E4+pxsnc*3nq95ZM3iiekk#&lJJ>bb
z(m#PZWLTQlP>#kJ>PgLjL-;fXwaDa@b=-3U$Ey)}nUW(+e=9?KEV;>WNSa^?Z1>A0
z$prLLGcV;@x>B=VCzAQ;U<~Gq4B@pO5?RPk@Mk7)w8+*>cqt+}f5cN&wLFm%6z$hH
z#H|mTh^1u&x@u!@s%YjzA~F_n$31!|&O^+L^Kj;s&DkSFQfYT>X*1}#I!!`TU20^s
zYi!!+t~aZLs_;M`OQTY36s<`JNFcs`6OR)!mtyy4P9`&OmpY;qmkOL$DOY9F)8sb%
zS)q9JDS%Gym>N_aTfF?@q7x(xc{K05q3_Gx^h}~p{&UpWpsU;;FtV&rW-g<Z89-Pr
zis`N(h{9=4$D~)tG`m>ZkOa=zBcpE0d!pJrjo+6`p8V@)5~DSP6NCGPc(0lZ=}H4Z
zu>tI-%ChrfhP<i}8at_l+=bmvHw!fOTH<<t$L)RS+|<~}B!&{RMYT47t8c;V7NGNU
zC|uZTy$`AiTZ`F<skRUJ3xV{PnUZrwby~E#Hc<60)I0-=aMUOXlYG`{ywQySJLDvm
z5sex~K}%n9I@GKxM|e{|YXt1}s_3{8CZ=Z*|5^bnJLS})jxwKguiZK5&Nv<G_TIyO
z@MGXsJ)EvdKvkZ8X#sac=%mVL#IuD*{qb^i9c&QLZ;lv2APR_HdBGbWH-vED$3Cri
zKd(AdU-yI@?8y-zG}DrR*-~S?jo{!u+4xD;=H5plztjDg5gIJtWiPhf=jgchV1Tf9
zuiaD?ZoU68Eyos$C4y64H|N}f2C>zud`bro-Dw!m6Bg+N4QR;QDQv_SXLsB~tD^^E
zHS6@~N2UKDGIH=sHd?9HzP~;*tC>9ewG|;^R*5f}uik|{p_5mG-mLe5TS(M7dgnnw
zagehF3~=CgWHUtI@OjZ@evr4e{Ma4t&lh8eJ^Wk|RZ4Z;PD0&coej?~IwJ>uKVu6=
z*VxL?bdoQ6atgtO^g=L{P@H;Bh|-pQ3%i{!6vEQFSP<~RaILQy47)*xik9|-lpBAF
zFYHOxon@!Uz_`Iex=Vo8#0<zI8tEf=F_nNSvs9<?Q3XMDVeQ?3id<)Cj{T7ytX3f9
zn^ofeBofKpL-}B!rs9bDD34ux@@@SHZ(eKS;rMV~rlUgyjl^L@`y11}_AeF9xi<-p
zQ)ItFpv~+oMCvHq)0;JRc1VaoY^OV!?JwBPF36`l<EC+4ZV&XDedz4a-Kcz=wS06r
zpMo|}hoc^~{wH~5$SlB@N^^XA%JNZ5Cdv8H$JAC`Tg*jq76Pw+(l~2da3XzKm3_pO
zr9J>acqv!gP3(3d!&PfGg0~b_IR#{Dnc@^_VCnn5<mQSixtF}#OBxJ^t<v-_{EJI>
zW;~EF+Kr{gS&alMDR<MvCpibS%Z1^F?UsEU%E9_h?2X_|GVl4cKBq|TXE_{L*}b^C
zt!z0P*`^!UZ;$X?DrwOi>s(-HG?Eeak8M1^0F3iVhqpC1T5yj-f3iRIQV-%%CQg-h
zr$qy+He45!O<qIY&txP`a|;2c^G4UQtOqx6wnMdsh)Z&@b}bj;8}JW4`Th(`t$(`}
zulyc``PShdOh#L=PM?H7OyC|?i9IB^{xNh^8^N*4on?BI^pC4a&|fv*+55UxhCNkC
zr2l@akt31WHsC3RCddM=2&sUF35|tFjxSh}1b!;-oB6<bG?92-t#7d`0ld)3(-c`L
z3Z;h;Hd-hny@C{rpOslZm*CgYihsO!WjEHd-wz_n)%y2p%nvS5BD0h@{H^HT?Z)bQ
z3ifzghX(*G7(D-U@AA3(`t<uScnak1ZnJa5vlWqwHmrsdrdAW0i#$Q3^Yw)Tn$w@|
zy9*Kh7L5Umcb<5!CBt0`5;%4uSN|#C9SH|mFkKZ}?b{x2V&3&&tZmM5<aSf-cs~}r
z>nHC--})%|GfZ5Gy#$~r0pJ`QY?YzT1w$`Zg6x|_hq!CO*K=rIvzbXA1VbZG%gQ7f
z1ARLwI>m<cn~JBiaJ&{@3>8|56+fwpK2a5~`?rvTZrRT3hMC2%m1X+l?U9haXNxBv
zD6!zFn*3#QI{llhQaROMZQ?yvbF2Z`sl_I|2m3ro)~3D|rrOL3(29%MxNR7W8xn^<
zp_rNZ*SfPQmiUS%R$%OQCD*y9uDh<OCAqg**&r5<hxF(^6?M)Y*nkDnkI--llCON>
zKuf^~3}wlz3M@)z*>ep`16n@ZkGHHMh$+xiJKzDjdCdmp<^i~!EM@S94RqjS1PF+g
ze<r*g+`5Uj`JJ%vQ})anY3xavWa<T8_Wg%hRyMX`>6*)9s+OL^vQLsIyYcwQz&iP&
zl%eT)ba<;#=T6xeyDuivxQ{H3_I79ESxOj9L-8E0;~BI0i(NSkVaLMo@_4??Hgqv)
z>&=vv41zd1#TKz}^nQ`$f~arx!c5l_X0aqmdGVBvU)ZERkUQBUzT+}}eUFKoz{2c-
zy345I8wVm}!W$`cT_xwWO<0!)F%A+c_QNt+Tq%v6{MJzZo*hE`Pzl?|W}Ft`rSFL`
zCDFljCnbeg6^;5e$ypLz-!F~|fnofvZ|Pm|k?X@z?C$4XVg&s^@Q=F4=fEp=#iPeE
zB_U=hzj3?3y|hMrMN5E`U97o%Sl~1R)hw;%dFB>4zi8g5E-t+Zv<XcVF=yi&N@_PW
zBBja?CIdCW;<GFhmiDBRiu2h0nDxedx%y&4@pBmBj80IXt6bCGT1(z`cF-p~G+EFm
z6P7C8`Wg94fW$06A;HJt`aN>Mo51MVzQC%$POHDXjzF!pz)|&IwYR6!=h@LO=Fd||
z81kw6YF+=~MiQ;_UTry!C@PPe5ya-V+SW_#M}*Y~<_ukW8&i*SP|iKLpf06b+A@7P
zm@GPr0~B%Y$%ETE<mOV;j}ko_<^sKykkCKpuL09C0&t|u2f%~4RLTt9T-SrMM#y|q
zC9@1MOEou8T%MKORr%Asr&xbFnrHxYVKLJ2RKFIdX*rY|oG4~Z&Pl$)7(=^w73S|U
zW(!!iu|=`b&}|Uqatf90f`^A2S86wS8uUrCx}xB`lq4m{2UK|$MG@9slXct&X%Lx9
z<c8Mdt*FUls+<YwRfi?wD~>?VxPWdZIhOVzm90tv5>zGv&75%|yJmFOMR4`smMd^Y
zuPDBVSTiFv?DyRQACz89KA&&vjW{pTsglYnCDgM^p;RN`XyD2jRL%!*9ZkHj^zc|e
z94|65GecTprLl-%$R~@<(_)ZF^jQ%(67y~t93?yG69~tN<+IwVdYj4J-TY|v*2?^i
zshmv39V^z6%Dk6ivm=`lbniDLe-HU-pQO;f%nHRU)xhU{gtz~Ckky8N0eSOLW|kZ&
z;osMoO|R+S$W4|dsu+PXz;iI%%d#JY+6;5672@{Iv$CZg1q~3s(w#!Lw#0S>6V`i<
zA;*0LfE^*Z!arjrZv`;{9$hA(&L>DuxkgmguKI<`G_XazyHlzJRG*~)^|x`2Z)ora
zoNTK8*7X$ff=4|4WS{*H?fze{A2QCFB{1vOs_$Yc`8Z0`Fm%sPl30`nsnM>&zj8lc
z=1+~JH6Bc-aP>jIbn)1#YjjNsh6DY=j|Ad*2_!QIBKB`U8lA#OMCiMYqpnP7^QISn
zf_(@Z-??Ib(9ocPk(XT3XJm1f=S$&T&+l3XOWs!CKy!f^`-@>!iD-$eRVh&-;10{9
zOfrJij7}g-!Tl<UuPJ|&5tmU9r@{A^!cb5&79*L)*!5gXhEf>W@?E7hMkjh(Xs#hG
z@9p$`Lm71vO6f>5^CdYBw^<&j9|m;+G5l%BWKB1P+2|r7)M;p;Kvc+mlUsbDrTx`t
zVFhsDLzSsaR+1eoeZ(r@wx{x`2${`2JujEviSfTvwb1+lPJN>dXyD8OlTH!M!eW<$
z<<StcLHtQ}{s#H+q7q}>&oVtBPbIE<Y^K*Gw?h8ZF^>&rSVoXk;4zugw8`$Xj7jEv
zLR_LF-q(rMINO`fclQV*l;v{rJ-dMKxkgM$)jj=Cx@Rd>$2?tRAn5Rpu7N>Y(9-;w
zFj}Tmy=ZsrykJKBW3cw!e2ninOm`_gMAzl^`yiyy)JJPutPukFlcex4$<PtbKRcPY
znK7TlYC4~P#$yGRxf@$=#*hD=8ZGL=g16snWD)gWP>?r`CkqC9GR@w~jWM#Cd_gf8
z7kQ9-Eb-wQOU^oeb~?rxr5jPC$<U_)R~uwS+?LHQoL4}+*DdfVkhLF=zHocbg9>S5
zvmbt1@9p53J&8$dKFs71mV5kSFlYFrGlx>5Fc2i++mv!iE#6Mc#+1i*8++#5Cst?y
zDdQb#H-S{eALXJGA1A5Z(z%%Dsq+vyxd=y;Cc&)pmHZW(gBXd{-U{3wy40Q{#6`g&
zJx!E!^0LwVn>{A$j*?Z#9gA8$zQz`hQ7;vfzK!pd+*DX{SajoQl@*iFCRMZ~_mj-w
z2ZP_AoCklfy7h2~xJB;->u{;*QgLZQkr2vG>l;&r+|Ti`#Z(MpYki*$)<-ldA3ek$
zOn;A8X)d@Tkv7k#<AN+4+<n(xFQ((ZuZ_gU!S!-_OR2$(;C)(gGXG7E)BRLdiw)cu
zOC?4n5uN<?>(0qmWIful${$4VX5+*?%VBVXB#6J+Ka#xCAtWC3aJs~G&>z1mDH3F~
z!_BWq>r5!-d}K$r%F;eeVBr$+weQ_4Su9~&I%51&S@d>tXPd+*ey>BKwSPL+3>K%~
zr3>I3a=b(;JRz4!zh-{a-)!-cYnJ)Bh@SEz4GM%Z0~+o$Rh3pxI4pW$I`0`>Z)G@D
z<327?6eu>rDgtRq0&VL^avDi7b*32l2}B)fS*Zkhs-FoxXPbJfvguWi@n6E}qj8pZ
zYj|Cbc`GddF1igdyp<OOW+rXsuNwxq&<nF0X~-k|K;qHFS}4(q+3wvFy^+mtCcD(^
z?rs=KX%Q#dYl&)D@OEzT9=VygZ{CGno)W`8W4rx1HEmX0JrI5vGibhC(wHY^>`+4B
z`Dnh;O;Gf3KHcQQa<S6Lu?SV#L8*{63y|IP_cv*xo{^Q2IF!~^>~^l0s#Hk;=;ob>
zDHNEmO)zEx#0Vr<N<6hNFUIMp(LphlkU^Z-Q^JJ{`33ym`&PUAI<PdK@QoPilD-!|
z&LLNJRi6&5?$+U}E{-_Fv;IM-tDokGtrVd?;ZIC3j)|RZvVn}7z*p;n(86|h91cGj
z3dH8_*wh^Jx`>=aGzd0BkuSHQxlOJh>$yYRyoaiPq*hBnmD#!s^t=qi?4Y`=LD!#$
zXcD&gzY$|zwdPVqK<ep}#K<+Y19r5s_3pF!ookC0+!`+SmAd*fG!p9}=p_gBS&v}s
zbc+RrgA3PCe>a}SrmmqHqWP5yB<mszO*CtJqm*3kImE*<K^oxorGLk_Y;`UX2$rXM
zAsJ5c%Xw0NnLa)%*SoAYKJwW-Rqf?A4>pdbZS2d~@%#9e^Yy6y=c(qCy24Qy0Fv4=
zng%E5s^IphI@%cSQvp6p8Os3K5~_e~cxp8G3O%4K9KG%UD{BQ&p|I<FB)gbw&HeLX
zzw1s~rBGT6NT#fVF8lIJ%T=H|G1io&jIf|Lok>&%m7Ww~FDp|?h>wGnl%o({SuE|%
z3<4QPNy0V4JJTu~c6y?dQRG<m2+vCa(=je=W(B+vPM*?UV5~L^Pn=L{-=C@sdm)}q
zm8rK5-qNHqKgx^8&C+DE%$Sk!fibFa^gG*_FK&$=;6bGLG>fL#8vkS`@aAc-WB7E_
z<8#{-{}lG0Z}XAU*yrvR(6!YX?sLb?>x0kKFpAn}_r3Yck<-|a1kVWatG0wsJxW7V
zV?ev-4KW1pL31kef|9kAeQN49Ec%)`&$|B;kob8B%%ZR2yuy4Q!3ONog=m)hO!Sir
z)MCQ-=ERCp&MyX2=#E;DbT=@xS=nl+tS%tYb7lmmh*n!>bZ7&gVyNU~<Q9}M!!Y){
z>JO(OK89Cr#!r4TSUJ;RMIUqJuGZSxtB<?3Q&3M@Dqcrvzh?WlnRehCie-T}*4iRf
ztwXuwPEjB{6HW0_<=Xs2#FLC6gMu|j3ByVZMybEm@T8#E^kN%vaP4_1@#rv$j^Iml
zTuHzFR}!0*#MM;Tg0ORag{=#Yv6A)@GYvCreC}-YJ;}r`8H%I`7fw!UdhwlvR}2n1
z`Zgfz*%rzz8y@3PaYLqsI)#x(mG1r<a<7hV%r@ndc(;PCukjm%%$>fj@-*N!d(>t;
zt&UPH=qdY#M?{bM<=-$7!uT@CK~e*WQ)H9o6}ndKoxzIO>H6>B6kZGA#TZ)bWi=e2
zm1+^$(PRq6cvO^G4s%D@R3-Am9TJ?VLhwtZ&7BU^2kX%7G;}H!&cp9K*VMyU#ww9!
z5%lyk5HOa40%I62iw!~A2p_*w-7og7L9G>RUncUDh6Z6l1y;J=fkn#)*CNgb7&}K9
z<pnUkK}RSr9L1QZ7z$cN{t7h3ABXq^{PR%^S3MCM@idDKn7L*=NeB18D@Dw3VRTU>
zMOsnQ0qg!ZAbS}UuqvmUb%#}1{6K)?(DVIo8fR}OC@2Q!7UH{@sLk;_(&R`UeQBd(
z)b>Jh=o=vL`zS;T2HoB+ZV&sd4xewMjjJ5=RE9)>xYlj0DEzh`kC?*WkAN{@&17dL
zxJj_h)egF8Ex4vp_fRNSx=p7uRN;xfb*gpd1dUF%F&RrhNz7V5lu=VJqCFc~N=6Gc
zg+sH-PK@BlFtJulR{qqQ6_;_;+9wtOnk>WQc`3!m<d1@pMl}IWa^*+W>FIRkB*!XU
zT(gCSkNfvW7R&2&W2Heul%OK~W*RDX_5#1O3lY@AECy6_{DQ5(8<pJm?W2_WpWA04
z^uM={8ASL|BLnHRl~YD{ANTwFALr2Sz779Juu6wIpCC7d+($4P-d?7SCI-?v2GY5^
z^GTR<J^y-@w*$_9fWxQRgWK;D1qRNmpN`FNiSN#Lnd0O$BB=GY^)1^F4Fp8`A^!Z>
zXGtJiCFjmD>L8wWrL&wtQ)a&VpjfA_3*!_Vz7L(k8FIxE8@X|9BX3@3)1}Q=z$QoM
z9<BlFpC&@ZKauD}5ctPjCa^6_klCv{<a96t_PDT8a9L7PJzXo$T#>OrnPboX`Ox{<
z|9WDKUs=RB&&br2sKOvMPW;m|&xvwOZF2$%k_M|`YCJo$5>e?@<}v6%m6C=&RpfmB
zrvqBeSU$n<UW}?(|3oNQox3!%*VQNFUxI(4sg5nxO#!b8x5kezSA&H{1rvkt?6KPA
z)a^0WZj+i!a|fGy6js!~GrI`w8w#vbCK=B%lN`#lbC6qtU9uPR6?)jFXP~o$98mv+
zUj8(P`w*k$yT_{kd^o{BWoXdzdxYNb!&;_S_MI@(Hd_un-=5|g;1ImXZ*9i6o>8K+
zovgrbgNQ@kny-R`9!4Q0I#3m<n7{HP`M8imE+#`IQzHfXj;E@L%M9?NldFg)k-JK@
zD`sxhw#n_76S+#E@linyBqMHvD~~T|{l+Am=I23*9!cb}fmNRw3M6nfDS6Ow&)bev
zmI0cKkuae(*ajDe@`Rb$&^eJTO;xeHG0s^C!;gVzr8fLR&#PVFnPB0b)%2kLI(#Xl
zEi#6rD^ER)Fza%@G8~bU2FmWRP!PAqSyPmmpCCOI#d)#cy~Ph+cSq(B#ekIou(=)e
z3|#RGoHN;wFb12}p=<8zGJf!YbjctYM&P0#s(G}Z7L`*lSsvFc`~2qe@!UHl-M*N}
znF^xUIa;Bne`J;otXJ4o33uQsC-0I$mBhfKLDqSg83^Vc6qNz?qnW5y3T<OBxXG`I
zM%iA-@*muvF0bQ^r>|70qGicdP=q3Ff?aB*qE<+fE2~$Criv_e=cqnoaeutHz6J!m
zXMOB_zcmYdUNoXC(cqX+M+DtEiqmKwpss>$hzvJok|fKj;ZTXOjkik9ikPZ^<b;Ws
zAt%lUCRju)Wgj&o#@Myu=vorj8iBn!2LCYfg1H)G&^E3e^Az6kWju;Ee;D5QbhW6>
z`KWd~O1~J;=TAFLWF}#A**U>!YcJkr76l&cdL_a;FP0?>Y{=W2AIKe<@O6V7kHia~
z67{=hl(?-m@I=7H=F>9VZ(LGwb#QUEaRK<jg6vvNPV)`6AuAW>x8W0PWd5XtEe00<
zVvZcm40m(2%?SC<wK>|-<z}UxT4n#*F7B`_x7rD2d%4A8RwJX%*yG%kng1asup@qm
z82Oi6#GI>1wYEQXp4H*DS%?(KwF-wh&Nvv;@7X$v!;V3QbI6~&h%?nsV+q?*LQyHT
z=e!9jpZ)O1kw{MkQpWre^4xjB@Muskqc&3iMqPC|=3PxNyl2+k3^R1DN>hoIb?{Yl
zBcIW4BND!LUfRt{!ZFi~Ii1Uv31lqET0MTyKa6JJu4_S%4%wRr#`zx6s<WA5CfR{q
z4^BLN?htpO(ahUSy>9VUXiTuM;uNGAoQQr*;em;<G>>IQxTG<+8VT=8iMlO8FfXr1
z*r%MtXsWI!8^EmN(EmVq-U_q~g&$TCw>-1to9g3@$-+SC4!<*lGEI&f25iYNZtgTR
zTXcdKu3y3l037;-78bt}nH1ert9E>tbV`(dy|bEUX)9s`d<YPgB2Ep>8(3TqT8swp
ze;$9{1jNP1$9>*jysWNbIed=93w(;HzR-Q1?av#mW%Y`=JNv#{{B7INvZudSO;yS6
zm-!BA!PQ)a`obI+_;jA>SmU(=N$V<ejgEY7`8j#e-EK&#_gjz0T^>@e!Rn*l%5Q#2
zsuzsk5f*=R^KY}kU6mepyUBi&R%m|pBCt5sPH1FKPLi?4=O}7yi%P7ez(l0PPe?_V
zhX!VB@=-p}Ez&yr=+8~)neFz{LVBLfYp&09i8gLf@R1nQ3Ipe+3gt%N*1OgApFSd)
zl8oagFuQ)R#3i*edn*=eF&4q$0$oGw1L4%>%mo(pnz6lT2KC?Oc&D`nH-CjzQIrdN
zk!>0Ega#a3tk$*c&-uodB_5c*+FsNByT01^dq^a>W|?a=e~MYV;=TvWh!y)p0;JW8
ze^TqwIM1$C|FjX8SuVVN|HUaG#8=r|0^aG}GmNZUV-K6mR~2^QMe%2of4E=n{rHRT
zEn@%UoT0Io;A`E!f4-GyR>1$`=5;?S9&7Y{b~NDA`9RdPcwKB9vupIT$IKvfr6>@1
zai`Tlt`Vpez1&kK$#TcwBJI<%4eDp4J28Z>+(gbT_WJ!==EzAM9Glq^E3xTY5HFKa
zAM{I<U~~WtX*e8BZ@y}=SE-|UeiHE`C&6pkBVKn}y6=<bYU7j$dkMzw^x0M2Lc9me
zmWqhDG`~8<So7<A1f^Qkf^##=2{$06-lHZ8h@t8GM!T<r3(@2N*O2i<JMQrK&@hqC
zT#8{x;6qw9gIV;$u7aL9hC)f4w0zR%M+N(xTi3sEF1&$wdDNBCz@+YSDYY2o?iV<1
zCq2&J@bP_NZnBGxWVIt6cG0h$?s;l|dwebiHzHOQ6u<}jjaCDgrdBI8mYY@QIT%Tj
zw;I^=v3^Bp8J=<nVPo1A$0{cL@!~q?k5LMP{s+f1>9lEBvfClZ9*@HU(CI|Sp8K)l
z^C2Wcwla6BPUrpnz??Qk5kURj{}UE%FTWp!CBj*SUiI5qiKn;+8aecgaCRpnJ;6gc
z>#O^vZ&~nH^!ns#Qn`n+$Qd*P5)z%aRn_bSZc5B8;#!6!mfIpP9-N)^<Iue;MFj0O
z?vlEmS*M54jc^pTrqN)D$GdxJfUf#o?BhhU0EYhU45K5=81)T9A9(c>bG5YSj%r6y
zCLMHxgR?q)1}b@ynx%R#nfP1X{D{JLVtj)@tP(V~@Yol(_#uIAy`6sOUvcl;#ewYi
zFQx+=r1`I;;9KSCvGQh4pPo(s!SJ5e?;arB<@3_0o%t!u?4n@Cr54_tiDAsv?1Z-z
z)v1wu9hSX*IvpZeZjK=bc79GY=-8r__W$$))&Ki{_5<<Th@@X!R!ql6FR<Ne6=}L}
z`~$e@@^&zAm@(7ATBAh+Ql`luLDVuc2B}ji$z@Dodw=cu#k73MTjnN`K9Y?8x*OfE
z`+L+)>h3XX&d`(2XCveCu+z7ka%ToB$!9Fb+)^}-+q1c7kz)w!aw`9aOjD?hNo&dZ
z)K`vP2Y$1)|35AEYAFZ^=t=p2=*$`%EL`v@u{!tj<|@fw`OAD4-C$I-o8uQ^i`|x|
z265e%aI^ZX58plP$>(B=_4}LAB|h`_N@9!o*J*!F&@;dPCy+!=x%^t7Mkg*fY`BfU
zHPVM;whBF03Bb|64(M$yHFEDsI9w%{TZ5!&M<{x<TX_Oe@xLf^G8$qO$Ga(LqScZ{
z!fHSm=Al8Hr=7vfRfz+XqAQ?t?#R}{*$pX?v|P*4LN$jbP$&F>(8|n60xLPCY(zzO
zC7FCmDUorfV^LR5gcwj~&mrcdr;7~t=vM`3hU9DDiCU>M$__gf)P)+}{3g9khzv^j
z(_@Z<IOf@Hk?(ZY_9Em)m&N@1Bb-uX`(-{UJCkUR1t%gJCws020wP-Dzwe|y2mo%S
zi#v-=tlG0$_nan?3k;cG(^ua)IBK1Y21!}7f6KEj-fqjeJ{@-f+6=i=GDom(zrn$l
zQMrX=T*Tq1brBnLKSH&&ySaS-Zrut_Jff)d4_zYKwR{#IKM_5g?E4WGN3vz)&2Al^
z0sVzJi(-L@xLm~kf4cI=Cl3E+DG3kN_<ejg|NKWY#O9|GJEFqXe=%2j7j~lfeL}5T
zyh^+U+-(YM=Pm659YjNB5){(qH_EHrV->h_?tK^N4~*_kji`V#G{(@8u?D)3wx~6$
zwMBF1gL8WAr!5pT8O2fP%sJ-gNK<gn9>UG^FZjCMs`od-q~wzGVAqPWHuR|zw;Qgc
zEt_W7x?`>;C?@1tVXqy@DbOmlc%wd1iHxkI6~A;tWx}aJ*neQrffK)(_h{$H4Z#7a
zz7L#8lfmMHV&sE9lG1P5TMeWIuh>8PhH62cz7E{%(mhS}yfrF}AsGUjoJQvS=O$SJ
z7zbRrj$X*S<OYAc#cB5Nd+(MpXz{$58dKUHl1fcyrl;@j%hM?&g15nMr3eTw<+}(<
z-o*J7-||fqO8@RZ!K(xD_jQ3=fYGP4-_%h?haXK{f8|S6SQuRWSuUbutZO-AplB1A
z-6G(p;qb=mU+QjG$%>5ajyP;m+N~i^C{)vH166i{rGydcR2v1cX*rZjBoDi9hZK>I
ze80`=`sNKB(puP*=fA|J4r9?-8@8Ul?CN8Jv_9j#-Pc3f9p%nI3m@~UrEo!*a}kmh
z4M2<26c%uz`QN<JU!h<Q4(vX19uL&?KUbO>Vk9ybsT0Mwo%uv|*-0i5L*d9Z$2kr*
zVPv-ThLIG?DC$+3Gt!xE(8U#|VrAY|FHb|(cwBT{a8;7?D9N`AS`XGA>4_mv|CFWu
zW-zD@q31q#SvyN@+;;!i%wl3^u896=<H(%5>&tk$KkbCQU?GBgx|3cvBbP6v?#ZVO
zzs7N@{ejshnr0KqSpU0jPfLs%t)y$^^a@?2glLZQ6kYW@I^iI@26j5x)#b?ePw&i>
zHFN|GmMQ&%bu?X;-IjSWok&5gLTf3XNl=rUSX2@@t=Uf}5LQ*>QkZjLuuZ%#(I%w0
z5gu3%;(w0Wk?7G%tc1Zps=)Q-Y#bEEF!V)bZ)Bfh&BzrC80$@ALCkDK9ERE03Att-
zDSmniShQWq!9YMN$28JeXXEMt4j1!2cQ|Q79=<a}KBh|`7klFY{OV1Wd8KHosSwLB
zMR){gtaaZZZ#Q>|L20|h4%8h7L;21PJL?f(=WfmpMhoU+P0bOkS7mDdb{$IHn{{Jp
zCWm#j-skCN>QGh%#srviEo6{J>OR-10m_cq9>QnvkaG^>{U{o99(kN$?9g7uZ^-n8
zJ<3Ma<giN~iu{~cy)h@8#{BA4*bh+@EFWt1#K=tn^OS4+lY}%mS+xitJd{Nm!dxT1
z?{G1j8_6FNiKMeDR3FdU(gR5fqVcejuLh!bhWF|`_Oi;)gWQNUi9&m#P9V(c*503$
z7BE~d@~5rdpf)<T{=aJ)`l&5!?t>p4CeZHpHnDzvca@q+V_j`97<k(wKK*I52PG!$
zGgOPsNLB%t?CG)YMPT||=SEFJ6s$T@#UW?)%@kR+sQNN1P4sVE2uN@(td=xN_&=D<
zM5|3xip}X1F(6G6FBV6{AzoRN+k;xHo+`=P(+)2X>KsrvS7fc{>{J!IGuJG$d4N+H
ztyGsp73@iIJe2NjLGpSOJp_o@%=qBCyN5?n_+4)B7ivJF@4%<s*0T>$(l0u!a<@8B
z`8jGBbtJ2wN!L*GN!?@t7)80n8SE02b9N!^C@!w_O4c_=SM3(3s2<rfS2H^!&|rN2
zl)Jj=_42XW&D$Y58U7-~k?ZS@Fo-4Bm!f1kBhGbQLt_P{&C%l|=d3?1_40SD*v!K|
zI<z$;v-|8f1G8}5w>}=`Bu#ir4>NuJ9=T0_x&wPidn`@6Ok#M1;ss|wuC0dQ*<vp1
z^EHoVYVG|EZkB52UW(V_K<G_rCdxvz54ud*zY_pX5vJ!kvii0}Ttc0UH;8b>UI?;K
z+(#kyddAN%bOwFG(VP=a)lS1lP@@j9mVv?fj!bhggIbS!*sRU!k&nZF-EzFweq?*m
zDL7m#%jp@UL*W6`QItUtVepw!>Q-*m86>iT;|tUH(-daXX!LX{nYANLG3a0+o0>+~
zr*fOC^oYLynkm=Cpf?q9g-8;WR=gH<QGyl(`RZ&o(-mVFTi&3y&ksHWf?W7+ISE5)
zSP-pmkz>G`C9Jc#fY83<PU%ID(E@Q&Be04<=U|j2^H3*u7RpSmg#0|dSqo8ElmsIm
zK+6S&Wl-zvJm#ONvi#0d(MjETjbfa1AZzC@&Ho1ge?Wl05-B==eSUS?eG%xAg?D1`
zcS2L^Rt(9`Y`&86mK-^-jV0HsYCcP3-oo9OD!x=F_KZ%=sD0#@fK-(ML34B)QVlHo
zhJhvZ$YD8cB+WdC7-`?_P8!G+Y}JEwmhEi_7hV|H3WpooM)7jv4@_}$RZ#PP(8R3X
zY{aC<*?iNyK~lqma@b0~XkUM;Sp?=XXN`aB(DX@cr|o#94a_$Hn#0(jK+lFqG!FSW
zBP%H&ICs7Vm>enKxWP>ZggU$smQ=Q;_o}9efv-83x<y8pGjfIGwM`)mZIl%{_}Yz!
z)Kvs71qGxmWvOcHNbrSOP(27lI5l%!kUnHf_gu*IP_=DCV7pk+JJ!VA)v|GWivxWk
zX+46F9T1Z(l9f4@&@&}D|6oSeJ~BznqM9ufQcU|_Jf0D9)+k{BB@#DebLGkk<}Bcq
zcTC^Q@)nn)ZTL5eU0Ds@t#BQg+8;N9Sb$&7zG61taqwP0U0|wyg>Mt*wCk@6Tgbwm
zygv6yOoUzY?8g5G(yn%q0iMX@8;Zha<sDDhX_ClF=m-GZtF0IMSW355&xo!0xOKi-
z(Y5`+romWX_}sY^T+4E2jG9B`@XWQe>AMSAy2;qy2SI8C&n!4ivSP_Ck@up}L-(1y
z`%GT%a_lpC;n`>MdY^qJFWG1Ejve1VlXsuV`)HZGT~RAi!aC@RP`y}yHc2fgU11``
z4cNN+2XZs9e=cOY`6o{nk8NMdIcqg784*>MO*UoI4zMc(iwn%5?A?{?jkK{2bWJ<d
zHT0Fkz5`)1#-PfM0!&GQI<YN3Qb?iroM&9ug>XUT(%^@^<7wYTgLmmYS^mt6f~Ed>
zBO;|~-YQcuThlz7Eq}i0>G_s9>R)G4K!TJ}ejuTywx7%y)U~{8d~%}Sj+@iJ%aYt-
zdD&X??Be*evgTYFm69bg&zVSjwN9&-;F)OX;uYj#+B%&#gbSq^?ekmjrTM)yznA9Q
z&t97MK6`1N?4|j!<J(K~dujghr1=#c5Zw>2zB%0}c(xfMg~B|R=4#b6?S)a;EOKVW
zx0@Nc;yKSK2&j~3x<r{4jLF}ewhBA+^opNWSj52=Xxbd*jC^k;MYEUJbO{^4m*Ax9
z>60(uyI3#H%*jcrFF`;&JcM2k4{KQvB`aK!lrNd;JEjR0p!n2Y0jfwr%R2Q5U;pm%
zZBL$P$o>tL&W3jK&Hw-6&E?ton|IfzZ#$47SSL+OqkLJ&16Ps1XAV+mxm)!$TWhVa
z&yDJ9t-vUiP^jjW%6s8Dtux$92EXY$6I4?es?jDW2RHz;Ra8LXGOlZ8mQzvDEL#&$
zI%ecdm{F*His%^tevWayVx`l?pp7|&TvYCo)U~O4x`wK$wO_Oz>x^7W@>9jiHCbkI
z4kI-u@OnjsR7CNVCA9SDwziRZotxb%LATNjs!=i=HC(ua30=~x6_kBt=GDIlMst&*
zjyrZmTkRRX`SC}ZriKFl_~VUJ>vN{*6vW`3lf8RsJ*8zymxDelY*mLZ;PqRRmArR7
zG#D<slmbY(GMjoXE1|Ed`32Rh7{GxxQBn9BsgxOw(}ZouaG}y*2scK9SK#O`S;nY>
zq+G6SxRmQMkvSuk5G-Lz(Q-W_ueS&9V_8||oWh`?L-cKT;9R(Le*l&V=ezs;*dSoO
z<}oRyhi`1#@8P>wsQ2S_Yw8Pjuyg{!X01>&c$o_<;|!q=H6R95x4UL}kpZyUc|VpC
zZcA*%AbSu`@C)kXcMkKQe+7rN)tsfg$|C~+4zYDx*}Df-bzLx2Zt$95vw(2zg8ON5
zi^nhJB`CUUl#E(ctPc)c5n@I~Nd0imVw>Y|cvwU0*zvRyT12O?X`s_1+r_b=isvkc
z5ss|#w6SLcTSnqk6vcmLP}$1Ab;06hvE|Jo3!H5plzMnw*4|*#L1vUYFo6wlN|wzS
zFgmKe$u;Z@B%bk~8CD>~U@R3fH-IrE0r}7Ln!~o%hvd3dG7rg>6t+#EPkS@!!QH#;
zm3B=ulxQ9P9MBuLPNB<E%YhIf>9h=0<)F;q=xyOwz#h!vBAFV5rj08nc-FpijX5eC
z7%9gpM35`7bxrzjNu^jhT~<6Db3Z=0a(X)!)EiLpYjB(>2Im?-oWnT?P->2<tDegR
zx&3!Vp3h!9pTM=r<UOk`>uQ478h#1^NfOw@^FM%S-Cv9MYbIF9la1+kI_(zX-H|TW
z%RH^Q>JkSr-TKq6Y_>-th|M$np%sO0_7k-qFq~15PHAR@?2GSTg-xvB&H>G~L6@>A
zqY^gPm8CZnw(lr~uRY7>46BH@fYbmes;=Ps{i_M#Gd6Sof~J99!CH_p4YOV{P@3Qn
z)yX$7{B}TDT(38OG*bqY!s#Ea9E!k)HU|A><G0Ad0-eGbYR&A%)nmrxQ#aNU1hJ8j
zGBgYuLz+-qLmb?kv5F-qQ$`~Y;1qMg{6^D+jstz#>gnIVB1em+9^8azDM=>9@)*il
zp9*vtnmdVW>Xr71OFV#4xC)zQD4TeEIG@ji)StQIJTOrAqR~C?Bu{NoJ}O8h(4&*q
zIB9E=bEWBRAUu*7+E>=`$*`OX<87hZAxlXG1xUaRT7Ti<`&Z$!Zyk}CAp*c<q$t_c
zfdHBX<O*1+Zqeh=8LiiBQXlIT#ccW_g-+ojP+_lFT^Kwp9=ll^0$Be8eZw>I&ZyT}
zX3MNw0o|W2NboMz8e;8S&gt4taZzO$7+%{>Amv=?vPuGsf`B_{Udmf0NRm}bw~D<t
z_Surrbc(ok5Rq+>B0~a?qfI$Y;lzAfGY7XiW~J#uv(n7OEcu*y^Xdp@J)kA(uL3I8
z8cB76HY1yQBX|}_T#oT3k~*e2?AO?Ux2`SEE?N~Gqe5ckS}WBJP)mZloXCQA0Ba3R
zFgpwL2csF}oMH`K+@r9k2rb(#D!=R2|2u|zSO-x<D#PBaL5B%GDww9UwT_@$*aS5U
zYH)<<!U#S}Goin4czbw=$gr5uylm`YT)E|~1Rmk;LJ#za3Cm13pre)#8PZnU9<H6i
zFm7usdTZ|#?ZzpII|DjNc-nD?96p>FYH}{q;ijA7Z|l{@<$`d!3iL;8FxV?0IrP!O
z;Iy=GMelZ(F^hUBoh11?9MBX#H+>#L=Eo<(wTVxpgR|W@<mPmbp+G1Kj@_H)%_cLk
zEzw#_YsA#hcK(ul))7&xm?~(YRz~mu8bFSe{l&~~!tD0nVTZcSL%D$N`D{xfI_kX}
z$1(nVd}?_d4er$RkF|i|_?9xuSP2Vd)5>Eue${pwf!Q7doF<K@!6^@d-ADB3q$|XI
z6}?H3-7iLTies9QA6C`~aw^uih_71*rKQ<L^vSIjY1nV;xYc8I+{KdGfoK$bntm?X
z0=>JPUv2ds(P#br_9%gscDkO`sUUH4@4(c$sFD_1Jy$K8b=*nX7*XTQYOi9ejmL)H
ze&QJc0V^F3fZ1+7-59frGej`4#zzG7aGcwP{YCXlEcS9OV&n3*ztF`9j_kF2bH3%S
z^8K7OAR{F+-@(xjNfz$;3W&+tN@9A&%XC^$fFM{GOikJ&kL=Q!VB>}`iu(`%Oxj_G
zVZoef*?J%9a8B5<=*hW#eTvx)!B;fTHju?e!rUh}yP@!>=9$7SM>GrIS8NV)P|(L`
zOqk2&)1iO6%RGj7x|@z$Y6TP{s7GvzHOxs;$fC*|R&rfaK(An+6U=h2L;vELJ49H6
zjBI1|tOgHMq#0>2hub~%=NrOBjs#S{DBZllmF7_{B0hng)Y3!SB+zopI>Chxf!5Wl
zTxaF0DoGftO>K_4bP0Ck@w0(=Oc5nrxJH&WW-Gg;5@f)1E$Hy6BwgWg8|&XjSYlFt
zB@&GC<55S#&T~s(2it*#<>w1bfR0iniPiM$gE2w)s-7HwaE{Fk1B>W$PLtbv2(n3J
zUQlh57$zu7wFMt>c&MXN$lb%mrsUU}E;(wg&6Y$Mqf0nR)MfH_rcY?4Wll9uz+T1|
zM2Z+W1@|pSOT4*$&Pj-300=2ACKzr`B=6dm9($Ij`Dc`{iW|~D`<4_G5x|VkHF`xM
zN2X+q@Z6|NRA`d&g=K%LcDjxl?A8Vw&GUy9fOa;=0F96k^%5gm-^&K_2&-Mlg{3EI
zvLSRw_iBi>+2R(RotPVY&$7(?|6$Zt&HCnzVUY^LkE|gtB1RmaqqLMoVNLP*@#efC
zyrjItQb8`mBXYyQcZU$G7M}!J<K{5q1mKod72bM`Xoz3Z{;hU@1p}PfQ+Ely2`Qab
z{gP>VOukbaI4`xQ)uU}kbluj+trx>8+%s}?niZ?ocUzigOwTYxx!72b&X`}7QmGn&
z;c<t**IV~`>t1i|KL5yiYfG}(af-E6)HSlTCcEPmZ3VQ097{(LQi8U?mKH>T-rdvn
zOdyyP7fWXazjR;yx}-t0ruJj?L2$p?xIBC7?IiT*5hKVWlmn!#w-1%|ZJWO*2`hA@
zVV$&(&x~9#R57~KC8<oHTJum0M*A^zIAxmhOf@|3x}VENb{XbtV~yYhm$Sv&{wb|K
z?h=mnA=WRp1DxCOn{|UoXH1_1@oYgZ8GskycE9;hP+@fWuPDzdZ-{vNamS)@dO+5`
z>iE=0`PFJ7-O2gJniM6op?*-gyC~Tmm%Wv0Hy<1ATG=ETM7f?bvf|5?>n@=MO}NI;
zkg`A9e)Dk!c{SCQYQ#s7J-`Y7h)&vi#~)itgpo$I+>8eV)eUjJTO6p(eWFw)(k&7I
zPzJ68{KTX=00RL_?PqQyh+0UQE_TPJLL0(~+ZNd+ma*>(7JZE-vr9Yf)68Wi#gg<+
z{ODGUQJp6k2;pfz(Jp$jRg<T^@(uq|L<$S47}+avz=mc&JH19}kYw~h#wT82#AjP<
z1R8;GdM)vBM3<ylD@e$Z>8$5akL}YUnbzpU?c-r_q0O*wqj*BQTR^3-RJTs}b46Tf
zOogAGUdPG7WE4NgCz4&a#}jQU9}|s&PshDuC?fcHZrM8W=#H4p_NQ>LIV~dI$MlT2
zL5)ex-+DKk^V5A|Gl2Tv8g<M*!HkXWvs3=Y=F=4?-(pG*{&H?DSuV2(GofPDt_8R`
zD%}`?loRwuOFJEmrW1svn%3P;o7AC`VVQ@FzvPDCFtxu6|6F(B((d}^ZLo^f!*4@v
z>_Y|1el6NoD08kI#vJWbRMIXp4uZt-PRAN!7Ii{IgG|x3&w#P>o&&^j^r0p^cQvQX
z;!d3qZ~dnYHHhr-lcyOY8Y?f-;O5ggo;A!C!lnTZ7lJ7mJ>9DDQA)owXUB+eB^)Ii
ze=sb=jgz_K5aNPUjzElyJU{)oa=i$0kv#?gZ#JLZHLd|1x@f6;1FtTGOBdhg0DfHr
zPTl6Si&8g$W4HOl<Jyf<l{PW(25{~+pB)%<91h;*6N`&CYVsQxdLEp-aawX1Q*RV*
z-sZE@Vh`i$Z9dUBd!rVni^=E3-5YH_7{KWBS2^@|8G+gNIK$k+@Eg@_81F9@({HQS
zF*M)KZ<lj9-W;)uIVA)~y4iLBh;H+FV)M%&#^C1j5M^%k4vxhnj8@({$b|zKg^`^O
zAQ|>z7Djd*hiq757>=;WM<N|Y_Ba-Bc=LHGjpAV;<kqwFDx>J;9qW<Ye7~oPPQ>b5
zwR&kB_pUbSW4p`}^O=~0#t~N<`#zWH*cEJEtSgmv5UcJ&=pyZhdsnV5_xTmim|80h
zakw#E<_Lp`A<G-Je4%sn%02!<?r;>F7u^}Ox^3gEiZf#L<xWF5cOA2s#AH&Bn03@`
zA7<QB*bVQWBLRE84WbcZHniA_?_brBg#oA^Og*QH_d|}F=bo+|h#GaF3#ii8g+#mI
z=}j7fPXhsv5p&_#9l%sjCB-ouAoraOC7fnbEWrilKqEXo*XSA>N6DiQ539el;1>He
z77Xw7;>@ANI@$s}5r4;0qLLNMDbnd6MW~fTgctx6!8+09ij}5I7e$gtamPvx0TWBX
ze-1k4aRfEI1sD-D*tj9n7+5rBw&ry0ux2U|)wffZdN{|DYZqpg$ULtE*Xt8VYv%LH
zsGcV&yJOjj;>#&5lNHx2(N)P#Xu+p2K><qdEKg%1Fd`^HI9#*4uP#QDcEH-3O>)5p
zmv64FgPUr-yNIuek#mhXpxIcn^js`3>@`@=(;*BokwT3{%Z9j-5mhw@ca!t45G`lq
zRjA@SL2wTXDKj%l?kk$J>=jl0KnIVxtq|2aHQVyAjUC2D>1^&Bi&J&(%0$*eYh5_9
zWEs0dte(KaQBn8hqAdI@E6(`V0%r*`=Uw!uXl}Vd<63|*Xkn==fKO#4A){A>>WaI^
zC^$xBtdWb_w}aN8L5gX^yBre2(3GUaB8<?pjS|u&XLpRya?W*00oD=s6*%CKT8pV_
z8jb%DkYRdtXr-*qOR+**E>pf(4@+Hj7R^{l#MY4r%hQn>O%|c8|AMFM9JO#uW^dVA
zwJh7U>@ke2;DAJAxuk||K`#l_Y$;3g&m)z{!tNzV8prjP4D@_X*ET50i72XtW)9rC
zf$LEA3s7=uxa*N;0r&1vj=^xWR(GG804>8W1pldGO<ny!)za>B)>5Im=uu7JBB7aH
z$!fX6gxT1D+nm}oEJ7VW1pH}Wg_uf%Sz(QMMGHffOFkT04a#;$@}1S04n@gxTJmfS
zLX}9Z3mIoN7>3AGmKRck@&re=Q$DL*mFkrf!G~^wW9DN|7l-QY3(iXQJJ`{fgEnyC
zBTi!&j%%aFgwb-^lD30(N>;R_iDo5NnkNGxezj_2PY0??0EBBcc_quoG=?<4!rx%n
zZvfdgPEv@)$$AQmtWOaiE6OD>(qJ%T29L$VdI~J8UjYYeECyB^q+m!qiow6?W*!do
zIEa1Khio;_XBhV?3e{@h3!Nm@NJOi_L2n~94WL;K^tgqj^+-roV^ORCqblMUJQ{-4
z2pGfY4B)59{(bz+->1m>9h31pBA0iBF+47ZcVzzVnB3J7V~tC&7@3XxBx8+pfk$Kq
zMg-?aJMwmQ;*G$7dJ6ofC&7Lii~AJa@snUaJpta+Q(!%f$9d|YI1Th3jq$XN;4~z2
z4B$KUp*IaJMF`u;i`+DL6N0!-9@M6o$q!*VZ6G!cDH+3fPFrYAL*m2$mXk+98j`mH
zI8GjvrXjlG!ElO0Xd38z8^0+IooR@=v;cg@ATteZ8TR-Ts7z0R$n*qgOe2w)T5|uO
z9y*M|^q@`iBQR~_D@764A@rp&Fc0y_OLb!WC>`nXP?vT_T-xhddp&EfXT^>+636Ii
zFpNgv7mbD>kH;>Gk8qB{E$Si?Mf5s=S=56@6wzr2uc#M^D56gfR?(B9>-|I96(W&_
zo(N^=i4cZHq6@{+i)dt_1~({1&x}JA>S6{(No~I}qENgP6pJMEBq&0o5QNA)CaokI
zJ*a~V6wz@Ua!?l&D5Bd3p$0|gGCc)a(1VbI#wL`GK?sUP2Z}_;#wP+9$f5m2_c@FT
z)J6J<?)WhffkviGjY(aL#?9FwEhjGh>><cMk)z)o@h2ATXV-+dXk?S|s3xNkO+INf
zlLsT2JO!f9CyVAY3S%=C#b<xUe_Ln#v5<O3q4YTXofus+3ZbWky%QrD4x;n;ad#rR
z-$Lg3bZ>TS71b!5ogFZCh8=9<@pa-Q)$zDGV=;B=Wr!EZ0(d&H3DUc183PD8E##Xh
zfpiERXAAWvs@I1h<BU~eMj+zEqv4EOMgoqHu}C<h;S<Ip;KZWebP#Q#C+tPO*+#R8
z?(=a_Z$>ZdIJBE+q??g&P-F<@rUma1e=Pk7H=Eyz?$d*A(~npa-D@ARO)pwabdL{0
zwHb+MvjdvVIAoV`rhqsEn^EXBPh>V2g;=wz;xcM?#-h|%{F#VhL?YB|W6#7)aS)wm
z6L%)gITu2v>BXFh=(Zn~=0W1rV@uP!ho_Fiml=&M(?O1j^Y8r1xH6HKFBVT`2P~Ok
z<~9mP#-YRv^!XqRnNf>2@|eZp#zZ*9AB-9EXeo=}LyS&Z#405luHK|7A?Uzdj50?J
zf6zB67le}LVz~2WkIyBe>D17;f4=lZn&^sVwp+|kjCY+k$B02z+luyMn*4)iF;aAV
zHYgTPfDRC4${lCM9c9A(WX-n^GTnAA$M!Zla%<0KtP9en^`CC{r%RgLTJq)ME9%b<
z9a^KmUwr?{`b8nnB%|fh1#Gl#vFkgA;nlg^%!RmExzYT@Rg>Z!Q&!q7)K8VvbYg8a
zFhmSU!DN`Nbs0SSDNMZMa8@lp@nU?RF0z#ANnhVIlY+S~fSDAgG-Ow$SyG{C21m8M
zwym%lSl8iULU<2UBJ4e%Ad=fQHV0=gJPGqr`gR;bwu@3OjTQn6Z_|44WDWG|xT%{X
z>O?dnvTR2w=~W9kU~oyXuUSk0OC6pv&}lHV%LT8*NJ4{Zi5vc&A^ZjzLhG(}Bu`6a
zV`B`h9$1N#mDw8XjBxNC=YUCpXJ?EU*u3O8oD-&BxxbiEH=<bNy+<kfY|)<Uwy@1r
zR2|!rDgHA9dj*n=W^5bv{|_&r>6NCXX6a#gU84lV&T92$7&U`IF**XL*hU)@I+v9O
z6$n(-;%*25cZ`Q6qe@?ta?Y-KT&!4Us-3s%+yV3RJ%CZnV~YtxmW5rR7)u+fa4$(p
zHJh3bKDLq2%<Q@}gx(Bk=f&xE(OIF`nhf>27-`UUW@HQ_8X2L(*5m~HAh^#ziS^5w
zQgk_f(d>I}rB+o=#k6EJg}^-f*Qj;lA_cfGvD~;xW?x!s8M9m?%k@$fLNxWv9A85t
zG~#_t(9Tjr;YCfGn)aohkentfE-W8WnhIP(>$(C*=#t+>x|&b~g8>58mOGP&YHK-T
zYb$U-=9HyY<e)>44=g?*qt@2YaEGXl{T#&ch)3V@A^X&h-9qEB=P1m6uGdB6^)cu0
z4*b1$&Pp2YdKTIDh$V=1icRCP3{YT=GWJA!8itHL#fqvi##?Cbvt8mJeLL|e7U$Ak
z#lZu;LA{#S5FAuF&V>05{AbpvjYAjkvfW#wdXxFu#hpQoYcNRETIsNAoXEV$7)Hl+
z`nQ51_@^C(oUd)OA&s+v&XOfDx<rQ9-w(~7sB<SCP5peRAwJk3@JCIT+efKuXuhUP
zIM=1jnO?D~m5xGqZX^QCaZ6c|$u&!7<h2bz>=~)WPpIkEjl~DQnGuH`ZZ-!p_rYRe
zzK+Mh^jnk+>?VE3zfz1G9>RzY4*_(9(R7BjH0(I((gDmhX~k5Lf|j~JHC)&4es}q{
zCsRAHd3r^K?764i#G`9ywE=Z$Q}5j`F`lJ_Y%ppD-n+8k4{2=@U=);)w@>U>n7HGm
z6gd;RNhDG%@nCaep+;76i1N%Jwlt?}lB}p$GNSlW@C8q((AgR+rACBH?H=`aDWv8J
zb6^4`%NU?*x00ILU#y|n`@Y!IyBmW8Rq0}?Y<_h+9Vx7xHKv`@a_J$!-H5@?3vO2x
z(;)da-4R+YA)VDnc3d)kb68w9m^s_^+h7bVs8VpMr#uio+Si+fSAzAX<}z`mAixTY
z9&6~Gi@QLDHCZA%K!`$A_(75t?ql}01G;)*874$;;S@amnv0O}M3W;nTh7`q*fASo
zo*7kS?RZf;Xu{Jg*NSBez+wV!1pq|gi>1O%wD}N<*@+Yh&v*#U7AzVI$}<<miBKQT
z(2>dI(kJEy4I15}<%ZQzFT~U69=R+Kx))=L7|K%H&P=o8aLYC!uww@*DQUrGDObQR
z*VB?^lBQFry>LgfU}2=3i?>WH_39;g9%vTDNP+Q0PpMvJTN(l;^Z7Fc2*h>RoVlMt
z7H^huim)v8UB#n3ojMd!t<w2S$Y~~%+Xc^9D1$v>rbFU+FzG8&+VIKObE?=`?lm!N
zNEb*L%sZCT@<k2KL4^}4hnPR{2>|^*=7AMlmPPUwg!s2Ip;^Q{&K6*ip0p{e;wejL
z3Ad0z$Q8QLq$~`F@{uKTB^Cf#W6A#V^5Rup<U)bda77ikeHIIrXtQEBSu@-lU(X80
z*nib<MdngwjP{W>vm{ue<2qBXKr)Hh-mfn&UfI{)Ug2xCTw~+Zuisu78b))bSvkZ4
zVJ)m^(-3SIoW)Kr&Sn6+@shkk#mrkW2ks*nqffu$8Jmz-tkn3EA>7}xwfRRI_pRn@
zK4NuFi@LbX;o)>@)@+J{o$5?YKRY}muil;+Dxf^DKf_cxi7oD7<^$4_W){lZ2tnWl
z1%7wON-Wo4*E8grXu1kSTgDl;are*Z08UYND()R8t$^u}YU(N{+2b)}KcMB34OKaa
zH_=C>KXm4CZPPNev{??13M{k(SkGabX*=+j(E&e(rQdOOe`0}YrbZB-TI8@3fKoU?
z82tzv)b;z<??HC9T%b~HQDycX&RT`3CV*`cli^VD^v{o4fKL`EWQ|<yD~l0wzhaib
zvDVR+C5bDhZ%&X)D~L_I8zS$`6Adgg5a<5%(Y`DxnI1t!uHc0M67uN~35UFjqpnE?
zxR+*xoX2H&%vo(Lwmsdl^`7i(J^y56$KC~`IgvRl|MWB`qWgpzsWDPQyP$gI<i%H~
zAZ59nls;=~NFy9c!y*oy8BMIDi8Y2=QX+tKqnpH5L6C;tVlkqrkw%%&wq(>^pmfh(
zpxjgTp-%S#<zArN3zU1Z<A3%7<!^@O#0ZquD!GG5nKWV<S@4W)%a&oO%DM#~Q>f%Z
zv7{>5)h#c+2m52>yk2t!F>*MFj;IN=Xh4#TIXSmz@!fr)F}?efSm#@|z8c_W1DvdH
zUc*B1;Mn8%+#rv8BL21mZ;Pb1JJp!|Wcb-wUKYWrBG)aBLyhN7F#su%oGFeg4RfS0
zH;Up!yKo_N{)F?`JL~(Mt<8!4Ba8)?N&`^B<I%8z`I_VZ>3C?rxxT*m)jhO4(&c{U
zyzEU3oEdCUvV^68KmZVQwHMzfnQFSU_24N<WIpEt^A2b320Au!*97(<KDl5CQ;K?V
znYAQLsH$X}rm*)82IW@Bdy6;WdY22ktNyjcNb}nL?D69c9L;RhsXKh~V+W;$wj%^I
zz%4hM>gg1=`eq~E;RZUr*|=jjofr(m13Z03c2|dJhC(#_$32tFuP{|+co*Kfwy<;?
zyMWQF&8dJe!v3SdM3wh{Zb}aN;mxOJpo_epW>3lAl_!vF=oHH3TXx4{j^JC{^w*es
z%H~x+eV>9H<N4D)E&EqxiqUkttXR$ixni9KJI9s}TrWc27noIup<;m2s-VsrB$;tR
zF28#9`RAYi!KQo}=>-0g+BjfOw+I<{2R3$>ePG_3V8KGF$n<$?I(xDD;$L%z3^>qf
zCAbYB&DDgc3CSm9H6iJQ+)s!{1Rhv$<lPQ4DK=v0{q|e!fFWCo)1eb^-+XZ2X5=)3
zGTLsvdU|g{elV|HmZ{g(Qj{E`X!_S<Shor4HM{CG;q<dH`b>mO9@b+%RUPJ$^_Pfs
z8rEBO)LFv2J*2M;>ndSA#jm3b>L+7$lOFQnH_r@_5D4Y#mK`prUfI*>+ruuc>E>uG
zc;?F6Lr5LXq*y|23Ufex9ASH86Yp?0CAgi4Fa*ULZYHZ3LFuy9+$H)tM1SB-8~pH|
zXFep6d&*JVYRT`0era0j8F{lL&!6=d_iVvYJp1TSB#ze&qQvoi>*uuf^Q!f8-uhX!
zf3J@JeB2K_F}RdLNT}YDG^)nNYZp`OLM?`^YTX3~NCqLbjeTY5#3-4r{J;rT+HkoB
zUWLE^f<}a%4%Ai}UsEZ<z!F<aX|qyNpv$-#N|6<k0^jM>PTH+9(jdmg$Vy1NRXK|F
zPR4ld##A$^$2{m78m?lrRh?+C&w=ViJynSYyNs?{6rB=0?B^P+?-ONOj7h29r3%r&
z=*Cwa8mcxl7NKbnohcrfDH@gOlSE|N8I5Ul)u2|jl;GL_6siS9T%O_TK>IWK>z>J|
zDnDaS<xq8>t=c^yA!wkg&rr>t5cLmK^Z6BP^*jvmfDpCv<VkG+5`S~rcn%%{Y(T=`
z23I`i85$5N(R4WhlnhYwzd3E~o~LIVg2J7$Qsd@m8w3R-#a`1TW^5yrg3qV0fbaJJ
zEDXab_=d`tOz9BL!XT;w85V$gaVxgB*J4*}XsrX=?3vi>)&(4mVc~a5jbC_&W8vxZ
zDObIu2^Y&~WA1gkeJAe||6sHcXQ?&1k$;t_=psW{)oK%y!a_V$MIv)Vl>)2>uSbng
zGA|hg$m@H$x9i4CVQ<&n+jU#dSi5eAhD2I)yL7~B$F0dqM*#6GTG)Ww{p6(kPcv$t
z2=Ew2Tgy)(7RK?LuH3p65@AEqcN>hY^HB+(2Gbo;tNA975p{61E$o|id*7YI@CaGy
zqSE9_Q*Cbf71MYvEVg0i!!-l+8K*583oQyJQjBLp64L3$267^l)6|L&KI3TEv=fi*
z(i%Z)Unv14#GGzGda`9d5TM?#SPom9Vr+Zx=?kh?(UwREkG1Ie7DCpFT-1T~G*u^p
zwy+vw6GvghaAc1{)&Z;J@MRDyI7-FENtUvpOE{>}bKQKAq)f9i2ebc5-s9iFxgMNo
zVS8{0vM#U={QS-G*}6}7TJHynKG9NEBDG|$M#(?l81TCmLVi#X!>2Z2&zYv?jy#_|
zfA-+zAB8mphV%`)u@g(&-FWbbN=DQ7A`6BhcLPW8fWnK2_rqQE7yRnJ<eEh(<%Aq9
zXr`Ev5-L$sv*TGu3xOuX(;Ny-Rn`1KciTd_!l7-hc70?I!>7r<-E+;`Q$08!N7(XE
zky1*1{NU}i(|+@z2$uEiOdTK|4ZkRc)*v|Njr9qv!Ix}B@0d|t!G7R15ZHbtxx!h2
zd7*{(2LOU#HE4N-{^jWV)5{;<ou0o5p-o|t3Fc;AsX9HNHG>Yc;DDK=9&690y78M`
z0b1wg1EEQku4p!}2JAzURf^v|^!^VcXw_WN+v2G(wnBiOGIIq$2Cyg37Hv}@h|)4W
zRP7$Nm(VN5Y-zcLOwrkPUH1oyyw)^Xp~PjsWTYG6(LN{#>^*7;y%lhE$%~AUKi0Jz
zCm3h_r`G9&_P*_{>nZ-x{q(24<1!>0;a8)ix;Hiu9HGzMJYae@MqEoA^NhU7i$KL6
zMBhffN3*QciL$J|wXxPYGE}|R+^=`?%4|)Qu?e{VI??<FF5^4-<^xMA?Y&!r_bOm1
z=`7c`O^IlnU#CQLb3|S7XTN4F?Rt9F?Ut=oU6R)prUq0$zd61>JT89`tMdMbi$JJD
z;T=%AY`*I4)Yb76DGUyVwd*1eRjcksOGQ?v9;!=dT?Ku0s9Qy)-~3e3tjpT*SKfZ@
z%blXE=CymCr3o$3jbiZ`m9$|YhWdDWOsJ?yPjeEKttd!K&66slB{BDODNC<mZ8(Re
zKBiYJks^)L|E@RR+Jqc0SjlAyHjhwwh>eSKWZ_-ynUxDicj`+W<1f<P2o|()AGauZ
zePd_j%Ni1VLbyM&pk2Sqj?rElyG0EVSjdvyv6396(!AsClHKvd2owL8l@gAfU`vbv
zw%5$*|GH$La8X5`kt2A`Kh8X7DW{rc>thEoi-k#j2gH@~;6nfYi{K#&`DufYrCrMb
zcqBSx6P*+rN5QhvAkFM4h>kb0RcyQ^unv(-cd*Fc&H1CGWJ|bXczbrdVG*F`ee#o*
zh0Nq~eN`B(?3ENsmp}n_7MQR<qM$>J^T!@{7N9&sY}r0n@*eyK_|2fSQ^-^inoBDg
zAtJLI^)7NxM&~TM0*^%`mwDTMqprqhbXYE$(Zfh*<U*!_!&wW1NQ_`C)_o#N;5UiY
z!?kQoF+tuXs(j8$DB)z53UxYOl0=pzQ-#D5z4bn)GN;^|Z60M%+o%v8Z)@6k5sQIj
zT!D+PyB0w;sU3p4YyIzt0$g1<<;~4%eG(@UHFSFh>Y}$u(<dmkOdRZXO}T8)US`<S
zV818>nl7-{Uk|nAwvm8w)jASz<U*OpO2~$)54IkK9TFBYJ=2nr;%3CeAeKTgIQe$B
zdd1H(F(L1yJ`*t*D=k^|wPfm@)bN`}T{;}>$c3|#i;Y<}Y|YHuRz!(8toZcs^)o?a
zX;-LW?rN}pj(eO)DWsT!91xHmNYs&Sul)9q>JQqF4H~TR!FQn!ZjsT1K~5aN{hL)Z
zvOZ5p&dMeD6ccY+U-Lv2AS64LmWo*X$HKUo4i!ph4{Hz#Cua1(#6ThlM>&qJr5d@;
z+Z+`KgFGmwg}GV(QyZ85mlTwj1GnpxC@z*6>%3=;!|hL)-aESNkdc%M!Z0+?jB1nr
z8<j~aW-(e&EerN|aLd*Qldao%a3&5WwR5R++Z>+_b_?E)19<OXS8*cZghezNkAcx_
z&$oe4^{%I<^NN#Qw3Q$mhOL^=o}iu%VkhL{qXvvpJwzp0P1O~oMh_iqc-WZd1nf-8
z+p2I|T6-3`upv_QctNw10p0(Wt*5B>Vf$uRF=V2n6|`cSLX!8gloebzW@x=r0b-ZJ
z+pR-LXwPy+V6Q-gN~Ji|_)T|7T~lwL%|g{9vG$J{IVGaXpg1;G1Ob5@%^2opgef7R
zOLM<;cL9AjWq|2KkicOQ?aR6dUZM|Ix9mRZ_8gvL<BhPDlr2jJ(U`dNa1!zWADJ^!
z33kT}?Mb<r^Spu!0yglQ`xO)42}Lzm3-EpY=WF>+YG={D@r#3eEBUc7S|mhmr+i@@
zXk^axJ+mc^QHAsyKo(skw+<~qJhNK0bQE}*$vMqj1iGJUUT?LnM{fVw=(e2!_~$N=
z<?tn+XUyul=4AiOO6h9IH=S-Y4D_o=#+1UUF6Ugl#`ZJvmAN$^XkKJ&f+3loPk)wz
zktC~>4#ma0W7L!he2zQ}Rv2g!=t?wa-Mi)O(OOfeA}>x}oIHPNWMj1IQ)Mw+wpaW4
zjC}O=XlC-9e1!kMu>b#@d?X(UxgZy${eSa6@{vr<BHO8jR`dC!OT-hS^qQ+MXGGaE
z4jceK2|><@3>b{flwbUZdl$lUHIc&h@cam-a7^yO=9kl3v@4!M33W5rqtB<${f=ZQ
zy4~DyX=u2c>CyA!S!e2IiZ3Q{WZ4Cq*RzIEQ?Z6m`sslq1*c+tPuGJ4!LigOzhh*@
zmn$ejQ^O{KM-%Qbce#T2F+T<4dPdIl;h_SPD9ZCF$JIU(Yiczc4rlwBHJJOEzs-j7
z#ksbu(x1QB*(#maH#myqA2c_<<pZTXRLT()@BC6nIDS}lXm1}iLLv|}j*^x|7)7=Y
zrE2Cmfh<yInI&kN^><k^sulU`L6=_q^#FVgwWw{Q<E%u3;gQ}x-L)uKX*LlA4`HkM
z>`0Y6>$9;A?5B!mMq?*SaFdi<D-w1S;lb?!p-IuAFEetA2Va4Y$jl=sB?tD|yJwCj
z_-Xz<$bzmN$z{oGH<l1x7;XaIPorto$1hM!yS}o5XA>7I<4pK-8`47|fvbHl?2-qL
zso^!>H<h22Ey@VjRCTxMnY|#;aLD-v<NRThKGueoj@$&9>|X_#XpourFzpwU)+&TX
zYTN&76pwFsd6?n7v`jgYN#p;6@>p|Bdr#-T9yPN)2A{Pf5`HzICLVwg*!V1GwSc0y
zu7H3{h+y}?6$3yd#J6Y(73Ms&nd!vH4Nwr&W<UCgo-!Njl%vm&J||Q1?AV-gf!7E&
zu`QYy79GT3F#|P9f!PrS**?(yhVam-AWJbWHJsz$0eUcN(d@~YxR7br0oOrt2wl%P
zL(~YCk|Xy+QyKf%3-s_fJXy$;oh~3GetjV`p2Wr49K73luf?NR@}Ar?Ty{8m-uYjE
zH?%#76Z4PyYyqFDS)G+y9m^RK$rWrfLaG7Tdr79`8!2S@5~W`ADb=tt?=XT!6E2dh
zN?GdEvle4kMm#+Oh5zNQz1QY~EVJVs{^(!*JQ1wyHKT2_8{jb<O?%z28NiJ+%N7u*
z%?X%o+^1=V7=rd9xLWV6Lms-s=7gOI2+WiMk67rMEi$_F-jzWMhgsQcaKDee1nsv%
zR{%cYrvn&H6g=*|$2xR)TE`tvjw^PJUz=e5l4XeIS1iSbK^s{UuH8{3jm$<{5hIh%
zIrUp3x);PPM8whecllSb>oNCV8yL$@=iG0K!g!!x^qjl1^lfBJ<#p5E8HsEvD(n{8
zHfJygRA0TbH3BT5*34~XFs^FXIZv^=Q`VMJjRee7=FdfU4AfFV5KihK74k#V17S2-
zVel`0;7|UGW485RUM06oJO4%r<&p}h6Q5C$n2WL*|KTm1PVnQ{Ba8}DGYNH;GWcXG
zijV{7XTm~?9c@kYG*fb7$c^iG+ZYF*z@PnE4Ja#?DKh2?n74c~cHcJ`KNbG{*(9tp
zEQo!!*gRSX-OOJH4}RcR7-3b-$-|rItd17oqP03Aoj^)`^TCkDa8SS59gz_y4<`84
zpKbP2>#G4_v@@DB-DkPk^*(Rer{aw1+iF{vb3qgowfEEyQDx{pUjWjGWJ(+!*48V$
zj+?P<MjYzsh2EZzocK#L%Q7T9wOS79r<RTW&7tS6WzN4JJsq|?v%WQl3*a!@0DZ&n
zlj3)V5k?vK&=|U6SwTvcR$iQKt8f9gKW$qB5VOuwMsm>E$OD9k@n7-|)8-4HZ!YhQ
z-LY~_3aJ#34j}PVDZYdxodM4o)u=(j?3}W7V709Su;R!Ld45cLK+A|9wp$G;{^awM
z=O@p%6nt-|ZN>ir{%frA?*C_t9y>|E=WgfJxhau``=C$Z1=!I)KW^;$<nxmkC(n<}
zoL?N9*|#k7FQ(6rNdT*`)1#dkQyts<nQ%F$vP^9hu-!y&w`OJt`EU4o?)WW&-!wP&
zUIMuRmjc)1vs{+!GykEl`|;Y&eWve0gin7&&D5C#d;g|`>}a}8+Iw2<8qKWI`9R?E
z>ox{yB>>2^WSOL?!x8GH=YwOC=S;D(KeZ;Mn$D?W<mme9^_M-VnBl-kS?TwS_hrh;
zYo4<oxJaePaokh16YygUUy~Wec~*KV7gK=kKC%Cp%Sw2OhXQKkd`9=Pa;9fko#E>B
zmu8n??nczuxo@LTh$T}RlzOXmL-$k>(9@`DR$0@$@CzN5$k}fH^q;uqvvc|ZK<cNx
zt9d*l@4XyOE)eA0j?pFN^&{+bEoFlxt^V|%<nG1n^FPcy3E`h6xNqR<d9gTpaX92+
z1MWD8D-{@17<J<*5jP%!w&BBrjz-!jddeP8e7dO7Dwj+^l2D3D5xSDhge{)-RlyRw
zu{$SYJQg6w02s$mF!>+|$L;_eHjyV3XtNvm#-Pp<3%ao*;6@8n!!PlU0NdyQY6SG;
zXrPTQm_|U*4}xqAn?wWP8jl97F*u4LK#eB>(|9nD#xRJ+0D#65foD86aK_;FMF3{(
z2$m5v*X{_E5mKOb1jz_O`0N6Zfg9vMy1Rg53<F?1ObZHtUU&g7c2sR}`f>74l;~qS
z?AL^&rJhZJr!C&}_3H#4_w~AR!7nGgbhE9@E~V}+fl&s*Iv}yK-`HlRm?TWuS_@RH
z+bF8S8QOM{Yv{dtlToF4@?|EITQm1a%V*!4otX-9`ok4@&DCv<%N#cCZUB@}a$C(=
z#=yz|;z3T66<XzO_!j$6NEP;JxV0Gzk!cIhoY-^oJ9@7ePIqpmYyQl9mX4Ur#D%&x
zSI_(R&E>}S&ULil8N>8<xWUeD5P|3hE4`K#xu@u?1DY};*SvU1-nhb#Hqo*9Ot?=w
zGF26YEOqUX#$Cfq7ekh9!ajL}Hpzi}q679pe{nD&2Ok#7{7>kGI+&5OyawCmV!_H1
zPs^Oy7lM8AMOzSgl0y;vK4PXCF*%jw-bl#o&hS1ctXC^yt=%<jI@n_(bECKM7W58W
zl28HQs7x*JqK$&$JFH)E$F%i}j_?umZ<?p)fSxTJcKgI8ETD6ktGZFJ%lX=U-B94x
zA%qxs`=^tX-JPhEKA*r4@T3gDes$(a6*+i*P(zMq>q&dwb-Q4X3t83!0YBQa19Buw
z7*Rq6$r!z3PGdKOW{rt2$6nJbiHve0QISq$7kIuy_l85oC@UM(v5;lLtcMhv1Xo8f
ztu1<W+lcXt5_l2~?}xpgy^dce_Xen{g8x)8a`xI0_=1%Rs<>*Ba^)*li%(rDha)FG
zI?d_NQjj-aUfE$C|4NJYK<GEOLO}^Tkfum~u1aR)k|;r^ZoMhonBSAvR8y33Y?+F1
z5H&DFBfiW5c>`W)2`LYdClVn0%X68I5Gq<PIg<U28R0AZJ;_aP<ee1WI@I`FGMW-|
zb0_%Y4<*+uNR6UckU8Sv+UOe-axb{aw87F-vs0#l<wap;k;%EMJ@^>2`0ny-)Fi&U
zJacm}Kgz|{@L`ByLisquA1SCda_UzbGHS!hhXM8pp<6O;q;whV_05ObFCkYxbj@$M
z2qFt~Z?S0&?xRGrPHw{0iW)*n@+#B32n2}`cjV0hgA|v#@Fq<F(1(!M4C7kTmoC|U
z@C3qf?d|Lw%F?8kx)Q8Xlfoe%?(ql>lA?ai)`H_1*J~pm9M3uhdlW3ggQ?MIk*Ah;
zwyd4x$o%aDtf<E`pqYbm4;0Yb5SZMHUZLoL^2;zUb`&?*;JeGS2k~lup@KeM4fR|5
zcs2atij{XfVFL<-^}{_KyWagUrN7m~L~OZ~Q5?N_#qq<sM5Qa=(uSi7P8v^vHSdvA
zON*dyv&W%m##mHqLutm%&%NQMhXfIRO#&Aya!A7$xLII-6F0_PFLA<()gmrc)inL;
zs%tTQ#flaA>Z+EoTmHh39RY@|(7t-8NX8c|0NEK=i9v8J%Xq-JL-&T+-AlI@<h=D;
zN)nl6EE%*4$OSG$-DQvJW`q6I?DpS5d9!NT32wm2<(t#j=Wk|t`n#39pK3X+6q|A#
z;*1d}OOd!gG1x@K7$p2d@N98q6F6x0l6<GooDX&|=fadyhqafI+VViun%}A{!?o5W
zW0SU}DNr--sicU;aMGFTfJ`x{u0fBF%?8LXb127fn~?0Vz1Gb;-POM8{C-G#goCLi
zq+|fd*+Q1)Y?j@##B>6Sa8fB&&hXQp%Hj?&IvDIF3)VsHTiQ#u=v!I)>)P`hCO9a8
z(Mqo{)deiCRvhSEYQ(Dh_1E^vN_l@mW#RC7<l=DnjN&wdV0q)Q%FJW#YW$%$t)c2{
zn?;pQ)+=c$As(rO9S?J<)^Vn3&c!D~4Pt6_pvbbb{K!S>U-b=>CbaDekoI@h2~+!+
zL)lhNdXU0-p}Ril-n+HA{P|k_luhyL(;{uw|I=|Cca3sk0}*>Nqnz`^jWW#*4Hi3#
zarr)Y-^ec@{e6;pe-z(*z;edPc)QCX4P7oIq)S^^<3Ujjsg<)kKr#_6Y0fk&8>p&8
z3So=Oyf2uz(logZdPVl~!EatZc!0y#9UIKxwyB>@pcr1DU-LHp%6?l6E<C42oF&P%
z-jD_AUn52w2D28j08mr!5+DXbD7-4>?phi?&Pm&PsY|kQ^P4%>HNgqH1DQr3O<TJ_
z3X)hbBVg(+sGQnE7fOFMk4&_~8L06%pFMl_46*Y5?ce^5$dXW!vV`ZG4TBwH5C8i7
z`HcMc>G@j-e=M{jbE#MMtENGx;{YO>dH#P_@831KRNXg0Ypj>E6CxZQ=I_7wVn$x`
z5^`U;1qN{unJze3NKGgpuz{Eq)@@gqimL&k4HE+Ra-}UcgE_q!Pc)|BBI%R^_$9<e
z{ZU)$%!+|9;R(t3Eh7u{bt$W&0inil*kGSFhYttQoJGa-FBpe3XrJudC1|}N5n3RE
z24A_Lyd?i0dvDtvw{0y7_j7&)meaK)wVIKf^yM7ibK9lbPODqn(Xo{D-Y4yeArdo#
ziUY6!DS3Kw{`<4AHvob&BnXZq$8LxZZ9F13fem24zeI{V5F5(@p&yt*(q^m~%Wb-(
zAu}#Wxm5D+a0KFxWS6k$lof4-ZdX$xa22?UA4Uins%36pv3<gJo9PrB@+G14;GQ#X
z;<C-j*Lap{u>%=PoW%`jNUvd{)HUM>;=Unm!B)?+&!+5{-;`ERo@P~Tw+X^9&77Im
zSaviDb4}Ha(Ge|0o<n|#_J#YfqsA?Im)3L>=4}nm^<X|fu<g|q(G^wp&YRyKvMtPO
zT54><V1!s`b0VRJN|QB0Ev7z-b}V*=_G~_AXOQ&(Tke?H!P;`=ulMB2I68Q<?e$i$
zkQs*zHv#N}vSb{Oz?gB2VbAA_Xbs)~uWce{FMKFaIa&uvfe8@DaOB}IXB-dAmvQXL
zopGe{XdG#r8pn`_4@c{cIX53J-;z|Mj0=yn1dKo@&@vz*bMo2}WxQPUTFauY5O~UA
zc-^MyjnwCQh5)hlj{y}=0Na#TL83fF^6m0c3EjiBt||N5FNbq_khV3WI@Etu=8gw9
zbtLVyR})il=3a0~59DsetY18koDBEi1I@)j)N?`*7E+6ekSUhFM`=BiX`W_D(3~7T
z_X&3{faqLQOf6`}jzS9qD_3mIRHUA;3x;$#Z!0QtTg5YD3J3{%UomC&;`!w{$rZn4
zN|VDs#FEr)#gJalf0B6uzLXxQ439g~EP^Z7OdD5;OB_;By@h3N&Ksm-0x8_cT3Mf$
zYb^u4A+svh;~fXpM6sn&K~zxV6)Pv*J4|=K(CEhH(jSc+T@#8wW=C&%?qnNmedDWi
zmQ-77BDl)6mKl#0VlX4vHdL`dI%;+C^lr%1)IbR>5TnlbBwP!bvy1w=;CgjA+UVc)
zG6r9Hm3^pgDe>Nh4%@$GLUWKy40kcI6E`Bfgl!nY&-R6pkkeN%+kDyl=}j~LZ--Mn
zu~~f1z7b{k4#{Xy=<UiEj_k)}bORDpSl9Ru>WWK;5eVHtslvA(9PLEWLG^zr902H{
z@4nMi28hpAF?#`G$8K`AeDcng{iCRxR?ajia?&ba5M94xM2=zYAC5OBkMOLrZMHsw
z){WaU0=dSh?m)(77QtC?%@Qos{^ITu#zrUrc>sTmRA_+-%dCcqYCw<8o;C3b!(Cew
zj&4GN1k7_^u{M`?;*P5P?4mb+tSyo?&xb;(`<a;E=`~a?#~g-;!)w<&_G5a%x(sZU
zG^A|DlNCJ@onEe(`HtuTF1CkL4J~C+sFPD|a;kkAPPKD%s)eoaTlB^ioQhlN#`-N@
zG?Wg-+wHWkKoTF4WTd^c%`OJAy{lp!Z)rnDc|ZWxfCAI8=7T1M1nVuMb1?8gmU6(X
zhXaHiXf}k6PL6#OTH&&xK(Z`p#-eq%n&BC1f_XU|Q3P7(JMlE->HgZFu2A`!!he2c
z@YYjHt7~vgj4)R*EM~&gS`)cAZpGz2xqUjIySp)}DY-o`u`+k<v0L=co65~$X}SX^
zq{26&alpd0M$A6Ka?=dd1jMUF@-8MSA~^O_M{w-pMjVhoLK!3JdN=OFV{eIVyANBU
zManH47CyEGj1;IzB1l`zNC2DSJ`9|LDbAw=_hBGeBsphO+=qdDkwhkvB#@SrkpT9S
zb{_^z^TK)(cU_4INC@rQfM+ZYVa5G<Q<>LXHS0-CxvQ$>K0G*>&kr#0qfr>@YBBpa
z!bB#c-I|(l1#?uo0<o$wMTO4OwVUrKw<OMQ_y~+3_^wXTS9=OYjVR<R9@z!^B8kZ|
zk%OQ~!Pgv$2VenqrYlVj@yB^q)+sc@KD}mZsW!(RjCs8U*FMqTy}23C%c)k1iK^H<
zqRiznH<ZlYjP|B9?lLf+20bEtv9+YI5E8gD;aw(f$t_iSc*SJAn3eNeu4U43F&uI8
zb;4mK*rQ?uk!!z{o#T2YK^lhRi7~Nl+qP}nwr$(CZ9AFRwkI~fWM}sbwtqAZps%WW
zAKb}2@3piYPiV6RZB$C9g?0JYhS4@`?#9xmzF73JM`H6n`}O@_hN~>_9AB3>-$&@;
z{rn$;fTMJA@$m3H!22_PJ)PcnEI!~aw_=U`tsWn~-<bX<4f6Q>AE1#Is!d$_@Te$D
zl2v$_KUm8ZN&qM5rIQ{m`9Wk_`Xb(8c|2l0cvO3f*~0~jo7L}RShO4#1SEX}CNE>?
zJkO4tPQ^x7N^~Xcc$K9MQ}Kt0BEa#s$e*D<r~1=`u}*XL@;O2X>&_=4k()xvI(n}w
z1KNk?W~B9G%F-=ZD@pte=eUeu?qw4B@|Qj{mkErBG7Ff{L=L78w*W_Z+B>>#1(bX1
z#V#4DC!Enxu|2*d9mv4Xq#h<F`QI3<!=#HI#!O;6(yva-E{RmBpghZ|Ntyyi-9!bt
z_?A)(4j%d)UDr4P=a6Z1#ShSCi^3xad#yC^xq>HNi>ij1?{ytP*}YdE-FnH|8N&1-
zKIBj<`<VRw-0Dq)QN@Px_q1<55@a1O8MZQl2@2Q0rFDWE4b%ef?9hsI1HHGSve(o_
zw>n~j(NA0F&>Ekz6`^n<Tb+D6?d7X7Gij`I<2%{$N)sE(EtscPbj!50<IVm(GiyOf
z^MWiow@!8JAzeUp@-MmJZ-2BcY5J$wGHEx4lK+exu{dot#j2Z}cJH!x@pYQP#Hd{K
z(?Ot7tg<1HnS)moxQ4!a0WjE_)7no}zEu<KS-dnp0Zh^6A$YBeLao>Rvl?-cjDmZz
zsxZDXb@4hj2K)x+V%4jH$q)?qlxB#q;5I2b$g~!f>P;Zo;Ix)w)e_DMqRrTkR2-KE
zUgIR(O^!1MZLQAURjEnOP5KVS-`6z-n}+Skb*k~Klk7q8XIDl7xu=U=z6N+9Nih1(
zn7FcYFn`vL6_~~Jx`<=_J7cCMEy7f;2^cT9MWARv&=igc&AV%R>>1`cCyD)QxPG?%
zaZtbvI?F(0j+r3OIl4L43bE|D(+<&#qUlRC!b01!u&v$#0#-ZQdFm|#ae&D8U>^Rh
zU_mESs;u3{`-`GxyYpD=l70UQB>bmX95Vi3z0JcST$^1$K%Z_1OsLsR28h|po2)?v
znC89fm54=wS$Aw`;aZ3Hbc<PRZ>m7P@)OgK<n4+9pDV8`gS~E@e(5y2YR*&fMjTD*
zgE)KcyRo`wMfr%qIA78A`SPI<?b};XLtIu}uwP+eV?x<3<C1y+t$$>lc+ML^*ig8G
ze5Pdk>-c<rW!!OQcl(P9axuigsW?RrKJ%@C!t>A&GO&mnV)1Zx+<p(!Z1=o(Z}@}R
z!u!3>I^dY%Nu0wO?LmTe`TDoHqcio>XtK52dh8a8$z)V43s}~|KrN{8j8}s=t6kmF
z*$lPGx2Z4`qap_<{-J|Yn}8NHZZ;d3B+P))-8zzzD&Q7?DQ1`hGra8#`%Mv{y^a;7
zc&aDBn9o8!sM-^WuVNWLPajg_cM#tfjRzJf{M(DV(^}V5A^=Dl00ezSr*A)zbs4qW
zz}d+HB974<z)cB>a%Rq1DLQ&&D1IvY<0~LcQIbO+QO7)tB0Xv*hl9oSr3<#A218W}
zr_Zjhr3iaL^*A_c%<XDef9!_HUZWdTgA{7;&t|yM0}NHMzV1NCf~*l9XMnksRR!lJ
zf0_ytHm0!orZWRyQ#k-(7-jf#&lQ|obgVUrP39vPbO52wNSM&!0JM#X-UZEwon%5y
zl~yx(ptpoGJCWZD!C*4x&@G5AHgt+=Gu4VD(Nld{KZMRK`s(!c&zbU2lzyLp1Rup(
zZ6Qa^MMd(-`b^twQvpLj0~shOz50|DK;yZthjBjo=KwN_Le=>}jI2w8@i(@JsYOZH
z=;YU0f<{x$F{{K893!q11X;F8tP4AIvAXP-|7yq@2wj)SjA4B#@Px=HsxvrT11~>8
z7n(=I76pEr1a?-hNvd5DQ(`{mkVPrFbrZ1JuPp}1R4r=JcB6poiqaG5uuphezZiRX
z?7`kN&n#m5YIE&Jr)1YaO<t@ktv7+BenU8gs%y436H)tDc1HHa%jx!vK+2hY=jL+C
zzJw43A$GB@b*0~`I}9v;nKtlSR3FCsttETm*6#=fp?oX14Ym^s%#YD&fybeT^@_)3
za)iqd=dQy#iWINMm3dZ7E`td&UH`3G#uPKr=Oq5bk<?e&cFv?Tfoe?@86Ym2*ZkKQ
zEq~Gls!^XjalIeo)m6c|rGqYxnX4LON?;^_n$uy#UG`)iG1wl5@FswcWNZ*K>4SuW
zA@WHoq?>7qA0WMSF~ab0`1tqO_N0d^VF`LoVXP~m{H=!NgEsGW(R@t$X!o7*2eZJ|
zrCtOJC9=m?!G^-zs#?}Vt<2R7p>k$ZNkW`r;7$V&wIIQyy}hEba&>ctr{w5$hWK&X
z<zL{t9cN%UEu=_+i-zrE;%0^y`iA|(!f;oQPP-eZ&H7Scf2(nYe+Q`8*tqDm9#Z9}
zs;FYOEZ}@@kb}ZMk|OJ4;leU43sd0K0w9(-)ia;#KMKIsdyie&y1z84Wh7@^id+9Q
zoP{-a_>@%3Agl&7;qoZ0a`-qfxbx-M7^#c{h{`3i)po`0m`c>zi3^m}1+;n>Ofvwd
zrn(LM8TGixyY_`}zet6mGG`WFXR)c>yXOsCC>0XPHZ%+2%&>#_yE)oLJ`^MZO%U>B
zk+<iQRx7s&Fz9_dL>^S&v6qdV4w2A14}J}x4JH&`(ilgoPiDalqfNlUG@NTLQE4;E
zw#abZgg6vZYoW*{+j#?#NaU=hqd*r~lJH1$x1-HB6|9Q1R)~f%#`SE*M9yw0q6}0O
zE=Y}|pG#WQz*v&3;F2^<+a^TU=}c)Vq}XB()|+Ti9I?*W-BkQxRbeYY9apm*r)UiY
zN#o#<=q{RJb8e(H4~yor`A&0_Z8u#ervJ1$&Gu)NkO0+Ecao*f3j|M~2f5wcY%g~Z
zM6pyy5kW#syE5D0-k_}|%lotyfhdP*CmRslr1Ru4gcG5T-+<CLyn^&tM3wHzu`XU#
zJooQ*7$xYLV#&Ch6)Tg3>L>6A#`gk(nyD5gyk)7pDQWjAd`fTAg^`YZx=-UWIKaAJ
zv@vB{7T6XBa~MCZ+iNUh_`xq;2Q9mu`1`J8pvAv7%VODV1@BBc#iXjhWDc<Kenx~S
zvdavkAV|MPzMMjgBSn^3fX2yhb0OD9>|$P7Rb9tMI$#taZ{Au=OyOF0g8`n7JO%5R
z%I?rrK>8cuW9;4U{e6hs<b4HdDTKI*IL{Z5hiy%ikv!a7qyw%mXF`+5_MWrCrZ(hB
zF6dKNvTBdB&c_^~EmRdaNb9^fLN425?U_ur%jyT6<smTqqF0qZyE!&$u;8t4@F1qf
zrT|Q0Ej6|wFd3I77U;ISFr(A(2d&77FR=Zl+h4_{;KPHXMhi`cM;ukBvWC}8SJI?X
zwg;lezrZ#m;GMe!E1t**ui4pYQl~k`Vd0vf!DKzm=&YuwXC98e_wVW6q=5L{5Tga$
z+kyOU*9r6fn08s#$RfcTXUxbe0tt6b*LK|*%tM;#LmDLy5dB`diUr-MdJ1|a9-+Gm
zRypERh4naj%#)B;kX^gCEs{aBA7%y{LyO8)+7uTY0-Jwfox;$3>dK0`&xLkZmx3u|
zucBucTMXf7OO<Q)gcJlY9K!kGi}w%4Z}Mrj`;BW4Sp`DYlxL_n)rsn)WRJ*dFdGJI
zx!LW&fp{GD@WR!}uWSPX%r#l)$oPVwZEV2`!g}KAlo72!9;7ht{i45m1@E`Dxu2Sb
zDua$A`~)L2I=&+4`t_H8bh<1WR5-*!xD&2%{jhHY74(uN5@$&vAp)~vT?LD1J0dq}
zHjW&QFo?Yl*HHxm{Q_#&@t+hC7bb``f}@pAALD}g@Tf$%C%45O)M}5CHroks&ddtg
z=^XZy&Ag;Nfi*33Eb`)Y`QYmIE7ZlO_DxEb1Bf+AAkA5aELrHdAjPLN%_?X-rtQ|r
z-rwT2R&LH5{#a*~F&GQ!|6LwSC$#O&)zb~U(liXbQa26ssqyr?z6Sz_n~1~sgsv{y
zk6&9II&V^DEN0V1(h1<MsMAnz8;wdYF0EEO*-d6eb(u87yQ-07h;_R|7`Fh~|I;b+
zdQ|SszuToGsLc+R+VeE?+<DQ>UZQHT<7*$|DPHHP%9zf0WdE-e>@<>9YuL~d<n54A
zG_3a(kOiv!8^iY2gQU>jTjh5X$Qo(eQeZc)vsK8mAiE0@<`uc1yclnstI;AfdMkX5
z_d=R|=~@lJPetY?qUR-d8F>~-!CoU04&&T{m|Mw2ka4LW;*x$JJ?d~$gg0gTmcS;e
z4KV5?`JZCO7CQqY!KvLutRTa&jcoLbB7m>U0CV@PZZrnr1n373ECD#*=zzD|B-~bs
zHf)6KVk6)fS7Tbv`gs5c*s0^j+xx0KiR_sJR$RYdcpKY7BW+cd4re`l_+J$=CZk0%
zz5qY5-`q_gME`Yd5E8o$v%-tNyTOGp<x^C8-8lEQvp3d6d&|DDoMML%OH5w0@xNd0
z^hZyq?O?*$atvnj30rgU6W=7+;r(@;2ph&o);0kN_9R1Wwm367zWX(Mj+GN#gerQ6
zw=N);L~gFLD0`x^@ickoeFHANsx=saO%<P>H36-Q8xj6(lVEec98qXoU8~VlNWsp#
zCR0lYYJsLw+=yB1fda=n@6tDh@e?yOtc#>A-!1&qm`OO0;0Zd(h(G3U*LdEIlpTj*
z3fF22i^^GltOGFmxxW}imCgkxCvjG^>7WqCEI5h}9cE2tqGHIm;-j_}!?bVt5IaO_
zH10cdu9gA01MzPU=DTF<HczJ>+4LkrK2CJ`ETRQktYcG-2!C%7f9V=Wc^kFcHb@@1
z7GIg(i@po!)$-S#f^#qYTlC$q`2|@<DEV~Y9I}QXHO+NL4YI(Va%JQ{%%!APaYT@i
z{uQ1H*toRS1rFWR_bXLInF>UsaJ$hb_JgFf=*QJ9@R7hGeQdwGXn&KLh;~dwaf#<s
z28hpH92L0KgKqcym8+XNzndLVxfE2t29m(NTd394A`MimmM=l4EE<G$BYzMWYKOqr
zd`h#lc*UC8lv+~%(qeq@5e+pERWQb&b?bF5Qx$DS4f9qoq7WRc0+m(!-BY>|1)~p8
ze3M!L#RMt6BK@ZP^D<Fa{j2S|iZ@SoPpRicmVI?iI8>%UdHv;6R+v*70*G}Yq>z<@
z2b;eI;A=4XzL~AmsliZ+*t<5}hZs7AUV<hl#{3efGs&GK?KDoXJSIVm$X&0TH3(K6
z-qI{nCr!GxJsQ}}?0CD`B#L|evb1|pgl6WQO-7~9OOC24t%k`VvV3WcM!WUiaNR8C
zUdnT4OQ~JG-d|2aXpburff;~O7OIj7W8|XC&`6%O@orCRUn5#toOo*qph5!pzfWa9
z@frP^;r8wJBv(z`gBv9?NLVZcc0tjW3=-n1nzYn8>FPduhcp>DvL)%*Rt^R;Y7p?4
z6)~l2kDB@j2fB{vIo5E2HxNEcd}c+L1s^s84YN@{)#LmJYeh{P4QhgD(n6Y9b5&Fv
zG^vf2ed6$)ki{^o1NV+cCybr^7~h&k`<?7@%4Wk*xAi`gm9zLY;;g5S7T0T@NlUJT
z_MG&J=KoPpyPI9N(i--$a$gIZ)w7o_dbQ>YSV94<<KnJQ&PkPlRjEk|@>$7I7MbXE
zwAWSvyy-?D=rq@$jYAq8t2Irq8s1Wi7URzyd)b0%BG?O7L?qXdtQ-`E1b!i-K|Gy@
z0e*4WEbSQ-K09ZHT`0AQKi}X7X(-kDHcAqVy_j9NQHB?&`=OY4yVd%vxbXw7^WGIJ
zgaJ>k;={H&vOZ02r3*rD%FY1!?#^#xcQ$<i$<3BHj+YJE=rF(nv}Ryw(O%Yq@nD1d
zs*|#M&5ZBBYHG9syX%y06_H{qA|N}BBx@ncN)0aaX!AkyF|H8r0JqV9=;e#E5R_zC
zO`WuPPm@u;rGTd7A;K}&<?v|@9DJ}HE)I1H;_oL}t{-=?eIKVkBbw|fE;;0of4gGp
zzGY|}(HFjJMUWtpcRUWvrC&8pkLXkkE7=md&R&UY#-?YjZ|nEl7inWZnHAlR+Yq6!
zA-~4PvPi#qd$H*l)|trc^Neqo+O@sc_A0uLeQ4Rc<WrBWiR_IHlx=mn&iw<XC#6fR
z#?r0XC9|+OhoUthePdRa-|15_#eO2$v@NqK%8PJ**!g(URp}Pn0wL{@<5elCDr$xH
zMfg(xp@iXGaL4ThkA4Tok+HVHI=hn-!f2|EKIx1@;T@RY33q%#a?VcPc@7_M7-h+E
zaod_CtLMYhWRA`QD}4o3!*Oc;=Sg04_DJaiGO+sB1+o(b>NG`h5XyAwY!ixEu-0I}
z>`UPUo~Og3duIG^UHH5AfYPwj(rEP9W-9^O_oK&j=Z9ETQyOitDzjDlSr(pqLZoaL
z*IPqEiG{Nx9s}vMy=TrZ49Ms$<S<rb9!2jdl^(CDKf45xw35*HyG=h2f4&G<!|8Hc
zh)^OW)zDc^*@Z4|b9y{H?_W+Ho2%35^Ah<t>F*Rg@{*}HGNOs0<K<NvXqmsZ;}Ri}
zsj|=l6}0oAo#;GHusOy}`)d-0!i=yhR<(MMR~V(d-jE*8R@I3F2-j93;$*old_~yy
zc9?Y~@2*vKFK}J>So?{ku~<-GF0NTbsBC_jcUR1v{c?^V;myG35Uklx(-aHT+Fh0*
zyHZ%@^KcgGbK_)pjEtop63JD|T`J=?9!C$efLX8od+E^BwzH75w`mpn+9t}rB)NOI
z@5IG=cU}EC2Wo#5p}9_`<_4dsQ{TAv=MVa`6!pP5<v3uKK}PdeyI)3^QGT}QZR$=@
z{mnfs+{%v)^T}Z$Ou;HpFV+gm23z7{-C?4sCApsxxxIc~uLr=XZ}wKWC}To;Qk2Kp
zrCPMbdo&mKRd~Moj~YhQlnh>cDvc>&`p$KzIKiQ_O$tLXbMV1uHS3C1jF@sQj!;&r
zr)8fO>A1l6IgGzSp#wIy@OP|r7&;8szG`*BoXX^Kmhp&_v{uZeL~qjZ5#d{(P)WZL
zz{t!$_+606f?`qh*rEM(m3N0MsMLsgPv3M92I9FAxBmKdCu(f@h{ky~F5DhHyH=qu
zWf8CL7+%ekHcEEs@2r;i`ET!hic3mL)czB2?J?NEfAku`+=_;el-h|^w&Q-bAFC#3
zZ{T5o$Kx|<OBuNTeJ?65bK*oIfeBl7pyb8ft(e(tH1PwvSwDT@THT?h=#APUJ4k3N
z+%1KU>Xn7r9v>rO%va=9BX~IWcX;j5ytfbiyB7lVb<MRN6|CGbPbp?X@ng#QOxONl
zndMS*LK`dr@hQU17nRu2M$gvvfgbt(?s7ktsVPKoQ>VGVlgSW-cgUZwWb%eC;7EYD
zo@bDiKSI`&Yndn3V5qqEvRcC9)LHtOZU02x{Sp-LvLblr9R1?Bj3FxmakUw>R^H0W
zU+^^rGX`CO4NvBY!2!LFRcyfyL6@fjHio>Pi>sjdO@sQw;MDcSA=PaedPZjJC+KVM
zSB?DOJB(`Y^}F{peCvS+xoX}o4aW>OvtodT<Il=3$kBfC@<41r{bBcEka~`qQtShE
z%kBeN%D*#SEIaIUh7ZHm3mnGdEP6LkHr8nYDDdoD=z>(36mt7fete{XyPMp0ul)CL
z7HVO>=zX{OBwSavnNMALWh<(w5@Z@&YpCp2l7C4u?>9oDDdlMCx4A5g$X<3h!(;10
zK415$wcWpyX3zagk`{u9x1yoC8YNZBMtfWT@c<Vm!h~UJs^ZUX@Yw)LE959@&KauR
zICVZKa`qx9H}HW<xpvFdqo4oKyZ*r51a%!Di+RNn7teI7tq*k4R;VJE=R5C=^E0gH
z-H?<L6;(gdp7pOGid^*1hRu|=?75Xkn1G_me!wXTNhf{(+l-~lBfrh=q=oe2uV=bl
z?Ho*e?d>Q+Hfs>d%iqJ+aI~%IIPiNwf)m(viFD<%jg9#pHZ{`r!b2%OcSGp}JKpIN
zhGoCL-M_42i|m2nqJ?}hK3)i-_<qFqRLsLRp1)~D9{R$9)<>=NI~Y_(%UA>TF_J^{
zdOE+pS2pnV`apUNU8F~dG;3>A`sBBbKWeYL^@F#_lycpSrgX_Cvg_%z^SW^3b^5_g
zx0K!WS0rh?81E!rW(#P{q$OD;0$<FnzBAf7CxRy9kK>rA#cg0c|Fx1Ag@H$V|5_t8
zbkT57G-hHzxbq}$&iD)-5yyP6hvZ-4Dm9vZsr*!wU+snMWA2Xgo%GpQVPK3Ma_x)y
z@x1uRVR@o=s<nZ@-VE>N=IG+U>Vp3eea^oPx0YV~3h6f>PxRJ|hYN9BDEv;nK0d;8
zfukhpt{_q2uCpFq8=^TGFPMHEWA$X|x}JQ|hiDclmbh5{#1lKiF2nquzLLdMYf3VT
zpU$d7-;(=;@i^o>O+jUZiTV|EKed|*mg_<*pEAUmx=B~+y}gjHqy-Spdb;&io$?VO
z%Jy78`1%S>WzZ$dY737c$zf{pUc}2SK0Bj->B~@3bytd|TwL%or4AbVw&jj&(Z_!8
zxY;G$?yZe;@^xpRL-H<lJw}cB6ztivy@dADQMdP}<5Wl;Y@Ru{da3&3U=IL||ANdq
z(rXBVZFYnkEi`C>zF9O@Mq<zIrHo8EwFl%|AS1o9VBI#liz#O4CK6rE8p2RNg>M-f
zN3zm3E^tns<aQKO#kUB{NjVP$bEu#-=bq2^7<b=cn{t~UXQ{7i!X8~!DXhhHONkt%
zu$YV_z<#C<(2+$<Q)zXa#;$ksL%%*fq1eWk_XDo&p`K_bHOJPr1R(jIFU#f6j(>7{
z<3gX1w-D8gN2zj<Y$PBx@RNU>-=DL~Fbe?IC=Ipw*0T}fXE{BPL$^ZO__b=mzJwt)
zkh(N?U|n(HX-pkK#6F!)v~4q()NcX+?SIH1-Sw58K?do!xHFQ55M!k~Y%w&fEbDP+
zNgY(f(H5k4W~%9$JK>p&MH;P;bHm(3C|&I>JR<K*T^NWh<Pq>BVp@z2SSY!^Rd#wF
zm2C)Zfigm#mINcHZnk~=M8gK8DPOePGMu~h68A0vqL(bPmPUJViO$y{E$$G#sV*lZ
z*tb`~28|zJse6Jjh&_z8abuCj54R5BhVV8YCmD<xwc{{bGXbom0wYT&^F|Ltv@I(k
zY!`qZABgqHC|~<58p$`frM`-`AOk9q3JH2(>e!2Epn^@Y#(I9Er83d-V{Q$LGqR>#
zz~zoAiO{pP?T|MtT-#L#+93PbKC%_QP)4d58*pA1ADtk<LX^4i>zcd@r~=GFE?ED@
zcx9mb%zRCibPioeVCD)_EmSx_Q`vP`2be{x<YqBcFs~jwGFHuwv210&fdPuCH}`$e
z$1k9!k=T(5YOKNzxt97XD-G+@7^4%L>sCTyzg8{Hkz9y0glw4$cAT#_Ow0}I?<KRz
znx*|x#w?z9>$wK`s{L)w3-AO|?T~|B69#bd(`3haNsFrX7%OKaOs8G~E;zH~IWG7D
z%mk>=9Yuj+ASYs!I4~U8`6D=D@~p^-B7<=6xFgbe@pf8?_#kY_4e+EF%6bM$AE{-0
z5O(4p<xk8cB%_bnrkB5>T*qE}c(!nS6L8Nmf69oj+euSH*y!QzbCTE64q|zDmL~?Z
z&|FWJR9;VWI1CKyHel7T9SE@PxV$#fNXwWFKmU3_Ft#BtW$?);=0Ch(?D$*iyp}%A
zJ|BSqeyhI*4g)*Jz(LD^W&h@iFh2Hl0lCNfJl1n9t@NQ%kWP}<DNq@iw@~oQ>9EZ{
zh|_pU(Ch%X91ix&qm!Bg@pg0ITgpQ2UNw?~$@?^+g*vxTgv?m#vrK)s#k?igEZo-f
zT+3Wj4^v?ys4{IqvbQ9y)@(EEl?6C6iJ%_=hnymzG6nD>CiL;Tbw_}{5~t7ipw=>8
zG>;MLLOOiIX16O6lCUkTj<2h`i7as%b)rh-3SPxP^Mn+ei~~OYCI#@vT$64HHH98D
zlr*DiFD*EwVd`h*b~YTI<Q}SyHUtqVTgx6B*<dRyK2Y)f)5wc<@Zx&2&FHq3ZbCPs
z2`2Gv(+Z5xjZ^V|i`aO=WD&l!cevw2(jIjOVPP&6JGB(>RBe!Vx+4g)-<T&}G>mXu
z{;AN7(lm<8U1wJ7{P&XMYKk-c%Ypx9K*mWt4usPrGO!m5+;ROkvX;77V4Q|gl5bWw
zL$Xg!F|CrLH0<Q><4cFH78=GtkE0H=DJtgOc_gy~jwP97{9Huu4&EB(act8PD^$V%
z$>d{KarN}ZD{Wm`)8DZSiIX@8-I?uJoRY*P>}&z^Mc^ijTV7*(7&?0y;5VaMy35n*
zuV@+Aj2r4^m<!x%aQbY2{!GcL$Pcb<qiHZ5r(7iZg$aW(%>DUT2g$DA(5jkg{AKaY
zk<`fA+&CX6fH!AVno$w;k9IlD`>n)18CKj|*!MxBHPHjhrsb#eW_9q<!8o3wpV>j$
zt|DrD)jhU5<T`8LnYIv<Une+vda0-$Y=C#H7t#xO!HeGBoRFp_D%jCoRn=5aQ;*%1
zlK!g`OXANR-`mH6RkBc@Hzq9WE-qOeMR_0dwRWKI|2}+m{`yZX&z=1S*!T1N-#R)!
zKIcN3-he1;vQ?P&M~n&;Cp>t#@GIcPb@(Iux7HB~7>HC5;Vb_6;Z6BBoSWQ5_FjAu
zAlALzhlVZ%X@HT%y(IQu$n%noevALKCF&KeMH#S8GsQ1fgO#=+5yAyt<vSE;mEN{v
z(4dXz&t_H!rD%oWp9aaoDg~#rJt^)VrG$;AoU(~h$|hPF8^|eIDXVDpzwb1rGKyA8
zscYb(Wd+O22vupFoZ7;5uqpucXypdmoVg~MwW97Mb{b+pld1H2Ado3gyDbc58(0J1
zRgm{KBAeFPcE!DS4&$qpMu7S;&8xozk5O8didn0(lNidB$0XcOK$5^6cOKUoFq3Lz
zEekbTn{*!J78kozqbmF@qbW*w$>pC@Eeq-w_se)W(zlN9Y6G^~3POQK{h^M?#iXqd
zgLuL6_0J?~j;nN<WTL%shgQ&Hq|5=_G#jHyYcSA_-j;pNdNw|y={DDLkNz>+=}fzq
zocSh|Bs1!=;7kPf59=^m=0oI!Xs=0dDsZ3;iOA6~3e5$ocd%<ZMjq9h<Wu5EL`9S8
zWe6z?N$y-A1fCAai!xHp<GQbh{#+~odvp8F9R>xYrleBII2^`J3#9qV#|U~q5w#{Y
zuRr5#xr*ci%C1Oq(o#LO5<?aB!&6F4XGQFJ5*UMmrr%>V(i(%Vrlh*E7i!9HZY51x
z@JhKVLiky1x0)^J?S>lbFGZwOAF!xYx+8L_t4R>)!{FhfFM<O9<p(e2(p2T9xwcCR
zKsms%e8l>;$32^o4OP!uPbyJ0O=@+a2&}esU`bBc4KI|&7|Y{4y3DjQ;*$b+b{~yb
z3#q8?L(op#Z^X?%7!vdMJ*u{oZmiX16nzUq`KeK4@BON);(gQIdL-RpEvQ+i$vJLe
z;6<*{Gd)eWt`Z)3U$`H<jLLeHET))_k|^&7bElrNZ-^X*P%|){$)!40Uxmej0bzu1
z=j}mFMgh@ZZd-M(@bSnV<T`cOmrvV#sU!oY56~IAjETm2ZUXW>$gZ~0N#9>KY4(G7
z5h<ceENBakt}_ZXUG!yEyhRoDo*oh37Ayd2zwAa7&E<ifTOzySlV`WIgEr<4RDr$T
zJ#?#prJ;n>4!+YWaa-J!%NgO8C^<{}81?ekKnhOW<L19ywVUgKU9(#(SF|&wWd0N;
zZo+yDh@1W~W8;6h{4>~`l#!eK1IbMOa@CppOVLiOx^NzH3?1#B1GyvngHSyy$d+lh
zUq7byWUD%<S+gB2thbkd?=`@If&2qL^vy2<sG!93-gY3d?SJkLv3X6{p-28AtC^Bx
zQmd1reSD9c2QD<H1*t2=o=@ED3eaUt7B#GF9|!T6pZp2N*~#1wT>CNXmQPhGW1rw;
zkZ-R?{R(QQ;^6qprS<eITyQ^bk$pcu)6R#Hh1VCkCRiP<o&mIMH*6|6zOoYFlK2R2
zg~~Y<*<&hopJRD=q3jG<OaM;L2j*5TXO!<l-l+I-2uu+}3j)=Dg(#6#|1RM7BrZsV
z{1JfJS@l{US9w#NcoBnk^>s;7JI%MHHcfXOF9-(!W-Y0YAI=9H5DJ|F;({u}g|&&H
z<#^N5`stVS7Nd3+T=H!55xALcpN*Z$NxDXwqn#hb!CZgzeoLuQ`1K`N|5@6au<P&G
zaUpkQM8|_~3<x3{h3Tt_-L-n2#BcQZiIaG`NV)Bo-&-1>J5z$qx+$mJf{_^)XF{9_
zIo$_?HPRGF33@Zh#}6=4-DdifqU&^67Sy7D4SKNP-IRp?I6fh$jZP2JLwA(7{uKCB
zpHK(a{SEQMG1<xXBTq-KA4pz`Hcabjd)Qst&sU5RIRv<+`rV~CgBj!wiQcIRvQ+!w
z_!2p2;QDvTo?-nwE3q1N&W;Y`EK=o^9qB8@W(4zIZ;`Wkstd!I19I09X9~(J9ZmX<
zy{dJZ0~Z=Gs2NDDE-dzBVC<%!3(;*6J<Lhv7rI-weSU%CB9enH9gf{iF9wf#@y9!B
z{ng8(GhPFdA5prs8T(dbZrg!X^UiSMvEUs4*3ZF0udJHG6`<RE9Uwo_gFO64o`tY&
zYP;z~V|=g18_GhOa;hr=yzsh3ttb2kxZfY2eVI?!8GdLa=jN)e<c~V;h7M(~a}k3w
zwC*#hg($E+YMWPtk*efqrOs{6$UySa-q&CC;9R%1?hDxD&;vPc+zpjszljhzZsVr%
zm+3UGbv5qb-OxDLr$-Bjt|?ml0du9@_X(Y=U7N=Po(GO?hVd`K=5g`knDC8##SF^K
z!*0&~;H{N(e7=Nt+;acxn!E4|sU~~+q(<C=Fy<~~=GLWTuB4_Wd@6Krk#$?GU00{J
z=Lo5k1)R&go(r%Bgg-HkJRs6zjA4w%ZO+ho;Z~w;&N;{gaR;LV_Q(c&4B}&s^)#oB
zom0k1K#RYDlA4ppQI=v(Np4Ru$px+^MDV8R<bW>WfQy}?lA(09>;@fH9fVE?gGrG~
zOta#q>1~<Bj}~X%UVa(JTol7%{+od3o?@!ATPgH3+-Jy2K1*R?y-jQ~N^+MEvw?k8
zU7@meUAgG%+i@xa=Dc4H@_fn@?<1f3e<axs`r^^$+pVm*jByYV5SNZ!rNUtg`o6#a
z848kR7$<PbLi3X2yx7oo6f4xUT$pfcsoLnO-zYP4Jo0;xZv}Bcs=Z`Kr?(9pj=*(T
zqXKQon8;u1h^)b<@Jm_@KR;54EL#r#Ae>VJdwB2vDh;mH&Yxt0;!bPS;tm>5?cNW3
zL&9<oqxc2AiJs8AAz-0iEhHL?7TU8EyabEcx#8Z-mo4WvGm%A2n)-YiG8HitGJ#x7
z&J<de*mMt-UehEF7N<`Ng_>c(VnXc@SlHlmM%`yd?KNdui|9l;iTqhk9;R+*($mx4
zEVGudz28{L{W6^&21e{mmuqM@w(G2W9q_ny^5=xVX~d&idf2)@wk)HyUf@kk+o`8F
zg#VhFeUs`}#^6Pgq#x`CBON=uriK5aQ}HVRoo6ej9|NB`;Fj~I*taL(J@+f{FEG<v
z7Ic>g@$kXPD83$kW-`cX@gw>c-nqi&5JFF<zt#~Nw3y>wE<64|wKt*j;%!aAx(a^Q
zvr)GJBp6i37Ux<*0{XQ__l*5jd%{6MfcX*tX>$d`ydE9LFJkzz6>?*7uTuxdd1E)e
zx(N@vGK9kCGZ=YXP(E`WwUC42WXZW-T41_?2@L}>T2zn_6P9~zM@bLFgI>pt0k)?{
z(P_34wUYI9<DX1_DxW_q?=Cpz(#q||+t7e+5Hf`9HeSc*t$$pyA2i59Xd_*)uuxNz
zxqPE?s55p>xz5(|3FJC^DX*@MUQ!ZOr#Xs}bvMIfESeXVnY%%YCY@kCbCP<kW4SjZ
zZ2@=0GMDH(AcDG7io&HvK`yJ<61Og$wi2a|O=3d4?MN_en5_nCehM^0BRNtE>z&%B
zCfbLTr5XmMhpw_cqUlg1XO1^fMJ*c2rn5KW5<jX3Qj+=WMBO%>yCnF==J3U7QgpDw
z%tY2cCWT4BJviiAi}`89Fcg-UR(J=dZbz<w9<qiVRG>b!XUPGUl#*mdnCW1fyCQRG
z5t7S=qX1O-TCoc3+tPz_3>HK}SO2J=g#sa<Y>H4lh*|phDh>5?dT#9@zlY*nr|JX>
zx!Im>LE;|W&DV$^?+fa7P4bqHZ^Y5tzCHv=Z()mTZ00&{^C!16+jM`LrXaja?HG2u
zkj7rh7qSvup9T-%Vuw1)FD{Y`3)afxCAouxm)QQeRC7Jp=2|^WcH3MTc;Lp44A~v$
zen-SuZWb(TJENNnRUh88XUE=N8^-%f)^~6uVd-|!2DRo>u<iRtPmj%#+xr^u)7z5+
zp2<IRx>U68e|y_(d5yV)FAKG*%)CSYdz6S8dAOwCLFzN7Coz>)*yzXTWIF?LAJuO^
zUcH{~?3iBcZ;zL2<nLmb1uLP!c-l8e4Rh=!PE<}1)Am){=$6)%zwFwIjWNHn6pBm~
zF(f<aoV8dXhNbRLk}5M44c2R!8bqzF*3$<-7laSJMn747=hmLHBD{QOQZzeGFS{x#
z44PIUTHzh$KxQZSGn3Hlt;KW~00Kahq)UedP4_$oNykLVm*2)4K5f|c!;B=>bkkjV
ziA#`DpTkm8T_);1R9;u`v@UvvTA|vtiXzjOB}}*CeY@U_)k5)Vk<)s5y<OX@QA9!;
z4YP@isFVq-Sz*_9>(j$MQ|JjtN64h%R(E99f-rqPvc;lE?&aaPV7f29rj}>AICamO
zimfJ&<QGR{RC=s}QR|F1g2pIIQHTE9aTDT{&iQJGeqd!w(p&CNc{byitm4?w%j7iX
z`Ajbtq*wS<U^JaoSAC>+%3Wu+k)enQh~$L$2#FTsww_7AtdplCt)VPn_X4Djzb?W=
zm);#^OwRPPudZ0eBsAva^G-<u<~%x${x+Se@=Ve9z|NxVSja$zS^$BjOiq~0#v*EB
zqQ$cz@aOsi58m16s%0BLh+h<gYz|an!8`Cj&c^JxJ7=y~lLalWl|Jz=5{~ZZK9<r{
zXas%e?9#|HwNg@hDxv<%06&;<PL<4~qN<j#z8Kg|LE3Vm+2)|;ME?DZxgpl%=ifrA
zLDGA3mXWtr|NU6XMApfJldQwXI6+wO?=gAu@0OVR%{Y0I4?827I3+mERb8#hgV*GX
zODEVwL^`GpcBrL|m@Qo9BJ+}R+?fv~*5Func1%5?3qEHk>Isa>o^^KIu*59r=eMin
z`O_)SajRKtw;`%rO^X^!A3gNt9tKnsOc*mshL|j%$LD`vp5C~klz55SYdC%yx+ota
zk;=@9@Qm`Mpe-0FaHFi7glN;}`h7UAE^D`b>J;z_f2V5>V7Iw3to;tYdP&r{#<O8d
zyhCVSi_dK36B?2y+Fi^z@eqTuad=}XVVGPtQxKkJoW)4a_~)5-l-=8!ktPAFuSMo$
zU}8m`8o02Iuu^`an7yde)8zv=P3YtCl3CM<(E;_2B6I}M-?Rdm$Wrj~;M*hl(216s
zG^*+#nIe@0wDqGkyaca1ttzRzaam0@c*tm>d<)p~;xwaz8#Gi^RcR*sodC1Zd}Jt`
zvsPuqjbCfa!Q$*BNNdvpXElfXLj*OqI}V@RvBv2iU}~IreIIAqp6wwIt#N;^KmO8P
zsM_V?w%vW$w8=4A4}Zd%&)-`6w@*9dY${q!O-$eID)ZXnxZ0PJ*88W0d6KOG2Xi&9
z$W+fvx)RpQuPy_zT~#T4b=8$DVvx8Ny*r7iwjH8QRcSRMYdvU^jn*a>mCir9es|Jo
zvK15MA53p;m+4R66~5SGhK#vwH?=tsQfq+$Gs{-^Q98$FZc==|nN?cT!Pc?0b>1qD
z=M{Snm9jhTKo=OA60)CS+~TczP{`2Cj>?3-T0n9ys;E&DI}8*W;F=S$jq1I-W?LM%
z4Eb=#Y(w!?Vx%=K3#ZEaIw>(oR!(RRs<ehp<DCS$CI%2TwiI9;Eg8<L^DsWzzp|$P
z0gd&)rkYV^OR34{D!k|0&d}<%e2uEO>A;w8matwFBx^O(66ca>MFW((eK-5ApaMe#
z<DS=h&F|jMT?LAfsN$vjQse1F5_|ZY45gjRX)UjD*W2Q6zh|kkl%wX-1DF9@7hWyz
zq)FUX-JD9rhpVM175B~#W|(;s=*PNi>buXENt?MDM#6c1jxu%DUsv6nc?F)rXnmhs
zKIrU<^FMw)tzdPLHG`a%!$gIs)r89{tH3wlTV3CF7sBJ*tEOHZB`HQK<at5ucNXg~
z`-5}l=$|*4Gp5m|pOaUB3o4^atLBITOT*^Rwdrl!(Ru3LGn&H-|L&)jN5&Duv;66^
z?zekCs1R)|^+8u~t2MYS7aPO5HFv@NUu!Pi<j#_@klX|Pdu%3?lwc}0kfR-X>3ho2
zIh7z<JH-B1ht;b}Kw*sAJ4uwz7aDxzZ7#BdRHuQTM)}{3cqVSq8&>>@G7^l{8CuT3
zk$(u%ZDBNUt1nZ`Ck$JSbP|K~nuU^CYnikK;aDgu<M5OymZ+<odd75<#^ZF%<bG)?
zHb<`qU}EVIXK;E-Hm81~daJt7X8+c$UsGXyVR~%qWhNf!Buu0foWIdJv2g58Pqm3Y
z=oVr>w9V*zQlpbGq<huyIg|WGYz~uuS|hTM{n#!os$LD;%!XMxG?bGABF`iNtM=Cc
zD{jf(vkn9`p(pb05)LsskJ{}LV#pHKFHSOz@BHG3-`fEEn@L>7zr4A9*B*Je@~`a{
z;>(+zYs+-4C%6>fxTk}dZC1YXhlv{B!TWL)7JlM!ZaKaBZn_`rw40yr{+ri#JR6^}
zV)c>SUoLnux|Q>Sj`*y8qWvwJ8_<g3H;_%gOaIu+j=(Xf7D)X0&Y$ypsb@k#-H58p
zv_+pBbxN!JB2j*~kp<Uh&>iH@8evgImziUC(Jk>idir;<_kW;%{ajpJtp4x=9-h?Y
z{a>Ec`@f$r()GVj*ZKj^b8`J}4;L5q{$g_Y?iU<Zx{A-uOWyw0-j4YbZ`;_bsJ+?6
zj=ifg8(4$}=JqdsVXjRjf4{C@T)wmE&&umGt=5<wI<lJC=1Po|vg>{JT!;9wXUy_h
z`S#62(sFw1GXmb6_hOze%-MC0=O!NiiI#xXU2O?VFxPKp^Gzo9OlU&Jsv*5A*j^oQ
z<z`Z3=i$#fYrSI`V29U>t)=&+^2hT04K(RhsRHUQx_l%>^ilIwbon;*#m?P1*hnU1
z4Jys_If++c$VJ%{H5;fI?YlkZ#X!S1n4;nX3VZ8pL934UeD3eJC~enr8Y|K0Tvh^E
z9Z7K0T<tw|__k9cO>`C8{x8fyqnNp@zdm7_9W)@I)@F?EpD2W;)NL<;*G(peSBGC)
z^z_>N_KpWHUNzpj$fHb^PIPGs2!Uv@FmQuK3LBSb3^{@GKg+c#5a!LJ6`OX9%-&Ot
zj|6k8MgtS04NS{U9d=j!x@CIBUC>iAr(nL_o35E4@@XLWIXcka@(5e6%`_IHZYtWu
za1;k#m^hzi1W}pw30h!x4YMNVBNIvLH*#$7oxHgYd7pSL5<uKicsOqp@EObqavtjS
zc#qS(MY{6~Tj}ZQySe|6K7_lVFuu*;5QYkmb1$O`PH+sF|1}VxcKm6NWqp3mQpX~}
zEGyJ`%;EVZ1fFO~fiyGONicVjg*s;`kNOn84HRt2%N!xQ6_hY$$KP`))izRZ-p?>U
zR+>H$iteM0jzN$7fw52bnu>7AP62$6`}@xJI;*zIk|B7u4c^jEO1P}R5h8DDh*Uq5
z8Hlwk8qV-EBM9x_LZe;OCcN$XC<=_qVGAE=g>7~{Tyj=n!!WDn7&kFG3QAgEm!(+K
zw0<FgYPF`horkv;Hq=Y(`||E7e0ca)&iv=QT_4Xj&hPf;lkV-7=j~SYZtrrx-}SAV
z?*p(f_sU8=3Ua4KVJ*6wxda+<q5Y5*tu8}Ty~6z9vR9d^l9~L}Tg~v;TbF`F<Yi2-
zrSb@(?{B@=*Fyh!7=*~=-AkxWO+|9I^UY*&8o@=(rw>h`=F<yBpJLqE+cP@qt8&+g
znf}tRGyMylPRdbN$}r+FQm~oO3=N4nJYsh>VutgRm!GR-O-Yr1Tah%*umANupgSSN
zAwA%tzDZDvc<@Qjh6!hTYgdDsC^Nq<Gpvv4CRxeWw-KF$Fuex1djVeadv@?^t8i<i
zySv+y80Vv5@w6NnMP5#a5)a7r5Xct+gX03)+fkV6Avgc0m;Z`zgWmtfKVuM~F*D=W
z2dL^&QL5nqF^GyVH0UivY^Ti=V@G}wVx)EdFFy`SphIq*cW#cPTc8*2{JX*pfg&R#
ziJLg9)lY-CJVPxV5^^olvxOE0uT>eSKdvVV@yH(xT411QK<%K&K(@vSlJ@c*44R?6
z^eaGZBd3=Z*l=e8a@Gl~Tga(lN?&Kx=suQ@VYp}U#YLuxr~gf{4bS}|>%M7B0A07V
zZ{NUokv3Pd$YTcAH5W8b0O`)R86e<p*jk&85Ui<6RlH-U3$|90XvC4g{kj*y#fj{W
z_PdHd$?FrU@9Hg55~Nk6$p0cphppVpOTi#|U<t14P9<ro`_nbFYghbRe6>c2XSnJh
zc*GOvYB=d81qICc_LDb!cnfikd$YRZHHKxZ7U|KG13~AkM`_0%e+=`%7`vkUzJhq=
z$5;+(F2nZ<7{D)|pO@!%Uv2v{cVXY3^Tm&E<iqowUx)l+`QhKD{$Tv>Pv?kNkMxlC
zQw|u%{h3?E^7`WUvfV+By)6eEhTj8P)((AX;G}BH#hI;*LdQX$t(|UUW^*SykvD=6
z4!0ZE)*(ck)8T;&l}XOHn7MY^CU%+#%e#CVus1JfMX#q{VYSN*L3QJyoKLoMG;XRv
z65HE&eZrNHGNkPLGyLDTIN7So*B;u0rDL@rXLPz+Yge}m=R3!;z{PU-;mLuy2u9Mt
zeF2{>^pewbJr}oxICD<16e>5+aGeLUJ@M21fiuXOaupEz;p9!WaSirV2h#4HxQ68-
z=22;|L#Tk2Uw(^!^_C+ERQ6sUrWd-jBu9TT^Hkl?`UG7(@?rh9w?DTDpjNXAFzu%4
znvyLIy6uf?!LHm;(#T*3#IAqy#Uoc(9WN{^=|F{c;MKye>4|nE!I>&+?|&Z9x7Ms4
zEkjGzp(W`lP?zScDlpcHU#H<rp_BOPs<lNY+5IV44C~DBH&9_jt)G7RRpl8L_cvxW
z3)3-&lGK<kG5j3hW!q;R;g)6ojd0_59Kaw=ANdCn6_)0pw>kXQuDI@~$elypcW#-s
z{NgN+_tk3yS;9%OwGX?Y^Yso5-QDP!r~DUNZtxMrEpFOzS&)`V_u=M<2a&N6&+G8s
zh=*7Ivqa3lz#v@iCW46TwhCEQuyGL=^2&wQ0=c|vn5l4rcKtCNvi^OanvwRWAs$P+
zGGmrDPze)aKu!QE=ycJ&(Q2?cS%y~6vAO!7{MsLXk32wB5OX)Uiv~lQ^_ENiFJ5zA
z!m*bQz>`OIP;esMRL1I8mqEtR2DH!D=7*kFaXPZa0}!ttiWW~6Jo!R`;@4wwQ7?j=
zd-7eXkUf6zD%rvY3KsWvSATvR+5E~qORC`GJpbrstey5GQsQDCGyvXP+8+MMWH36a
zvb_~i=gCEXyYCl$3XN@D2NHOt(R{KB;lHNsuc(KhlkwxGS*9_kH239bN6_wap@81&
zHs%kh%xo2jtV?8O%18d@AbO3qNoco+&Uf?9B0%616i3p(@W*ab4z;uNQis-OZke&Q
zav~($)9%)4G|?9ioBsC$z`F=%9^mdv8mdxXWSDsE<Tmq2qAgjeORwsHB5*?gmW@J^
zEIN23o8F*6$Tf90>RmSy&K{#7`xpmPZQ({XojbH>3y5|!Oh!w49>;Qv`^*-$jsu`~
z=vN`vPV7XPQ=k2DjC;2}EqC4Bv)R@$kL{C3V_W4Xm=e-k8p73OZ!a8b!grQKAv&iG
z4xSigx`yn9-y0fZ$5_-(17{Nr8X%Ib+YqYq1CEO(U1AjV)M=98z;9`{O0oyjeT<=S
zE9W4arGem*0Y)j(bhVMr%QVd_ZfI^W06yj!8_Csw*zqSA>R0DjyG>;HyVv`#;X<F<
zlM$rJbn5yT%lml21~a0Y-23)lHPy@209?MHXA)ty%vNEPMNJ8{p!t-gQ0FYEcRcvc
zn}Q3!BOa7<H^LPS{AmfDbQu#ge0UDZ!z_S$lVuBzIxv*v#r-GShw<lu{eGk5=}3NX
zIi^R}>u*@&w}^tz@!W9yu@pS-gV9?e>PmHM%oc{(vAjyX9s(cunMXU%;*0UXr9J{5
z#QbkGsQuq+(09KT5bl28-O8UK_Kci;ZQy&{WS5-%zSgnMTod)@RKc;m39%QTfa|@N
zs^%2eLk^#B3Y?1a84%kP&6lkd!lv`$@P?6CiD2zFMO?)svt1xP5#pAFG}_-)k21R-
zV;d<&#p?Q1l63NjM$41)b9gR@<*gCaYGx$!_jv1+mV4nvsFL)N@)*$y<5Q|Mg!^&~
zo(>5Kk+sd__LqTKOO2Ij^BAM}%-W(=@xz%sK3HN_D$11>@w~^yE@1!}F}AvU3?`hI
zNsEyNvh5e|y{_@h$M@P`a7p$d%^|e*`0x5JQFrJp*6srpMz)mRvo5Tgbu&~}&}3?(
z;G4n@w}?8eZbY^EJNO;ees{KQbh;e=MO%d%6Zinw*;;C4Tl!%}2Dca*HlHa;+Iw9r
z8*x#t<gWn($b~+OPFNE>9!B0ty=%i~j;=u|h}B22S-SlE{Ny0a87cg&BEOFemo&@m
zpoyp;h1lnKSF#mER|M9M+w-e@^X8x1&;E@cj$FX!tN*7ckGyk;w0Va)`u&)Tz(d3(
z&>VKz`oAu67hM%u61KGw3rW;y_xIp3>SbIi?}!+P5FX*<Qy$~U-52KI2#5zP@`6`#
ziq}~~5|PC&t<nveem>^-kL<UZEp<bxu0azFJD%mn&**n_IvmZ0?r%10$-qKHaQ{B_
z<2aQxy4tPYoSEN_qYJ)Gx=6*9Z<X*5BYey8OOafS=+7Dd;6k-#w|j|RDpQNgFAez3
zTNAP37D(BfByJ?LOW31)a^ZggUMley7}=Z5Y^By$5q*uH?$vUa>HrViYJMC_&y2nm
zZ}+;qi6!}Hp6jJaFCY3#f6L93C#aO(Fsz@KXusUWyySBi|7c+x<@F<!7Z3g~S;P3=
zJ+Bf2>vVD_LDX37ps}??sqGiHKqh7cHO7;iS(#(HW<2BH{hptH`zC^%ATKbJ(_jy^
zH5`_rT^ULbz$U=BwTar4rX?7v?Nz*3wotX`VT;hGpGTSq3!tS8o?=6wD<h+^;|!d|
zVgr8>)p`^<<cZ2H^Pq4Fm_C)obdv^;8-*-TyOC^;Z~WGb>1Nu}`;czuSNh$2x}SY&
zxxa^DV@#JUJxz87Gqh^j$|(nxTA|yK_9#<O`<O8E&lG(#0^+-dUCOT0qyDn?eO1eP
zW|TfNb**A=a<AZ5<Stu(Sv5AablY6C`jr-HXo{}%oaG;;UVQv18$xH39_7=|SRPC(
z2sv1h{EBUJ4!DXg|M|9l7#agQ6cZDgB=O5up(edNsftbQT`LwFW5Xp0XML}D{r3GE
z!Ass!cl;mL-Z99wU|AP!+qP}nwr$(CvD$X8wr$(CZQEGgeS7b7?t2mM_xmwwWM*ZJ
z8FN-t%o<sl-<PSz6AWAASu@DF0mT9BwmO?ZMdeiC^k6<a*?r{-T0Qrk7)2&`ef#jS
zCosBAs{`))V#hg*R=?}7Up<+(Kl<vQwz`YWaXS|pEM&ny2M#B0HA?slnXEjeahq;5
z5)@vVUQcOe6N$MQ$UYn`%V_-D@rzLWds{<cW*d$k*3U2+X&I5{HG`4rD?tSX0LI|M
zAAx{b#|Bdm0t@^-9BGha)?7D-)K!rIE$u7r3k(EXIR6umXxt%P%Dp2uZeO~j`r^!1
z7`s$p(DCEt<gvgbRDp_m^mh`#$6QXEc@ya7pftO5730M#W}^Ot(bCp95o^RngGF^t
zr8B}<aIxg;TnNk3a9EVzUN{X$L-anm@3ZG8RDKLZxU~3Ore9fjBy_rK)ksUsrr6uH
zu^cL9rKsui`J%x##qsqE4r<`z0bdaGuxBv~>3&^NsMXwP7Pbl$t)x*^mU>eHuEcE;
zMc-y>Yi<Rbv|baKMrx)sem0OX)JKj{wLe{m?^pZ#tBIv?C6r$O3So!Hg|e1}xh!gN
zu~#GNhG(D-@yzi%I)N<$&W}VMI-Pj3w~4XFY;*R_v~PwsRs^9&b$}}sfR1cwVM4|>
zb65LO9&$jJBz1B)hDaLYBy~5jk_It!u0-;i#z-22_Yw0YEP*NIR`v<3)<e7vd!U;s
zy5T0Q)>?iR`6<xT4O;b+*m{1@FN;Ud-FsL<%+;2>D5il{uu>J4<QHMKH&JfFDg0Db
zyLHoJCat=1Yt20<``m`G%0gSo2=2cN64LQM3o?Ym#j_hzng0trrho5@eQ-~xoO+kz
zXrE%IZ{qbT{m0#N8<}T8>m=#NIJeP6O#7$vefZU=SZgv`_(?fwV2)8WjW{^g=j_>a
zdJa6|FW^{b@8qRBT$f4+nrIT~(`pU#ONz?SOShlc40@P!_iwIXxpeCEm)E$^gge3)
z3J;h2w&*F_m^Gp4s$yHo1ujQpXztC=_hpiG#rMaMY?igqBM$uN%2Q_)itwTlM7N_X
zOW=$E%}7TTn}a_(;EwZn6Gs_?&2(Nl_%90-)4W@M_*?VSN{Y%%aG343jRJ@YmxQV#
zh0lWX2NyiM%s#6ABOKjMsziF`x<TRqk6aN%0kVw@zKWguX@prAz6%olW(<~`w9s-%
z$c4;(*{(*s*#5yGLyD8W4$7Td0Q6ch0wJ!41H}e1p)LYGtmtlL<$WK=z~xE8lI#3>
zX%NY-?lBUCi#otvDnoP}XaVtpF}#HRuET0<YgCE$I~34UP|FlS%nc7-T1@#_!XNF&
zAK*yrmr-ltY3_{C_)P;;GpV)#J;^X=nlyRV7W*N&(MZh9l=kmqTxdeb1^A(RFx}6>
zN-tAx8uo6dz227NPdS14wXJ=LCW&-okroP5zvYlTxaRmC3w~KD(a^A}wUXt5m3(h^
z!bf*qa5;`I6-ES3uTAdP1JcMOKOX{62|}T?=_J1E+Gr-G&5=B5i-z^EzdSdDkP$ms
zejXotW&LYe@ao6K@S5`N44btE$?euEdLTs9A_T!e4Q2)USiKFh)!WVjd^0;;XHoPq
zI~~{G=iQ6_mY==pvN!An?R25(oenZ(^BD|@xlly9LQL5x!vyWfc2d901@xnfS$G{0
zsq?~~W#VssM;5DfWql!=Z8dn(<??nw!(fYMT8pn1YExd>tad|yC%(ebpOI-riSzAQ
zy5Wr%iDo^Z83Tc%kM4A_<Jg)RKi-x_UmRRhdOh(ny$Ps1zV=6ZONolc&Q?<iXcB^f
zP5tcum}bM3YO{D5<7YzW{b}I3DvD@5%p=g1rUW!2vFq<PY2W^+J;oq7@0T7>*vkT!
z3e-d+h5PSs6!RaE)B++d8HA|WaPB>5GdG(QvAEE+RKRPRp76nrn&Dl4u5*T+fWr``
z;<J@V{Zh-ic_yUT1mx6OTFQO<V?V%zpZQBjwlDl9a<QOK7To>|x7YCYhS=&m&P>;B
zD+X=k9R)Q6Wk|xybE+StjT_&VvNDU=UD>$%&A83MX|<EcU8@>Ta=r)AoSi9t@_}k-
z&gt9DnR3UlfxiN5$uhXPct6BgG)SS_7&+FmCx#}~wq|^9E7I;f0y%%F@LZ5?Z9=q~
zzETF!w#N0f>2Jw0oA&t#-TBytB*?uE+U3&dj5m*8dC<JoHZY$FHbK^v6iu7@erUA(
zXA)LGq|M0M*lpLYF~gLSYeJP<UA_lhHd*kX*<2uG^&5{oe-EpPLfqxx<>mdFuJr@`
z@%QrD`1mR9{doQjLw=mk=6qkQ_VRr_Oz!^sXzl%8KS$U9ck$H9Ph1+;X2<{kiAjF4
z{Kh2dJ)0|Pt*4V^sdLSpa8)icIK#HyH?PnCvFp#s%U9tSU1D<ROlxMDD>0T&tM}}3
z8s<)$HO^w;pE3(c&+Mqn1e`JSzOy^@?C^bEg+=|t^whhQs@Y|dY4kV502<TG<;;!D
zk5hrr%(n|UT5v0;NzbIsNXK6B(S0N`hYIMF-_4oH<@?M36-^*~r1U12Hv6Zn-wpcP
zY(Y!xREnQ@Xx#_bDKa<VCcH{?d1hhkT**_?QH;w0+Fwvdr=MgeQ?joXbagqm_2(f{
zo7_foDH83voLE~!QWdmh5K|GaC;|U6sA9!Bcl{$Zy&n=xWYFoa<c2^-Gl;>N>$?ux
zv(}saRR}hV4v%@J@qJ*!UWR<#PiN{ukXofV$X^?6|B)Ea&2Psv<yj$)9mLkgUD`Zz
z>6M_g#Yk7$L;65&opoX<l*ytokA6nsBx@z5J0U4l6W;KsN(<FXPQK;LQPDT$a*iTZ
zHd97-+o87&T0Q{EeZFwzRGDnuZ2!+=)63Jp90>mLK<AZT)|z863H8{N6`OyMbskdN
z7Gq}^oCiw(feW6D?rPYj?Qf^;FaVuxBP|~R*{BjAPxrf96q#<$vL+p*mP4^wP`>f=
z+MK44Xw=(4li`>N+I}S%Yl|8SqcH0eHbd-jGK+{ij3=tcwwXG0*MQctkqeZ*x#~(5
z%R9MEMj}tAF;_I8)@rCNNB*5loHe)rg2t(OoZZ&kq)J{P&H}#wa}_{HxT1uCp^PQc
z8DG*$PhXp9Y{zDd{TcAu=dx@QD2Ra$-A2u$pyPu%NoHoX>7b)u>sjo3X|6QR=?RB|
z|L?Q7J^MX78~P!;M)N+~>g5dEfT7wPtlm-^fvNI3+#N+~RN~_WI@r;sC&D>{8_R22
z?I~3{SGRYXIWqyZxhDN$aJixfj4@x)8n{Up{o%tzcKY+PV6MtZOq5UfVO7kySGCQM
z*}S4s%zTq=$Lp69dZ{Xic{_keh1R-h@)evXL}YFhzax_*OhUjiDpUo;YIvdQpcRF$
z>A-VG^Ug$ZuGmer*v8sJH?3F&wZ(Jv?=+zc^RCp_s6Y*!@MxH-1%hR&X<nL&F~d}}
zcjRh&8C<+<LiW@h$v`uhF%3=wY``hd*UH$5+sZs3im=20rA7sOD`q4fk)Zn}01OIG
zWgVV9_}HCcb|axps1eI<faDfYGvk6<CTbKh^JS;%DOrlt&I1ly^j*{wzTnF4!JC1t
zhJv2Pt|YijN%DIht2ByJ`xTSa6PDpd_?B!amSiDiLA~o+6kgI-JTMuW{knGTTK*}<
z?ErGq;?!Sge`e*Xc$VDuk~8@an>ongKJe=DzL^CdOSqKO<-wy~p5;D=E=ataHo-}m
zNTP$!hcx&o@maGKJmy*#KVEbvwXrL+erUI*-3g<Y2TlF!N?zcPGa!^&IDVbZ(r=?q
z4|&Q*U|1(LJ@j~1%Fr5=<G(WtZ-yvL=H}hV>lstf(fbBidQZ|2<i<<bya-vk6L`k=
zb(akx4#vX|=zH1iPx!yF;d6h#_Z(B#E`w{kWloS`8pM8hLqL~*!5J;F-jJ|rRe>st
zk=EE27xzOzKkmv3r(9U#m%uP_<F2}hdW5qYlI58BZHRZn+H~`wG@!)YH2^@zoGGQ$
z{mJoztN`s~*5#F8r;N2|7Z@jt8W6t2V@NUw8w@qg?_0Qsld8pWkhzVV4X&BhU~>`5
zn#^i}P5XoA!N}-ffH+*1TtF)m-J{<f_PNC~uu;Vd^;B8-xJfcKlO0T*M!z9##w#&J
z>g&$Tiz!ckmIU4XVmpw8;=U&*gLHX>2>I+LLq3yWSwQWUGgA~g;tZ9@b0w&N_G_CD
zeY~xFzK2ar!1ja5ludKu)&T4(SEmo$g5aAuHg3dJLyxh2$+C1Ua)W?9!G=JGI=&t{
z=$!kB97QK7xc&Ht3xPq>tnr3cLBLpM276ffXo&M(So{bfP)+H{BF-YShGaHVV(heM
z$1w7$2wy`hU!0Ld@@y2G>%(vg|FMvjrn{muC0zq0?{UbRxtF#bfDqtQeVK6!S*q=I
z&hwq|0Y<4HiH&+$U`Ck;g2DtjNJQCd#uJh~2^oixdSVQbpq#`&By>Dh1fXTS!Ur42
zq7d=sQMddPjp(I6&q6LY4ns>2f4J*aN3ZuNA4Z{Ojv?Y}6R8Z=Kx1~J_Z_NU*34YL
z2sMq_jHm-D$OWvY6mKApH{e#W0GTN3tm{T@Ue=%<FaD5y8l$Eqw~kiELhhTZJ)wd0
zYBVXV)(!04t0khA-4`37o@kLKX&FslN|%5gZioduAv%;R+G#UOnOkzawAqx0re`H&
zw#5;X`tI^_UVuf9y^|BGLk7*M$Af+{jtQ{gyC(*cVOspBDRY)#nj-<0WkSd>`F)jB
zR(ltW?9K<ZPG-EOw=myo$!X_v?^N3mtitFYJ^s)Qw45O$p`c2Q=K1^kZ;Z=TEjaa(
zrcYwXR!prX#h5TchUp8#h}&padgbnQFcs{TL38~)6PkKR<O1$03KTl%1#06ln5i0~
zM(fP1|A_|2nW!9n9nt5aSJNeF$v|$E!*K~=(uv1?8LbF=tY4dv+pd$9;iSmfU{f-U
z<3^k}51YL@b+T-5wt!fpYwt3=vKA)M|AR@QVuk#=U$0H3QyHn9qly=YU^q<u<omK)
z#4_*m*%Eu6@VtUI<5?T4hWST0ZF}tbjv%|Jc6X$U#iTY>X@!(1#dYIKj%i$57(ky-
z-IM(h-8blx0Ck*)8RAhYwIO~|whdkYyASuMAu^(-wi+h)VAG?qxjspMFh;U8F7Ee=
zmMqP6`Kb1k=lUvIl;`pteN$gOC+{600e)v37fATMBA_!(2)O_EXQy~M8YKkwMd%fq
za0x@?-DGux(>MW7W%UyTHjvJ^O#xA!;7J4y9yy0eOw?)d9$lK^Wecck6<cK0+KC(I
zFE$vB*ESdf(HO7q@}+zf_FY1T<~yEqIrNyw&v3F>aI#QiA!F=^bQ|wXpRdnSLRLT#
zzWZJcxHRBiJpndbN<XxMM=b(l9|cxV(^hAlq~EZPbb?#@V|byV(`#ZCCa#zW+NyfC
zLG7gRXP=LCu$XsQQLb{XbA{+`^PMjE-`4Gk@o8rO+NQpok3oOU)-}IX37g0c)3Swo
z4~>`>Fyo$~j&VVII|ZfDk;Y$te0q%aLLA2in+@HTwnhO*rYQ;0;cZ4G5P3Q`9=Y*C
z%adZp2@9e8qXe};#u18!G{MMdR;h%epvgjk#F>YwLK_tmeOp_6ZB$IfHct|wmI<C$
zj9M`uT#A1@4?39%T2Nl@SM8F<wi+fffaeKO_Gwu+%~scrpf}0^UhYL{MSf-FV4@Y`
zL0#^Wm)rGe5r3|X$%sC4FYix?m^MsA#4=*WJQfi#?fHnjt9<HUUT-jz(>v{h3SV4o
z?r&UfcIX~>6=t|GuLRa_XMlFc`xc=BlMsiDTrBTQ#*DpPu421k%Esev?XgHL|7N?5
z#$SXAX?M0NY^Zs`lYyv#J><kag?s|_mPU}R@F_**QR&Uqjz3#T{n4-!Gmfcmp{pt!
z?gC_a1K`PWQzDpaLUa@D!S&h@p!G14e_$;XN+O>T^3KDikUx>7OjLwB9Q-}VC$?v|
zdhN}0IhIt<aXH>+JfC17)Ad|PA^%Uao&LY}mtP^=`(L2T@jc*X{)puvZ(RdlwMS~r
zv@7dnjOCOimXmfR-duW;K-h)@wO9Y;WZ=%<5^VcT$`klJ9B))_a4#KuIRL((uNabe
zV+cRfM&Y0Al3W{5)wMjjP4dG`R!0L)P8UMZdWCSawToL?fPw>N_+m&F3ez07F)ddx
zt$koVxan{;)>7h_yPfKEtLilC&2W$bT~*qU_XZTU2P(v}{G&Co!5!+QSA*-kC)UrD
zSRiqbJc=G!h17v(cm!;GDpY&v9XtfWp)aY^Bhsw~gP@aIGx>a9A*?`r#|7ok#&w8n
zQsyXLE5j{b58CMJw_N!u6fvjlWfgefQ5E>XST|l657=^(E(S3WBV{JyW(Kf#Y4=5V
zb}9pSv&R1xR#*gaI(mU>L7=fAaXg=7VJ_G-`}*1tr$kc1qHKxHEEMz|pd<d7DGM+h
z`?qgIr~k%gu+jpCb2!JaF@OU%c!BdAm6)S@6LZq3eL|vW197PNmd_UnjjKi?hpg`=
znnZC$SAWc*sPhNtr9dPo{SF^+_EQ(dDkuOz;(<sA6<%xy5r$~CBy&Mr)Q?YW>GbT+
zEWFn3Q9h44ahKXT)#rD6-<Mt)C8me`s$MNVW%-#r^UbmF#~o)sV(+|oHVzEAB|rRJ
z_{@_pLGA3Iw+~Vm?~Ap!2NSrHpE!Nj?&RSY8?k{H505gG%|sHuIMkJe|I~L+dcx;3
z1z)=OT`y1OE$RAg(08&)uyesI>AFvE?;YELihsPy^?d!GIOK2+DzN#BvS0z_LwIa`
z$pM~4Blu0n&|m}bLpXO|;`5xwn)JcXA!NDCbnGNDHU=_T8xNVxwW0{w|1_@AlE|A_
zNn|aoWU^QK^2pfg)czb3)y0v;<*@MC$ZYZOE2!<MMNF=uEusZ0V1{m$dcug-!3M8U
z7Sbk?#1Pt4hIokmFC6pM#Kfx$K08H=x42PS!sw3#b5DPo=cak0L-H+}ZN;4jQY8PV
zY(@xSgLv;!G!G$Xqk*KLWxNo~%R&wViVnZhBVgpb<xmCkI+wO4o)%S6Yk%8_6!+o%
z;otuVthPO)A;JLMXkdt?B*F-^e49}bamf2)uv;UW0`lo@RYAg`inL{1Zc;&#ZULBC
zLA=JODxO|JTm+m^K|G|+@n1z|84+w$1=p}57D2|LB9=i_Tmmy!#5JTmaZg3k;ddm<
ze^=?I@&B$=@tFUv-@m`>H>rl_eB%07fPZ~ck*qV8NdYO93gRe{3bOkjQJJ*AhEWyi
zs)}SS677nX97Efrk3u{dIa**yD0uJ~#JdzPuv?kfQAD;MVoj~NUy&7*SRl(PxX=np
zjPbGpHny7b_v^vcVXG=L04=LyXInwZv4WOn1_2vaP;#g?Sd6HQ8&#Mvsy3ukY09L~
z92oy9cW=K&^Ixq*3hnDZe#<ET8TUW)Y-#j6+5c(K@PCE7x1xya->J@GssCpDuUpvv
zGl1=Iv4RrgotQSgLXSf8Wt`VmTkz9zkRILV_eD$JgDc+bF!f;jGX0K~xINJ{BKgHi
zG<3;69}Zt;3|n|2$b1RNPrcuGm-=z*^~L^{D?pf%Uu$bVX6GXwwC7Qd-ZKg>{F^uM
z_MiFm(h0UI%-$1})V-<<q!xllxX<GYDgny9&<-0YR18tHN`Y|$cpAc;gF!KgHqtcV
z6Dw`Au^)IN=06^A?ei+NVL;FCi!NX?RopbXAXI?Q)c#oB@Wp#ndX0(t4Npo0!hp5~
ztK&0ZpJL+{C_@ac(^#@KoUtHuI+x0oFak6s8rE6c>49xX7pao%DB|DL(9GmWQyO!k
zONc3~(7JqSk2%K86Edq1jDiB+!48T&%{M7*SGFJ<QTzKu`l5vXfj6-o(-~k(i~2px
zQqXn<r|AmRO4e~xHSG8F11&XG)eCcS@?w9ZnPW*hX54=+KyJMkMXa^e{=RUP-#c{s
z-v5l#SX|WlRGs%tx5eSFlfw)th*W1#C{fcQ)wACF;ilSj>sQ0tgh61$pa0P-!z_^>
zg&_RpAU|qu)_7VsvF~Rv+wC#r)r<q?nL)S<p~UaXx5m!}3q{B%J2`3&Q5X)jVQW<s
z`gdZcWKvc2^jqU}k=odq#9eOJrZF?+n@w1`K;9=U#~1!{srj(HO5gJvpncd%&8%kC
zUJ9)~;2>{0+GR3znKpJB6!nv_%K7ngM@GIQl3sd2c5sGFGd4D1OHUS@C%uV8e58WS
zy1tTElZu);*O~}&O`rZ8j<@@iR*}Leq#dx;Ru)W?vFu_8R)HQAZ5?k=IYIAlm=Nm?
z3pfq&p^c>T4Bt`Go4XuH%Le81^yc#S;^GhOgjSV+4T-<*wwCpdbv{od;A-D-nJxAH
zPU<-wY`6;SKHlx}ExuQY+Jef<S!YZ8q%N;ASO`qqp7e>n?X^?<E6@$z9}BI^m^lmS
zNnAN|h|94qSkz+{VoU|GA2lO?C$MqeVTp*OTzP=2khGojHpdm-tjoko!O!<9U!Yb6
ziSFM@(#B{74$wKRYMt>o3}yp01Jr3U@DF`5IIY^4v~a*4Y3^NU$5m0U%2^gP-?iDO
z-~h8BQfd4Z`w1-Uf@r8lc=*Lebhts9mTA-Jzp;W)!n=9MS;>IhEwz=~jwXbMI0=j(
zOKTVVKYHznYng5<Q|u%NGdut-QR2o<bfCno*)Lq_URO(+)iC35X2Dcks#h7x73O&=
zy}|Uo!aW@Sd3!d$&|S^=`ADT4cCNJKba9lON~Kh@`BO!$P*-QxNfQ{p_1xLFn(WO{
zcDZ6oiJHk%%TAJZVyuOi6jKE`4Wkdq#Crv|`j<S#ZmikpDQpgEN(NQG@QmOx5<>Gn
zI;K5e`yP2E7zoV5TMJuf5N101mV!$}WgGX~pkxrV#Ms5qhr%bYf^NFrcmUkoO0zI-
z0Ew22syR@Hwy6{3)J-<+iU4Wv@!vCa<E4Z*dK>D>ff|+Pq;u-*c&mzI{7ThZJfp0i
z-`n;2=Iw5Fx8J&b5Nl~pH~nwsuAJ32iOR+~E>8NR+hhugHG<R(dPt)7XR}@%CMuhx
z93yR%b}D}Ofb2*%VQN%E4Gn2*={DvBSv=6O^MlZeSu_6+XO%#G*9^_Fv-$Dq=*$@;
zNE<p`lhhn0?e+$66Jj?as_zd>78TFC=UplJ{d%fYCguL}&@$>=WgdaN5QX!@f=||Q
z|Hv~?C^z*Qt@567>!zCwindY;x{NgmKui%!o8r{xztF0aqxN0)sb4Cy;<?BRY~LUm
zyVS+VnV?RuAft7fq)S%R_vnpH#>dgCBWG*B9K|0LbY`waYBiK?rjxu$lKwd!lgDOf
z$<8PGFI@3I&cp=kRnl24FiYSoOZKF<WbjAFS(U9nw+EMx?CQZwdFW37DH8c$U*zR!
zQZUNFdU?JoM4?zuxlw*p2_mo`=9|K#3+00JXS!63u~<*U#Cb@CWrFlWxp*lC2W$~S
zT@5?$dlepA+NLw_ctD2j`V4F9IbRHOnTOJjpR~5(=#ev!$e#j3*I-LG?{`8A17e>s
zlz*WiZK-r0bGeb{0y+~DPj_>BJ>E|){#8Dv*&ohKi>#7ygox7|8^CPiX~+pLOAkl0
z)JDa)8@c08$=wQDuhYhc-j8AzWON*BvOj<yMu;=T`^D*U;HAc_HQ$cQfc3#a=HSwp
z0vI*CVKSrw#uJAsOzMFJaGg8`(OT%{fju8dhTmYsGNRv7lY)EkHN(d5-G_Ex5tD+m
zf%%^)fP-vC+G_;%P1r-KvMd5$%@5pVruv&@wc0S^Xe{ZmtWDUOaB8@WIfFZJ2$|?$
z2{=IslxFN=zbpp%i;slDJ!a30!(u%p35bc7hckcL$JN^fh}3<}1YI*a#U0FqTr-~O
z+@11}1|f`M&=0-*@g{8%_X_dQa(OFLxcyx62w7y#fx~49857@HW9T!V@yc+jS*<D%
z+fC1ka@hJN7x}?Wa{m_pqcXRPi}P<ZSO2^BKf<-{1g8BCI8~h5F&ct{<5cKW1|d8p
z!#*gr_+QhEDpAl{p*H*KQ|j`{N9dnfrIS;1Nr&LmX8>!`LP#%R!k4zhm+3mx^Zzmh
z!1aMv8_CKJ_OrGtcU7bVoFhoFjt|$j|BW$l{A8(zxRfYpa!A?+21OUdK+E|U@%~G4
z+A$A;@SkEl?V&4T8h02~Et1;<@Iu*|=y~<m5=FSgP2O6R;%p#^KX;@l62GtlWHakI
z9ho=>agSA1$~Eo2UehZ|wz1p%n(ao`g-}y2q^P<L#y^27eczrS+nGmn|B{7D#P%EX
znv4!9xF_+m+1_zI8%s@IyN(aMPiFZjAX*#BR?AZqu*X4BMIEhCpuQ-Wlzt%w<fb``
zjeha?NeM6l{%UMHz5YcUcfl3PiqcGRHBI)S8MD0ACHh$ZRI*a=)x~UNv-kKQfmHba
z6I(z&Q!k3iNpZR;lkg%pL5h@wj0MCg_wxXYjNkfC;i=hwK>F(nLhMfVVfX;Z2OJv1
z7uIa=GFd4~RTBt^l}7oBGIJ58(>yL~F*VSX3qD&$O?WVH_#F=gshJoZZIh1odU7%K
zHeu)v1K=4xQb6zxrs}rN!CeacNF{$OR`XQjT8nlMyRK<mKpG`wYzE-sKWo6d^t8X}
zoYYW4ph?mJ);Q%*gfagrJR$CkWCyyp6ggw8=S9?%RpdeN9l;XbHpp4f`Rt$SmFd|%
zTApyb9xz(VsoT9Xd`9j(0mC*#kF}<E+&Fl`8vdalrX46Dsh#(oE^r_5Zv_3U-)cR<
z&?*((8wR~OPf;#=MQZnOnqL$Al-JJ$*yBYE7Mg}TwYRCajr|eeOJo82Vhp<oKSb29
z!|KHCw_04kg82N0KnfjLQornynmP6TV(MFL1dSKLO2jSLP*6{PmmM*2HipomOQpt?
z&^hr6tP#+mRS<LGnMC(^H;+IO8b=P7rrXgcf*Ev=TnO_b5S>!YpDFzVphO`ORU%r+
zXCIzEkbv*2lQk5A9I)U|RhyYjP=hUX{Geh3ghaVkEgwggeu#XXt0QUN$SjpMlpOK*
zO*5WsI);j5I2(~PDyaPX9PM9N0(uqA(Z~uG5@&mrg{j>fY2`<^S+F_2nagkfc_@v?
ziZzPm?F#3Wq9!^h<$g2gyB0t@XD}7a=n-tE=|y@r{m$40P;rmn0}j|K0l)zI5vEyS
zQe+ErLoBSFa9_7W;LMieHs#LFr-LtCJdEm)|7|xYsD7PIlB=rhnZUPZ7^YB<gpxCz
zZ5&P-5&AN98^Kx_*ykII_|hzxD+R9*tHi!V@zQd!VpHPh4318lIz&+lD(EDneyye*
zN~MwTSwRpVfgh}*m4yLCn0Q~Ru#RE^x=aG-aj5F9R;1zZQf5@Y9OIcg5beTQz9w19
z<^3S__4m>ih5;(1N+`>-N2aANI#cI-5gIDJ1ESJS{BPtKXoeo=mV@Yp^W&S}{5yMU
zD(!jvbUJr097A6Y)pyN1HHHf4`GI$`W#W%Q8-4t{h&@>F!H7lz_yVIB`TH*s(z6jQ
zhLQuI`h1B6iRO0O9i=<omq$SLkeE|V-pW!KjS@5+m~)VljFQ^X-QLlj#b{sBTD@;S
zbXd`Nah4~DMGsvRY}GpfKUtR)?XV?9Vnyg+z_c+ZnO35dV(ubTuTWxLMS=sFAV1IB
z{$6?=6*rN)5{^p14CnjL`X}~jn{A~&&W}2S-KmsSvo*JG24BX^^jX5Sh;r|lmXsH_
zq+JkceW%9|s76q7*Vp@NuRr)H0708HP+n8y-_$c1W62{zJ@}c+QyppA<`(?Ti7<#%
zE5c=IZ8V-k*LqMsF%xBDDZFY~JUGwyz*RCLvWN<uMDx0&_)^3QiGKU_Mb<*mZZY$=
zc%v73weh8P+YrysRV6@HO_Y_b8*8?jqeJ%9)inJ^ukdOMDYglKB`r1D-&`XSe@$uB
z>vKQ*;tIxc413pn*Lf|s?D27%ykySyw(KPTF|k)4LG<C3<7O(gB=Qeu`2)sxGXYm!
zzd;MQj6pJceouT7JM3HRLrmvFt9C-`#bG<BXw6HO-RvD^wwoR!QaoAVSH}A7XLrXZ
zx+Go8@iBaj0%C|LZmeifocJA}h@RH_wafEw$pv%&{(8*6bZ2_&wy&X2d@AOP0GPMi
zoAnGc<Ie2Z^N->nj&#U_Sg*lY%`Lg6@kBx5IBe}k%eEA}Hmzw9(uxyx6UN$3ZHsRP
zrSti6yqGqqh|^~M6>LxK6`K(<Ng6L*A@&JHtSRrH@ktbXtGsWIx!+IW{L}SWsYs|t
z2UpkY^6I;Pg(DRwD)=~rAcI1Z+JslbAZpJOED)XXDX3W!Wu#%ZeMq~j`8C(=x&`4#
zyO%XRNgJ~g9yX!X)M$i5f4RhvC@m7+uRAZ<T9~=`RrHH$s~0|F7%?sGKf+R)C&#qr
zu1;drILi*2PN4PfH1JUSdAyYkG$ddkgbWbdx5|;0uq=>3Bs`6Ij-)4`>)u&_>J|Ec
zb5dqr5C?f4HVdKa#c!){{S<O!lVdiN_r@D3>$!gnr?wefqlt6Ue-RZ>Z0OJH8;sPO
zX~fr5?n42iE`n%_PsGm2mRCeBpxU9w9_y$Yo@D<f+~I7iBvn^43NsYv1l>1LDnbJK
zt*Bh7#AVwWsFYd~HhD?N>_Jz}%n=<s3ikQ2D>oRsz%EvoX)y;>8sN8yHuWUG&nt5C
zW){{`Wil!?L{8pS17oVScOjeftLad5(sanXef3>TrVP45;s?F{t+GI_%Nc(e%JSsE
zWwdM4>!SL!BVW^~?Qq8mV)>#Z8jT6SJFUvohVj;N5`_MyS1V5vZz;Sy4(SaAMOIEN
zu#e~unXqW_OP{r5>T0!R>XHw89lztl+#w(QH1XKAOxpKl>MC_}W9owE`LzoFdUU>U
zuA7k!cJ7k>$0Zl$w#K(->euTh683gpyz2Qw3Hr{m{yEKn^(ceUWzv+K4SU>^lo||t
zj%;M(kBRY&9qd_m{q}y}zRPB@tb>BQbi~i979DRAX$6~bG-2reuuV$%FZpA`uE^(+
z@fw-<25C}AmPuBTy}eAkyYb5yuC}p`l0=KBm)i)%G77iJ>Ig>ed>gFOYEL>5S?E>V
zdCRc8>IY{8Eq3qjbBB=?ZPXs-Wp*vQ&Yf)I{HE%8;gJ1bWJOL)q;y3Mq*M(JEH)AV
zTSdLPt)slEbK0dU%Z6yivJj)?K#Y0*DP4G6sN2UmDZ(KX2rB<KBCbkCM>ExwbDpQm
z*R)f=c6UQf3iQ^70L;9%_@3y&&Fc-7=sc5ts|(1@lM(e0$c})DlFWk67rH{~W|Jm6
zDlxStJ_u!bMAps{INBlClo!+~93l%XKw7W44-gK0jwl3)Z3+_4Mg)nZFu~}|cye{H
z;9tV>o+0b~b!3|(Q^CzhUWUS50Ap_b#;cQVM;ILHk?iz_gXa#-Ddu+13U;pV-Gcb2
zQtS#VHOukgyJ^jma)<g%`-h}A(wE>qoQ9UGh_sTjPxD1VTi%8@(4GF*xxuW_fL%DP
z0UjcLa>jEI^VvfVFQr+hNIRa5_9PPNVs1B|aH+_(w1Xwdo<?yF=MiovgYLtJsjqB~
zh=oaG4*Q$iHq6tecJjo{ufMFsusFooEa6UbJXlo53pmAGCSn}MO1O-aa_NIy28pFy
zq6Sh8lQE6sF%6?JZcXtLM_B8$0?18+F$jlagEkKE4ZX#jY9m~#bB0K`FB;(!=H#%B
z{nm0(=v8@})TxpQ;O+n5qT@EBp!8WY&Dj4q$_~0mHv?n>C|QfKtRi#p*QJ%KE=v#<
zoC-z<9PM4uiJ8UfM%(|EDotiWI!%S@#v#kI*xEwu%UZQG`8~cfOP?)b0rZ*VFBx7@
zg{=+3P=}2*P<D)<vixS+sO7Xe7|!PN+r26$AS0{xFux0C_FfH;wCi;mB|A5d*s!dg
z8Zz>j^?0(lQuo82v(&!1@=Sof+tcijv|;@K4`=DiA>1*6^we04(A~O1uNMkFloXsu
zaPRlox%6w`9Y@=ifE`iOWEHF>mJDrt+Q!0$#SRkh1Me^3_T4QncB;8hQb(|h#21v;
zUKox9mldR!L0*&SQ1mP)7jSw_K^=-3zTpB+NNbw<DB6r?qQNz$C1xqu+HT)HIy()^
zIC^yrKvSw|AmZ_l@FmkMx-<qU&L`jdU3^+mXHC2~-%Q2WR`cm)lL=jbvm0m!DV<+F
z{~eZt2KVvst#@#r802pe%^NqmOhuTG0F3~esXqk$W#TZPhAId(Ol%{+$3ELb;v~Qy
zJu=XAL)y0ERC8XSwqc*Ij~5YgP$Kr|j>#xm?kJa}yB!+$31KIeK+48m?T%V@wT@2F
za=01X?4v&2h8PY43LwAu_Z|n2?)nxsUc#3i8?r3F84oVY-^Fjzh}{3W6@P^~^K*?_
zd{&LtAOe@lZ@0YCLWD8&*6rc_ym;C8<M+;`;E`=+jh`it0L269F`T)>BqT}v#*cld
z%jL!bJd<tWGgx*63JM?|cr%Di<|RM{R@U#0l!}u|=>XMAF&j(+z8_7$)7=%sFxe2a
zBooaP&^w5ZMl%#FLs`JdiLC7d8Hc1^v{zx~K#4t>@9Mzo$rk<t%Ux-aqpmgN5@CGJ
zwNVKks?bBx6@gF{wiYGWVQ*q*20%w#mvJy%eG$20GtAszxEz^~xU!yUbCzn-P?5<*
zP;s6xpE)y5t(g$Rd-`Ev>3CSN+rEb9@RO@k9#&pDoBMSf#SeP4Cl0u0|8?wz`o(nN
zrswGUEC|H_t*pqE59PxI;lEjpD6mOe+G-WW$+l2QB|>L3L)wTu?R)J4ryO2t^Yv1C
zg!xYWF7OQ{HI+N4B;8TStGYWFlu3MYdi#-l**Z2%s-eOGH5B4ordb?{&1?@ID7A{u
zbq8bw^EJ%W5P(bWeSjn;aR6j}|AAe8(R$+G;uyYZZ_7d+p>UPWOG{JMvHcc#gmeJP
z;AJyS{7WKZU(<$O-{^!sxv#maxKb#Vu(dOfCnP}m$f<YRVeC1X`lL^U0&eGz+;U|T
zUw8NfIbMJoi3Y~fJ22NXyaHAxl1h1hl$=s!N=D4^cw+U%WL0{}^#)^$;U1wqOS9BU
zPbbgHC@|N<75AycrFvUCOHaIPnIx90gjep&52L>TFJ87=k7IcbhVWp&=5_}peYrD5
z>+}#_--x|ok6wl`{SIh6Zab7xh>alo0@565dqg{_DAkz!AH?QnmwoX}cqLfzJo$tZ
z<)U{KOFq%e|109<lu$1CM6%=(O@nXzw<mn__qJ3b@fiN>@L#)Z7SVL6#N)pCuMJ^d
z-xgpP#j<DjSNR=SE1Pf<_;QJC|Eu<}{lAa>zn|ba%N(dZo%$jfRl~=Xmeo*>>1nU;
zoJRiuUZWJGiI10=C|Q3*?JUSUjK#{#o|>V)dras^sVV5WhO+$}`*-jWVRHLplmM>J
z^?K<eY(QLhkF&Lwa9=r^Wo{KG`xcQ|Zf^0oEsLOuV%5;T8m}*^IuAQ%{g{s$Dr0yO
z#+5Vsi_TBl-JsFZs)Isfjy`n{>}=}W+rNfkA|A3^xY!^hqGRL2vOD=bC1-tR5iw1q
z!<K)#rq{l~##o=*PIdJW1eyyS;bOhfwkpSg(wUZ3Fu$^>gVL^FA*XFlw+nDTV8u=x
z`Iq@4U!A!;sgn}Qv6@IzQ_2~Ngabrue{BTj-{B!ak{2i2L;`@tO&EOXJOa!fJED48
zgg2icKVBhj++2*b)@l`!e&Ub&zrkDn8Mz)VzVGk#t6sl<U-$6NZ=<)rmUj#Px3BT>
z`}<da@5kro<4OGY@zGn+#`gYPK0N<fz3+61qobqBU9iq)0Nxhw<({zRhpmhc82dBu
zc*8R>wt|s9<+cQ3^1+>zy~Hn)S6WG4jgisc$_V{&KGu6KZ|-G@&DZVn)U4p1tDb(;
z1Z+KPSRLw>9Z@7TC(rGOM+S4~fpW_jS3F(9Mz(MADoc&$4V2@ftcC!t2nR7UHV}xW
zm|!Zb-Zjl=z5<OEm9Cu}X~jnP;FhHuzxInBlOsb@qp>@CkyMN$Y$i}o!dL5c6waYp
zb|4wPI%|~5`5K@gm@z?aeEcF?T0)Dbck@Ae%YKn-#SRePP4X9okk`zLEH~G68S8kv
zX!+}<zS_0$55Y)S9pJS8;(FJoQ5Aw-mAJ%w*#rPpNs&Sqi^}>64d|?E4NHiDYAVt(
zkT*4jpl0qo8PZx7tM_Hj2e}CDYDj3NYrGq6zDyn|K)fdzxbvUWQ#R0?K~<RxRzQQ*
zD|Dg~YEACU6%9>sW$q&Vo)cADU1#dCwR|M<@CSCwqB=eeQXQd_o5-Sa@^}6_zra`L
z|J&{1e4pBt!YZ74nqn}X%~qqqQ3m<}h83pbtf16J<gRn{AP2h5G$#2JR3{LrAtnvA
zY)aJnt~ZwOL*#JC<DaSCFa)QK?J|jx<kML*5(x_s+N|%!-%?Qq(CVWhdRbFSsmUDo
zyK6TazqoV4={pyHbcAFu_ndi{`6sf|BVV-JPTFg`STlaySsC@ieKI*@GcjnHdk(1Y
zWgeTk`btJ=ler#lp4*m1%FB1)OWZMsK?~cEz?qdaNusauDobyip%#6%DmtCN&`NGE
z!h;?^xh#4AlCheIW)(0AQtn0<;_aNll2dy-!>%PPp$GR0Hl7jRoPhJZO7PX4h$)yt
z%;e5iQ9YO?>*_iA(B6RTW!a0>PT<+HlB~)<X`h1dbsRab6DiT4DS62X)?riDVaWMC
zz)_Jsk9OtV617@?Xnx&D@M5qAr{UY&g4&j(6jB&|ooW%uJiQxX^r<)Tks_@kv%~2x
z9^o=-0cV5+y20Fy<xn=Tc&hs2H-D4d=lD5H#^AP9A(mZUOT7+apT`S$c^QT7m1_Zs
zf<mOIt}P+CGl&<7xuB@<t(F`AmwCQ}dK|lhv`K+Ul#G?_OILO3%>QE+TC+9@mER};
z<;60`OYR=cAR<b!$eJN94RumuMg%Pda61(OI{2`4((tRNu6jo*AKvU?q@xbbpW7$b
zFi3pJf`<?U7pNc90iG>V6+>5%6-NEiemV%%3(Qk-4J(-jOMigfWf-D*8?KtvP>3}}
zlR_^^r-7|CgX-aW_!kS-{7B>V9^?frxu%L#jPB;bOIn%_Y85CvbPNh}mJ%_sjO_QQ
zfz4LnPlR0z>cAGKdxSZ)gwyH<^MTE9>=)g6ccUwY-FvmsGKJaubznv@{lYo#&M{w`
zCVN#0XZ0XCC}ve<1eZ~JVZ|9h7A&oMyjk`%T;0MSEIi}J+?*7um&~XW;1P&e=3t%f
z5Oqm2a|pH6RMURM-8}49%<PJ&89h#11oOaN1sEs;L_S@`gvn_=@@9f5uCw4rIAW=F
zuOxsw53#(U?FNXP1v-#IKjGH_I@WjsP~Ex#k-ENAnb=P`I5Y`()cD~xld{(a0}M0^
z@M1|HHRB-g(P+uah;7C|q%Y2x@`$Z&Z{vkDS9ci)V?RD)DJCV#R8uEqJvF7u%)%Rh
zN2^PL!Kdzoe4{?@&Jc^^VW35<j0#wYZ~X`+ScjnP$sxb|L+3@6Y5W0QS(DsO8YY_&
zPJ+*5Oj>|B#-4N&cR_c3JL95xXRu!B2yzk%Mr8(Fjo|!v&PSb6j3d|Iyqb@83Q_Ex
zYJ29(<|*zaYfFVRnQygZl2AwkqEjQ#)EZ@_dLZD@>4+}Dzc&zUjqeu8HQUo}3pN;q
z=a_50RVZCDjrz`_IbAK#D1dj~GHl-<ZEl^+b6}o>qIL)6UxDJ{#|XiSR@q6n0B?(j
zK>CUJAdbM~jUlYt>lO9Y7{!0IpLwD3SAf`|vvdkYY{}i_hgyMNGHzaFF4wkC3rxD(
z|A{IZ5P5T)<1zW%@pX*t-m6kmn15I->r^Gz#?Ad1+-9GAr6h4v=aRYf&F39B{qo7E
z8(=6x5&7zQRW$X#$F7}gSRlOVTo#*ul!7ljX=<Yy?29#lPrsU8)_iqUFqc_k3hqVD
zv~N?YZ-d&tSu>(NhUJ6{ikwB!FE9PgXn%q@h!4_1p|gTi(Nyddus$<65d(w{JnM9{
zt9M1|SPb~n=~WKzws=Lqycu%$Jm%ERiggCZrQx#I?Ho36xlfRwkT{W!1s?Gv`-wM>
zd7{S%K~mr?XhHcJ$ZDNLED^(26z2miL2gLoH;8teIioPWVgvP-nPR!3B$1R`ND4^#
zq!v@jpV^zIjIgqB=WI_kqYd72Pc9Zg2i*~bGP$9O+Q+za?*(g+X}#hoR}w*us=UXK
z6r!3^B?FVf8k{AQDxD!5pq5;;H0cEy@R}3X6FLyaA==%z?ljIsn;|Cofeld`e29j-
z9Aa`gZI{=={!dtn-nYV!B~TFd`sZ;xJ3flzunBOb)GO^X*``UWx^zw0MP3=r$GQ>i
zw36)JWt8T5sC6aI%-Eoro&LhsBs5Kr+HYb3W(fR7EY-F8of1oDbpyZgtW@Eu@h@MW
zixl3fkJN`uS#P>286HB61_^QeP;D1G59y4j2)!vBAQWw?6oKB*9?HGHreh0gTIf)K
zD?Y;*fzqjnwbWqrJVq>=X?|$2ocxB#3!1&a-;G%CC#WblJA)Xx@gD$hhxvB2{o{oM
z(L<3vrl~TAJ>TZ07OKQYQWKz+k|@&ZGco;x$aG4*I@EB8dBKGnDGsHf<ENYh)<Nrr
z{YqA-`w$=_fO@?{p@n_T0Aw0!C-KUdR1%98uvS)75_>8E!Wzu!R%X>jEoyEU;qUNQ
zZVA}+kWatfop{Js-vQsanX`~jzNe+%X1_<i?ba{LVYkzEz<1X&7kA<O*Sa<MU%y>z
z<eSfs&z;v_cR8{x_f4{`*Z+3pI_%<`iv5pPE8BMa-(Bdh+VczR`1`#7j{2WRBj0$>
zGWSaqXTuMC73Y<tvqZ4Hr_p2{Gu4T+2#3_(gyJ^^SajlHs^tPPOx|q>pZx%6CjEt}
z^RkUTn{=<;lEYm2N1H9};3upYF<0ttv^LMiFz!o9V^-5BRKef{DksuXBE(SXbB_fy
zh87J;ByF~(oJ>Kd21?viW7&ddhUy=#0+hYS_Okd-Y#Fr>8#}Z!ABSJiLQRsj%Ob0!
z%=4U24kg&ZuZwtlNYF+So5Cy7ACfi$Gw12PLqL`X^v|lSraj}zbY75J1({~QCP5jp
z_n*3;yDw$x3J7K+(=ZyR_@POy1Og=CO~8LF<Lyiv30$O2EmQDlJ2TugUk)UYdMaz!
zK1)B*;3Vr|TkV5vK21;^PT>1Z$d@}4dSK8wCllO}!6b%-5N?&PY?J9|&=#*E9q>D!
zd!Ft`*d-{s^^*a`z7n3G#@?M6b-GY87EQgFIHuU@u0>o8H(;NKN6np)tE|DGU}Ft^
zP|o#P@jgp28$|Xr_o-z)#3FckktJE8!|RDOoFF=a5Q~&V;|eVN6vI?!y^7RV96&OI
zFm*Lp3G*E(M1=Ek^y5%Mh0y_Dqvk))<_&8Xo38N%Xjs;oivzMo{X<f<h;>-L@b7|m
zZef5Ad^~`&y=|H<qT!{SoxT^<n^p0Zp7QgF`I9^qC$Bb&ns+u?O_H=WNSc$}Aw8Gt
zhW9!XN~yAeYKQ7x=7Z6!k=N!d&pD-Y(OL`KTcaYQ>vU4cx^`8enc=XFM3u8W1)}wN
z>(k9XwCWdsJv3DtE?&CxGAnDb9fgk=9Ar1Eg=(6fG}xM9`EIflWO~`sB;w)S!KeA|
z)NolLsmg%fcX7=I%z!T~zYf;%e}YCs#v=b6V~V6#D4R(1DL;p{=ZoeySCu6+r`Fy1
zVt?*@cF1iGj1wI{Kl3+jaZI6F4@VwTp73zUUPI936Ax|^jGN$>-tN3kR?}p{diUFT
zS}hmNV6RLlIe-QzL<yO(ll-#D2gkG9F6V+6L`rZB8^Ci1qF`&K>QpfR^%S_TZRh!c
zvpo5Q)7*meMX+eIAi?P#^B!91H!SK6^fE4aq2QofIx}ry+{ey4gOIb>U`eukj|hu!
z5u*e?2qq_2Dd||MedAU!pnyceG_tPq`fxZxUr%Wl_6heJ#2!uk-Oq#J0SL&+bSt4Z
zwbKg{j{4KcE2O1m;>!e$=UmonJ-WoZ_`!aoaHt$u%=b?*3@(~y+#yU>y@TCGT%tE7
zCM;lkmWT(V+*@vLzHGG*flOQ<5BG@Y(12QVLA7aUU?$yN|2ZkH`3~G4{L$T{uQ<Q|
z0gVc<k9&^MoO}U-o=K}EFrNE&E0-8Ec4|TBaFWT+{nw8g)R}dNNTt*CpbudZ)RWKu
z`%1Y^?Q9y(+V@g}IwvdmX>tH7?ral#s}0YJv9+!Aj=CD8p+!X2WG7CLWI?GoP1b7x
zoGgc7%cG*k3Jsp;%VWxsxix(Eup<F5>(v`0kpGBWevFaNGvr)3q3&Vmm~GJiJwMtY
z>$<2nMdk8=qCez>h-$>;wsgP!&Az3i6$YuxL+}@4LWOo5H8zGOGn2t_lA4lDX6YzZ
z4W|yIt0TIX_xt9G_wA2yhE95w)yOVI*1~Pvz^8^$03@b{5jR*jUmx;yx(hv<?Dm`j
z6dl_OAvM;pJ$ygDk_m--p`Q@qgb8KOUT~)uxpjkXS2u__gPfZ)Q&{JYITODUo&TVF
zES4!Ivl}?25lhlA^CmI}0r-!Dm9vE}xH@f{-XQhxkdhka<TGoDRA&9E%Y69F`Y}&8
zy`~ma9T5SA<Qh1FeSPVslcdS8x=vGFZIc0N5Vfs_?){Xi39v&5j50;cut@+F*Ncz+
zY!Ig?1h<I_Z#Khg1ZZ%FzzH_+<Jxbzr9bjf7PMmHMe2(jkxd`{_#^+da{+D=-ohNw
zEUs|@a^k9A#VF4OD!R|h{0a!qddoAQ{7skt=}zzJPA~gTZ_1Ci>%;Q6A7=ktm&Hh0
z<3CkWcC%fJRGf9g+8ElQP8=&qI_h@A=S<cMU*)xC<rclrcZFHEfGh-e^V=R9_x<c_
zLM)1UB9$M&^LGh^eiH@h%P`>nfSpao&qDB~Kz5}&Ew$1ilHK)O?{yd;(y<Evl@ASN
z8FlT@3X!(%?tVGP`b_f%Bc*9(P7}kkk^-xT7oE)f)gGpKvqR5eY~huuT<_0^$3AKq
zmf#d&v%)ac?qOjsae1u4yJU;6NTNMNG;bU>5o=9RYg+ialMdsg6K?O$Nt;c?=%L*B
zR<FUv&QdYDbW2NjvzZ^|)$09^RBSrEVD~fWhkreVt<Kpj9@?@#_GhmfKE>Pvs>(2Q
z4^w74ncZCfbSNL+nDbp)!KE4M^t%0<7kvaUPlJ09Egd!MNq-R9J!=SC;PnZ1d;DQ5
z-MdSKs0!ZALEke_(i?)sU{QGNMQ-*s+lYcpWhk|5S^c#b`>C|76&n_uYQA$WJX^wP
z^lw}yMn+XyS4x75`%*&^(d}yu7Q`W0Dl4XH2%@e!6ix}g#7b_?{&S*mlCrA)CPmF&
zX}7{tnU}^ZEF8EMee=Uobx_3w2#PvsQmo473qw!_H2=^`aw=OKr(RDA{M`67Iy<X(
zAM`iTS#9}^p4Rj`#<qXglB!)u#R`})7$Q%#;=4{z_WsO*Z4sGukZ}4!Xxh)+MPx=_
zA3>}7!^$Acem(ldIk2XrXji{rHjV9BODI(54wP^XxAM&i`V4ihI#4*f*#zw0mE$EX
z-7Pj&8D4Yc(f*^FFA#0q%91=ia2j>BS{2;e&mzqvyG=BrEdDok%dpO=k${ZV=Ai~=
z+z0*FpnitDKk!dPhQV&P2Y3n(td2(ES_9>jWyUYc<gG?A0Os9qQD-s>&kt30MgoWZ
z!pKh1>^ADyA8l<b4EgR&r-q=8es&tO>iYc&N{Nez&|oARwtPQQQc@Qta<-=I4DR|=
z>>SvxVhy!Wq{NOzXn6k>@m0fk0r_pgu*ne*SE8s|dY2)nW)(XP5DQBqkX|q`12_9g
z(7o(Y_rYFX^gr>_XO;b2sNEhQ6xM-0hB3v}hy#sTaAwB;hr54@jx1XHfZw=dvt!$~
zZQFJ_wr$(CZJV8rZQH5fWbb|6G0xrjuD_eAG3T12R#jcpSoN&m{68d4N#hWIc_k9c
z7%rES!Vu|^Veo<^QluGR2ZNYtofs7#X#9IQBIHoUK9-!OC7m-x%6=X&2S~WK)Sa19
zOA`i_m!V0>X1z5ce`8J)4wJ+4jYaBi-QIK8Q<6p>fU9c|gYa!4RjzXl7hJ>M1Y<Y<
z+p=eRD*X(0@)&AW4*(E3sz1gMSE%0sh}_jTUveQ=E`K|TliYUPZryfl!~E(+K|ZGR
z#n^nngRFDCgb#oCX1KvW1}Nt8r|uMS`m|?`+Z`#6{}r_EhG_`V_y}`K?q7XWpM{oF
z-6`0K(Nq`zdYIJ()$zPJYGw$vr{Qf(4FP6quq0;7J=#b1rgs&3M}QVN(jdpi_zv>N
zP7i`SQt$p3ObkBE(D}u;09Q*b`L$(#xoAguCbZ3jsh+DY12=h_;Q#afaiY2o0tn#v
zN5@^3m_)*X!n(lCUK9scgsAz5yAi~Xa_x3<4s;z<hp_q#H*()@KA-u3KQ=?J`CthB
z6<3(rS={y^CfaWF;~b|4wbNu3VN1eY)v<aN*+d1U+_!C4i+;a5IZMU1?>@oCeN`KU
z6mwR+*Z%e~iF3`nKsD{Y&+imgw*bs4W5#*DW53?Wyf}yQUY+@01H|-~Ijbn?J>fO|
z2u7lL*2K4S6PO|4FW-i=mrvMo5~7Z@HT4S(Z}omU?^#6C=Rvt?b~X3gQQ$<%O)?2A
z;iImPc6hi#@D5QZ54sMYu@i#YjJSMf5TQHu_~BxYRIXL-aWYT6U`NlcTUkQ-7WEl%
zaV8mwnfsg>TfRUgr*6f>Fk?#~k(o4U1wE?SmQ#NJo$7#A6HY)#k~xp?$C|PwDOYy}
zx9aSm?4HX>#5s9d8!!2lB1McLD#C+Jo(;DHn%U7(0%godgOO84>(~)tah-TS59!r*
zi|n9LlAd(YqGHpAhn7`$Y%*cx&pohM9Y;RN`Pm|)%SEV1iut~Xv?fzs1!usd7~tec
z)>?{gq_5u4jyjkrnB0Jh$Vt*kET&m)fNK4ubsCQsX+|y_F%q_v*{Gh>L+i=+Tyw68
z&6}bkpaMHl&Qu`}xoGq#mkt1)3OlA|t<z{AZLH8vjh{fCJ<E~(+)~&cNoQyf25mbr
zveuE5G8!Qi3BRj+$vj7v6=idlMn@}R4_@}9@ezjvx|OMsA+*kI$c-;zVe>i$@}F#E
z=%wA!Eb}V&vZ2ONk?m_e{wplKhHdrRII~%+WMWs`e5rB`h$@5=-BxzAqe5~CsU;S~
z(%{5i@72MQ?=%^_H!JDpI-?m?R(*X&y;CDF0j!TrqLubijgd4;Tf2PtX*TkgPO_{m
zCgbH_!Ng4d2picEXvZCsB5}aR&LAXJDtku7qV3D1y)6hF)1+W${8j;z)_Q~2qS!yR
ze~&|H!E<ZbJa08GW#oI?sVV<-nO>C{Is<>iAh^fAaz;|x`$jyTC5Bym`7g<4i?k~h
z81d#wm?HW&wS-fl1_Yg|(#F4l3VKC~1j%KUEsNB0`*2M;Yp#dcb7hw1X&J&+EY`B3
zqg;7EV+9WLf4n0tHV~v!p>}s;KffBR&z)gkCEN!RNJIh~lPR$P1FTj<!Ll^o_%!>v
zo$rJDt&xoj3U*8q+&yH<O#^pwIL8Q%pCQ*UsZ#sEZ7=3AvgD>gdmE?@Q4Th2;`Ryh
z!OygbyN(emJ7)1~-WX|myX-z9n_D&ghI?DIB1qs!5y78s)V7_4NR??YEUY9mc~56f
z1Do64s*bI<f_x4!u63WDmb&i;FgHZtwD~uA40^rZo?dsCyZcW;AqZqC3>W)UMsIGW
z?9{3>w8g*ORIRn>I^UzP{v?@(Zh~?m@b59Stt-+j5Os|AAdF>XLXY(;;aC7(`XtD;
z^xZY55)lfrsJ!hFWI|3QNY)kU;PM{t&QtV+NN8jD?J6mFvSz~zE^J2a+4WL@>q7!C
zd7Q0PoFVpI&4~I+;(lp0F{9)e>81|s$<FFCZ&Yg7>cay@e7{VMc1|mj+Z_?i0rZTh
z@Svv`2UF!@Yl7(UwI&$76^krUM(CMOy#m9==x;5QiBZro8|)4-%K($sm`EB~oOQWj
zK_#0E+X?}Z)lpQmXz}6LN;LOA36%|lm*^8=aav-bYFc%9vhTm^%*xMCp-ZTVOizLw
zS6`5P$;$Ul08#?_@|(EWulKgJ@7Eo1asIFD#<7i;fGJ{Vu`tMGQA8&5Oy1)8V2o%S
zmsHb6B-U=LTgwycit{Mx7h}qYs40@p?FXNX{4QG@VSCPD-q>P~#SlkR>(+sDthz@C
zNRVGH*y^;s%|Q7&v>DD(XFu(<@Dw^f*%B#fZOv~O!4ZipM&r7AV@#wIoot=jQ4cTg
z12^}l`34=v97;^@slJT5Cyt-`JQ?CDUF*@Zm697_fL2BZObId@9bI(OE73Sd^=F$J
zB{`3e&)_!3t-P%KOpY>bo2eL-TdGf?9bRuiD}uKkBsv!-eBK##!!Y?pj+u@&XkLUL
z$l8d83LLv?x>jqZkW7TzUIYahD5@%m5~7NML=`u!LWne6OKgeP6n`jbqT~icLoQD1
zAJwDI8xpr(b&IB_4LBOkP>pn_G>*?pVW=bW&5Vr>?A$S_ed7m*8sFE?G0iARmyaQw
zue+|KIyt^|d|y9DNAHi%oo#O)pSOE)-}^hS1sl8DvbeFGrZj#sWKPaEEBvd<I^J?J
z`c}+dnKqZXDK9Vf=IMnkv$*=DF&$B0p0r-P4-j^w&ToX0hAaaReq>g~BizCMvsQhj
z89#T3blaD4uqIn3Jdq8*_PhL~ka&*P3CG*{xnh%DUbbQyls3X4$2$D^$ai1dOg;OF
z`Z13cO$)42N4^}kOCb9l4Xx?ezNl<8@I4SLGQ`%{q{xD3yG1-Z;aLH7=oaNYn83$&
z4Xj;(?yhK*Oc-@9+xW_)4J-AsBq~y73dXn)8=VYXX75uUS$mMBP^#31?1<=@1~Cin
zv?$ttKqzgkX4c#JfK2eYXn<MRvvG(06B~;h%v=;qTbZ(4ivuE8tK-_bV3^x~fG7`=
zVu9JsvAu1>7WRLDXfw?F18kVx2C+_u<;qof729Vfu3=sr`D=^FV(ro+HS61Z*UgeT
zynv8v7;AjSfD@Tj4Y4`|U8xBOahD~klYWzdQ%y4+KQ{Fp=6`jlIlQ`0Xa6u(_w!G@
z=X5A0wX`2w*cXt}sX!xsE1@tM82}jeV)d#sjfS10-L3~`timc{fXQS=-4hqabqbo8
zDIN~Z89e`T$caq%CrYJb|F-L{i9mM!5$@Ia2ZzEL!J_=9>7rhJWBf);MBvnfs;sq7
zV66u4C2Q36r$wsCj@1>Z^y~yT@FfH@xI81{ZFABuj_KUb-QOevuZi9jtca>fzoX7P
z>yI0u$uZZDD_?mClD*xXJ|QSNM0y34J)EI*79NTx_=Aecm(Z82Uq}b6EL(|W73y{a
zRb*0>D3)o>jy!|7l7AQcF5a{#QF%&HYZjtu?b@KbqE?v8K>tCYJ2o1%XjMkml`f0J
zj=`CsH8Fn-?>j2SVbla0REm0CP=&RZSq6I-ZcHjgP%=#$18v&1gk(bBl)a30D<yWR
zie*u)yTFe~Qq-$Ge~Qf$hov+I--FNa^20u@zS^lfS4kOPjh^SKmtp$B*GDP~VLk?$
zmsHyoPs2=OlnOJ&851rc4~Wb)u?<Axe;FaTJz{Ux1~WrpQA@xpFqK&ntL^mAYqNYe
z`@K>E0*?$nk6)mm^Q1MC4vNae$-N+QNl^ICP&ay?%bm*ORnfIEACS<iA(J1UvW_KG
zi7#Q(c~X@NNh+u_ot%n>?13YDt>XWXDf08ZyE{v1<mAM2Q^s1Q&vJH*UOK!q)Yya@
zRG=&MG@A}E>tSf`8jG-Lz=$?EP7e{%^WUzE43j9PNZ-S{BHyzJp;5lldUcvLm#>_{
z{zU$KjZkH9wZ$;lmvImgJrnfBG>482Pi>K-h#1aX^}-t>8C?ja>*(wI&Ya`67E-QJ
zfGSvPwj`_OD^a#Gewfm#HkSc<QYuHeTHUK)C^ksAXAe!-6ehEEbY>^`O+a1fP77B%
zyVXXl?nV5rC3(npV9RT#>@jCFOLirge$(1Wj{g5uoBd%{_I3NG+#%M?eg+Y-1l8yv
z1$!XBP-$HL+8%T_m?ZlpKCbCI*oc+EbgH{<oW8~tCucm)f;5a>*mhRM4C^Xyi7$Hb
zP4cscJ_z?qD`^<hUlYzSNgxdn!)M_%Ou^5lNnxpZ*hs^>{l>p!;rdrW9#lhAxJIL~
z6w0UW!ku7=Je8YvOPknS$~5Irp;2;Gd(!#K?`tvd>$Z&3by2A>P$#>G7jSmo<s`u<
zrMdJ=oI)_(0om<z9dVBp-+z2_TP#E-hGbDmm|b7e{sQ#oM5UC87!(s9up?^#@1mwR
zacNfk@f?_fHYLM2{UBYOFM8Z|Q@gP`d-|c^lhE5Lb;CYtl0R~Rt+q@@Y%SQ7#jSOe
zAGw%G?>=Dcp#t`BNevNDCgcfJ?>?K|fczw~7zPHcw2g`ImUs_h!>4hy<lf)(ca6^*
zW`i8VC~jMm`y-zxivqi)tUt+I*~sl{D80+@98;W!@g?Aya#ioIvFS*y6;^qCgSqku
z1_VtdOlxu`c1f0sHVWkgHb<3;KyH|7LW%u(bnppc`BU!yQ@%-P%}&ZKw!*L#S;-38
z4*eXk0u7}<`EgpFgEzCFjy8iysX5|xH~*2#Rycc<LjcpdFSKSVsA8wXU;plS<e)nk
zw(CPqy$)7w-pG4rh9@T;ja`eOAzyy8eGS(4@9T>N%<^4XBo-T(cUDud4fDDAFcAGi
zzgmer&PIG?3d#=#hRm9+eb_+A6cu`sum6MvYkPz3|0_3tSmuA}=1uc|HK#H+H`ewq
zyr0>EpB1`*Y#ZjJy)FCyE|Cv)TjA3`{?VO&BcU&+#LJ#O72vPUtMAhFzwf6pJC7Ps
zvSJR8X=AT;f!2pLuoG;i*J^-!*ju@AIJ|G(QA?(^r%KElMV8FM8H*XZ(`)V>TqjkY
zvn=wwVK)vXx=a!sl5CP5uVN@)?56QLjIE=kp(k1;=4LTVGL6D6*D(*6f42!<uVW|=
z7sr1xZndUcfMET(D6veDv{`%otX)A<w$=oj(>U?&*$cGKjM=V*mU`LbA~({`Li~^5
zggA&M8+3vY&`!pnVdtc<_Jm=z&ZIGhr7F;HArN~+a9R-#8wBt)D?u`X2TtPmhR<5b
zWNWILav^-ae;##=30Kt9Bu8m$_QNW8OX!d8UAfv)i77N1us#LbIvr3Cg6Rt2vdJ#!
zdZjI-XfbKAqY+bU;Rjcgg=cb$3RiiGTj~!?69$%|%@_Wvk@tTHX@U&+7bBF&4#SA1
z=YbPc#Y`w)3k%WJao`=XGT21EIzAQHisoe?)(1T5+H1Bp<8^?^p{5rwf>yUOW0X5F
zqujG__l+K+!?UHJ+9V}S7ivGtBpVX7<eii^Oy7VHb{yYgD&Nf_y2YObZ&j%}qMqe;
z%lmkH%(&YoB9~1hEPixCLYA|8>476If37LF5F^g*mS|GpJQjPSAc+J}%I2DIdxkWh
zbr*-PcGJo2$U`Al^z?u|nfb(JKgec#5pnG5YceYiFb+;SR)EhG7dDm2EK&)ZhBTL{
zBqkeya?<!EbFWecDI@9H@rSKL@wt5=79BZ4hqw#eBG9!R$q2_I9qwB2xs7FPQlku-
zOQvuL??U12vY4>kPWt~Xh|^JfvbQICQw$^eNO5-6%u1klu#qy7)>4YHlamdT3qCFw
zAz0cCXh>cDMr)y@nq(VMFtW6_G7Jl$Fw&@ytU1Y{;8jXK;`o%2IvOKn&kc-%-ZbS-
zw1L!Gi(^_(%1)@I#bs!2ZUT*Y<m?WbzF5Oh)cpe!pwK9@I0G#vsyqs)xT&hKq1u@1
zU}kS^d3XPl30Z-^>2C`qRZ_R&hR#ikbG!F6GPp&F@V$y2Ko(V_Ekr?#Mgq+-7K;H%
zX%<*R5sn@zxt}|1pC2TB=<kh_6lA(4>D+asF(X-5za=szgbXzx8MFJuW|pXSQA+kB
z(8(W=wxbCo9qe>o=+stf7}cx>IuPtZ>$2U5QDLBga?2l1`1y4H?O~H;y&G^LtMS_k
z<FS0+e#Otof$ca6H>z`dx2Y!=wrPzcb839Gt7>mV8Xz9L>|ZU(*UfzajxGfD{$$qp
z*zgHb+@kKHS$j@FlE&<Q+eEvatuDZFI3?b}6(wSz0^xvnBG{*&0#{(>L)=JeIBJyk
zQ*IXWAT;6xGxxf`+(Qr2OhGF#Gfo11!Ru?(BO)-BgdZQu*xZrwNd0svsmdHEv7rfD
z9(X!j!}(&rtS<D>vqV}XjcvKGsKY}QdMmso6RQ7hL=SP+o6wN~+#cO;7RlaLNv+j{
zHa8xsN-ZX(Wp3SApq)5TX*KCzUMenT%|%{kBFgrheNj|05>w@SV&v8T>E~GTyEK>2
z?>UYB3pG9nAKbt1DeXe_ajJa7W8`V+7iB+<jObY~)$Ihqhi#h}kZoJ`b|vlcszhBS
zVn;Y<+O!<YOUojs3~p}Y(?(vR`C;85=o>W!qaVC9?OE)ziVp&eRcv}*--UAR4iQG0
zf#MzoBFb}tSqi${bT=*-m9F1uKTJ5|BgWJ?h->y`gfu2$1WfhFg?(}5PUg_U2(DdU
z%R)AZP=nKRbAA4~>j8D5bT~%;X#;B<2OC0P$G+b1?4&MDn7NO*X54R4M=x<NNZ^v`
z6Zf8r*dto)zkU%4IPIUZtBp;9gRzU`BvEP<TA1@6(82(8ZR~tx&C=l{WwplCjOhO9
ztg5G}@|@a>UFK%PO;S7FCWW2ecAlkSAVI)6&$aZKN>3kOU$jb@>~9|_kK)-+25(7z
zoC4o5$Kn!ff$^WR-~bFwjTdv<_yqpwter)lZoU!A$**YAHYD{}I{}t8lz&vM32iju
zlru_3MD(O9e?#ys`6O6z0{+ic{{J9O5BJRfS<FZle2f3`PCUDxCxsuiiN8GbU);%V
z`(MZzmX|>^BP`<A0*v~z!1sTwv*$-`{#vh-@BTRk_@4m%KO6eLlkv`h*|BP`lhby-
zpX%66mYN;*_{`|`j^npWL7DluTS$?OB-TxXKcQOxo8Htg)ALCS8!j;cKQdHyUg36y
zpA)8WyTA|P09t8LzQBgYcL_Mz><tZ;XZ$Om@8r-cKFuL0pLSpuIA5p}*3;q%MBf@{
z=Wdn;sHQMMr)U0m<nY|}O1l*>Q(AFWXdu|95s01747mC17^Dy;dxTF3L?S!4sw#U@
zI#%~I<CYiKK|X8!Wa;|qooI~lxoTI{okO8H)e$H+pKERK94wh``3DwKn|NN@4leAm
zFXVOy5e%x;g)4hXdlaHKQ!IB~N-^9LX<|w_Lm9t|h#6vx&3qdd7bJ6jv`QfklHY;N
zmn|mD;J+iHqf2)E2KMP5?aCv>PG_mxB;_snwR4Bi_szlmcK-Sb_=($ozk3<upWego
z`<Xc``rLaVCm$Qz`M#R@*<nTRcSw%khcR;u;rH(T!Rz&AOq7t6ROgF*xeWTadaVlh
ztv2Oke$L!ofG-eQfV~#}8&rNzEH)d~OFKyVIcc+v<jDXF|Djplj}-84_~P<Ph1hn-
ztxU@f{=E?Zp)O+QUc>58qv3@isWEZnLOwf`O$%98%DU{~95TKBnpa<HxMZ!IoMb-<
za!xXcm9d6MFwX{GY4KrX&iEc~q^W%8=|v|x!w0*r)CD-I1SBSer9==8^&x2*#oLdg
z9)@hznJOP5^6x-0y!F>AR*Q8(LoyNky7KmpZ*2+AUpUEw>nj0AX%Rm|ezeV76-L^&
zuC!ZUGG(q2>}2F?Q3mZZ!ax5-$>sp3qxO-CVKbsv8I4|_^_TUz2^hMbDupH)o%IO{
z%E{CkjTj5fM6{znd;Tx7nuX_LSW9t=9<a3-%wKRHV?t9yqoXL>4f-Tu!bADMt<U1V
z;_=3O>iS&p3OdYTp)0ju3tBJXBxL3b3twrAKjLkbE!LiEtLHzr(7>MAREHN3s^ayt
z<5^V?KQ8afep)SkIzR8vjA-AhEyHT&st1xft+yNP<)fcsTVN{92ukinZvIJ_;zo0x
zA|PLY83ds;!lI>ANsHJ#_97Jjit3Mf_^{NQK<2iwou@UHxxecCP0a>`y6n65xmsBW
zvUzWaR@0SRYBIyqh+~*VS~WEF2dE5xW{k8y`-pRj`vJuRz?a~AlKRmq+eMakQ%m=C
zlTMG)M2S%5Q~JyMEQixdZzrp`-qH*|*Js}@_3<_QCFWGfxS3^K?AS(*F3H<)i@hh>
zREx1tAA>baYA3fF=}t$0PMv&Y!(2~Vs~ngPrFgvq@p{JeuX}GV_l^Y|p$F$CHi@~=
zvY6vP{h-GeDKjwD*zwJ^@>Y0zwxuK5sgp^$(~?iC!@$EeEoHS&nm$#b$24j&rys;&
zMq0CidD>WT9(wc&b5QOmrd@xtMyEFxo7XZIxEf^0ZSb_TuC^;Dg%pd|s$EDq%i>2K
zdF4fUp-!jB=yCFaOZpeLh%;Og)ne|^s=okQK2QA<Alju2GIoWL)xY|u>i3`0-dYos
z?to{o>N<M8Q=dXo1%+@CU0Xs@4+Jj?GYN6QH*Fsw*IAK^S`z!y)On!^)Qo?tk8Y}r
zMc-%q^d>!WY9HaiN~>ia=bR(j{-ktb3AF?MdTKProG6+q5YE~}G_bKdbYV|`!B$V|
z5We&Y?2AFJkE>gsP$)d4qPt*3XGk!Ne%@6IHA837B?g_EK2{jDQ>;T#Lu-Xb3vZ~M
zc{Ji?SMKK2V5lV(vjTTn$BFe#v&!){4EjKlyaeN|F_cwph0exQ%#QY|3tHMY3LO|6
zbRudKo-z@M!c3d1mGx#|Lb6U)HAttEP14*Nf(c#gx$q`5?&q%Jm)T{*_M^5))uQyH
zwqItcy%J?F?rDHsv#t8f<7W6gRFnEzvh(nx*vdjs8@A?6!OTBw-2GC-R_@U=zMg88
ztJZXx2$;kiv#^d&$a<t1IfNRTTB+dT-a&So<_?u~TwX`c0@>hSLW~stqOZ=PqIB$D
zIsXC~F7gp(xuYpeFJwXb53mBDU8jiLrMeKK-{H1ky8a0SqB;*iqYQv(GjU#Xb7~Oq
zstBMTBo=H>1sZDP<0g~cX~sa|;V_fckhzY5Nj;vhl#)5VT*pZ2FK;mp#Js&lQ%*>f
zXrxZadT2`4SjBdNPFK}{!Y#gtg+>D3Tp|~yV8F;&n^dw9y!w$&vh+i_(xU)EV&`O)
zS^Xg0SQC7%8^`OhPW&&G&6<G(#$JsQx4^f2I${#U=CD5KNOR-!hh+ww4dFtCj;Eb+
zjN(^VN7v6!3Q=v{+j?iJSD0=T>PiH4nclP&6H&?hBeJ8=G&<!ZN1$PG*vao9TsnzY
zr;m#iJ6+i~B%2JQOU(^l8kBCCW_)MRJnq-&6u|m#7}s7=cGs_F1+Wj{Fgha2o`2!t
zrU=7|Rs50b1>Kd8gYlO1MI469o<?4FHm@3OHA*J3TY8}g)`Hojv2lz+Zpqo?McRR0
zHSgSEt}%AYi%NVtzQ+&^h`8J<_8Pw(0Gtx}jj7k<XP*_RIyETu@(B^cyY0~Il*O;=
zo-x$Cggis$y*!u>LJ!3&AwB`N#Zx{<?7M}gq{7;7)UZY8sClC^7xyb+LAeuo4I0_i
z&9_zra~Kt;V87%ndiSJ8_Nkn^jH6nT*$+7&srZz=OL8-3_!f!7g`pi4+sjE6OhvCi
zY6_Avu)%4-3U5X`MwS&%<v@w9&rA4LWt;j`?0=dx5>GuXTjX<}8Y~37%wj>;g$0QS
zNm3bG;gI}gzw#n6Pxl%jh!4L8FDTjkwOlP5OTfAw&v#EtkP{s73a6cH%_YpL-9))-
ztyZcjO(^Rdn+jGuugzNfW$_g#C#WGkG}lwXVUN2ynukf+`9t!RXsp#$fyUg&E?E67
zYc<C>GstRHWCFe=5Y<#0nHW`;VeObS>3&qCmSUn3{RJt|win+!IyCk^>eH;*6zNp6
z$#2p#dxCEGSZ!w&l*AhLu7LIJTLj9U$BOp_FbLM>?>TZOA-etOMF@?&bKPs@#s#aE
zTqA@9URllCni;L^y3FB4+@^mhJ6imiF#${4-Q{fwXnLMCuawfvi1_W;n#(Q6Wfl&)
z)_&84c|r|yuJ1sLlpZ<{lxNHZUq-1J?gA`E3DE+`efQh9$s8w0J;|J46wMk`0q#ga
z%ERBLBWr3p=*XbUKK%qi5;-U}lyJ;q#vJR(A?T@Gyp~C8+TFk|R@`{=)HLfI0jyl4
z-=LQRq9<CxY0~28F(?633`K(hFH3*dD<x*r;-NIM=u(>tv3(+_jY{1I)NqJIeo1yw
z?@1t~E&k;0!q!cM)-6*Eqd<oP4|~SINQRjM%hgwp<JPcgCFZaF-dt9R@2&s}X*Xlp
znN^XsuDN7@eZ$|rAz(H6VU?er!v9s5yj(>;qj}~3la_!Vy?N96V>8QqTqVkWW*rd7
z|7$h>qceXD=FZP@?hJ<=+aKxqzXO9le#uxrGe4uAAGP_vt5Am>!2188(EoesAJ6%7
z6-u1q$Ork77MN-Dmt_4=ztJLfsvmCw7OA%r!*?E}@XFIf!w0&bX2=?$;2YFL)|ILM
zyoIrley7Kg+f?JB&4F&<4NjC)C~rH$P<*4G<fWuOy<---V(=7=18FT2dZ7A##2S)7
zn}IBxCgYF1Vqv=mTJ(Hp>6&M{>Ibe8ltbXgs{8}Cs(Q4Y4eE8M;|ExQCh5{`p>1a2
zaS4D!5q9wHF4h_4R|BbS{wd`bX|su$``@t(5Y{_X0zG!qo)Hc9AZV?MOcQYPfPA@2
z!a?Z47x|iUqUrDytj2LcWO{4SKnYmeU$=`SCzBT9=gITyO#B+|+&A@)LkT4AiiY;L
zir>t5@g~@gC-57$3sk3*xWS8Z)n3$ISTydL)Hf9HiNP^Mt2NsjG{#yq`CBMweC{_v
zCtC^j=}OKcbfBrvghy!6S64>;u9OS~3twgq$+kL63FqUT*q3ohE7w$dE3oL81XCc?
z(<635_loRRQQZy0+J*12h#vk_nRe)C=F*Lahz{U{GG*Z;!V4eys8#vjVm0*#kPL9l
z{hd}KVi#(W!6N*<B-D^GOd!wrd7mqJ6Gm0`D}s?)7S*P*FzgZFDAYY-{Z@~>hrb3k
zupq_(w_rTq`(_JhxVgud&lPQUO+vNDyrR;fbPwg3J58dd15LJn$y(|qO=xcr-)qgo
zMw}?6HQB(mV)V~);Fy;wTJskEdF2W*TS?wH;G^K0cTvbXcQl||;jv9eR`UTO(MJN!
z*jMgbbSm8TO;sl<H(mm*YJ2U5;Sz@WS#8^(JO2JPUi-)P+HNnz__?k_B*?dk%L3@v
zcKJtAo)3NK=avqY1y^166lL!B0fUD^M17xTj%ZjZmp}+Czl3odiXO7uSSYrvH8}WU
zd+Bv^!DS0W9+kYZ@;&c(z@T1@Mx9!g{;<o^Lfjr43+om{lH`-!>$OAQ)@Z?Y3Ep*7
zp_;^HuR$$6fCeN)3!SkQzxmMsFSOmP>WA!4NwkL=#Cr**WMiS}*f0qB8o6!g7W9rg
zKM%ld>_!11|7)`#!Qq_p5?$ppA?F44J*se_=%7<PGvQ!7%q=#Dls#W>NwV;Yjev9(
ztpGOpOHrv&>Q9O0n_K;$0wM*|^s>pz?cOkLGqZgR2m*KzXCkv(Xb{sa5Rj+UdPZ+@
zhX)iqEz#^Vq@`uT(*%wCbir3GuJX^WgPnHa7<us2_gir+E{1!OAuKlCv+a6Z!cR7~
z-yp91QMU%g*PMdlMS7sZ={P<f&hZb?K{Y0l>I=v)+{W8JOY(fngZLk~(>n>kX`v8P
z+T~zCHv(hXITFO(;}&ZWLf1c+a#CzWc|{@p8P?mEKY_TY(@Tg^3RkHSpu#j5hi@Nm
zP4WX;1?=3_Pc_Ch?so8h>0zvS3hnJ34m`_8HurM}>za|r*O6HhJoq6JB&1XH*v=&J
z)7=Lh4k|h;HF<6y4;aU0Ht~GpF2o>gwr>o<zT)$E2*+LzkxJ!72PaX|HekPx!k7YW
zTa&)jlxn7mz)&)y$}tyv@<LDc`__Io<4WA_gVz+UDYlTPbFej9SPc%-))lWZC?;uZ
z{pm-(J!krQe(h>{*(HuObu?_O#PTb$k?P}zzA=sfCNnXJxWasV2a<0#{@b(4;vy_e
z*}l3OR&9aW#|!2skx;N1^A06SkyP>;h;V(LQ$68&_l%4)z_B(nfqCtjH}N6S@d3BP
zX_ag`y^32Lz954>XCuGskMl89F;nn_tJAXU30H@@OYl5yR`K*0D0~*^KbW@e!J_w=
zsT!z7GoR=<&C;%?Ot=InJx!yX+tgC4rg0aW0r0QfZp)|m-jP4F<!M7QKYl2bO9^`(
z(9n`H%r*DgV;CgiQ~oO@SZdjl_8@JUT@hZmMAxdXyk<0qSgrvQh4Wu}F6-rPyGp7h
zqGnE#FkpgZBm$=_romw8I^!0Qx(3apZy$%!Rismi5^z{R>B8>3g6Z%K*`6MkIGk+f
z9pF8^3Sz6A&lRS)Xcdo*C@ljT{$Wh=J(*{AwCsQrQ?W1cClPsYHZMZ;I>4VlFQH-O
zJblBbj;$8Y@<*_no4kF!MN41l<`xAw%ox~o+sv5=za(BDaw2)>`f`a5XOkga)omn0
z-xfhjA?r@_zPg7H3yrEK?$_CA&Cpb>!v#}zk*;E3&%_!!J4ba3Zm~G&Os_cvcVK*?
z#gIrz`}qugc^=<P$_dyZoowfUJ@~#0>4|`Ryys5zKNhBS{E%*{GM8=EP}Qq_7j>)g
zGWQNQ9HNCNm;}eObsIpgU-b7uJb^3H&GfdVus5A4onSGQ*D{Y}fv@)!y?^_8s7^)J
zu5xDYj_3NdeT#WLrVvV?e(CNIj8l5n4T9JyM1`#jzoF4%zL&#z{1PnU<gn?ecHasj
zKxA9ntOu@frvJPMwcUu`tu`W~RifvxF}F6>ggqDrHA?dVgu?aXiVRm6lKPQ9jz<-<
zN=fqmrWD<7{7>d$nOI<sB^k>QxT<`?`}g8bzaK=X_viHpH$}GjyvOengi1<guK&a>
zHb?;@uE1fuQChlxsrKzKGSUC-Y&~#t0vCE&R=X9!3#<a!R30$eAm~H<a#$r|pn02p
z#2Cey%;DIFqm|`#)|!Hw+ZTUTrDt=x#0)xV&H})mcdV%gy(jZt<S6wTP_iAf+&<0=
zMWVS=3GiLL`Q|CG|C`~kQ8W0JqVn?dJ<dC=CpbB(p*zBm0oB5y0TmTO%!K&NlULl}
zCB9z;KCLt~ti{EQYpU7|WX6=)W#?;6e#8JPN5Nh<`uv?lo3!H0+{m@Gjo;5#t5(Zh
zXt}`?<`=x0x-6OY^29%$YyPzQ9>7zk<h6=jr3Ai=!4yp&-F@^Isqz4;RL0gCjKz;0
zVi;I&4P~Vw#XcwKz}Qf8sV<?BVM#q+8d3yBtD>H@!zx$`TtTa8g=a^=xz$DlZJvCX
z3su#wmlM=egd9Uzm?hj|8&i0UnSN_*0(PTM_~I^Btj?_Yo!eBlO%$pDAYjM(dp>bc
z`;Dy?_yIq6aWonPWNimB)R}GrnwPQ^3H?Q%{TaP%LrVR5&@gFYxeRs~j$$8qhF)_I
z%94`6LKrxr0by0g<6@Y=1m_tc1qmgmC9M<XMSDOoF|ytJpZYV8A2%d6>C9@jPP6D^
z*lf;rf4=D%nltI4JQQs+U5ge9Df=|_WFN5igwQtJqyt%LLn`gp*iR1$6o_v4Z1TW)
zrH7Wt#r5_oOXVrJ8V|83BgB)*K$tYNo%u)%ZH&E8k4Xk(O31mj(&U!jBM0TTmCO7;
zj!+TJN{<=OVtJPE0;AHiR3RX{yuq#gzLch_FGJbSKv-v*LBywyT!K)@oSK%v=*TWO
z%?m)Ig>k8lW9UUDzlyxFF;ps&<+4sBOZ5p<D0`7@fvIZ-VgTKn7M!iX2_iio@o2KM
z_v$H|-Kf%<PofrX2%DzKAQ>I*xzBri+I7A=YC5bY3Tx&9<DN%O<$im!jeEB~WBWIa
zor=SrKnc)OJL~L%0%!eKiR_P|NEBuq3f=N<f06p<jUKR*hK|s#s3_~kVM<G+eB^rn
z0jk4DHu9K~q2OL;zV<L-ombbWz9!Q{7=N<`ss|ll)lADBUGqlRadxu&L8`XTR=+A-
zbvdMFq*&jqX*t}gy_$_2<SDGcr2eo<AidB%(J%?oEhO2Q0?b0s>Ga2Efy!R>3JIA5
zHoLfAZ-yQzFAW<$;l7YMojCYmC9)-3iH%3s6;ZteI0X`bIvpy@$KQu4dQh>8I*j4>
zzZdFyQ8^8C+S)J6-7<J<GsM@%R$#5auzLB&X1`?qhopZyPxdbIOs+}POo4a$0BpWK
z-aa(ze3Oz`^=kk)!bwL~jXIxYnzdhRoFz!x4Nk>>+9$c7St)0!2G^POCwg}kPz;FS
z+#1qQZ$Z57&6z)l4`BzkZQ!s0VTQMk@`z!8)e6O1qldd?;jsHlx>()wf&78<_*jH8
zUQy4NZA(qpf?I#=tnf8QY>6p<9jWo1iwqH3f-WHFtWh{I_M*g!vUt^bvx&zPXh^4(
z>U?hs#Fi)=Xu>h*;RAH;f8|GVJ2o&uaAyysQ^(KXBpz1hoNCiiQ8&pPB>drsCLg^U
zHTXShZto*%^Kf&QzjM%9{WpQG>}uQ2#Ie`M*|SO^c8vIiEEuNS+*bOtUl&xB(hJdA
z$AfYQW*39j)F>6Z8#E?;+*<<(p5*wYGv>Tfxo&aQ?GBWVYvq#pmr7gJuZTzq^pPrl
zowXK5N@7Sv`pZF|M}|0q2elLyXf+7b%=#3~k?L@<+i=%!25es@4aV79;0r-G=7eof
z2Cec~rt?T@@Q~J6t3}XHd~<*8z2KXZ>*M14ecL?i^M8H4hH-uzxRLAUcsKKZd>tPC
z6qWmW-rnEukK#TK4_*q_Hh1Om<ND0${bWcS9q*Uye{ng}S7+DWzW(O)%R<PXn+^5#
z&xeh)gmr{E;>%oT{)D3iN2mWy>+AZMQHD)*8acB$W@bxvvgnnebS27u)gs@q0$cd9
zZO2R~;MHXtudOvOelHtuhvQNkzIofp1|b(GivS*T-)TI@Vh+;CPsu^G5s1h~<xZ2`
zo2r$+o7D)!2<P+@90qEaFn5s+_NCE~8S&+e#_Xh@NdMJt&wEL=qTsvqo7TInUQ1aZ
z+Fu6Sp@Pm7P3UMh636Fm><LM%^)eh8O`8?G=CM*WoJ7!<4d7eER~eTTcM<nC))lvr
zl;<UZZ||<?fE{A?-L+R(K{!`hfjV)fmcTt~hq}h3Rgo(KbOXc>u$bGLXypweciZlB
zy4kV5*}=Zqnf&hIdOJ7yE{DLBCe6y!RkNAk7eS4)<_&qbR2n?UNvT|oq%Kbd6Bx3l
zx-Z0E_NKJm5(@gZO|G`5k1qJ<E?Yv7TyDllZK*$QY$4IhXvdLiBma1rZoN=%><+&A
zfaHIWno;l6H))f{DulYx3SnSfS?r5SH=6@>2|^IMhgx3W4A=Ehvaw1@wQ@}jX>Iz6
z5^@K*d+G9TlCa|0v!}?{D(9z^A5{?l;(T>PGmm@O3WzeB2~ui<85cNtpe*=lvz4H!
zU?^pdMWmsyxhd*1`g=pm{8<>aM3CEL&Uv%GMj9c^W1-K%a?FmZKF|@C<Tii{`cG5p
zrVslJS`Y!$DwQX!_@v68G@%*~tRd5)UE@S)Za^&rXX4nW8=>5Uw&ulm_eZ}f$(nfG
z5zNFtZOx%Ygj}3Ut^0rJ`H;qr^OYGGT!vvDNc1TerRmg;gyGefIPHhvrsDuiZy+rs
zInhoABx^jMY_(4~zvB=2kh1PYxXZu}{9SrPFgP?rN9~)~bF2bZ?W;B3F596>G?DcX
z|Eff2spv{Ltii{)s>h*fv*XgwKPtZMh<bjB1cWz><8$noERWxdmso5I-}sCE$A>nn
zg%w%fp^}Yv5!Rhr4&VQYi!c;YC?|k5y#p?E>~Pc0P3&q>IYo06D<)^R0US0v35CW)
z%F_*_gds2UCST`*Q0_y0Tupf21mgY`9a_2eG5!352T2=DI;rQ?=5?VioHr<E5CW=n
znnt&v4DStc*_=`BNT-%0!YZi}w8$u_GEWv^RWFN-mO)b4@R>zYDOt#sE>hC@bVDq(
zB-i5Im?~NenJ*_?+E5~9p{wo<EH?c`5+P&9rdzI~W_>4xRobXbut2(ZllF{H9Z0*h
zl43KNd>g>b(!Us3UfLY`6j=QTAOixrv0KdvGWf=0p$MKxW6DdS?)Y;{>FE=FgbV>_
zGaG<ri>H7^T~QzhWxLHGtFAM&)PYQ;(7<`h^TGTi<hu<bnEP`w$sIoN^}ZhhvoL?t
z+Zkv{tiP)qxkR0t1daeCac=#sQO_+x=!CVTdx{BwTTy%{Ak;|Z-+hr*v*pO#z}OtG
zzuCses-HTyQ``D!UY1eO3?2R`43FhEibSljOx9#(9?FVh!CxIp$XBtNc{lSEGh6-d
z#0Yeq>&-Kf01ZS4p*Ztb_l-^hH=UzL8H5n~e*ZgTUI8cWN&SFOf4#1~_MA0c;`nks
zxOtYZ!K)))rWLli;d69_c&mYDQ6qvWQ0{uLyv{lCNytDy7wF0|xqB6Y^a)L9eKZSw
zysB+kBu%-I$Hvn^j;<pJFv0BrYY(oL79o^2U5hIfxZ#i4)ew!cD}$xEPa|7?_y=}u
z_daA4k&q;)GUZ`<Wak#dcz>AVPH*}dO5M(u*Z&|t3)Fcy5l_+jEB0X9f>;m4%h&&W
zUh?+kqX&eeN-Uey$$LhV<)Es>7s1f@KldWU{vb3is;XmQF1AHd{wlJkXHdrn{W}iC
zy&RnrwFPjgHRtZv=@4Yx?n!-Oy4Fw5E$9D%rIzyg&r0sHLI^bn36d{{0bhgs$aO(A
zcWQ%J6011q0Ie1-?=Ca}#=l;nRt*}~mMJ)!moY|Y=V3sZZEnDVB5fn}5X0m`)?G=V
zc8rqg3XrbNL6ydxPgf%__t7|@^O!aXq(|UnO@9ZdRJl);rKR1kYgKC$e<%AACWvQz
zA&664m#C2Eg>E}2+Pv_=UG?IZ;&8(eV)<ewBf9RkMZ#g4KD#fr{W_54tBl@`-D-;S
znl+=r&NaoyB;qsz4_l^kh#{>tm{SjPbp_$~Dvr8Lc+D`X>#*Q6z>Pp%Y}{5-r{5zL
z+4@$%ZUKJE+&pE?g+Pgi{#XqO&|)g3hz-)HD<Ah7`f}O0%9sK?ESq<V;JZeQ%5IDD
z|4X;k9cN?!aX3nauK}_6*j`8zKJGvberwh+U;9=4cjM&+*_uXS#pCmy{F0j|arx!K
zwqw!lKO-+@_mZn8-5uYp-XWKt+Adzh4AuX_A{^JE)|%LPnp66v$<n6vI=os?QMJS%
zW+)BVI>|9GlZWs|u}#FHT2x#d_@0kVURqkAi3{GVZo3qGaoFlh2AUw^ew_oF$GyuV
z^^9@(-DlnDL0DML?fxM7bhdyMueMULga|Swg!#bz+!ZSu)emjA+$|UR^DXhl5bc_m
zehm@64o0wu&0w+$;}8*+M}2?Tl5;9(`Zb?@3gx>|L*BV=-#!kvZnO`C8%;GySTlzx
zk65#scKAzh6KJA(i%XC^SN2J2jq66yDk9|~hybAXXYBmL_4~@3K;TXr7$EfGQo2;>
z1MO<|4i`W|smXVGI5-{P#V9$a0iT+Ns`)q_!s73t`$lA;%`j)d>KPj5(o!4m4qaud
zV^mxw1_9D(GqHj}FGOZ!ef<*~qc+MdIEUy7#%9wbfSn&nj`rNo#T}j;dNKsPRnM}4
z)F1Nr;cq8LZAK6=kkg7w>=HW4!IIg(Dr_uL9;fvH#1eV0?JBiOixP|g*ZVBk($3Hh
zcPtjt^Au&}Bxvp;^||5hD8DLQ-AYvz#xty2hQ|jr%R}EdE}C|dnmTj`MMDiq>F)#`
zn=XcF-64MDu72C_;W&N->VGz?r8+NWa$zD#kzayq#^`nYw}X$O!!QM?`7Y8<<ElR`
ztVSa)={piUBmNOxcyHh3OxegRvFk1eoSol+A1`^93&!dmA$pNP+bWy$_~tdS$B^j+
zgFjkw6j}k`k`k*@xK*uv!)r5#%~S}6DY2Q`X72^A#~|U<JW@Pwb?W0%_@9)FNMI0b
z+FGep(#To;z7DR7UP$i=lN9Dx?t+d#)S)Kkts2rE!m+loJCQ3FW{h)(qtY)~l)Xyw
zGk7^?dSTE74vHKq;c`B58x7M>IHf4?x^n0RTBOfg*ZBdu14_IS=4<+)hytq4lr*n-
z2zUkne9Zmp>ipyH`~a+;AO0Uv^j7LKM87|hmQy(?c&Hdy82@08YneHW$a@dhs9O%z
z-`2mH4`ez+q80WLn9u??Oy0OE<XVebzqLz3T>pEz$1r94R!1{UfucxsOatASm0W#X
z&j;SH;Y0BB1uwRu$~MJ~!Z<&^Lqk7(;ND*#n3;F^h#((D5GRHBXd|@WwV|}Fdgj}y
zv7v7mICESpt^vZ|ERZZf&t5uTW+K#Yp7)_mCY7ne6DkC?=?g>tI9R7yYPDk9%To8b
zvKPkvh_>p+#3g8P5BrOD*x=A61SXi%ZxhlC*q8GmQqS8f=;i$kL>O1?Rqt|m(B;#`
z5Jqz~Y2}1ZGNRsk<MaAk!r;-z#9y504dTl}L3*xHhK&du@yY5Yq?ft`pdud^^R~L7
z51|5s;z#e5&<)yTaJy@q!(M*(jHe87WkY*|Q^;esjF8zjIH)|EVs@pVb4#UCT!-y(
zeBhV4?^=9@+Q}Zg$2Aeu%EJP~)_+H>#!yMX6+}(UuAP{%$?z9);PI_^$yHA8(#>}l
zn~h&LG19i!tkbA#@eiHNCI<Q%ECe4MGYjO$@9Oa7oRPF+O&S^x)A;$4p*c3HF7;{B
zd>41FU)|H-0mDGS`mG5G{<Y3CY^J~rs`iHlqzgZLI-8L4GWXkmwnzo-yqh!7&Dd+q
z0xAif=7{*NPNp^ko*QVfj>C2t2gX1?=CnL4U4u5}s$|`+z=eO3W_TJ@k1){+vi>>3
z8DH|<NB%SP<CzQX??I6-=3pa{3$Gr>ZVkYT6~S85Y#L8YV4>8!^J5fH!_w;{XqThv
zmLuw)y%zhk)r28HYpvy;&$3I@giTftwES);Gp2*&m8ko{=uYs~he>2mpi(PTtHQuy
zLSSZHiLIg5CRxinPG+L6lx_~f@>7S->1wir#ZUTG_X%EggE<s+H94z%TF=1<tYVr~
zUXTfQ7-Vn*cbsn~fV&|%-J>z-eKQWF_iA1n13^Q?dju^N>c8O4Q||Tt_IkOSeGPSr
z+R)cQaaIg7%lC1MJ)0ssM6@8bhIV*NuRwkEMu~$><L?s1(0q;>L=(mdrZJT;`0&j|
z+KtyA_>l>vc4uSGA?zCpk9f%Y)|hpi(WR=s8nL#WckMOvECE&lf70i5ECHkyMuRfW
zTTGO<AOtN&*T;<z76+t6Y4W?-5`xTCU~qq3XfAW;*|y}i!8{8bv@I)75flp)Uhux_
zL3!}R#?CKLeCQanTmh^|k8r=fiUisQrt`)c-BQKxs|v5t_r`DT%j!_!^~~Hj`orU-
z%{>G>TnJz1>LrgBk3uf*eT`%>AQ85=$o+%C(w5HOQDq~<k*j$b608_ov#K_p6&Zdl
z6lhR(Zjn(0+c!U}ah}URxj5d)1;nA!Jg^=?CqVYs35x<?RU^Lu1AR}{&6J%HX6%8R
z@M34}3g@icry(_XTgom<S(uVUCUQ=9a5~kd{V$i3L|PvcO=XT;NNAcUVH0+0R$`pS
z`=syQ&!@WG7H1u6hb9OTt-4~)f-5DDr*4<Bj>8XoF3)OGZmU^A9jdH1imW&znMQKz
zZ#KMJjn!fncmbtp&P-}+T%RvwVCWMQz<<U@;gOaT<_Rf0+(b)d@;}lTj)11PfGbBX
z4Oi8;EHzP_z$TMWW2t=Z57nNs*3QD0bs{rmAi34pZZ6=wOz&$U6|j9ux|xO2U52ep
zKd02M7yLyn_`r@{|0W1zRG6wFzu;`{%@BwY0GW!aPw{88#=*+H4bdj6+j=q!(<Y*|
z95Z_fvW=wG&N@Pk%09DmDTV_KAG6+5q#`apL;}t@*X8*S1v`L0oWR`iQd{lkKQXU{
zaSo=T=P*y8ogq((tqWv2DD7)`X2g5fvmJsP5<Lx>l^!QK3b2fA`nK3E`n8;MFp*eo
zedi1x>r1?u?d-FIE$z9bwDDheuP_UAIZ5SI!JYIy!!ldPSBKJ$3G9q9{4F%U9`%iC
zm+30CeExk<#mZnC9ae3pHcY+t(zcg0MrrmGwZsoNR||-|EM9yyR~u=8u>RC=q&<Ed
zp~!k!CjwOPv07Px*+t<qsg|*&EavZn%z+<&u!5u*ola#@v8;6~U@&fM>dVL;_0wt?
zrdr|UE?#-Hb>~V_WUR;hfCL;FJS%CeAe=#?*amL2H5^YSIf7nF^R?wh8ORM%=%=B=
z`MaD4;w4=`VM;9nu*Re3SeL#GL8K2;i3V#3bHj+F_ns}Pe3NwkL=1XGoxXinM{g_m
zh%{bh>S<f*tXJzW!}x67b2<6E^UjMGl)7cuqYhXl(NlC!Qk_kJ2hXcYtpuX0OWTqc
zuT=o(hvs80R{b7;_LGRfpyVK+`gm&@uBE5DUqQ{-dw5*V%ZYr6+ya|yj~fZQY~@>s
zU6Uul>gDhwMtk!J+`34Xy0kB-Cr%Q*wFktkku_1H=UA1GnsT_%R=QN~GnYKkxqVl1
zF0RuDQe<|=IK*(U+H%buUxyJxqv3F1&BZ5rVPqe3qZNOl{ebiHQVb(X+GYb*jdQO-
zfZ)K6yeN>bl~F>lt7ho?n*PD!c#YP`4lFq!P@!uEEu6}94VBGuJ7DUc_30^PC^zS0
z^Wzk5eK;z}cTl7)i~BB-t$fe`Pix0qTXYl-jK5&zW&1!1TfPp7H%J7>*#J9~yPYO=
z`>n=vVwNdJZpn}MpUzmPaXVwW9KJHIpH3fC>QjKJqR?te(NuzBGKf`;ABBno<kLeG
z!xwe^PB07vlV3+R%k~1{UWJF{gV8r4kx8VIj4r)l8>KvEd<65#K!&e_D7yJ<{fV@}
zt#JgubNWdauMKmLY)qzq4KFI<qD&oUqjM$Yw{JgO&C249U=U5atqjzxQs(}!D=_0-
zQYs#&Y`4R19=<p*&k3f0@Q*h#MB6(g`PqN**Ld!+nV$@*s-57o=%qLx3|7Ks<rFQ1
zU_X*^kX=i+u#k*XzcWyG`HZWw$qS~Mb*@i%Nz)!X9|^foPf6s0du_Cr_%cCf{qIE?
zw~!l?>P+<$vX}R>O5Q5B8tQu=!a=LmHoF~-HZ(Y1H6cB)8Op{Vy@^Ja($|@Z>vqEK
z;!e?N4w%HOc7xL2TtE+oKfMuSy0&Cc{CR7rx*stY;`vHGrER~VAvk(UYx~6}6*<1_
z)fQ3iYu2G&U2>O!ZMg%Q>*6+$H_9F6Chjy9YkO`yGtHq*PYZRfr^U<WPEv;Vj|Cp<
zxAGpBCGB$_m+b&<%i6pX$GO7JN{TDv$8gWN;{T-Iz&KN5jf%l+19H(t0(Q0*u5=94
zfHA18!Ts#}-d#k43<18@)^r{1JWl7f6_*RVqc;5gAtl=z;*+nfPdiP~DK3SEIj<Y$
za<!P1m|J^^I%Y9dL}?PL4|~~5$rzPA548aMHIc+UFWYLQ>|JM1w++AIC2|F1&o&oZ
zHeX5+jNQvI`_Xe3S1z7if#CH>1w^<sz)@Htbj?&>VYdZ@@bITuo9M-(e>B$8T}9k|
z)ziv=D_TC|zdAkT0@4R<x~ya@hJ{+$7-Wz^TpCQxho$wzDGNzvJ$u=K1Ql@H;`q$v
z7^@NSc;0>}KLPR@?K@%VhyvuF=q~Sx8xgbr4*+#QiofCETf|F%r`~CUg~Insf+vzZ
zT;cHD_P|2oyDiy8PsSG-Pozr57bM?p<2Ew3bb%3DY60^RBuP@S^RYDR<l^Te$$Ev-
z?_CUikLox%n2fs5u_a#Det(i}<zu2zu#GLYzS~BOW?V7$-4-g&zT3uBH`#kPob%Id
zsTn~1Z;je!pJB#Ex7{m$W4Dbi2A`^S^^}bNWX0ik+sH#6E*`(zrnB(xaTbz_)j#Ak
z3>B|Wr8!XIzQ34#sxc<H<b7H|8i7rnTmnCl;%Cn@Mm($rOK0x3&h~Vb3bFDeAoKpS
zVbzvsJ>97BNlL%edq<0K6>KFFe-M}9#>w1iMK*&&PAIyWxPSUfbM_YDOr#j78MfQ*
zuW?06c_vHUJ0(9ur9IPWMoNGtl=|Fl_fhI1r9gLEdTG#6s?u&5(MYM#-FA-)I<1uG
zZc8mKI%@DcWk?4~jgHfj!(~ZFl^)$~_nPc@Y0}-6T&i@`#B|G=4wfz*Z9a&UIUR<(
z9VVGj_Vh5_+$)1Rifp)KYHC^3J*s1Pz8T+r_T_kU#C^;up^DDC&qiu_?zTrZzeLNl
z?zV?0bE8*qY+2W2<*ifvHB#m^k!YkCY;W1uMAB)+VO<&65f=G9p3z?{Hj(1kn(e#o
zu{4T@g^(N1(s@DA%{$g3x%++(oLa){TzOPl$GruqKD5g$)1OI6XdH2*k@g#zkDbBx
zMF&~kL9DtBp^Ny956+y!eSXCYrnahvINTJH8^k-tkmVgvcOZ^lxx-K7J+@-|qTPc=
zw{4wOX-15`+-V5sb}@@tN+$J)Q74`D_{BYg)foJ9B9`{x1IY+6J6i1JcjpeWFaY&~
zspnL2rUr4Z>DGd%QCF80R9c59-3?D~(-4L<5C9p`2aeqWOa)a^oWKUM-`P>ZX(7c5
zTwoS7Vt}$k*Vx%g_b&BAOa2{V8Kr{Zon2m-Hym$)I}v}!a-y;|+fd}wL5|>*M1&Xs
z6hW8ha>Xi5(ngVFQrxnthJcBc;QtCb=CKD3-U5sWHQ2Zz(-^L3%xvAzt;L#YL=tVQ
zF7@0TD_+|$vrKL_jo|h6DWo;?MWa>Er#ZW2#Z$#sGg@V9UbC!jD)y9?d<Fv)p!Ci+
zc}fIE0w)NEYj)Sw#%NMQ(gd=&MY6#M?_XYB2N%_NcM)F`Bj;LkK)bMd>bY2A*lQ5j
z*&+-vkz-LzyoR`z5mmDQca!z6kXp{kd8qUUL2wTPDKpnf?m6AC;+(2}po2p$D@66q
z^s+o`VdK~+oyC1=aH`%|ykIA^It1a073>zVdIA$ig`;JoEQYVFG~=5G&Jw<y@1sX0
z-<CT(&I61=3rk}Fe4wD0)+<5<CT!CRjusgma*=;Jr~?gBtk!pzMM8)TNy<WDd0%O8
z5i3?#oZT`)s|Bws3b2m2u5bg!)LL6!2aNv^kfEuzHK}Y~iV@ndhJIY?a#=KEArZYT
z5tgSDHJTzpTmJ=j*BjKr4V%4TTjg1{o$L`uR<J-KvRYAnZ2^^x)@&s!{o}F9WNFqC
zB#jfdBoWGQ=+*=!SrNrV+5v(n+}15zhcaIPc<VUnk$VBx?jYMB9<9|~r#3)K-xq@a
zvtez46&JD{8}NmvLUqxj+Q3CZi+U}a)fy9KQv+@{)TCh%YVSk9pN6XtQ)w_OtQD_l
zskw5+<Du1{Y<DEzxyy9G(rUcef>0%L<3h%fMZ*wz&Nij2L3x5L>$_P|sN`4$@!X2w
zv6Emg^Rc^&Lm7`HXO;R5tZ2$ciyZib-57@B>h40Q7~@OY7TPIW(~4#_tGKFp776il
zs*Twls4f8zu3qG|tPW`mX@7;k!LZ)|vTd5AkcyM_7#LZfBR*D=OJJnIAZ7+n#lw0G
zEUZs}gEbZd%LgfliAO2;SKZ9R2*oJ&RUfidgk~7`Dhbsp@`X;4Y9gXlwA1@YO%XJ!
z2*o`ltpg!hjYY8njH-lfa4-a`5io|y8NiQ|{d@S#-^a-M9h31pBA0iBF+44YcVzzV
znB3J7eN9WS7@3XxD1A+HfhS}KCIsgvJM!-9#2bMD^%(e1kAnR)7WXNc@S|WpJp$g-
zV_-dv$9d|YI7O%@V?6C6IK^a+2)<JvdQ)sFLfB4&$W76c5X5yFKy6AHd<@fR2eB!p
zWW@2D_RyMQ;zR_?X+T1X$y)&&rva3v7+)E{a7sgHiV)w&Z%RXFig6bYz-J6HQ*6nQ
z;$xsPJq9AvBcL&jL}K#f{-_=rM`3!<q75T3?c*yYG1nOS(ioVBbmS$M7(Yr!IvncK
zy%CotJ!{glCOs>)uZcKDkAq<}0>5Z91bI4kQF?@P5^hl!ktl&`1hc3IjVOU=2(PFY
zi70{Q09MhXqU-%z+Z7U#h8_uJ=#dbHMxqO)@{43-p%ynNMbAt_73yLJB}r|c7*Qx)
z3Q9#1dK46)Q3yh0k&;%Dj2_g%1xg^Ch8)zz1WF+LAk?7bT&BlB3wjVz(Ab31F$h7a
z=s=0+*w_+~fh^ijGR-(DP#5VZneZVHfkviGjY(Zg#?84$T25N}*+Y<j5_^At#Gh2O
zpZg}nB_o@RM>QFZX!2R3nLHTD<S`I^K3g=OQ5c)4C_d93|8?#0Lm~ByLg}&iJ1M$m
z5<-uMy^|stM$vhOad#5P?;-Piz9&1iifR(h&OI=8;tsa)_&Vv5>Udn8v6wn;8qx)_
z0G>{2g7p2gj0i%GhkTPHkjBt)_E2w<s6GrCXRH!40ud)24QJdm5^#KsMZy^kpD-2y
zCl&psgJ_dH;6db@eKeb7nukHX89lM%&~B2EZbrgEkr>L22k(%+Er$_qcE6QOa{%3@
zAF(ExY9F#qFIr79#Rs9<j6}4#2b#?|WS4QKfHVY~QRp>~WHuOuSaV;+Wz_17MX53P
zGYQ>DM5x)vo=F*E6rE-lcP7m_7ec1##hghX+mA}~AaUx@()9hqQ^(=UjK-GfAjhQn
zcRn$$Oyc27#gn-QmQ4I|8-*kD|FL)F@ljLT-}jU!;0A~yE_f+uTj)$%c2LpM7AR|N
z3#cHNPVUTvW|ASvv`j%zTycAfh>9Qx0*VR>A_yoh&wb&E3W$QDJRTx0D6R<nKDkSl
z=}dAnEvUao{KJw-PVRcnxo7**DlslJ>s3R>)1Y}=W^8q17@Xqut{Kx{DT~O5$egr@
zQA!eAy@8m5f)4bJp+xWr-_<uM2LT7njX~ENSw3Zu<9#}h``=4n<N{iZ6A4+IpUCby
zH<uAaS#4o1c}<i5r&){~c6^#uEDl3;047teH#4p$6YihZd|NNmt!;DEokq%T$=YOf
zL6Wrog1YoHg$q;>_C@0>jL*6)TK)W9I=qnhMNyuK$SENjuwmK7ls1dNGjh2h4RIlQ
zqyCqmnkn8au+ns(#>Hff%OSQJ)I=PRf|FtDjEn2q=TXOP4rkTkCk}e2Nh3?4mXnM&
zC(06}UqEJ3)Fn5&DklbF*ffJ%Rd;MHVKr!6-J6NRdk_*~()Ec{a`Ftx!Ep^w!ucr4
zW*miVM-@4wpF+^Ule8YZvRvp=X-fNu&qSOEWW^e#q=hY&16+p`)AF+fuo&SfE<_ze
zyJ+wVizeiHETPRmDiHpH0>QFZZJH<HvaB(N<Qy22c&LbRWM@PRuVEILEaA1|MGZ7x
zq7sfO(}naGz15~F#<=gX7F`mw_O-6EEvQU5whB~*T8Qiwm}Qu4OThonEJKf$Yn-A%
zKGS(znG{6ZXeG@sG8=={Xofn)B-$8om2yl&M<8@mjaIu=!1dx`5jj;WRpd%oA+W`Y
z*}7_b+sGZz|E@vBC@NXOgi)3S86g%+8$QDI0z9WdpZ>vyHWKPRt59@CuQw^}!LgID
zjSwp)gE20;Hb{u+I)<(q=}HH|<V5yC<UapXj9&z*Di`uTXyiRQQsG#HlY9!~codjN
zeq|arLE=%lFe#L<lk|D9j3vu(d4%ibRHurjDSD1y!$xRa?<)t}S&UM6Ox@=6=M^mn
zM7Tg$kcb>nHBQ1qNL*LQ5gHPz8C^|S1w#!)wYKP*%v9?PCo8ssfGTs!il%}L8$-?@
z^$8(IYz?M#U?QAaf>0UJ;8X5qpGuP~df4kaauz=o@hIc=(br)$^7mF#E2%SSKO=1q
zL%`}3^RZ<aV1<>**u(5;a5MHq!<_2Hc#ED-WxK>brkaTcu{bMqE4nV|1ny<NhKqx$
zR5IcG2B8+3$40jeSZ1YW9=$<joW`9YjB8|&FixfJN8^ATiHZ<M$Jyu;#Sr<YDTl0#
zlgHdnoM!1PSpoW4Ld3Pd>zhAe<W4l$@w2{$c*h4Ee$-@<+6(F~DcdqC2_}@A0#TXI
zRIL>1b~L4mZX;cRiD8*qVbDW!q-k6rj8m-0mrw$I@_nswxC}I>85Ky7Ql|(}5rPX1
z*KZCC24O(!4Pr*7IC?(S6d3N;3+Z3IlTE6dc8|ZBYU|o7GoweTrbPRJx`(Og1A^M@
z2gQz6GqAA6$s(L6+K8y6WQJv887n1l3Is#sa(!xIBFq7$$bV(tLAz;)Ts$5IVyP2{
zT-Uxsgqb}-+Kec}{j)`snM;($ilyFYG8xYl<5mUZCMFh%W5cyzQj#<l4-EyvK|B}G
z)UHUSAmPRly-GH}nvy7W`%64(9BNj&gX|XEW*h0DjKOSfZcGvdoGfh35`$JeF2;#|
zP-KZ{#<x<^B`?>(52_JFKENs10!%9Xt1`*R)45MdiUCeCSdY09RN{c-6io=kL{6a<
zmg8y9gSkx0p{~ZK6!LcFnfO+sh7yH}Ama>9r_*G@M#;j(w&<FbgOu+Wo7xf*?m*O*
z3Wy4_@YxnlZtPe;=woOQIY3CQ-&xK5q>W_TkSQ{mKu}f?(nc091E<3Ouv!Rc*?w>Z
zRAjX5BpBi}q1uS9p;ju5z-(|T$OBpEwbbp5L?AD48WiK%G`0c9F{D}`^yDu{TDLBa
zi^$0cjGD}}a)#4tGv<il^F+c@AfnWfXC{fC#5>Uvn`o&V@5VBXT!XRt`s08CLuilT
z-IL}HW6+V39T_w^DvNR`ULI8-#}~?ysws#Aq^&SvdO$@4Q3yYwn6?6yqKTGDdttc-
zr>UcFI%+#nnO6Z9k%?v$5~`tOv^pKV2L*YTyCg~2IyA`ohT*)^WDrC}U`XpxOZ}i!
z<{cKNp$uYXl!&mSKoF2)l19p(LJcYrL2|YMO0h_#ex?ZGp~7K=f&v1vqChn&<A@$(
zo_RUK2`LX&EGA(unHYyB2csdfFBt6ghbQC0bFKx=qj06`Ez5%4`p=YEad>hnykt{&
zuotmsP#mt@2@hEl?AW$x=Sz4&sbkEMI2_p#?0FIFK&dPl5oV?X14V{hh=d#mmVJ;i
z3nJa@2Ijm5@0MtW!DlWQ<dVO@n7P1ct7U0DW1fQd&<n<KJ{(yIhbJGwdnSTge75Ht
z1Vhd`l5L3W1BMmG@QC+Z19N%?I@H&&Et<i$SE%ly5e?E5*ciVH$!f=QI#N4PqA)%I
zW366iP6i$UiC@FztkHx!8}q1wEy{9LEJ~-;z}OR{fE*zzH^I%)SB30w_OF6*A3pct
z=gnEgwYqJm0<+_enl~;^DF;pH4KG8Hk}R!uY3-#Spt(XS6faAe8vZ8Tr1a60G|hoB
zT0-m}eoz3Un22KOuwMfy<k*a%?+j;72)K~Gzcl**rrIekLWh9`y0hq1rC}U5(fINz
zSi`h?G6&;_6KXK<Fr+|~E`etrt%Qh!96@MZuo~*ThZj_g)2L4evVmV!6Nb_-N#!&_
z4GLVP2rnv<hsYYWXkV3D9TYUGdeiDBQT-ID>4!?Qrn6DB8Ko7WBV=j=NYH-BrK?Wk
zln`==k)tK$z#&nt<V0GQA~n~nsPnARa`I2}Y-?*k>b^@@<Om_5QiSBJtFP=@sK_+r
z)FhhlpaWeMh)`8=nCW0aD#Fj>s_Ae%7m1262YnrM_SMP~1OYLoYEVf%O>`NVUd4PY
z!_WvLo@CT3x9zQz6p1y3Q$eTPPPzHLbln(R^*I&hB$*lg+xdPlF(pO4C;4C^`hO?#
z|IT0{m<T{AC<WI4>;D52flnV~(lw{i%+Iki@qm8l)we<=M8LTE8b=ZUe-hQL49E@!
zW4+6rE}-w~WCab#5}}Zvg}RUpYLLw@!c}3rVgZV{)Ek@C*_WTXPNyu{$y5t6LVO@S
z&C1XA+q$lIu~QBkTP7e=X0K7JIVp}lnVKI^R!|_tYq+>8L!crxBvcy(8KVjeK;Fpn
z!uwdDh0*ZGQgbjt^MevCGgCz-QIa=@^f<#uV%8APM{7He7|c@(e^P2GRWgpnD&4tL
z+E(d^v4fddeulZ@Ej~~#374V_C1wA3$~X)ts?^*FGXY2AD6m+BvC3xSRAxVOK&i|d
zmRW#Jv#CickkeE!D#Ok%Mr9yhgQ04Zs@G<6f>T9vx-Ftm(I*ip9ufhYOp`0y#wTGM
zP<{ZaO%OtE5~a?FIJ=4P!VPmON@&2&CRwuZ7e6S#3tvS(q8cZ}E0=jrIcJn7q~`fG
zNEf8ffryMs9_nNWBP!LU3G#mGCoN<7ImF%>TUHXp92#*;P56~C%ptG=RK>}<FUXKP
zEK^<93^xPCunJDLscN65JhDNY@r#M`4YhMbB7ZatEjGOgl`M72H*yr_NrZN%9Lp#;
zwUj*Hl}W~%vfNqV^&&!<QAp$eJL+TRGEKTVyJnfa%|<?J$|O=B6Ab2|D|Z&3rQc9c
zR6&a&29ksD|8%LS502x0N-}5x3dCv((;QuI;9@GI1<z75JyoArdN}Hw)fxCeUbeo<
zCA^K$BwAGyRJcFrctXUOD*BA5Ce~qs@?fu`tLx>QOI-$AYLY${=A4vBr7~}Kz_CGC
z*eZjAEc%BTNSB?mVs698WJ%^>K@g$p#!F>U2(ZQ4WDKeEo<&B7<r+`}@vx(%m$Lt*
z$Qx>HM6Ui1V{KtjWGd>2)=EW=n@X;tX&xHIsWF@adjTKlFH5r03v0a+N}M)CS;}TO
z8cnR_1rh|as;j3Z=)m7AUFwFp03kK<2LE>Y=%~~(5n0&{L2DH^NX7`*v}X^S(SJq5
z=AcmPE5M(ypL`;$hN7_%XlSTqkvnZ-eT9|i-Bblx!b{9)n*~KKlya}QS~&EPtw8Q~
zubaU7meUqMpGeIIa5$0Ua!<OfofeN}x#N|ib9XtWk+0>TwAc_4i25za;|CpWWCVaO
z(H^MlY@8)xB*(T+Q(GhK8-xx7!_rSpa+H+rGEcp2P+QVk=c!FmI3DPTu5-GU1~SG}
zR+!IIBT*GZ@)yk(wr%=RA5`ZGg$VtQR=FfPn4lW2a}2f~;6$sIN();$3?dew6w5$Y
zPK+QGFv6q&AQuSZ;9vZK-l;c^KCKy*u|O5nsDDF=BgDy=1}Zs`L%1$=;y)b9bfS-A
zil|k%Ru15(r3`)25=Dr>5+#H^le(FfjuwcjoTIZFO1Q2u4t)auo%&RR4l6_`LZ}&;
z-G)zw%zJ|1=N!;Q5*e!>Kz|51dlQychP|3dSXMQOi@=Q32Szli`pUyQky;%|m0Qc`
zNIZfAwS3U&#E@aUX>XCPPG;obuhx=s0+z2jD5JL4lxWE;H|g%@I`%0xV|v|Vn_Y6D
zC@7BX)6``WbiOYHQMq9m5`08#y&|w(39)UuI%GQ+rlg!j)nA}NQ6yzM=&>9fKQ-Ar
ze+!7R-7=SYK9Uf$5+lAf3U)_9FmfE>S3*LyE(n<neApNohGG;bkdHakA3=>o(!RiI
z4ZvU^gfoH++eBvIYS5`SxlL#bLB!vXGAslEtcFS)L}gV)tOK!lPF01F6mjx82Wi9<
zIzgh|(Zf~-Ic;SiD~@bq&kbo0uo&^3?N)9Ff6zHMKR3V50Y4>C>%qSi{byR`>HkZD
zN$eyJK6lb5+fHFL+&lUdIw3oH=WNri4?5>|%FWNx``js8@4dw`-^rJs4II+8Y!pe)
zplY+tmq-L+uSQmQ5(P{qF(p~OX9j|i5TWuGZ9mJ7t&tJCK`sSB105o=0z0H$^ah=j
zw)0e`Zx<Hq6j9@&=D?)CX^!H^SC_RXc`Ds#W`zp~Qm7D>Q+J7AuCP7}Xa#ms{0KRG
zBv29NBw4j4)g@^w93O>>fQrQ%x-zoPM7THzggGe$DbI~X$x>IK2sstsPeQU%fgGw-
zR>LKUNp_C3Oc`BSCo7F8yf}n1py16(;uM049PtA%m>4}%iAtQPOWv-6Dbhn+mRf4K
zAiHoMVyRY1vHU#OZ<DK`QZ2xmT!J&`)48XQ0Kw)WWUSnF=zl4?Trsq0XfIH}^MnP&
zR2Ynj1Yg<@xTr83Dk>7JRf4Xe#RUH1<eSiCT;wQ@_+l8Fastp+6NUu(6M}L)EBc90
z!{-rd!ghi)z-_9OWf3M>?Wws!^4L1Zee5MV$+olm3d!_Ahuv+*<d1S%n64wb*=-06
zNd_h;h}3tAJfFzIfY6$d^tF91$No>fwaHi<f{ZdXs=8apVR=;JCFU{+WFhK(#hi?s
zDtQ<c<#;kngVQH*l|#2r5^M(ouxuMvlvHNKF&Z!sNyi(-<i#}oWLmCqn!d%#p@vs3
zsrNuXWrFBZYdaT>LWxhhz%`j{TLXlGqSjFaYaSmdu_I1zGAWF!Z!rUryAEZxR2EXs
z)E4fo^BUf$7$M<&J(}5(T-(>Xh-yt@W1}uv42TeFGKk7a4_|Ik`dp1#EOM$Q1p0__
zpi1vM<IyYGo3@@xpkPEfC=%2v_X33k&&8G@&Cw)xUCq&t(MG8e!+#9NM`hL7s6xjk
z-MXJfvCkS6;_g=J-9@DbQmI-jsS!c7!lmkleYo-S)OHm#>j={l#b(`82byH0<8lnt
zaM)UiK!5z8LWuSP#gZCRpqXi5e#V(5X_*>}MrB1a%O9gzBh?tB5X~3_#rRO<640Ch
z$7@|OazMuTpsN2*(t>J+ACyE4Kp#O0LPf!=r4o`C9BB$c5R*(i`opm(9KVm1iLhJ)
zcp2BOg4IycFoM1j7-yMXT`zN_7?2}TMUDuT+<&x5oXXKMg^D9Ho|aVTn3sKx8n4i0
zYPlg<3-h`{z$96qB|(ZLl|v#Xv2|KdjfWgbR>tYqbq;J<geVA){FKYX>RgrQ@^erV
z2oA2xhO+jPQ$a?4h98s*5kce>F`i@XxAB}K#h|Ph4MB#yybO>fE2u^KsZxYoH8JmC
zMia-8x7m*9`z&r&z~pKLxcC%5R1zH%yArXH@f$QPSBVj?QczX`kXC*|k2sEw3N?)!
z*M^g-?J<<ccLW(ca8;b?g{hYmv5ymd0|nio`dpx-h%$If%_&|`s~iW)z^NCoB+e>`
zaJ8}oiu;t4W@Z0DgXYM2+){gd#+W)9IvnyOxZ0Qkb-jd1(J`J*RBrV9por5rtm7aK
z<YZ?u1fs6KRHD>h^om7EsfRuhKx{wchI?RNYnGQN%kHnYun^xz_11fVA+iLW(+A5S
z#{+%m=HNd^D1rtZxe=2H(wDd!CV{O(^aa`(s|A7AXG(v7$RcN9A<C7sYIH;NVpv&;
zr%ntjE1`YR|CEDunva_3%qSbC`5qNjQ%~)ipre|ioLHG0ThG<eaT&EsN2<l+{YOHt
ztnZjt36f)KqkR|aPa~^jK!dj6$nr3!Gg1(ViJA~~@KOP~<n;xHVr-3)>0AI+6ab(I
zV#gZai)Q<|u0XV0lM)+@ATN2sT>(bG<k2E`r<jG^Jd*JmLDUvRL5u79LAKup8>*sV
zs5dwAtnwHdkG0}YkP}r1vh?3_Yjif5jqyEP^&SLAo}e(%7gH)l_0(V7WijQrjt>kg
zE2)>PPHz9hS6x}HKb=%oqaVtlQY{3a%Yi|b4zsvUe=+fY)x`ve-@ubZH(#Oh&;YTb
zJ`8I;498C6RY1&ppn&iqL|dO@r*H~J7J)d8xBk&LX!kHfM7M#%#$s%e`vx`#IQ1j6
zjp=UU0E~u%Y`HS}qkYTm7Slo)4THYrhK6l!O-DNdYPO2)tC=bgg&=gO8OBt(MwSFk
zR@f`nWYRbE*)5}U0R~&{av&g!A`G}%1>_(e2!mvjqZ^4fQ2kXs(BX|7({k|y<dzi|
z6b&x+NBDMOxyGl-zL*Mqg61R{8Ol5`79L<Jju7RvuorWa7S@MwDD|6xVJbG~BRd!=
zgrvx_=6rflIO0Pi7$CuzDB`i!6bN&ymL^9$?!%)+n1&NuS6y@p*W((Z*wA7C9GOMw
zMcO#&4t2-ce8)c8<+l57r$@9fH5vI}QI(aTtmtb~v9Bel1<)Ym##E^I@u&YRgX<>f
zP-DxWBhpK<p)G^KWFt#%8@Pea3<qmqTuck&SX*RyCF(%Zp~l5>{`j$Ft(lcNLL$}Z
z{yAbL%&P&TCd|u|q;aj*lO8auzE{~7z5X;p!?KDfh3a|=$IB?QT0t}JETt^Vnd2jZ
z^rztl?m8w_S<==Y1&L2R>Io)I^sHThB=?9D#_%yag?m%&L6)c&+U|o+y0;RCKN45R
zi9Y;wUz9h;|Igz%wj1S~4Mgy;8Re)a&XZ}*t+ALGi_5p(^9GK9_V=ee_cO`OdJHF<
zj+ee3V)EsvjPkWeT}4+_409`LcR<n1oWez*1{JebMnIM%Qr&)N6iVe97pQXdiX7Ds
z{_^@kJsiGt+29m1l6ztXis23PNAAWy*l&x23kP#iHcJwHIzbmOZsQ^~xQcgFj-sk+
zDTe?jVLF9ZvFu&K!@W6aEic(wRz$y3DQE`6adrnn4Oj9a#gk<T1V}XnB-Aar`hGJG
z+{Gpp&}gEgQ4lOIFE0-l>*?OTJCGH?0Uic~NaBNzgfWG#`T2fudBNa8DEu+1si0EU
z!sM&^12)1AC0X=qK>5%iX4wP#o9NVN45tmE!MT~;x^(e_B0)jPHv-8_rV*K(7ABCk
z8sJa~7^EgSpKZf97f3@TVo)AJL<og7k{qh9UQq~WI0_lFPT3`a8qlaej$o}2H4t?;
z2Z%xy1VOc*BFCa;6-*os>qwInp2CeV*P;rwBN&I|YM-?2CG>QHMo2Ot%>s{6PEdeD
zb}1mS94Pby*B!MB)&S%|p}}TokaAR!$D$?R>`0b~b%P#ORHAg#q*jZofTkSlN{CxA
zRq_e}Dydt|Ulde*b)wowX|~vm%hp%Eiq}$1szVvqSaCL>VSY`(s!26)OWZfg+$ZIG
z$g?anW=x7LC{Kl2j7$>>!_?ahRTbAgbEFyJlq&s<NI0?|l<FNf(k^gG?`rH_ig0n%
zT%s|$wl&l5&m@@(3Q#ppA$wlG-;j0b2Xj#sSAo`*SX5_SMoHXSm@+et2^jbY)q^K3
zBx|!lOOr=j#B!2`Wk!fp9-5|9##a*AOu%MDXcfj*fy+R)K}9mY4ufFEmlyF|5_BvA
zXc<>KlOr46s!&m0hY<T2D0-2|?qSaOYGApHuQa7IzF1{6zPw<$yLtHVWk;$cZa&<7
z!cwg{UBToDS9O{xqXOh66Y+z=gel|A#Z{`Z7}GFumc=mG&eKh;j}|RQ%-VPiad8H+
zW_~wj%5E&5bdQzMHC*j{y{`<e;RdOj?`HD&^O`#v+|<D|)6U7HNyd!6K$9M9xuvE$
zi_=RTJB(C4mfTZocbqMKho$y?Ko!_53910H3XOz28bDMcX;2Ar0hn#IFu-USMxf$Q
z(2xd0(ww(2C-J0=SO6-Bk-+g9RP?zhEH44PB2+^~1zCNdLv$obL{I7YXEINqFR=$I
zqsJ+0mMmM&Y&PyC?xNcf)v&Pm_4S6*F%c__%Q1!cyl8EE1Wpyu&_^Aqaw<?@NI!xo
zmLhYwbVI$vbkhrsHeD{Mqmdo^gw-E?Mymy$>NdFczELJD%BjSfh+O5WDhC8d)Bydm
zOdCF8A??TpBWAcESyKaLgu&$Kd}kVKN#<c`tWp%zaJgrrf3lZx@Rf07cPpF*3~xgc
z+rJ7CDt$GUF1qd{=qkL7ronA|5;u%&;z!e;hM4Ui?w;a_(Q0`(Op03H0Rc`FX>kh!
z#*(sqXB}N9iH@)oc?cCYmFb9}&<(6r82Cq?ohYiM{ID!h0tm#He#e+C=RxHZNH&1e
zvODT*`O7<7(vPAxD@1VUrVr&5xK)KPFDi(rz)C+H&r2R*fktpX{sh=ji7ldN{FsgT
z$N&c{+l;|NZEW1SjL}pIkUoHKW;zq)<v<J->OuTipEEOF!5ub^Vd*j?NT7D6tJd;z
zja0)ad_if-{4u*qW<GCKO6hH&-{&e(=~SG<;NbA8>mB<ey<o`<Y?`dIvO1nD$0d=}
z%jIOg1FDM@OT(##EoF{Wk2=+kI@SIfPPG#3RI_67+V~Bzy1H2Dy!tJQOiqW@+r+dl
zize=-$;f2WnzLxp?P(cJ=bHM!lLrLRayh^x>2s!;LV^oEV&|a60~wWF%zF4j$__$1
zz?If>3=}+xW<w#(GRg&@zS~$#?NqQbn3vfH3Lp$$s-Chuow_6zt&|$!(4T$vaVvGR
zV49bp0$rKYATDMCm52)DV2&*=FQYo&<?K!`PpGJ5!IU!D&Ozc3l-f+?`eHH5{xPJ&
zo0sW;McW#W>|y9Gn}Hf2^(x3bi;M>me5H3B!B;wNL>K+Ts$(#1Z_|C4V_0JC?n9eu
z!Lke8m5)RPgM})S3Sw6?7|61?4=v6?7UvOz`_Q6UFga&g+=mwZf{9HqX&^Q&gMsW{
z+I?sdnx({(Sl5-vFbG!rHX3JK9D=C(M7yWXMB+(g*{h1peVCc)_h;h35A(nf(}KPp
z07?Pb5iY{KDo`60RYPi(X^OHsPb0Lwp4^hSeeO%Z1H-3viu$Ih6q%}!QSpd$*eH_7
ztP@cRDiDQ;K(O$2#sgJN1zGr}KM;+v@C@>F1V&^fo@0>FU$@aEPo##AG%o}u5mOW>
zX=3~^>RiUixh1okmwi%9cNsFDT8dN~#nza@LV(4UiQa`$HK^tk)xF2SyPCxd)q*NB
zEf-xP#)mR2R)C9Sdth?*cbFTWv_vqiflF$uV$SRaJ7&K~kxg@NB<Q^P&ZTka73DMy
zDpD^nI%`zNiN5TMv$96!`FdX2F>90`{m~)&;_Qj^A04x^v$94G9Ne#>wD?LPd*Vnb
z7OBGjnwT{b7GKFoBs=@!_Ds#QX?%jD`DDe1hrSo8RmVVt4p2J##S~Ho6En2*!?4u7
zsMxN>TkS14>>4&}{K}DwPH`oKTxLZAV+tdE+Mc+e!AMkAI3*5vVj7EksDEK8fKl(F
zf2e)DpwuUeF#>rZ7V%I>13hmYks4H_mK49GF%|eRXD2SUX;*TADtt;ZhSQJqCQF`e
zMh5YNBQ$$AKW<FL1|&)5p+4S}5N?yr{EJ<v413jtkC7EH7^w+|efj`%5dfhU4$^fT
zM`x6qlw_BU%n~sn;g2?xMyhBsI%kq{GC_olBQliB19mM2EuLb!SE(aVUqbp9vG#||
zqN3_-@aCdXQ3xO~6?9TX(`+o83JVf{Ow|{;ERkm%sgfOIG!Wz2RN^&Cp{MQVcQ>7&
z+!#sI6ofKL>G4vHp~D900oH#VDat|Q-Z#`u)u@PGXEREI$i5qC0c&FtViE~NtFwKQ
z@1B?n6<;VO@ZR>#pHj(5Q?+rIYBbc14P?@I+%DHFC7~_Ra4EY}83!B<;4;`g^$=GW
zRvIGj0`UMT*&;BNiO0>rO9f?s_zc)x^Q;dlVGu{Eq~0z%Ep)IZc`!T_p$08@<xz|X
ztiXs|t*^>a5*Vgp4{K__Ot2T=vTbRhDgl6nkjIHJ7T_->CaF1~GMmN*rY4Nw@RW!J
zqyd?a6sQj{Dqy3?5ui$3R1M1rVkE#txqzTKppz+F072RyXB}!@4hUqExMu6L*>iie
zup-AosTDWQcsn3+DjnUVbjk5p1$<oM+;etuK%FYc#O;IH0XR@<)Lh1nrb3YuA|OkJ
z5ERoTjejY3)|0UrQn3e#k#c4vRb0Pga$`4VJE^>{k3iB!W*f^Y>CdT`gMtFED5wCG
zc-a!rQBYc<T95GrG7W#hvGbxVg{+0P%pI!B0SRIERSSHK6R`xqjZaCku)GA56+&Un
zR|Ant7YlQf*U&}^iIJ(PcbSSLj7AK6*bI;G?zlKAm`4I3ZLuXTCu*`HldS;M%>n}q
zP1hokHC&%s)d`QWZXXeHoLM2<xQ%5Y1{Kv00I3e_EQ))zxqd2OBr0+mdk{y)2#dMg
z;&#>dG$-*sPSlrO>F`3g5CLPS+G4OOOu$2m?W=2Op7tof3jjtcA<tVNW{?e~M#4a;
z`aepC7v=!L5B>CCjwC4=Dh4z;goEpiTo1J1F@(NpXm+Hjj}xVP)rES;^*4L_F0{ZL
z^u9`$IEwxN12zbG!y3?y7{C6nt4d|QJPHGT0>g6^J`n>bX^Kl}tx}oCz+rf+pf)RT
zEDf6=_>F`M1~?5$u93<#4OWshf=PzZBGH&+Au}PxUDRY5@ttf(G;#eZkN_MnsHg-A
z9$Pdu9F8(K6cqiF`bu!c{RTu0K>h6?$yx_v>C@;zjEW7oYFXex3_*D4EI>k*dY2&}
zvs@Vm5kb|sD(DC0y24?NS->+X0aTnH@*pN@f^*oB{-*JLGz?ZHr6dT{SU?wwQ3d*_
zI^?$alQC3MEhs9J@OAx5VGf6MMS0iGV?0-hY{|qRZq#>K3Ye-8npl@gHbamGB*sa&
z5H=GKhmHgTP*pi4j^P^#*dOjpFy=g@Nac%gQVbDSAO=8<1<*`!pi+^mpk(AE=+dCV
zNeKir901P@4P8Ys8#2KkG;_Ek9FNw>K;s19X2zhi!3A{<ThP$7RO$+e;p!SC8O2Po
zd)axfk|7ktl!6C%a8N{`#_^oSc?!uM%o&hbB-8~Bm?Z>;Em_kz3CK|a<&#(j3}fEw
zV}yz*X?`$7W^}RQNNl7kBOo<goXq$dW|oi#d<<#hCNp(&1~Qvub?wg6h*p>x{{b_+
z7L7$RUDMrbsS|{fCSbU9q`)A2U^LJ%2`_B>kh@!?b)Fr9nrcR6VtJ-BMxwnClMNDf
zXc}Cpa>PoJ{9u45QI&~Y(xtCk=e_vmFc92enP+q4C1AFhFPm8xIIBlRb}jq>lfNNC
zpz_T+3YcStx$5*y%%=A0GazPAlYHoNzI+y62tz0#y*#?uSQ1s~rSqtAW`9sZ$sglg
z!s<!Dh7l6PfJ;R$DCjJx7wBM9aELN&oak{TP8L1l`^kjRqEYt8Sv=Js;e$vsOMXfv
z8AEJdM5_7gnz({&=`>eTU(kvyicrDW%lP!qwhV0LOAyow_Ic$P<{#szA|-`Eu6t4a
zj8kzLNg9xV%w9Ack$#iSV`#REK$Ge;3Zyt5%p%L8!3G~Dsv*5w`jJQCDn(tOTNa<u
zUc2058&larsSE~*rN(;8PM?XYDSK`7vGBDK_ZtzcOoWMMZz&W>^4QEkSgW0iEp|bx
z(<*BToTNQr2<7k^%z;8^Q6L!G(+S+DptJ<NOwWZO^bacSnZ3jGs)QI2o0dvK18x0=
z=h!@a+4t~31lU15ZZz#zmq`Vssjx`uUZ|%C-ydPF$|N0LP<UUIQ?xj?(c~DdXC`dT
zmt=g&b1;Y-hLH8L%{Ll4>MA4tRU;??%^q_<%~?KNy<|zwq?fIiR?H1*aru+>l08@h
zmF*B5${JfAbj_W&HkL7}qkfUoz|Je{qc`cS){X+s+yj6Q3B-gbTeIH`T^HFO^snUr
zA+?3pdT~IKB_GMsH=H*_@1~){*rvcqY?>WW+E8n)<O@nm2$Rl|WC^o9{4AT|hAnAH
z4>y>Mp?%Oqa#jgzsmDasBSGSId4R+sGGwT+KmamsC1N(TLLi$WfDBKB(*j|r0##;O
z?f?jqs&S%df^?GwAR~>F_>!!OC>sm6q}>w>XjJ5gi7FVA0yxG|(BfXA^XeQFkX1v)
zRyrYwJqf0DfsLiog@i0~aV$l{6mk|Flt~%EzA{@VV<i`;s^Jt~MU@RWO~6oXIaq76
zDp*oxCfgP@r&*8^^-OE0v&`SvwrQe{nr-O5Dm1{q%t2ry8q?$mrwIXM0ThB3?^?uw
zr=UR;Y+DqmB1l;xlSTGqa&47y-6syDWp&}Hv5W!REE(g3YakMRj5N3c$BrORx&j$D
zXGA~LaR~o5NQ*%jE>lZ`>r5n@me2u=Kt6N}C2U?5MY%==T8(U2y|DJjHeEr&jntfk
z;{c(ntC#vz2HXI|4T^|dj=tAxpeXA9cjDMCrf-Md3n2-o^$RLBO_HpdEMAeLQC3As
zU+dY4y+>gnN;Onb6cEk!al&P=ULhz!h0~DZla%fhf`F^jRNGcadmyaK06UrKlzQaU
zmT4yxkU3Fb0d(^+P8X^Ol?{dw>~}-H7zx=a>;r5{5Vj#;`vCUb5EFqPWEF_fu;t5)
zg2muXM$W2zRIKf0qFAWNsyc*{O=Sk5U0^jZ&~6?*i61?QC+ptPlX$Z0f8iu<;bCca
z)zHrD#zjk~)84>fh^&!71*BPXz?%&e)H$Vbh<Da-alZsLQizKB1j^`l`zf4D^>OP(
zj%AjON4Wwmm6b-TH5rRkGhPF|pQ(}v0sVKBYV3)L86)cl<&c8qSUYVG0%NAFb8H@J
zoFJ;EEUic`znO`8kcD1`)gll7=dD{t2Ap@xl$ls+34XRl;u{YzJFJqqT}y(X3<l(C
zsNe-qJU+@vsvt{!IYDIg2+^ftI)xBMojpFmqZiU(=w!MhWB^FfFP$a{42>$VT99LG
z<3REkVj9*kRE?a~!$Qb_bfuxnDD+0**-yhbq?prUs=dfc00lHOpo`m>`@^AeqSi7#
zn;5T&j*u!U>tm5uR$0ZI#0zL8V0~oumE)%*@JDjY#Sl}O<u|~AWP)m@kQfnEDECGJ
zoX%c7m?;6V0vSvg?ExB9SA@-fWu)x|qJ9+g#{4ae*lep2(IrG8F-_lej=@sa%R{&W
zNSxs^>l|3hYXVtfml6O6f$9@WgG6m~8Benyjm3>GFRCZL>MEd!e;`}2vCutH#6}(o
znqv`_d4H0H?wu-%c9MA#$*b9x3oCAc^(xUjT15l*4bIF}bApJn&;&^pc(2{(EL+gi
ztDbdm;8AP97qd!WZIuV7k+<j|eA%33I+sNrvnm*8UjCkXRrhna$q|n2z>E|6Sexd(
z45{sH_UZ~C%?b-3y($af&zk3FzZ#&R0jQ(K4#HJY@XbnMVWioqIHQ*RAQ(jMpqK_N
zWmkxL=~=t7RqoA=a1s}SK7*{!OfYps@V8!`82~Nka&&+E@9vK>S}G`Ehu}jV`{WwA
z>2-IAt<XCCo)`0u91%1P(u^5nXP{6=p0P%&^&&h0`QmYk3><IZHCt>+$Y@(5I3)BX
zUYd-u0wYljr-Sykj~*k458C7t%w+!({KV7axK0dP;Ue3Dr7x25tz0D(!MGSy;y|u8
z5Yrh=5(w{DR~&JkBZ=%_(FMI~{YXtO9v@X8E{T}d;Wm+oy@D+o3g#7M45QV$ffEaC
z_72t%4E-t?QpB#>*XImaK;}JJCp;+fX!r~oh!q$q28L%BRKYmA#Q=~b9fBuM$>QuZ
z8wREalJ0fi?N@q7QYMT;>y--c5YG()EMr5HvtAg7gG>o3GolZhd<4#Cz?ido41+Q4
zwt^8=Fz!<JzwU)gAIg#%7NQj69qn_n8o+Q)6uhh=YY(wuv_#4QLu5_=Uopxy^tdkd
zt4N0G5LrX-ACXDI-LJ<KkysF7YC{>ps2r2Wc9?B3;_i*f7gSIp0a+oVo5mI(jl|8P
zu4prI%B%ULZu`iD%ZhCV8?32Dyp&5?Xx$6bLB2K=ZD^zrBE(ltgCT~XT>BM)N(hw@
z4KQIOnwLizg|9T%bvnkF^o&YwD2eu`>7w~FnW2y(GzcZd9+{(S8gp7#bHfeBT1SM7
z>Re}nu3VrEbhU?rs-UQTPykdx3W?B4gSvn$pJOJgw@5z-jf)A@oCtC5J0}^ypmMN|
z{>jcQFcP?~5*TLSj4Bw<$Vuc&%oH<9qzto2w2cQDIvk3B%Rs*|*0={Gt2a>v_NLk%
z&T~_J(-nwMuTbQ$>)pFwIFUjUG)1OyD!0%v11m_Cg*pyPCX)4ZYNGN?Yze!b7y_p6
z1|CGOB#>38a62vWWve2|P$Gq1LdsDdj$G1m5cFk3NVHHCBD#i7iiAnB1_UV}#(3;A
zMdY#P^zaO6S_{~Gm9AWx(P20fS*-`jY6qay0VBFKz*b4XQ|}r11&eCnL$l-X0K>Oj
z9|@)`(_qIM4cHG&eT7N|g2FH-Nl>)Z7{(U6lx^lTjSGZvxCaMxP9Q=pQw3oec}oLf
zK{Bd8N=Bt<mkfcZoRayo9JW28u4WS0RkA!y+)}*lO*GcQZiP$`Qdr{qCZHT)188Wl
z5Ju3T=vn7Qn;Hieltc_usvrfSqTu1JgyaQBx<U}dBuhp!#(@mWHGr2v4Md?fx;BDh
z=T#Ok7)$R_+F3x3L=`zA&^U0qChA>VR*X5K{n%$%j7j?Rnjk8D3xUQdA*ktefE0^V
zLdUY54GW*;8I>~AfTgtcB7ICr0Lmyu6f=NQn1Zqrph1ij1ruYU=`%l^$i|qYsg9BF
zY<QJ;_(zNw!j2=BX}*(cHfv-><ZIkw6L64HmQE<!sV58vQcobK&PT4A8iDsP80c~P
zAkf@XeGq^?3P9kYr0JVman|*-5VdSjEa0MZh&DnViBt-bS;5ep05{u}zOSfxLWLSG
zi-pP>$XXbvLL???oCM{VD#jg`(~+D6ci}3+@pvP!30dQDyRb!xNkV{5m}^`&^_!VF
zrF^a-d5yAga6Al<aw1VN77|hxe>$R2?<Q(>Ohxspou|?Q@?KvNkskW`UsDaJNQ%4;
zco>C}OT{W#0)5SOiU*|LV^1Ke{&*DPObV7|lNgp5xv(tqDuClPg>(FPK#oLoMb@Af
z1f1l|x|og*4W$h5e_>@n^$ggbsaj$B%~7!3W;<chlx<Jg{caSaoT?hdCJ{3xJ4>~f
za<E|KJCd}w&X%ug$J0;ffb-Um;40;ugaT7BfgF@-i~m-W0B+;nI5(E`)Ugo$QE>gg
zHn{%bMm7(klC*4yION#`iw3z#lq`#-BDFOmg$0A`St3nou{QbvQdiD_yD8NIO;rR+
zOp;Ph8k1_qX`Bi*H*=g_KQrIaxrcR+ke@I-KMyz;mO-kk0$*>U=1DdxL0K^dh9c=W
z^IsYigubnhu>u1w^?jLEKWWjhVI@Ughe>~jDuU>5`%p1>S`ng%FfL|2f}tYz#^4ZI
z_3NeUE(!&pX)-Mm)G9WFsXDLOw^qNxVnFUPo?MdK3Ed2ZsmaP_P4s%A9fbnWbWZSs
zT2&v^s`O2diRT51tzd$mIIg$290N6^gf=;+R0z>tpjc943N-O<5<cU$h8a&Spcq$E
zS9{U(i6dc;Cd@=Lr6cWzUJZ^PW3rbf+C<$>8HdMS8s!uX9k<vQr|}A9g_avqeOG5m
zkj5G3kOIR7kQ05#`H*c?Nz<i}bp`e{kVil+536%kp3BccO<>7KwfB=#K}LRtACwCb
zLF5z>m%K9Se$nTgP2#d*Gz7Wg^D;n|te_SJI0=Z5md+v^CXP=9E@!qQ#r8mho4=#H
zC)FhrKW`DKR`XJ6k?E{*IhOP*EcSz8<S0YLGUjS}|MfMEo;Z>N%d~atVIg2S&pXS2
zgtLBKpTi$9V9xdg_mc@;QEBT`f>s8jDT5>uG%5UWg8f&}^c%7&Ae2r{0~}^1ftbiS
z`Hisk*AI${OUsH23o43>dVzlA3xZX7_Ja!9G#5J@c#K2^0-0g7EeA7Uz)2=VAgZm;
zNuWd$Gy}ldS@#QwvP43$b*jW#9TK!0tm)y8=s(-O;y@JTy6UQ<nNC_CmCZo+WIrSr
z@T#=*4t747_pwNFH55y-VW$DIg5lr@in`yQ=|_>Inf^?wh=~FbmX1V;Y%&{TMJTc_
zJU;+KY0iza#wG-<i8{7ArzSdMk}tUN7G$@IRazTM;EqB<HK|ruZ(Fq49OfyuY)*O%
zEE`n+cHrIUp%nzginJjhM<N(+C2SP+Vk_ZjaE|)*!JV_ZPQ5#K#W**?lv_4|ztYDO
zPN>Fhk}2mLx`2)~h+laEMJ6CpDy?`#L|U%VsNAyRf}+92{s><m76m0fDhrZx=4b*$
zG<}7x9eTrpRYfWcIqOWuIBIfK7UfWKcwr9%(GCM8_&A?F!u3DaXkjlW8ZAr*#O#@&
z&1+%i7|1`o;|;77CXR-if1?uOjfD{Kw6FzdDhic|fFqV|+M@FrDWxWP_y)MXN~E#H
zQmdJ%0p?xVpw5v>9TvBJZt2r@CKy$q&%jp+3L-@Hsi~|@?YossQxCPwQ9B-fTZ|`!
z^0Acmpe1*3RaQ}qn^1SeI>Lo8_K89~B~eAF7DO0wG6aSNDP*Y=WvxC%Dze!P`GfU;
znc2B138VcnWM~C~rbYhZdLMN3hBzz<0DL|lGAU(^)pcfG%myPM`M!*>b`>F@fts*v
z0D+>uxz8xtsu<CXyq&94(DhF&9&L04UH)O{IP5*HmwufFho;tcLo2kbNIwf05ash6
zP~#C%kg80Wo}f(1079VuK-aGVIp=KNMCnkk6;N;PuX(aEBZIQO&-zm~L4rN3hxv>Q
z)H@fA{SWRr!_mGTJXcTys=&r@(W5qQD}j>o!txTkUnI@=X@&r5#{+UIzep-!ih9#9
zx@sWIMGInDxJXb@nL&01rOum{91M(wOS}<4&<EOap_()b`xle~E~by3Cb(8&V+&WI
zEiK2HS)O}H-m6FdD22n(yM_&)xB0PLEbp9_h9AqBCTW>xKbEuq>Ij75*HhA<9sU2s
zcO^)ICUBapc=8+A-ZD%mF;$Zzc!wb~rr?@wI|Lc?N`iF>nl;SP83>JeiKL%O+)5MM
z<DYYY1Zzl}1o}R>keC$_o`u-E7c)S&3C2e;O^K~2AWISqxWU4*P02WRwkM2}5-g>-
ztCz+&5f9&xhA{Klho8N5w%2Gw&1o27*h^xnOSBg!k)CM^C#m|p+5IJ%#L1Znva~?d
z(ZAQ=IWS^OvZ^b%ofUXG1{papPEBfHCm>qY>=rHZyfHu4_LrjHz#u_Ip*e1d>*!%Y
zCBUahb1T&kokDaB$MZ@rEQ5nYlTsY@H(+4xpfF16#m>^=QG(`EQCNzosGvu;Jfz8W
z?$j;Maq^FB-ic>R(h>D8)?1zN9$RdSA=dkZw5)O*UaRv`vdPinb72U)DK*&jw4<@H
zfAQE@n%;&P6Z68ezJ$`f>oPf<>4E=t-ddjcn}vrtQf(Oi)*uIcVO*-F`gCEJ@;B=s
zr)wy1+IaR2XAM;$X-&v4jFW_lhLn#PRM4k*5E?fe-Qr-8)WSq7Pbcn?eb=ViU#`<8
zu{!Of1b3YThV(7BdFtwT<WgHu5<PYGJvvFjlp}DM?46dfn6^WzJ}3zOOz|I1+nhs(
z!5`#~(tD0a!_9N#-4W%kSkybXj%h^Q6&J-z24*IHp6V?6{=v*g(b>Pw_@Sz@RE$Yn
zb${r}s+YmnNBWU2n~x>~Ol0G5Nngc(mQ$P)lm9tvE0V#6?Ze3t9BCX47qQ?)rC#3+
z2TNk!!gnx|NWHAbIt6dhp~fqT$;T;%%k4l?cPIg;QmISA*Q{B}hl4ZMd#u4><J$(?
z9^slL>NqG#&wUMZ=5yy6#+pf+GlXSLmeR<qN%o@MX<v$-D8xBsqLT&1AcEtU4ObGZ
zomE>KOtgiI6)43@@#4k(qqr4{w79!Nad!_;q`14g7mB;PySsa^5JE_Ddd_b+7xT>3
z%+;P}X75>hy^;&`|EZ=`sE^;MRgF@@jOD7Gz9$C;wA!YC6UNHK6-K*Cep_dJAyA}`
ze$Q3&pNdy0g=geU`p434?w``tiG-ZeLRWR4rREZLKO}!w&zFH4_|<*7?naer*YKOu
zrQ^e?rED!|q#C;Iq_^)EUtN(mmg~^?$u(4F?zB)fp#pqBH@c_v#t8@}`R_53M-V3>
zMk}q`y{#R?L2)BTDiO4+1{j!;I$K=xj{nOerJ7Hu+fd||Fz~K&@S3|`Dm2=xz^!kR
zR}H)T7RPx^!3M{hrXzK@iBTv6i1#rNRzLksh1r@!_x<R)%}QfSW3|+Oxk*Cg^SW;#
zQNtVzNP-0}v}jI4Yp^)?hx_~bYwkKf@Xee3v|BD}sSlBFUNu%<{l(k5OzPFYi&F>H
zv;5Hs(+_1BlGB++LYaub;qHGkUKbbo17;8qOEP$lE}eEOTwNQ#IPj+pFR2FUA4H2a
zftK>a%vY>9j6$xkwUyNjrnaSC>64H4#AUor&KdMCaWp?vh+Tu2G$ime@Y`D4I52Bz
zYrbk~Lr`)`THgW23=CP^*(8_hXTHB((&~)(ZEyLm|0|b-HMQUg+P{C!{&6d)Wu*k6
zG72-b`G1s3DW!N>yu^s#_Sk$OU5Ufw@g3gwYl$3O1msiPeQTR^C1-vsdcr}~DduFc
zCVjn~Ny8v26=q5i$v;lsgLk(oH9M4!K|{X`#mA8nutFsWW1x6;CPh*5$?DP4i95RF
z7`14i&bh$~Br>SIzCP34Y|_(kr4+tJ>2H=Kc_LQq{+|+sYcKsFTO$REF&gq07NzIH
z`1e9C&5oQTm1F_DgMRLm3PUam4gQ0Z-bEV`OjB}UpONy41vt{a7S-c9Z}!T3)09e4
zDPir;xcaoxC;XsRNECf=^3MmUyH!OqIOv3NfLSwv=<A`>iZ07C`fLSSWUyA1i$e9x
zV9k$&E9aBUKmY?#?2iwOnbzKt+4T<l{RSGt&m<i?u?b!lDSg#pk$aXU@7|26T+aEH
z{^C8tw_zfj!8>PMS2RixT?je*&9&mBym6&aBD?l(kTfd{J&QUuE;=`*#5S5gfxwD>
zRmDPd-a^e+RQ1b83u5{;0#(_t^`eh{w6>}R@*%%7KPzfHNiF)`6sn=_Gi~zPD1Tws
zYmK(Nj;u*0$}6z(E4nO5Z9E`F#<lg$bu0~&zBut!?z&?1mUpb6Dfup>=Br*bj&U+<
zkr&97fgutf9kJ+PqDf?)l~|V5ax_GIL4uauzx<ZzhkBOp4Ih5wm1IWOh2d9kX|wx~
z!J{*Er7n>}PM>eaX0m_4L}#OGophgYesk7I1jktDN}}H#yNIfV3B>vo)h#S&$gm_R
zCR<$<)V#@+Egr<xY{ew`6XDpI8FsDA!}0o3z@&;|EnyQWYZr1n{qYHPk^rC^Es5E}
zq|<K`J>`fEE`oFApDl`uEZgWA8){@xvRM8#%~erku>7h1oQ0N?$-F><J7kS>82o<T
z3-h~j*G189x^wgid~ep4k@{9L<NvUcPW()7`IM3@-WS!Lm>B5d7Ptj{XD#v2Gqd^_
z9Wj@DlR^21qkas%PA92Fg5k><Q)Mt$jB_4{4R%pItH7+vY4=fLk@`;o#{a4W3baX7
zOdeP)HBSA4HV3sg3Nj@&Qhl)<D(T0mHreL!^&fqok<xy%4~CTSKy5|5WUY0&ibF1h
z%D7YV2!AS@<QMFagg;j0OEW~$hwEvJOeZDNGelI08sTayrIFYg-pMo~ZN+<7|JP0@
zn&{p*RM37eHNXAAy!nqe?X^jy>66V$>G;v%qkW=l%TUmpUx5zY@K!c%B2c)TVz%Z;
zXW?L0*f&KU%fK(+u1pW4a|FXxWwh+2@pyP(a0Sjr^QCl}(UuINN6;IUcVi+(SH7Ku
z@v%#(?u&0tnyqR0Y}S0cfFxVuoD>T3O$!y7Js_<NMc(y_sRJb8bR(H{rXtR4Rna0m
z{O`f^xw(?d#rZT?1h?o#e?Li1Q3d1cMxK(Of~Z8_@ip>>>hUd%qHs$GCozn~*IPQq
zP_ZV}fEtu5R0D|g$KF#+HNr{0RE1RwmI=!AVwKveOf$!EKaKxsO0_epAktXpK4e@U
z{&82B*YdW{C&7l>6S`^R{+}uBWMov(^^L1S^vD<5Y7u36Q;#N@q`$&$F%L;rNiPtV
zUBRWMoBuZf0VTPuFfm5bNirc--h$Cr^^8N6Tj_|-z<(f4m?b8=6FO=T4yI72xFk7$
z_hCM(t6bF+jHX;1c#|d`jWvwo@+s?bendfKH7PrNJYJ++&>SnN48G1b36QEG<7n*v
z4ze!TFcwg$&FRC|v&0(C_pxF9mO>UMZvJ_KtTfzUYf2trostFh_#$_0ow6~{#LM|5
zUZ#>FR!x|!)bop6?6J`Q&9z8HOSgsWKWfO#PrqYJ^Qc@S)N{y!eK;^sk1|R$$21dY
z-q81_sYD>Npk!F<oBXAxzWiqB8o?hL8+{iN7^7?+JFi`f=1os|KY|-0ALC4*2&|?0
z_y+B5Xhp#!uEqz9?a}Hu+OG|iX1s(^5+O;9x~93)-?#-otrU;zP$V(4kcZ7_?dcrE
zTmF1*LlCB|tQCdN;gK8OuBdRZB)phJ{8H|}Q<ad2?*8=FB2szOSu-NM@;@3clE%oe
zc+>xwI@1ZzjOGqxq)382PH*A&eB5YNf~P^zGK85}p@p_K?ZONBK8gR)$sjk7U}1g`
z`$#>}k;XI<Oly}j(iL*yIp0xr#t4e%QX68)E*nzCWY7FE`X5fnPrCZ-G>gRY<8;5H
z^V8io>(?DI5@<BMq`$9RP&(Y->FNK3N|kd^vyFaSHa?mzFBzw%>W);Dd-ShG!gsBD
zd;joND#5JdVnAxn)#7|*c#zLRyr!N?U5!$uh$Jy8M~&-Wcl1ypC>;Ot12X^bv-=*6
z&x&I2KSdjkS}m<*5)zG|Z)^H!OCFlJ{xmRWEtkq`URCW#*{V@L;QiTo8N!`KXr$gX
zR8$@MQSd}3rEi7!@rx*pdb}j{8_mz(q7}wm$Jb>e&)SscO<5&VY69_c6UFgvW<9=c
zY51dsqiQ~&UPc+$b1G>jNRp6qejwnbVIeC%T#NiqF6R4>YOm17j2%G(7*_groNEZr
z!}Na}Z|JeV{blZ;j&pry^&arA<|DvME^PXS*f~+MB(Ri&m{949Z2t$S+U{_rL}c=(
zfbu7~(=!+9)$bo!-yXs?wCPQ_NJ0C^nkom}e}u_CiE+5#tL1Ec?F;uuc1ZuOYo9eD
z?QU(zQ=_%)Rbo~ZQPlG?==dr-Tn3P?!1+pKs8O!FtE3^EwpzW2EtH#P82sG150>Wb
z6I8WgojK*!6J;?i)EFU0X30X^A#uu0!4+sw*A}eSXwW2|)L`)u#$`S9)<p}D5>!Ep
zqE_2LVC<QfCOMIiv=>ubAaK8qrO2JSJsD$$unmNXu*p8QnYw@VBiNNRs4Dzg=FnMd
zsPpH}rh&6eGJlT*I<mCSLLwU+G-b%Zxi%A+6%*5S*7L_c1;k8N*0CPTX6wPRgxroq
zf_?ho;+&`WEoI(sHq3u{)>n&iClh9p1nEQ#x8z?1crt@;f6R`dVs9bnqQwYPe|iSx
zD8Ou>Es|che;U|6l`i}}yG$e*5l7}LF6?iOTjSyt`K?`sJv^E9#v)>$wj?*cnrH=0
zF63FG{~P7lvWhAyWmVsv@(Hc`XJ*WUM3U{|?`8m>&)mwV!wT*uP2Atz%W-}kJ^$WI
zqJov1B)%6g=`c#Y*JjaJ6iuu|QVOO2mZ|jfNEg~)le5*dH0LE4UNYc9V$DWLJ??KS
z+pqc_9U3{-aN%MDd3kq@SKdz+XK0yxT05qI>8;?ND&YC|-!JmxV97;1ec>3HmU#3L
z24nr;7(-76M#tbrrrIwY>QFZ7VF{X#i?g*yA`tX6U|sPCn8yTo6&<`}mR`*Kmf?kY
z@{zXCT<X6!gmP6uIYDVUL?v>C&lYszZ>lwC($*zhzb7zxB}AqRk734vtm7{v06wDM
zHHXb2t3T$7);^&*bRoY)8DM;Uj5jb+0U>_f-%E@oe@Nb<@%eEeyx%J$!)*Buv|F7q
z?}Kbr--Uu2x!U<gQy(U9A8J=GWL2`eXHqPO!7?COP_=X*l1K>4vuGc-AG*7xToj_)
zW&xQA)OUTOC(@jn7-uTn70^sYK|Up-4qZWRaLqJ}ku|G<cYm9}@f)qDOqF`KxX!5T
zJX14B>wy*-r`Rq0Yc-WoMEoJO!#i*Z<)mL(%58egLcKZp&7Z8rYsw#v{jYS-xDnf%
zQXfZCddZQ6K?F)WnBc*9b4mOE+~h;dDR${@=>JjMT)!{~p%pF%Yt=*`kN~}6juq}I
zZvWLr3XV5+X0RC3kDr+J&$yI~tDUiEhNRK$hYo0AtJXwS3J?y@n7$Vozg#JeW?fLC
z&59G&cb47wk)(Kh6Jhan<1R@w)v`rnQ1ZIXmpI9yAYH(+U~$Ve{mx=S7@QHE``_l4
zX#7^@AKuX}iN;aUqZs|hehQlgi>TFUB(K~*8jyXC%-xyS**wA>u8Pm+W{KX?L9VlB
zmQzcX$`>XR6OI)I_PD04_CBjq>noHjszN6^<zv~F)SCqZB*qaEpARRaO-9yd*bXnW
zSQqjRr@qcdv&r121zV!XTlg=tMz8DNG^Bri(}Mcu<jR6`_zQ(w(&Y&$kBUN4<W-j8
z)Yla*RPPC9OG|hAcC;Ja!S|Wy*l7xVX*L(!y-QP{JXRdL2C2Nc%l!Vcu*d>_=AE7E
zQ2ld(7CHJwzRIp)1_k%woTR>1-HRL<UX`P^{N1vgTrY1=ir29`axh@Y>%ti(eG5b|
zO0-=b4y!vf^Hy@>aO0Mgji<6<kp6~}LF@j7KkCQd|3wI@f_{Al*^fC3tI==JE}si1
z{z|Mk>5_{Rx`W><b-i`L2sOu7x<3~tX}@DrTXsSH5cZoYp*u>Nwc)ieh3~!btlH;T
zo>Eto7dgD{FC*x7=$M^i)Uuf}5g1x#vRorkj?U39ro1<8E;u#T=|xwH$syf(gklvg
zMNF#|f2Nz>xd!Zj;EC?{au~EBMPu*oPINl=zY|F3ot;Wm>=h?U9uQ0v%A{fF1!lb$
zz+@zAUw>z9!gL`9BGew>(q<pyMpIw0NRSAenEUzDz>@>0$iB#(vSkuemSr&$v)pH5
zaq`nP<Dvg9q-vSQN`aU?9gx90V#`}Kxv?L|Z281)5-|8jP%FJSe_@&YM=DBA|BvJ!
zaE$GFT_^X(Ik@s=Y&g*PBl2AmEsz`KS(GI}gU;w{FYb$T6&CrYsUHRy<fIJ~^3eA)
zE86cGC{sVu`xex05W)KrUdnkH-Ul<D>z_^!a=ph+X#a7XPX0yn!?<piPCYU@`rL*9
z%TF4%g+`$P?d3YU8wn)K>P7Q<CF9$|_V4$<=%zLJ3O{mIl9dmC@Gdc=psIPGMLQ7U
zNUd1GQ#LBr^Oep>wrFN!kVHcr%BWhNW??PnefRoL8h|A6?l(6jq_{u|3#oAEi*(%D
zCE2lwDA$h`(}VH|+HhvpGlNi8DSA=<P*nC$)sN^$zmG8z<wIthyd6uKv`=INy2)RH
zCDlVGG8kBG|JB+HGpgUwP?e(&guF%3QwVN1(6~jjsMIqqX()N2^B2xFeG!NR?*}*J
zzg3%L_>)B-Wf;%#OK9>W34?R<NMnqQ5&55BHS}H7L?Q53#Z>jPNh~WCNwWiONXe{p
z&XU=LQcI5jJu0?MXvoNv#EGd!%AwF{#Uy>s^sds$4O4k_K1Vk@j|Zl0?2_hJj)Ke?
zDh#s^xP<tryiwE~=`jRJzo^v?SqkCyA6a}KJSZ|Un58Ntezond@lwjq_a5<~(sx5r
zEXK<v=xM)yXDa-mn3MatTVBkVS|0101dUD-^?(hM8Hel}?1rT61Rk>Fi_Q%8k4fOI
zjoHt|&fZ$KY!jDmiI(|fo|1{q@7<OkEs8ISLJ!!B+)M{SBJCyj%RhB7dk=GSoz;K9
z?UQ(upF;y4x9JVGEunLLUlbukY0gAbghd9rz#$fFk!&NAfn~*bL0|gLk4o=C3lHdg
zj6*)&qkR-3rU1C2yaPr%C*g%wovcbW+XT}6YhtO>Pv<y8`1trdA-pDMfg7U0j8_iB
z&J&NDty(+qpV1?aiOI{2bCQJBz5qqvVU1YzxbbRm>jz;lar;bnGdKKjE)NB2H)G_Z
zy+VP&rVw&i4)WR@F?KZMJG66o-4@^RTaAPAEeCo%ETXpr-W?Kxe>mkoCw&30wewGZ
z0)hJLP7PL_44px`oKlUB6k=D~mFtr$HE>54@bKb{a6sR$Yn~h3R)*G5X<|e7J(%C<
zmDmz=4+`dZd6~Nfu5|HP9@HTq_cv4A+K7(B6=f@M-Xo0j+v%r&2%NSp*Ws;mMW=tT
z^I!S9El)L=K=|u}&h7q@8@YJ5%T(b%hB2Y2tLJGmwRxvNNovE(vNx#v-a+}(%K>ba
z0nq}D*y1&&cmYic;wrs@LITiEfubJ&mYs4kb?y&f`SKx3eL-7)(|d)#t_gHN2Er6q
za2;NXgq%hO7nLctuQnF-L|Yw?u4pc8g$><RH=T-$ArZaZy`Rkow;P2xjd-=EsJh<8
zY;-?@m6Q>4&|rzv*>$nwJ^EE~5j)RK)zV#Do1WV_pXd%MA;A2jV0>$)fuXn0^*?J#
zrcEgHhgYq``sW?5(?|Jeznj@{`;N1Q>&aDqzw;Is{?|75{{AVk=IXLgJ^tQKd@vkE
zZg<ZInDR5{8FmAv@<U8=8u=lb1s%%y|7^85n$C7+!NI93sm>$I{Cs}xR<i@urvRUs
z*}|VD7m!qkQDd>o!e9Ky_U*?FqsIBJ1BB=d3YFN75LhaW(~wi{-?NcLfcJF^lDK2Q
z{@Ru-i>Fx1{NMS`<~lT-7a#>_>~}J4xe)?|)9`(Rtddi}%kupZIq=h$p1p11!`Ys>
zlB0ux)m@*Cg3Y#jD?2BBBSFwsV&hImi}^zd!A6{;mMC)%__&kG&&%ckNgbWyG&>Ly
zRo5!6ad(YLI-L(OwFfE#@<2YTNUP}an{c^&VRCFI<E>&y1=1q08(`$J%M-2VzvL<7
z@NiNXQ73%ZHQA_a2Zv`KZro%;tR0kh7ncco^?bBCvETvQ6NOYnY1nM!TYoGrhg!O!
zvFw6%!-LaNdZ?YsVq$<n=B?P?E5TM+>9O7&DBv_+2jsafjiqe2(=^@$B%2m*^4{u;
z(1wxq+%>t_5y7vg)25Z*hdJqpU0-=Rr7I$e?4patV{d$3!$HKBY#Sa%)rTC{PrEAG
zpr{4YMzA4b_nAE2fcvy(Ah-}MAMA5$+T*=mNnfipo$0w#|CG-0CbRk^Pj9XIp{Ux5
zLvQsW?xxPz>z=?ozarCE6}nHD{O}S6k%4ACRzA1D;KQdMy#j%)_|40k90si&z=-Ib
z%8$DNaCp8K5g^6w`j?N>4cmr+$Ym({Y?cQsL?-&}ws?EM<%1N6f9;`GmfzpQ8P){H
z;*0G*?&ksMHK}#K?r&@r0(n_J2|126NT(}ibDd;F?`WU=^d!i(&*a@lzX_>g<oL5z
zYzW%oxdf1E&6yqZ#>#n43jxa8+70)6;#p_bp88{JIT5c-h^cBrk^RzIzs`8$Hu*nU
zbJtHiz7Ey7-Zd}A&vlde=bbFoi$Se^o;|f@MzdO-Rq{7Rw+G6zsGLch-P}v?L##SG
zm(?RuQA%N-tKhp+xcBIeDe+KC*Yp0%u#?xW$o00Y?c^^iW%zSLFI48H)5~sj1Nu^P
zsnum;a(q;jYPgdHIauH&(1vyUUFHq$>a4JOZ>$`qH}6yicpM+VH{W@|4-2(`TV5y4
zoSx7I;96yQw>zZT6$}vDK1-FC^<wI@8_0TMjMJYF+;L*eg>Q<N`<HF^Jp9ULv>Arg
z!Oy2S(_h`Dvdc$UTSeL8s=E-`Npoeoy-uB%>H5SR-8TE4&ySkRD7e$-EtLv49Bjz#
zSTFAlvQ>p0W@9H;ch+ru(rs_3lr5X=w(lPaPOf$RcK7J>wYnQ!H?exRFodQnZMQ*L
zRo3=)*J2=e9aMDP{&nRanfT$P@AOGY_jx2N{wbz<p0L>1`thVOerd}afmZh=9<1L^
z=YJ(ZgXoR77ibYI=g{SX-bb{i8|+js=DEl@%v+kSTY(YJuXXY7Va^-nJSYzgyF2EP
z$3|!`XeJKOD&)K(tNxBb#HFs~uy9AQwPiOKW;-g8%jsWzcY$UemM6SR28%z<{v;$o
zyWnupZwwB=Tldo%DRqE?nf)p!nTxZHJFjPC?y{9Qz_6YoPo?bVWO84v8L}<FBb|64
z*pEa6{$w`_<`96-Y0Jk0>UaCMp<pVqUPs`tvHwQfKY#ZfPn*V5VAtQ<LG&sH4y~O}
z+gF(jtwKO@z|EjyzW&zh`LF5?Fi0FW%e*y6sNB^GyP9ii3=4B`3cUFH;5D`5y#dG*
z1Q;e~zg5`9?>X+r1?TsPzAGk}G1P5@UfS@x4blO!jaLp9;^U0x;N<{d$IVDhrxQdW
zyY1yN$IGwAY3roM4mjcMRDc@c7<m57NaWyeEgeDmtL#tPRS|PxaByw%^JGuwmD8*d
zST`_wnf+c!c^$Kpy`u{lj?^vFa`T_HqW_*Y#CV7Qu9)=tq*Wkr6tk}NrTy*_9LLG(
z4bO_Cf<2uG3hzv0H3SSrMQLLBiTN$F^XES~=DWp>U-u}ALV5^iUr(R>hKl|ftoXTK
z=MsCYYcM?8@k6pkI^9l`Y+fzfZ=IoDWnzyyu}i)~QBKAP-qykJ3r1t_>z;+|K&pB3
z^A$>dqXy{m>oVX{UlcgSUDs+eZ&%=-=!_V<7N3S-+IQ`-!d1#WCpXwOcg#=vv36by
zj~5XBpvyil@eJYX!2#top#MSk6LF6L=mCBMh8P7r^{ce*a=@Q8E5X9kCgZnA)jTh|
z;B)XSW$#(eT2yE1Olwn5*W+@)K<|z{*dkw=905;!I=gFy&AFM3Zg0cqFS4#yd$8ko
zNH=&j#STIGp)lwMkc@wSKj0L2sk7X66i)7F<F=Rg!`Ne1*jwQNmr<IZU%d?2;|rFZ
zXQlUf{DZ!#+-7pJOXSc73&Yw;f;XPG>GO+$ZX?l0x<sk14kI|5yrJjQ@%QP|>!4$K
zvrzF$Z77%=6y+!eiEHf*u+uus%<qOR{e>DM4%P&XjUL<=D+%HdN2~neWEniy;+!X7
zGV!}|ihPG2(CBPl)~#!={GV<{^NFhn98kwCIMV^AOXNHorE#YRzS@$_vH2vO4*<5m
z#3}Alb~G)5(PzVE6<$vDhu5i;m~8Z311?W?M^0;nGN96<uvR4}#G<0x#(M`I$Q~}x
zVfSOldD+}-gyn4S^VKPiAtS)kq275lo&3aOowOUUG@U4u59%?0zGhYSD~8tK^7pDd
z-bDv*$m2NkKZ$8%!hpK1O0U|=l@9CjlF?b6DT)D3-F|Dlto&Cyt}qI#T#wPTSO>pX
z_;FA7C1;-K(H>B|s}*q!O7@%Xxm`8(y549!gYn<MERT=wk^!VVR`+ce8{7J<jUl)q
zUraVv4fSH5Z-a4%r(;V%usG6sU}NsVi_-3F+d~bbSm1FwL%#b~hyQE|=4sE<)pc_^
zHkEMgtPj@4(AzX-ehyNu!w16j9)v^0LqK$0w)mgD-r9lo*`6x6J9G<RAb8o(Ih)NT
z3$u9?m7c8==Iq=C&l++U&px;*Jv+D`*Xy6O8VEtN$_N0POEnLK@k%i3r^1L6e^zX<
z+co$!*mJujp#FA@xj5etQ1K8v{tfpAaZ`Pq3+@HH{_-2?(p>8S<QukLJygnni&x0{
zVs_qXwf)8GnOVOD@i=8(=XmE}e}AqU+q)@fG8)kDH~?`n*7bz$STTx%`uKBaGkhP~
zY=|dfiN!rG8aGc3Tq?b9HmXENcZB%@wWGu04emDRTJ77}Tbiy}TUVFZe6+mXN1Rx#
zy8Kk*O?$|1y04}a;aIY}M|QqO<1XoxyJnZUtV&6<*{Pyua4Mw>(DOsN(VF@7NZ|BF
zbMGj^bGI5-YgYWnZ@_K+04N83V&f*y2Nbl^f)*il?{xUcOlMLJuHRkC){!F4IeF?3
z7oZ!2o><xAqQ2)gp2OekTy!y@_;t&ZlbC@>iO==1SCjEBeVySUq`aHFCq#eysUKeJ
z=!1yftqXXLY;nljdAUkyEf0|pzj<$;y(4%SBTp4rJl;o%0u^s69?v*Yp5DA$j3aH$
z1D%|E#T$qmF7Yy6XS}GEPkC(P^0qt8YiF;-=RM5f8k&h#6Ez_U)eD78bcYiX2eRvO
z#qEn<Z9Ai|p*<V=zBBB&7z>i^=>7*A^sBC%`AwIZWvwq+HAZ~<8w61|=McBeUy~D-
zQQGb`FEB+hk*aUdr&ZjJD^OrzJ3VfIJNU{D$KBU0@%1Kyrq~a-JJ<ej?!-&^*9scC
zGkdiaI2jyyS!dUN@$e8&>avxjskri!6LQ@CM4EdaJrm$J=(c<*%yteN_OlYNFTj}6
z6F3HSD*2bVM39cM``)}d6kL}t8h>~I7`2)8GhRMj=XFD_^bzntV6bvty}Oj^VJ440
z<?n5{22YPbUU%1JQ<14T9aTOYwuN@rd85}URCk$B)STRETz|C}%_!E~dcWo11%F;L
z0nCa;yQOt|!>Y<sd!3k`DaCGm>(cu{4thH<`rW5#h}CZU5o|`0QwOm`%>OHAQ)uUQ
z+XvmzuKTb|XL2iv)DP;V-%@P97728O>__Na<r;P(9u9pLJ^5hX3!JSzKJ)+Gtu)^+
zaL*bqK>A~?9JFqr=c~%fcqMh|aip4Cv|VniPId1)3mw3jKzD=t@hG3mrSpk}9?sf}
zMz-?G-k%XGTT7FA+pfE4xLYfMhr|zlP1e2VCte-mPir1%@qjGh0O@#dQz&RKU;Jqo
zcMI}@U0Vn3(py{ehCR!oFN;Ag{@8dS48A<Yk@H>E^?3D%JL!wx9&EDyu@>48Kg{ky
zyjmYUU>W(IgXRsRS2;U)^-1sYr4?7|fB`oX0C>Q0SBw)Yl>O6#U8A(L^I)d=Jy^8W
z7VHEAoD80Vm>v}My1Y)(3xL?h3c6ip&o>R|l=`W63z7)&m;5KKNqPRM?bbGE+r+6h
z7*;D?-BLcrSXW`#e)Vvb=%(+v_0VtWyeT|v$QZg|<Po5C{aB-lmG|PMS*KXXVx=%m
zHY2*s_B^S~?&;Ni(g8lnrS&42SGZWhbr0a>15c`Q<{2!@k#QX~{)rFN^!A0PY2)tP
zO(n&}YI9t!JrA<%g7#Ark<`m_d|z7nc{n@vVqGAIBVu<xv;FE?>=1XzF&b~L82sT?
zuy)kbZrL2ctge^;D*xcQJfLq}<9l^b4i8+uCk}ya1QxZ-^d2;pb36w=Okal8ZbwjU
zb|*F+M;-SU%KvFIUz0y}$b)?MH`5w-piu5@u>p>_l^Za|^;)j)vJ{na8U-jsP%0b!
z+pUkAVuZ?Vr~M%tr@c4e$I~TM-cfc+>vc7p|8?gjFDzA^YO}%Rd6Ti$?!Nz^Z)BTa
z%xLZ4m(`0?uFK6H|66u|)9E7XWJ|8`(%mnY-PX>Um*lUDJS_(93z2oNT&%v3HiP2_
zd@o)EWCqJA$Mxc}v^O6zLB3jdkS<LeGu_ptdveFwFFzyjI6I5GWWT%XaKlOATlX9&
z`D0yp{h$Y1@SByBHGD>!R9<)pq5mr93_sCi-T9D~?|mB5*b#37u`!(qRlk9h_}+Q_
z)OX5lcez`3y6W&YS+}`1f>u1j7jJUA?|upI1RU94XC8VB_E_7pmhQzoti*J5KTWKz
z253H9KV3wT`(9_L-5usl^NR_)KDGQ^WJsMdc!DlZkF@&Q?K??Z%^JAxzr5Pu_TH*Z
z))52L;XddzBA`6k{kS}69m&HOW_E<4KcuCalk#uXxl?0=XU}nar+k3C<SPK^una!6
zL+7(`o9<(nzv_j|X1CdzB+H=V^tjm}NP9nd7c58Z6FM0_%{;Lix5Cbc8O15xTu*i;
z0newmvcfx}{thPxX;{V_@D9FeZEz~W`z0wYmzc`yMH{HWOWIR&oKm{K9SmN|s^xTC
z`xE2aZk(*h7}I@HEwdT`-Z|UKPXB^%oLnlSFwR*1;yy5O4vhLM6Glt{T}r3=SvMQc
zp5d16JovcMXcvC+o}vw~nwNXOP})x621(U)64#lB?Z^UVw+VcI9`#z*y*^@Mj)(;!
zUSu|BKHaU|LgK|bJT|(cLErl0SR+!q7w#dytftTIcQTTV+j#GHAO0oLrmfNF+sXg#
z2Xb+N)5-E(@jz2x_bL3<BsnHKU$ok7y_8j{?Q&VdO*x>b4fv{Q)#H5w8h!Ms&|M^#
z^U8Jkp_Oh|mg}1T#pznQR@mOr|K(z*e0Ilc+#^w+va7lr0I}lSx`l8++6ex;@uuy1
z%_CN(;N3fXK;L;C5T4dD*yPX=?iy!=_2&7#ptG)w!w?>?k*=o6hWmWSdV#$&@|IVx
zmMf#^8#kF?6?dPL>RE)9<U`babor|T^o*CiBagQP5fR%7f`CuNN;yY~X8kTxaC-!v
zV%5uXH{mLWcAh!^d5!)>!SVF9c<hroow03Y9x+_JSqnt8na|$kcLz?OTpI}&!>Wt5
zfLDRA)kUvX#}>eG&IqL7(gu!wKjf8ez+(tI%ht}va<^T$I?CGwzMQq$&1USj+cZ+x
z*&?1`sSe`TzEdSsfrdq57y!h1Ns=rA<`Q93rx=L1;HBa)-tchRwA1eeZKSrQz3+mS
z@N-5X{O^~_A{YX)i9sG0u-Qg%U@0Y&aCxy#4O@@>YK`oMRqQt8HZ6LjkFh)+e$+js
zP1Pw_f4yFIdX?vW+_YIfb80lX(ejkm?B`hbsC<<U8msTz+2q}iyDgGGHGXo9t^>on
zN7KB@jPG{_W|aVS+u@XojR5`m%K6dxEt5@lpa-*FqlS(!=)|cfYsGx><-kRG7dA2d
zkaxEE;VH-K_z;#S7O0f1zhdM%DuOVqtM#o?9P!ZaoEp=C4Dt*_eNWf!={=7bKZT2W
zPi)Q_3m4v(<J&!<ifw|wHd&6f_Zq?1R<gD7Z+E6S#d!bRCbKH}RBZB2&H~!~9xg|N
zH{*^ikByW0k1`%+ru|$WBU<aAtGnRI2Tnf;l3UOPcK|@A(e8F6{@(Eu7x1JjWKp)+
z;CZfLY_596$ircH=$o){yU=Nw#9=mA==#DT{R#jdHRpR`hpZ;2POca-<_g!WyP3D+
z!@M|O?qWP@S02}RT^FrdyI&t+xtk6-3pK!&oz|(2!x(7-#9;oHO8N8XMsX%%VfUG%
zmfjlOyN8h&o>j_Or_IN;2}QdVL%*NNRz|xGesjrSej~bF4Zm?ab$?QEK+{1+U8{)S
zR5NU*-5E?Qy}BK+<B~i>=KA6lpQE-?F&#gOxU3>RZ54!si4q%=iIh&qCli7Hz^ok3
zj{r@t?tz<Umsr3+pYdfYKH<Zw>Y~<MU$yd@Lx$Yt%DYIfk8FYajd$re-Y=0}Qt_CS
zSsONzM)A9pFo%a9UIy(i3+)7+;NF&(hE~VG*5mL0qVE1M%|4T`%j9I-YscN73z5t3
z0U6EZZ|*vZJ?wSdwcXt51;Bt*JVlJt`pu_(kH9RYsYy2IYxo>bHK5D;HYDo6VSRBo
zyZJau*6X^v)8BVSol{}jyYj({^R@ON$)}U37co-tijR&H=a>^<u*$%mg|J(?z%LDm
zXa#ne?CizIFYm1Rg8pf!vyD2hnCma0-H>Vk0v5yS2fp$HW;9Y|)FXDdcl)Z#y2O4$
z9<zZ^|Hb+nud7h;S@F}I9o<GM`)<JaS#2UNm?MYZX>GHbxJT5-GCrLW;10Pi7H-Xc
zJr55sK3x^_oaj$XJX{f*e~f4r*NS`bcX{mKY`FsX!}l&{<|JpIsjfC2!_jZrt%tUf
zWrv{fmh)t-fp1tFHM(7Pycq#X*<$5x_0wRitP~0_b!eJ?9A}M=5HIv<@hP}7s|)(n
z$hZ<G1lVgLMe70f=)%>n3*yt>=dt8+d0yfMDC@i|Bz4+u+N;*ZrW!nL#=@xl%?^6j
z2Ap2lUseg1<qvpTfqyo>oF-AWVjC}1j1PGP2n{us=ei&YZyLq+%bjYy4-Yp+t=_KM
zM;?i9v%t^1=2wYY*8>g_s`v5pi2<_*;yal-1e;lr4x23wn@S8>Yb_4s1jXi?o(%B1
zOfVD<JQah$Zvq<pa;wzqmb;a%t2X?+ay4DCESajPa2Z<-R_qHwsKm!hQK_cyBEox9
z984l^B|rbl5T&2_Smw5xxOrjBs@#SeKfv@W6ZL9S8hn@Z`N6L$Yb`<{s#`PGWHOYF
zmAs!lzI63bAdBF$L#0x{$s(_lG^(xnUwjKyk9x|YbIMD~Jj=CeKhsDn!s;z07Q@L$
zf6YlMZ!%5RPt-t7mxYmfMqn``vC^RS@mAJ%bP`-7Apw%-@z#M)Y?7X|plVxt0juXk
z;V7253RpZr)0dApKvSAeoY@YPFt1?j+T!aP4oq>DXE2}Lf>zhhL`L=}US_XT$C6z^
zrr?ED0g&K#U>T>zo+8Wf+OBBP&=hN*ebVp3?mrGmb13Q!blF8oiu4-vigW%z5=9fA
zw;H`p!wM40Ba%TS1ejcj_jkBOABf4{B%}<ep=Ev-N4MN7K(LtYV&tPa!rmWZE=1b*
ztdTp#KaQX!v?ZcvL>;c4n$qxKnSRTPxcZeH5u`ZM5K=;bEo}<tW<!0JS9|wHZN~X^
zl<J5c2YJO#5`mGFB8Wt=P5lyo{{da<Der`4>dlZb(xWjVG`n4--kp}H&%&M~jaKHy
zxP|z_I0K1#gkWC05M!uk$M{NguT{ngNo=iUfG`M7H~^skeg)&SrAo;Y#Y5#F3!xgY
zG|6DA@FH)-d&}`MJGC1gvILl-aSD3RGR7RgzV^gVm>>MBCzf97Sy<)G*UT{5E<1U4
zI?&TLS{q<$QKy(i<3|s(^l_S>{%)FlYrsSgxstJ6=hb=-u%o2}CI4xJ`;l_LLzxhh
z^EGx5mFRb{*Gl5RH?qHt&3z5rOUKf+MBmiyQ9lb*c^(|7q-GvW_&GCJ*Rh7Z)iC$Z
zvz*B-*5>QL4du?vK5^gQV;CIraHAA*1F#YBafW=<h=gv~nhw)T@+EyKsamA6KYW^*
zHs8^9yfA8V+fd3Ri6p-i_f%WV$N$ih5q6bUTyqxgu&br1FPU!3@TpptPr-`Qc8X(p
zK6*_5)VQWjoamh%A73J)k{9zbF|5t*^oHUO)>Yr)5(B02`q@NSQ}!pTsBi6WF(^e;
zgi{G@I)Gp7FNt!L89D#<WJ#&mr4z$l`K+W;SmZZ*zVReX^^!+8`1|n0k7==}YH!e*
zdB6Y5B}QiVh_Byt__D9&c%i0w>PVI39VETevpQP)$!X=oSo1@!msF=!Mn*I%41+nv
z9+^MfCa7+)AH8twulW6Ewrf`Xr@SLd5>J_J&e0VC1NE)d3d4V;y0ypBu!#uz&mx4k
z%$Y*eLeh8r{u1ArI8Uz?<y>o|y>lua50yWMt|zMNC)^~|bL)Q^?5CdE`;I3iBWb=u
z!KY@fx$u%#{<#jt@amw%k)5+JEn;LuPS1Ao!1Md0tchMgQ3`H#cIo4|rM7|>tx@+`
z*1>^$(-gN+gqiTR4<=e>M3%@x&U11aP<e#e{bAf?Q+c&?jG7^_Detzat^2EMFjhJ*
z-SNv<;(>n)T=lt|hz;|-+Wv+LKh=ev^uAu1U-#S`;E4yrjA-~V?YSi@;AivmS<`b|
zm8*hLzGM9C^9(rVT;n#EtWqb7{8rP~ohg`I-re_PU1+3|GhDC7_T5n+O;d}+n_SRV
zJ}GJ_RzZ{q?2R<#0NUKsid6`n-exAv^V3RDz?f?2vvNvkYbFhO3LuJBV2h8&+A5+`
z=UKeP?&_7q-u>Sg?VO(D`Szvd7XZ5-DH6_QEN5zoG_i*?c8?MEr~*JeqQ?4n9&dxf
zRV;i$g9K?}i0}}A6P5~z6YYk~LY9O>LyTO|Q}3>wL;D`*d&;E%F^q&C*ueZZGXYUt
z0x&d0Fdp6^=6UbH+l;<bF<7)2-7WB2$YQJ2Tdu6b+Xb^=iT4CmXPa&Wl6{iD|DuqI
zg)Mq>x$LF}%+OHhQiNDLAQWp%C=aMJ+QplnepNx(!ze75y(u;FKFV(55e#c2cjnqT
z|Io4?Z=T0c3~Ovb5$}Ks<1_UW{{Hs%I?u*4S87IAY$J@EPtJ-s;6q6M&+U}2ZazCU
z(^VhBN?nlUj->6@UuR?{=LUJA8yt-A==&k>%DIGMNi*0x2Lw7^$-nrVP5(Gl{CM?H
zQfOKxD*raM@<JKwbJwZMN6QbV-Ek0h-jI<}-kn=I*~8Nqo^k3bw|nN*1?ok$ycd)b
z!&QHmgTf0p!bH!x7QJ!O^?Qj`y^*8L5iJwj5EPuqr#H!x?UX807_%?QlAY%qnF9Rd
zE}4(wf#0`&3&d@hg3L4fZ9}!8Dkp@o8p*G3TIlZ(AB-5_-TppR9%S^73{t0UK_5BC
zc{kA*gAKr+s|deuWI%)SIrXJ`C8l37$ysrVL`6q6%4M%y*abu}kTKA|wS2v!muUGK
zG|Pn}F>fxk-IS{8M|%ICv9r-viyb!7V^47Mk9-mlPJGG4Fntx1BY|W`k~#EINo8fT
zFU(XAwq@7kKd0(cANd*yHf-st&KE{fNWP5<WwsyifZSKzSqTk4-196t<1ukhvxevO
zRGc>b{j!wQs)i3+dxZ6opr5Pp)eW}e%rVI?DgJIIyrqV+#Kh}CcnpLUQ3mPk`vQd1
z>3Xw+!*N?UnSInA-jMO}@akpID*eYTk}r2Bm#QVUC)*>HC1H>nVu4>Ls+%OCNhMF^
z{$VJ|L&Kr`S6{&sY0>q|WZHkG=q*9sl1Kb4#ySk+w0#O*{9lqWm@e^J{?kGbuA|~(
zmTs;}re$<#x3!Gb9FM=zX391@{&vh=t*__F{Z6SbVVho08&$kVISMQMH2d;ksbQX2
z@goBR9;#~M+x~7Nv^i9H5iJ7r@S+{2627Qy(P>H<@9paTx+~i&4Q0b{A5w!88CL>k
zvA(30g^=n%qm6}f$5y$*K$l`0-%Zua`O^wMmRFRk^3zFCgObWH2c(QMF47<p5@GI3
zoJ~g(ai9FRmwnb6*o}uzY?Vu>mTihl!zVQ<VqT4MBR-FYK(8v<g3z=yOrmgYJt_T>
z31OP#_2pIjiu_F(j)4oNKa&`5OZB-0IvuEf1XvnV3@lVdd%qB0uV+sZUmR4;sf-Xs
z6jD!j{OuDlPf60Q1+j1XMvVlXqhr0@6<FzSwmCATp^pq@ON^58{11P2XQRbHZAcKj
z{2`s)Y!LEfUk4&B%)l}ty~in6%6tLlY*54p|8pwQoeR+v5sSn`Pd?64>|!vR4(AJ|
zvQ%3p_)Y81E*avjg}K~z3xWsP#Y%_NGa{Grp47QOK4ttJfL23*7lVxxH{#W}+dQu?
zUGy`4ipXP!W%9R&Wp#$p_SAWrgQ^*T_f&7-A<4)=3>=>j%WRN^)1aa1J@F8#a|47H
zRq5=%m&2%H7ozy(w#E#_o&AK}$Lt9H)2|R726L*4KP;O>d;=Bw@tKE#^Or}vEn~c{
zS{3rnt$NJ2@7d%p70<1G9B{UEsES<faZF^z$A1^(u+?7Iq+Q}j6M53&=$%GOWWVAL
z#7jp7u{*hRMSi?i>*OqNFC4nGD>-JcS&UayEl67!e91#*?MdM&#A4wJndXi!Tu6U#
zTE!}gi2hs6gf+X0#d4sJ;)Ti!MpK@g{rf>)`RT%@er2at4XsUtU6z?-ntL^J!OG=e
zS1#&5{7T{{AXAy6?;5(^r^UL}-iJAg@JFWdu4z)uHGU6r`TGixyRVpK>T>>Lu3Sq#
z@p*8i+>CXK4|!JUcdE<Q<>q}&wwcA8cak~m2`4jR1oy;(sY1q*8xb#Vi36a6fOaW1
zkDh;0(5VkE#m{8QUndyhG>ieP8t#lJzrzQI&8(Vs5poQG29BYsDN+`nCiL%F7s#I#
zkEg`|hnyXD(l2(uaqH7fLpQ`y-Zp!MRHW_2QdqsPe&>htBWcRthK$pGR+K<~Sw{rC
z=0v_qd*QV=ewxV9HikFEnxP{4y!TrO@p{%)c~IarpCNb<6T}hUjk-wCIZ@EgWk(8-
za{~PhjSO%X9W~}?<JFN@W@rdo4d<-$ZnR`%Xd6kvzaT^8Vsn>ObZLKYB7aZK5_6vp
zNPziD+6RKs#~<KrT*@B=>S&Ur+5D$Za@EPnp`kHW<lsRMFZnSOqt3HWPlNL**;kfd
z!~$Q;j8tt#`HLqJQt}%a5+(FY507^YClu4zmyjdTJ6T3mXMU=rAFj@+0|q&c7)10u
z$=h7@J=$(H92#t1)v;9i=QCHmifWpWb4v?Bz$cC~%AF7Fb7`*zeP7K^nu8O^Ansl?
zs72><+H&uPkX=|l1w3wP4qF14zVts9;!UES1Xg@5q%=Lp_;$(SbK_3^l41jC@t#=E
zWV*ikZBuKj@|Os(h^?E5*=StwuVWe4evV;H`ddCHMRWGkrN5xJaHg=D`sH1q@8N@k
z8$b%3_5gH&Z;mzhb^dPgYibA`l5ZX_{`LvA2{g;oS;pgxqiODnsA)~tnfM{2!seI0
zqhY@rZ1g_S=-5oUi<oj9CpwGKcA7Wx$B|#wA079;kIi}6sa=u0??-#yV=BaW|5l3J
znl-S-7b&qDp;_&-t2S8I2`K{J7NKc<8h3C3ujK`8V%B!jFur|3j`B5iQ-u-Q?F(1*
zp|~DIiTs9A3142j(vf1HAIT>ZyyN^-NB5H=l%kZ}$lJq=l;f&KLm=Tdf7^I`hBXFY
zK-1a8d#u3iWjmFsVoOSIhJyLTkjpQ>rP>=P^e6YKL!&L-{WNZ&auI63cyKfYDFXWn
zkc-V|t8|xH<&)O#5B7D0uThkc?rLq&wux{Y`5VRHLIb)KF9Sq&j}*?e0EpwpcuiiI
zc`!4IxElJm<%`M1;khb2!bS{pQCg@Le!p#Ux<1nIg+iUFUr*d7MvGwzOMJR9alOF+
zejriNDDw%0_lBnp0TuG3E@9fa4zVX;WtL3zi6F6kiaPJls$8P^p?YmtbT+deemPZ$
z>mEHQ31AK>>q=`q>T`GX`PCpEdZ9^u@GIgzGy0xiEmXCNMq<1xzjIQ!=N?5AE8g_3
zZ-4@d%rDC4DeY=K+|zGUO-VN3uYjD%GSXB%-X9(N5DOyTih3r~>S@Bo3Ur`oRJ;2P
z1?NG`zNXV(*^|tRq}?KmGB%)7U~F@<pf9~g`>%WqYwU{2l!*6}Dbd!I^&hqU@_ud>
zcOsX(50!1e{7?O(Tu}+qQ*Q@mo|WVF<c>J;WpyBS<k)gA!vv_Lp%~+o^xEUzqHM~M
zOM=KaUuQy*7=Wtp)F!YkU4L^1etXn5(Zk;Gi$md(<`Nu2sC{4|M}NoF7q)RY8hT|l
znmncX-&+`#2ipEed^XZb0w~sCSQ|$es_AOqTmJ};d`65(q*F1%H+$m#XkXTl)O@y1
zG2untND`kjx;IbW9Fl4|T_aZE3#+~2@fiEPS{24;5P2CHYH*uWNA5nps_eh8*;4sx
z{52FoUHZ^RM8<I+CbH)VscbUA1r$xz<vscOZiu!)uM3Vv9>e`ERZKRl<y+Cc$Y7~~
zDEaZ?<{4ISEnKFnIrL42;oBcv+(syu!S%P6%{Z>N3|a=96H7mb9?mln6+(^8T8iri
zq-H<e%}g3ATEJ@U0r2XkU#T?`<}Z$~<-@wjfwYO3JW`>5g+(P7VgLv?;=NJBJlJR}
zzj{V-_gCfevo!0&xgsk@-noxNQAOKUe2X9PrL4Arod(V=XlsTkxn7R<DL1kx`YyN_
z!vTNEO~&5N+(<?bP80Kdk7974Bn0)YG56RPSYT8uC4}w&1BC2l2bHvh9U{hr^gQwY
z0fwz;KSX`P8D&l3d1wBzzm1GmT4In|Twr<?I4?P7`B>ILXqDtpViKV{M_TTWwuDD$
zc!-+rmoiLep4a01!z?~m6?#uAh<i(O84#W=M2q~1`|s(|GAe-VlX~!T!tqKFtTh^v
z@E2YleJ(*)^V%GT+O6CHcg;WAjm<&2rP(A5gPJqFKV$D;d;~`Y0gv%*6kqr1%B~P}
z2|^HlpC*Pt>V}6cMpI<C2iK4><Gr!}SUs#W(Q4`56k+<%_Zp170FA!;3W}RSUgPz}
z5_{gQKpd4`s_}oV!nFqa825`;*x@N`iM<IWVKP;Dm@(=K>JiPM6&T{GFs<zg;9`PR
z8yv`~P^mbYuC3%5<Gy6PJK81Gv}dXkAB!&G0=fuyx1?+IV0l9xoJ;N(O`|%$Z~kpa
z`d+b>*3v@BAHR#U%5Cf!A2B(7zI=OkgRHMORa~?xndFk!JXjI|I+`#1K?8NC?<^_{
z4;YAFAfdG{8OeCVWH`a?9#Ix=^IWc`hZxj)sQPWl^dZr1HxZ|pM5p$IxNyWXP}^Bl
zl|Sr17K}y(GAUf%!==;_`%MDadBRW8Ulf!l(OL~}8|Yf%M%<uTiiN?}A-ww)Cp>|4
z-W-o6pOI2}BQ8}+4k4S<t-Kw}X>XhjdA2_AXE)|%Mkh6x>NX+QhP{eto<M%v;>jmc
zBU%4OkpduDV>Cd1%Zjy?0W|OsIb8mTr<`(M1oo{LC}#MEB+4MlQzF!ynO4K&YOfA+
z3ABnjq3%<3R3%gw0poprXU!{%-UygLvjHKSC>+F#{HwXVVMSmwk|YBLA{lN0;RKpi
zDn2as^7#A-y;nkid%0c_iURYfaH@eH%w+!Ra0CXU<|ti)l9T$zcjc$v^0v;mbyFU=
zgGqUG>ZU={rMwg#EjxL8-&usJ7ArTXBR+ECe8|WVDY`mL>7RVsF42&?n|F=K6nA0G
z2wfB*ZB*w;iJE*4mHT=#wD21|hKhN#`DCSDulpe}I()j$*S)iIv)T#$M)WwyE^1`F
z*bsLKT;{+QhR#iyPh4SGR@AE4EJd)hw3w?W<i?kQ-eLYC|IZk~hQ2p6eKBn@|DLI3
zAr=3<I6<AxWDvTBu^M}*GHua|>K!_^Ld8pR3r2L_ZK=kLJXl(`;VfF`=i*Ksv$Bs0
zPhraE?+Sv={lyh$iE@__6FgoMit2PqOV%Mbi=8T`$4SeaACJX`9ZxTJI@L~IzYt`2
z{A}?S3=C*r`n-~yeP6n@i^4CkZ3x-M9%i4*f=VrU@4x=n=6q{j{*5M(!P?PY!|*`o
zjea?C*3z34JhBg8JLqJPusOZz^t-1>Imyiu1J+98mh|4o-qBeu;AE6Dj%~4DNiy*y
z{|w2PM7y;2L?N?RCW%1~UZV<nUS7Wn$94R6SciPn3rnzj6^Gq=+oofbcL(pXulFO8
z^i~l`z6_J7^y%`pqHMr;nlC}G$oNx%wP+<E<Q5EEz){2wRq(6rPH&)2D0mc?vl3BG
z<@zId#v-_tU*Om4&(%m+m?_NZ^)~4Rk+f3QV{eTIFQ@9DkN<kHMjw7nL|JN55jw=T
zysFia)k%HJS0;X@rqx1c;|H@x-vu4?sz_gxete{E-u@$f2}!NZE#mB^mwr712o2v0
zbae?a1!heXpI_c@vT~Jfy<d6?h0)^OBu-5(ibVep07F2$ziOWo<v^Wm{NtqVC1Afu
zd?dhnOfWUweX7DYvb0_Wyy<IVap9D`Hliq)YS)({Asx0TXsKXeCQR8kERDDc<esj$
z;Uv*a@^<1S=I<ENNOjniK5GXYYj#BCC!^Y8!6`+jZyx#`scH2TvX&A>8K1={QAO3C
z_R*%Co=<nbMHeV}O%4E{XXxsU+8_$a>AjFz^Dhvlu2;&S<+WdDv~B1~$J6HFvM5MT
zsONeNxyc+OXxGvES7>ylc!V^~P?=>QNmxA-!s{8>n_VYdneYb1&cc4T?g(Dj|6T)N
zoL}U`?O=^cU)FeFOfD+j_kT<sYo`ZH-y>0t^l||0)fr!=<5PLunVVJ#rl=k7%{jAp
z1w-BI5RC&aN*$8(0@pmLK-p<b#D>F8gC^9N$xa-qpiV8AOsXVA9i8kp&_jW!-oIt6
z4y!rsK^pw7X?jGkmQ1O|T2fDmCYx*u$f`G;Q}gP@A0pkbqv1v+jkeQd&M|lMCu;fk
zvkv`N``usv7yF-ZO+;QFUynpYr)CQ1?!?|hBFx4n6F<UE{96cZIUfo!+X5Rxd2{4s
z4{T8^LxhCGA~{N1g&v}-5KSmQEUP{338{V=JfC4|W#!wgz9BUI-m2sI6@5S?;Mh%!
zY|t#akC$YrPD1=i?I60anrMq`EU<}&Ru`rvd)>SUzR4+SJjPvg5(^!pRg;<5)4D4E
zQ1kI_^YFvs^DTxkH7YwgS<#A0ym7z9^Jo=*IP19l$lW|4q_q%EGKZ&DCPNFQ;B4Lo
z)OyE2W_8@(7Uc6oZH-dj)AF#ZhhPV%%kh|=>;)lx4KHf9&}oo8Beqk%Ae*Xx%-gyb
z#reADgY%F#Ew?B7^TCgM`O^%}EB4owQ?^S{+sf7gI(9~SZw8hCX}S}Jw2=u~Gn=PR
zB*GDU!afuht$yl7p+R$j*RFhpx|q^^<))A(&(YnKtj*Q0HL@G9rrI)I&9dks(ntAY
zqhRuch;1N5l)<+%7&9SB+v)ukaMmj@8mHcuXIz~iRU()=vEhdz?*UP0WXYOVVzWhc
z33uB>UTst?vU<j&NV6srp|1=tSb9jzRFkh@uvL?0Z;PH5c4efiy4r|jXRfVDt{kRx
z=?(^>N5bV4o-c=3@uTtkm_?c5uJ*aH)IS5QGJ=ioBo5{mDZ{fXiOQJSbQ86l$+cwm
z(Uob&SD1G^#w#{H;v_YYJ#H6{J|9b_V?tQRV!&u_B3jo0R!kJcn2X6dM3SErdBhZV
zN!hj)`bWx9lya+$a?dmg%w(&~RW6}dV^|El4PY71_8{LYCU8DiA}gQuNi-Y!*%i=<
zR2I*hkfJ`l9$u1I6)XF$%6IKF`-POaEqS?wR=nph{XMUmr4K<ef7Ld>2zqt~b=!*t
z36E>EV>|M=OsTNV8tOTHvtkk5lLjW|#&rq-VahcxL3y$!+dQ<0lI<>t@R;l%A#I{&
zd{Q;gl}xaVm$BOsR;Yg)wq>a3FR}%{^Xkk}yTn}S>$~M+9i~R0r6rz++-R}Z5!Es6
z(S~nc1l5;5A*>nN8Ag!!vi?pcVzEK`j)vhbux{u3v_q(2n71!Mta#^#vhJubc7lDh
zveDz<>FN1WLf13@>GM`XC%5*=<MVcqz~}QYl;ivK`zKuwx6kc<1znE!4cGfp4euu&
z=f*I=M_%&B(3Py5gXm@y&(Z5^*^ieV1TbGcD!`X5*(&5*m4#p?kyOSP{y9BYMXbgD
z=%7gcanHjfA?&#;`J&XE`b`^=_Cd{eWz!=^=3Byadh8=sKRDSHs==)De%CV_ii;l4
z$9YKoJsb~B(e5+OQJddlsWpd!`q`HkZ^K`$Xot}?#{n?eCc@I_!7?mTX-Ujd;q)UF
zay7CgF$8i=J_%5Un@h+#l$jW2VM!W~X$>{<Zn#}W@6t|??;d+`oI>vi9HH$bC{*>^
z`OOpGOU+y-_0Em0o3`g>?>egZx^k<L1>%yvnBmN8EjI28c3G0A5n9`wON~X=o_61-
zRn+P?0rn1OR#P&>gN$Y=WCfb8ea0FX%^onCcR4Q~R-w*VG2TM=&ylS_oy*N!PqSV9
zn#OO1j@-0}D~~cNC(MM8<%)$ZKdMc<MHAXNe;=B$eOULr7Qafp8t@!OyaDN81Lq!=
z-OyBvG8gfa*xpIEoq2BGZM>n)Tm$yy^awsai$(1|&-8$OIPvz$Gm(XmVtgH;Y`iKw
z^xVLm9Il!Wmg}aMD*=Lv<zDAAFt<3`_TxqlV2eCo^R0Zjecqz$<nOWvXN7PWYub;s
z-iPfkt0kPy+Rc6{P?qIT%(TfiDgHh-CIq!1hDCALfwgzzKMAt6U3|N+Agx2cU+9_s
za%)FwoscXOr^=kaVzFkpjD}fIDPd8$v{tK@TF7*ZS4FR>`__0f!!W{%%Er4isL5j$
zQ7zpZVLf!FDooxW3@iGnvR7^6vqt3uT4Epv$0avfcf)<Co+Gh0PNM;v<01Um9HJ|)
z0$urUQwHXW(EqC`1JXFXq^HI;gZmgL(=zW!f*`8O4-0Npv#ORQRhoS~R_Jl}cG|vj
z?8(4tw&mG!hGEhG=Gjl4fno-d{;dw%Ol7$=$+Im$Ik_Q|QsZFoxG6oqL^LAf1CceK
zMFazmXNY4o+fd@t2PD$T<ev@<n32N)Em6@T9Js2K$)JiC5>Bd)czLG!L8>v4hu1jS
z&IJbi)Jl9ac_zDt$Z1)}%B?MzuMhO!Q;Sf>K|1c(aYM~5z813G&L5a>lpswp`cfg8
zcuvX4qe>WhGsAD<8`bgr4ADXjhQjHT$DM2&K@yc}S9kR!w!0aHfv8$l81P)y9dar-
zeH=XIN^oGPk$Nm)l~%pJ=f|c^P5#C}v?EO!KyfynhmG)+Av^v~K(IN?L-i-dyCF|7
zD?|Q7*nJ@cx_9r@UW_r?FC9wpm&*A&9~HmfhJEhuXGd4!iseAw%{3Jo8p;Nd`U#&A
zQmqa?^ZJ9|I>ZUYhC0E>RFpcujCtguf=Vq0W20Nr>MB#>sd-qlEz9BbWRo+c0&8`k
z?uO6~MA3<-M%*23sy#yYSZLylRimnq6vG{9RhW)Q$jhA5Flo8XGxs%(NEC@Q4qu#F
zf@zZ_@kuzzlo~{!@Gk~tV&hTr;YdoIcC@&rI2|2nI%f>X&O~Q8%bc}4{8^tAuL7eE
zOi_}gW1<!M@A8#BRqn&gtR|U+4|GvGwU<2{(kPK{JZAdUZY-mY;<5(Ck{%2Agf9|P
zSL(A5>-L>ZaNb~vVQmwLC%C3F;y!Y)H}bg4Q=GtxO!F5wjSMz^Z)7py=HH@^pG82J
z>P*8QKFZ1q?}IS;pNrOWyt{fcFQH?q*v8~5Ih(Ums6fu*)<e@l417nQiW2IR!!+#t
zXnr0cSFPGLiH8Itda@MR6O{~RAZ})Pbqt(upiFLskHjD)$A6y>)&g~n_;LBzpmaG7
z8`I|2(3U53yU7-!DH6~wWZRGq$P~W=MD=C#14F`Y;|k8^h!?F32qR0Iy0c8}7bQ7G
zF*jnHSV{xwE*HXiAc_c8r77GxBnli^)e*Z9d_cz!;TA4#&Sj{%#QMY)s04j#)T+wM
zHXS<cESY9#?*kggi{yauzm&n{I~C@rU|%6o@~gxXHC2W6JN1W;(bQh}rneNz(8A3!
zN7S^_{A7V!Nh>Kx<a)xW+sg(F=dEtq5l*I)5Ig}kIC`?cq14S<5jU=eXh|C<Ck2_p
zn^nw82CbD?6|!yCaP?JH3qP7KWJ$I%EH)P^HVK&8_sxM3gTA--VxRaP@E0No0*_4J
z0>0opz36{)B49VU#@wK_sIRp9jtQws6eeX9(Ml3U$ycX(WFb=E(r>~}L?Ic~jzf(Y
z8}1BKITHAd{JWum{LVPnYA$&(G2`k(zPGl?{%gk$TR0a;9L5(TQ47>OJ8S88l9_<@
zA8IoJ{E%Pppqz7c0eDc(gfjt%$NV3|LZVm!?oXVsi$Q1y(yzc5EVeGQhxa)ex+*u-
z#$Bfa<J%^O$+k?bfR(`9;e_FmlI{)8BjVvP<8<zurrXsiiIdP+JXVWmQZa%CCZ5BM
zuNrork600K>l9=A?sj<E$6&OpJGtHLJ~-OS{D=uZvrvB2p0;LK$eya_nUt{J@&-0U
zI2MI5VQ9^8Sz?PnK$)`Pi@6BaGA}`!78Yk7r7Mmp4<)m#6sB(=&4(Jdr{>RZ{wS*%
z!(XWzZ&D^@12WQ1_(>zd)ZxeM#Gx7d{adH82#U&d!Kh#E*e~8tImJ}VZVyeKcmpAU
zrVJ-e^8$(}pxbhjt{pxz*U3Xh9XUJ<ntsNjdYXynqs@$I#z?L?JmZ}TxQumTeFLnG
z^vtj9DLtM!CMP_^kk&)+>EDJMx{zLLKMqCE3I>`{{T&Hzh<%#sY7v)80oE@LfDB)-
z-eSlM-yqxClfGiejBZHZGgh8K7JkTb5a(PZ03NwLe=aD;zYpP8_8Yr%E&}or6wxpr
zFu}&GWSHp+OZCm4+Z;Cg(iysV`(y+U^DI;LH|ZWUekFpD_8xZJ&qeV}t?5^W7Ywug
z<#n1F>wfo9oA=*=C84+Ggc!J&GxyUB>v;iO%m!}e$?nodj9kkw_ot%6k4fq1VnDd7
zPj^Ac3^yCz?I`RnosD8fHp+~Poe0%7c@_z}4kPR&+(ly6!Zpq{a3qutG>&wo<j2U;
z^dEI?2wgj~WGs~C3(?gsm~V$Z7&Y8AYIogN9hg+j$h95p!jWii)A3<VG{YKNZVyEd
zwNs??3y5;Hjg`E@QISp0ZsCD>lLB_cCyTyJD9Du=kL|IZ{fP|U>fntac=5{upQ?Sg
z2zMj7aSwGP7(}B;#;yz___6jP1$z`xgm@@RV4dHU6v!2ZGnx`&U^a?ObSi6LY-EKh
zaPN!vC>@DcZL1BAR7hu|E3DQ6(Awx&oVj%g4C4%a)Xkm3Gb@7A9hq?Ot48|RK57(d
z7Qc$=ujS0$Sc@2*=h^jkG|?$$g`RnGf3HLc*$|4F`;L4dOH17NGXv_PyJl}g<QSAW
zCDIu$Z{tPbSM)l$U^7tcxOdHEd$(xst5thdTiX<==-G%vUfa~?+}IBe{!cvG4F)tt
zs+Yy4wO<O)Mw&UWq7@YR$S3cO{b>}b*0U%T=wvEFKaLEN9WZQDv^6J(v743i#n_DB
zkKGgKz>U0}`|wvvx6l#FUD)Rg58|HJ3a*2;O1=!2HFI&u2NCpWS#`CO4D!m*RWz>r
zcK*R<O>qWQEKzBF;^k6Y!a;ZVWKbS{7n4}2(ojw`c9JZBH4e|biFtGuk3*KPMSxj`
z*aiI!*r?#D(VphHsy}(G+Sckj0&R-SQ_kIZQEeDgEJG1r>VLEI`Fd5bY8Tv4DT28?
zrcV`Abq-mZ1n*x3*Ub3mS`F~eryGd%!8=d)cP$QHgAN;qc5ei&Cv2+pU@a$`p!SV%
zixI=G4Y3`nO~Zy?1y`CwxK?1By4LGE2CVmF_=cPjemU3}+8GeEWPrwsh4qL-U=3U+
zb>O||r25pyDeuI$r}L`2;HyV`tw;>K`Ids#dijh8CJmH`Dw1F(|E;eyN9%kF=R6B}
z%H7D>RK9{|5V>@(Vx1sWbcU=yt0OX+`oU;Mdq;^_cDUa>(#55=xXEP1CaTw<yQ3t}
z05TWUt0R9nQS@}YrCg?XIRb9LiY3^He}c-xR#GXF`%$5*q_n~v*(Y{>FMnW-%wX2n
zZy2hH+2U36qb~0Au2<3k>_|g^2M$&qVL+e-Kg46warCAilLRv(9xLw$!%U16qi6x+
zt^l2?u4x3iM#6-}=y+wQ{v~68kX&~$;`i~%J)>@8TW#@yKAl7ADMqa~LolNQ<ywmo
zXFraVY3=FE)fQ9IUwP<_X`8s3^D66hi4WFNc4yrUUD`4q^g2k3Vb?+)%+=29N$k=-
zE2=W04o_t?!vUxL<hz<lQ1U1rv+*9Eyb&z?0`v*W6;PJkSRPUgm>#V2N%%?69t0XW
zK&%{s#?8@gVl^a%3i||~r;gqM1@cz7P9t+W`e;<;`;q{zp;+FxtnIi~pqMwu@_FF~
zF+age@l|#{?`zC&Fk!FtCD$-x&&xMa1aI~+rC}Rl`)FbJZ5Zp31cG6-<zx4W%evH&
zhxQcA37$c{OPWVyT(`QLMEy`F{Ry&VpPr6e^tuYZ5tWN$?ZMYkp~x`-XV!8I3-b>H
z6e{RkChDi!47FpCvq`S?=%`?^sTaquSMhRC$?D+x;T`~L20ni>h-6H4L;dgvfVv?L
zAbA<WpX_n1VQ|;-;I(0$vsgWKrS^!+Ap2F{C(TOWo06XCn)qTmhFQ<a!MOTe{sv6}
zjXbFceY5;8+_*khz7?yuG%EuJyLp@^{Bg|&B2&8A>&Pb8)D=GHZtJE=ey83z=n>_$
zF~Ph1E~{kC?XO>@0%69b*Q8vP_#OC*k1xT$ta16~N^S!#+=nb8A{5(h&5)A5K+^m6
zKY((L&u9tTgINp@U@8gQgOwz6$qUaY3EP`5<i>AbOA3$)l#;d%$RjBu!`%Y}T)-gZ
z@j%K+f=L2Sq4r3EPoe%^x`ULH@Vf+~2mGV#4JwTWB!T6{6DlLaeW^|AQ@#B1&wRxN
z|1);}9pRcCF?v-uxAx>EY9Vv~+}j990;BSm43w8Zq=bG1QAR$mB3&Lu$EE(x&N`Bu
z8%h41JrIbFeV>AYOX>smq#89CmL5oA&b0thU<ngVXj2X^x`2wCwNk#SZ!Ob@RJZ}w
zQJNk|qJCx>B(H>M2_q;YfWR*!P-+YWDA)T-qRWqdq150f`|02>iJm>27e9o~PX=3R
z%mDXach?S50;J%m8EOZ6kwK-baeI;PxW6VZqyKrp%k+Ox6w45$6i_VSdBysm2o=TK
zBLohj!D9>qu*BJptR+8FOo@h)77V<;Zm7anI}v<sK_Jt-UCS=<f-tsl2^~G8I$3HQ
zHJl#lR4yW{&d$mcNmtHEt5|L7n%X<;Nz30%lNrTLN#hi%S*cLyYf2+5j#3>0t}S}m
zv9X|=hK7q}i9MQ!+o~EQAYM*QJa$H3m2qJFS`tkX4orzq=Sr<7%fjkfT>P1t-%`U)
zVwXYN%#Mc~_5#MH=^)bLEJC<|+>o4DnU;Cr2}<4~#v(F(9&wzok+%NPAfwJ9FJiN+
zGYjp>qO9nUs345js^(kcW@go8sr)6wLCs03tB_}nu!wPoirAB`PiF$DV5M%sJ%LQZ
z7O}^MOlt_gkp8<>rIt&t31_W^AzoR*s!V1>;~4~=@zLHT&|&z9P_ajdc@X^6!84?T
zqa`y1pT|y`88Z9;@#sMIa_r`%hI~Yz?ZOpT3~MJIE*-aLjbRzsy2Fc$HymqqGo|J_
zKzH2C%ffr0Te3ZcVGX+B52C7?>x-R@&UfF&0GYjHa-?E0d~(ORYp89viS^T^#-@D=
zqMPed{*GfDBKEOu=F5f=C?-{jMx_w-{+Pem`K4vUAV+gES~Wk9l~%&3N-L_{u$G*@
zVK$W)`~xemkx-B&c=^J%v%jSYK)FHyumBTai6%u*s+z00QDCV8v+nn^xdG*C_U9*E
zPEVWr^V`D1^UnqY<|;x%J|<~SxjPTBVMghB5&mc-74e<_YBonUbQFH|?vo1K{3fd+
z4W?jMAv|{WO<=CskRhd>qGBBwXbdJrTml(azCpallnLJSQkU)QL^InN3`1=%o9NJJ
z+Yt!)C}(!)dNJOhTwV){?r!t4c6KI}Xsnzw3V`V^o$;4y+7JA&(tm<ScHZ<wpn;YR
zUtU%b9e(--SQco*6C@iOKTW>rAf+PHX}e_i8;Jk*QUQY1J%0ny+0Q)C5J^~8OaE>>
zVRH~IP{*0&`|(UL4DRI)VN86Fq<|V)*l+Eo!dP<1&&p{vc`hvw4AF++hUe*A<<&_y
zXyO53=58CMfKU~!db*QdtsqLnR>354Y=Wg83z1fvgpR;mRl5<}o9+@fDhzi78c;2B
zTz{^{{(Vw&BAkBhos11*?ueUNN2USJ!_{#XDvjdcJB8f7M8Ae044E9Wmac-Mm*e;l
zyvfgSUJeutWNwDI@Pw_5PcYy6mxqQWvtw=<9n$hdV_nngxoOnDFAYilJ$xKe&&+&P
zS9r3t7TJwJyfgyA9J=54&3W-;Onic+T?ZM%nPdcpp{g@xiOoD{b2F*?(%5`Z+$__K
zlyH)ZyM&%Phn|w-npUMRWMIhVxEijmxC31!{gq6$(_Gp`oXOY)Rm_h>9nr!1M>zb%
zx7Nf#@-{&*QVejrkzTAU6+;@qN7nqA@MQs_Q>>|wu!|Ar0<fvp<d#6@RsDCHEl#`A
z$k+H9@Z{U%pZ-yNgxY7?M3a;#fsRw9%?krgXYw(|)g$$zAX!nT7@~w8!yu$|;+p`#
zC>Kl-De*a}kNlKI9C#+vzRGr{E?^2e(+S7*C^IjjlYyrC8Q#DZni%y3uoNS5rPThg
zq*L0JxUlehjQe=67KF_i_orcSp$cZt++wF}$q?gwsAfQxGLF71GBH_}Ng?rz;<dKj
znPUDDt#&OP39&fhdI93H0zjBP84s*0<;2h3)fb_XJ2Faa!kPUw+GrzSiQj0&m3{oH
z(UPw!-bAsR3Gn~lua!X^c;!3i(}2ceMfdX{o0rytPD(@5y7h3h!%bYdby&{rxZHlS
zn=b})=gjF{5Rb!h7gCj%Jo-?WOv<hbhDw9dEur5~z}qMyEDiIN_Huh}N9CMiScHsi
z!zad{X+EpaUsTM&RBYGw5tYl_eW5CMs#LMER<~U-WOF-4vlWKdcqK-%dlC6Tmr5cy
zLqse1a-3PPC)p!7f8P>JktBd*g0#^pFA38L`p3w|ORPv_Gtw-VhAjE2r{I&i1aW)R
z?8ZyKGV2g6dd<Pp`-FT$Tknb=;)H$ga@cYaO~XE|?sqV2^yNx~{>h9m;Fp+<xM5N6
zsnaeZSt{oIK)0sLYFRvLq~4t#=<VyLFYIr9J3a7j206h+#URsU=<J1_)79XU`K+>L
zB-*TH;}Im<sKE<SP*pXDuWWRW9C?g8A|tskopO&lXAb2&NFgIL>+{?Fz6wm(y1P^I
zuU%m-x0VvO?->|T8C6(q=)}6l942&7TBQeAo}GL-E~Q2-j^p4wt_LYw37*(bJ9M;Q
zek~s#lRq)dN{u=nb-EadbTvM^iltv1pIgM+d>s~YX!MG1FUFf9NLtR7qTFOrD#cyc
z_^U2}T{_4is=_nRoYFHA#Hzx%g#uXm)<Jen1idXVqMxA5FMTaA-6{nBc4*7gwJQvO
zElU6yL6Kcjn0n5sQc49-aS%<c8a?cvp4mzohPJIrOZh%85M}#Vc!E%C02;2cJ%K;W
zS8Md;b4-62eE!kl(m<te5{fX6E<!&EBA+-FiTp&1%7~1xEX5eu-oD9KL~B&w)NfJ{
z7-{)7R(~!VY6ms-ts+**3+eu1=hubUHvt3en?we}lXpk-tUY#hoEsLTn0h2@m%nU!
zpw_I}L8tnMg2i!b#aX4J=thSHPsMII>y}gQwr5i}=NkHmp@!<L6y6o*!AWw|y$6s>
z)iaVEb4VSuaf-TEPe9M;6}HhtF^(~n3PPKblSzbtTljn#w>&QUU{x^>zhE;9j<mU}
z7q25$SrK?e&i4pFF<E6#i)L>|)pi=c$J}9{T!=poZy&O1W7v;F_Ex7LUdDQ<8JK(e
z|2&&3;B#kP9ASMp?=*;OB1_Vcl6+`X0RB{u2wrwo0R@{olw1v@Cyv~50^Jfl5pvFh
zYr*YZzMi>;9k=ED72&?L;B(f^8$8*Dk1uLxwQr|$V=<{?osbKX*i{wene$)@>Y=I~
z*GVtZ0jm07L4h{?a9mk#1!Jpnwbi8GmK0edviHuy^GljC!#RHbH&3lFrU&ECR&!i!
zrTZuaTItd93&D7|GJgF1gXmkEVW@2R2TuOF?hHLn^~WFNodi!0cj^x;;tcTFJ@O{Z
z>#sOYHQch0@C&>Ho}W>37^PO1#U?NB%?_KZF$eBf1BRQUst~R>Gs{D&@DU8~6#;Tl
zYU^cby(8mH)T1KN7(AhQ9q*qZWCF^37C*t8=8qClvGg*&)(#ifmNb8&US5E_Mxq9$
zR=1diSm5DeW<o-SF_uBewzwUSWY2ph6Yp~CSlE6W^+<;y_Da=sqn3NstFTtRtsXHK
zl=+mt^BO{`&c47xF+n3zx-VC0Dn;}bQF4O}a0uD-zPrE4A^603Ik}lWt|d3al8G*l
zxwmS2k$6%a&__K=%T&xiRH8-yE|p~V-7xz&)HSWE$BDwip$`?Qq8oJMBKZ_wh$-I|
z+Q8gkQ*`xu;wNv}oL$0Z-{yVHaXcc!apy4%^-<Lf)xNGMI8lB}&`k|Pydv#S#&K7j
ztp2Xgx=OhsoR?_xDq-9EKFiPU>A_15!2!{yIx91p6!tl#5Jz3cHO0*h>)S;1j(yEp
z-r>>uq6bUQxy1RFf@)M%O-4N=6OrVmj;6AeAjhGGS$Og)O)Ybzo0LPb_ZB}ttJj#u
z!-3RXS3noHq{IDVaOr;Gg*R6ja4expPFcx&#<xH&$R38`q%4Kiyb#j)-~z?;!jvGJ
z=l<B@Y$c*aEt@2=yTZi2C<v~Z?W^maGFSPUaNdQ`X`k(bD`f{%6Z;@FQ89J%$$&9u
z0lQy05`*2^8RN6mk)CbBz4s;GiYnE0REB^I!AEh9$fzRYyiS48uyfSic@=P>$x+iK
zwVTN52*7gT4yGgje%7b8?8)}MGk21sJkz;}!(XG_#}KmR_gZ$$vZ97|WkuE|*67+|
z_hLiwQoy3;8R5Yc3{EPl5_OiO#EN0TKr0YknyH}sgrCENd3a^HJuUq-v#nW2JT`a+
z4e2;`;)qniS;P~zu_O@VhsC~0=C%z+CU-h-#Qv3Q{~M+HyYa!#2E0Xhyvb$@M9nQv
z0<#42@5@cmj6*Z`uh{TwmD_eTJ1gi)_=~#N&Jmiznx|%@B2tE!Hs$bXt||Sdev86S
z3S2GGK5dnP2rNzxIGi@7TdMs_RPFi8b7oZ=I+M89g{b{5S9SC1UyB{GZEWv9zOu=_
zNrR2D%Z9siiPWeGLs=HLXkgFv|D>Q4Zx-!TjxRP2OZe7F|Mt{;8k1_IxySI;Rs$Uz
z<I#P3k@W#n!Z&iU^PCGSyt%T%_os6H-<Mhy(MRQ&25#d7C!M(4^$R5h<Ue@`dcN?%
zM^r|AOKrYMyEr>$RcBfX$!4JgR;{JypSSR`a3m60yJ~NV-nUxTst0rQAxsVBH)iqU
z)sRYuH?_H4x=PD*HH?O2A<F6TR?zS_6xrZF{Zg@ckOm^C%ad?tc90Swzwca!-m&#`
za{4{LnIpDsKJ4oRq%G!4YM3P{@8jVfzc=RxHmtK7&>sF$G45eKR~ViMxjiM^a#%}C
zm^U${ppsN+@|gE>L_Cm&6<yP!&dN9IoG*AEAeevxlNcY2pwqrc;!}nRJn#r|Z<6FU
z4*Y3(US%QVIEm`(7IK^@4J_bm{J1yITotsJi9g_Ub;eQ=-iG6`G)l`qdRZg2p;;$X
z#7QL9oSH~C;Svp`t`%pp;mz3FbocIr6*)yuj;x^Y)U46MGljovr=Ygm4^N^>K&9fg
z$XY--<4q^!o@S8xzMK^;(KRXSODFk@Tua*i9n}PdJ5DOzL@1kC?!X@anNcI@UqE&~
z!&fuiI>atg(<-=+Cm~5wZh2|+i}_sV!VKZ~x#EoN)8YALccCc-2QL57J{-}OzB2)$
zEjR}Uju>wjnP^?#T@TJFoY0nD`T~#wbp#Pq+R`SB%Z8a9iJlU+3lW6L$3rWyOc^HB
zX`h|6s8Dva2{Do(ic8|^3%)kqum<OB?meZ-w{06_xhQ4tVr4V<Y}>k_^vT~ZX#7F1
zXhwK}sYviXcWN2%y)*zgr$?L3<LBaYGdXm}=0!nih}=jV;)poV!ZTpe>PZx~xM9*<
ztz_}S_U*w0&-JmwilV1lYxJJ@0UUz_e597I4E`03#P*yE1_ePgXLp4}ksC8;VLDm=
zCO1-9Fw6ahuqt@EA^GV7Sb)D)2hRX`h0}KzHsEG5w^knJw`I#4i{4<T)PmWpv}Ijh
zJh$~FeMSrwvb=L)EA9b@F{axpHZA|TRg$5%N|>6i9KpkY@OF`=@X>1rMef4xNE!U=
z1ua__Z``?WgV*l!jKDycb&!W!F-&&0%I0{iPZr9LrY?pB$eq?#ITUkFQM)s}^nKmu
zxxPNVZm$o5Phb1%yR}%J%}%@4&Id}j*wnWriaiS8IT2WiN8gFUkwm{#@kE6<Wu+vC
zj$;`u?U^4scULQ1|C(oa4bA7bL5BMfp>uoEjSLq}t$I=pR=)K6EvfShSuK#HV^#Sg
zD5g~+q_#!rXfA^;v5H|5Q8ygowAoH#*HDU?8kN14j_%P@*jXp4Qq9f6<G0%{Rp%3%
z1NKI(v)t}ze3*9S)%4y@X80<4A@&t&I3h$H{tebTMzQ1t94w1&nktG($1@*}>8K_n
z3~q8qq(_E6+V2UdQt?(w`ow4$?gG(g2*JeFIW47J!nS))E1abf0&C=&&DHE&5>HbZ
zr)ba}<{=?LWvXnIPu&cN)}rBXD&drqL)a14Mer~lbexKkYRb2{Hero7ADr8Wgj$aa
zh=OUvAIbh3Zp4@OPvka<%aI7W<^A814%FM6FxcPsb^3}Jd^Xb7V&P+2_HKM;Bu`(a
z`MPtMCA306Iav7Kt_o^mHq}0V?*V~3J91lHZ?6vrcR44(*Bte<t!2M1zPE7hPY%RU
zAaH45X<&6`Co-`N8Uuyv!Av}y(YU@Gdi9{Qv&>j%0N2XG6+w$f6jcSxhdX}cTl@LA
z;gzc^tve@jmjz+x9@9KHCZs*Sx8oFODeMgF(|Ya-UvoG|WH#pZvDz0yf1~JwO?LgF
zQ>thf-9#)^P+<H{*qv!@tzl|?^a-;Cr0UCIcIlF6Cv27(R{jK|bWkfyCX}IzbAs+9
zqDB-rsEoz9ZDyDxDH?i2{SfMV>8Gtp3ap?~$StE%Bj%`X*#j$%>4;=tZ6bGGt7I#^
z-)OD!!ZrK@%oZF84VZ+uq%`j}0=5}b3R6PJ@60M{+sN73kebosw6dO+J|DdutuA<-
znS8V%me~eY*(OJNS8J}5Pq)am#W<)M#Rjrx96f8b-75;wFHwz<+eWs98|Tmj->pbC
z+(0k9?7VfL7)wanM9rxrl36~$EI9?H%d#1jbXzTngs=6ZqG6<WxzA)D8dX9Zu2v9L
zVPnj`s`)en>_gDK4Kw>}!d}nP{iZ{G5j4p!dUUM~M&c~&u+L=Bx^yyrLVt%CzpiFp
zNVjGV8VgZcz>r9G&Rb$2p^E270$Jfgc}~@}s1{zUSJNi6t&z4qn8vnI%qfjD@-h>?
zrY12=U60&Eyr0l+p3*_rUhURp$7Q*@^brD@q?x2}7mVgA6?SMIZn85jNx|N&qIQ{v
zY-DECs|+8bX&^a7(jL~dwl`{S(R<l`U&`!gS95YUr39qC?u&BO^otF9+OCB`-eB`O
zNtx7mdL2zZcm+u~iM(EAr4SZ4#aAX!pO<ESe+-GWyaX!0B9AsHlh#z<M6IGF5(yah
zr7_danEqUxSI3bQO@$yruG&`Au@ItaeH`sGd5GAAfSzKECr&>iT?kQWb~V|)KE9|}
z>?M-~tJB)<9~&k!wGahMH%jNYt1`l*Bz7FL|9oGCuwEZkk6ZmJgG@W&Lop;H8}h2;
zWEfcrwM{va&aYE%iX~@DN|~0QR>3%8C*OZZ%=EfseRUJQY;v~5CwuC{2-Hjd-edP+
z?91>iMM#C<HkwqyMKrsIL}HSnGA$fMOEEIzZriEqmwOz~5(7lIx8+s^?KduF@`4Fm
z5jPQ%kuy;ZmxJmRY*$dOs4AB^md0YQjBhdp+uC^pK?y+xG>~$!umov}y~!*pOOvP2
zvCMSRJIwL8g@@TrS1QvsGq@6omFXaEF$b6u(TTkeEQ)tpPDPrD$qo<(eBADS_K{(d
z(K9q=kYmzEs5)z&QV+w6ox+j9p5h)ldZb!7ydlzUsJ0qyU7<nQJq2SXgJ1>+PR^FD
z@dp-AQi(t`4h`hYvLg5prm1hA#DSqxHlyonL;+#jA!WeL>#*Xoyz<&ZSHGvF_DkF)
zyP6uhPuY10EnsRnHK@@dGQ$z^)^|S*N38jkJSm!#F<r`L#ViXg<r`Ugj#PM5ZV`+W
zrF(+T`NZjKYOSRwO)`b!xQ}%bKiO`aSjC|hu#&^WTACM>`homrnKPW5$d%-LZBFD4
zHT`wX(4oWo?6TWSaEf!Fv-^{GY4c+_o{x{6j^$)2Pi-%MY?ZOG(m)zs?B<t%x|ZLx
z1a8L;c_tBf84V|*15_EcLUN)0R7^XA*v3y{Hr6;H+ie-b^7tzaM45LP!6~_ozb*<z
zZ7#ltw-Fo0w65$o-#%?VEA|PkHi#5*4SnYlDdBur*GCCUdX5bH_MlPv|D)oan=5gn
zcFox6*y`A}ZQHh!j;)UE9ox3mNp@_z<Lub%Or77Ecj}#gR^6-WTKDq>u6nF~j&Nku
z(HzjnHoK*3BH^@1u3!7s(!O3yF&FsrwpnOpv54cGHp~Wfy&qI{nPE0pd(En_$qtKd
z7lFh%8rtN2`OdEtfb$A$b)3I$=+7PdPQM5zHK?q@F6I5yWnD*8b7a2iXa#sA*OZwV
zVd~fhd;@llJbh2cHKGDl@%r}oGDEZ)oMnnG2z1$Vx3|rb@zn|G`AYDfc1pya^ZQ7t
z?$YkGT5$Yk?X1h%Fo=-B5hw;+(e8Q6v+v&0rdP#S(QZpC14tZEw;JmI5NmurL_TeZ
z>{RkXGX`)`c%5RHUnf+>Duo1?Toc^dH}(~dBZ$^xqBh_Lx!4-x-d4^6bM2iluhkq4
zN@*BnHElun#azigTPx?Xa|@(X7P`FbxXJf_c$BAx@yUJ{q=yoMl2f<iE_fIsv{0j2
zJ|I-1pJduPNe`>@Q;;h_JVqhMDOqk<M?{*7Kl_i)heX*00VT{(N^o>hh5iN?Sp-_N
z1C};Y*l81Xx*Uot?|2Q&=^loecjC9@?)00KwbZ@5cTU6!<YSJ1Vs(|bAd7b4HS04k
z@_wu4UeSt0QnF)KP>k5;JabeaSw9*}089LyOF+jQK?K?g85S<l@rddB7Cs$W7(BZK
zVB`EeyF+&<30^L}VTS>bgLfziFDhn3cS5&3JiFsygg2c23jKI4y&d3$H~ZeO<9^5_
z%<iz`ACR8Cek4`BYngf>s8e+V97f^*9%=3ZFSi!PZmqDGA#e^H^O`t|(^)6Nv%apK
z!|0KN{;7-5Fag@muYoc54L4oAC95dba2A1r2DhNVNtI`Uvw~jKJ&RIfHkmH?XW90z
zcrv%O)5Pst&UelT6Jv|1xwBFHzmb>kxL@oSFQQKGIO5Bttl#FH&aCs$=wwgBwUean
zmwyA-<VBBCtV^tG-TRHyq#oGTwlptFB(yz#sIKyrno1o48eL~?C^#s~=dsK2WOs<t
zD2=l7IW1FunDG^9oCKqur`jr-8b-X_t;=not4pc++;@3t1zb#vVIBxP-Z(QAw0qN7
zVIh_|jIy&st_zh$+`W4CcoLDb0MH`zC)-nB(b0ZeXOC5}uA1E}_NcjsYSO~#nY7`Q
z6BpZg8WQP6gYd5q+1=Yit;!00Q1uER*0g2?;KaBQ5Ox`W2B}<OQGg_A?RuCGDQO{n
zxru+YgVIJ8o#*T3R*(84>-kKwZVzM7FesE{ZGh%NJKfoG_&McAsg7^%sn<)2aW%9e
zPMmRW>gX}C4KqN6bRd~k&Pdx<err9g-Fr2tu%0_TsLi&bKa$u;nY^6|%I$BX&^YlI
zZ<H)7l;1V=Jce(ExWnPuzETns7V)|*tcKWfe^Q}R<8%Vt$sbs^Y2S~h?43}akj<$8
zC}&U9?LW|tp0!8qevMR%LuhEF8`{AqyVYzkGpaTsR6lVs@T1`2hcCIoFa%b}5Y&^5
znP#bRjuT^1T1k~p@HZVq*e@buRSxHO{9U~62O^-g%);onO#TviI*1&XEd5s4bIuhc
z$1^fc4sZFDHszdlSM^fd+Q28@lJlqY&mmj+Jy<u?;$-~UpH%oj9Xj!z>Y~Azd_Px+
z;=Y_7E_QZL*8by;s5vatv!rG_!34c(+e2~Oy;3K65I0GIR#c!NY_O}YOc%*OjJPNF
zc#Jq3b4$JZD4)TwAbnzvn`t7l;M4UugCtXpzxlniYv6hWJVKx6N+sX&#lwPuFp>61
zz;%uvdk4gDQrqz{&bTTWaIeu9<A>cR)JhI&1zf8W+^6AwxWP3=M0H8XV)aK5dE7<(
zESzj#Zc|s4={5cI6oY<AbK}*04nG%{$F=}lAn64NW$bQ6+_0n@GgKd*HD=*S+i@k1
zyE=wKfo!|Wh3s5RIr`*Gh*^Oiu|zRyNZ|BmQHw)-22YLsv)M29Rek-iuTM-vw6&Ps
znA^CPh$}c}VX0j#iUse~I1?@GK)$wKy$3aoUrP2~=1Vn+R^uU*Ptx2bOQC9ZckkWR
zd0hFo3&mx0Uex+ei8WO7HtqG9^R3DFl6Dt_YrVm)T&5Nw@pcDUr8}w51YCooYU*$6
z6|fJ*?hB5Rj@;CJ!z)yL7KE;;xf*QMt3sKr1{nxtpBY4o<i&U;G>R^V-Cj-Irtvy;
zqqASHTsCbFOxYAA2qN+;Zx^vWHGCY@y&8Tk$qp||RL7!+Bzq*i+rWLlOO<E3(*Ymx
z3Hp^Wf#k5OM1q#Kb2uxv&-}jb_v6vGz5D@OTY-dB%N{Ng@%3BG5&8^o$sbabCEpB&
zzs?)Sc+scf>z&V5dKDlCD~mr)kTV4bDOokcIye}FYSq_i4fF$c&)lf;?lwTD+Eg>m
zKThn*XV_SRxQ(-tS&5JI&=ePV^|vxFRg2LrHR#O3n;!_Z!0V+e)E@>8Ot6&Hi!`U-
z|LU|Pq@Oj((d1dyMVm-uZ^w%EGW%Ru4Z@KhvbUw^(}iH^&O;qbFu>6@%4N`u+o!pZ
zO`1t)E|HHQC@*ju6!!9+zT4P(999c=t`puqCu&Tl08_^+zMtPR$$fA8F!!DR9{XZ#
zIWE`uw1H|+7vWl5h{_<l2VrpzoPjYktvfF7lMb%qzdO1SiV%%mCaxr?8|-sNo(^aM
zonNecl0l+3^Tu&#4=bIk=)^XtZ7&YuGf{7Ess(Oe*xj8R#8`G%W)i!!KU>`nPaK)c
z7M~)YdxN<m|CwFu4k{%Hy1)z4TtV1Bz3Vfr(0lQ8dqn0q9|KaoSv+U+wXjR=xcVh%
zx!)kT{2XKjLuS65nSwBzTHJ6R4s`ceR{NBaTT>S55Wu08E3|s;hZlb{o)37lpvVMe
zwi|qq&Lk{RQ`~vd0J@6bhRdI4Ry9Lotg|7MmB>2(!oQ?tdlf%TgDOBUuY^wQ*TYVN
z9V&amJp!vh1?a1qihnwC6`-%DC3$79&BBGqR_P01q$ydz3&ImYK6%|v7Q!31g&@t~
zFfeC1mhjV5-XY=R3nFws?V2^Sce1nkE}@c2KL$X`Yn;4nXNyHOycnupXV}U<1KX5f
zT_|48YXSJ*<L#A0^#4s@BL62OLRtV&!7TuL@nS%ZNCkJ;BwLj1laV=*@;BT?*c=h?
z?2|39?2{zhe&{4yAqZ6Ez7T~6p<o5~|LFg3JmgzTmFlf*QZw|t@6*o3s-ZoW`_^Ii
zX9%m{rA+(2ET@IH@EY=fdzkqxD_k@w=zSSpr(~vBWF_<z_bfD3ocN?p?fe;6AQn;F
zbj2dT7rvOzf4Ja`eO<T0w_&xO_4*S>PH<k`MIg>YpK-XLCm3vP|Jxm)F%^(+DR9?;
zcj4A~(etbi2o_+*%D1%OV8Z?Zb2j}i=h<L`L45cT<v5OXI86s++jn%Hp1(1>l%FKg
z=`1|mFmToE;AYHkx&pWdL*=uiT4}M~((oLnRBl_fz&C_`Qmn$6zQDi%{2?eIG|{}V
z3D?fD^5qPR+U_mh@1P5fFKa9m5fLG+PN<t3A}N5yldyEiAZL?wcjxnuhuMG%%yjj@
z>pX?LJj4a@40AF4&!0=*Z{shiB@L*kL40|iZ>Pe<|4x@bZwC_lg?x>_4ilxNBO`?a
zUhZ$!GUtNIrEh}FECbEIpZ?ua-+!KpP)JJ~f19S&@~<};s(uXDYSHIb&ABA(;Ss@{
z_F7C*<>N<R^5Uhpa*=HqOYRoWhaH<uH!70=g*@K)^!Zn8w|cIZV{!=my8gkWN1bZe
zA{r2^GK#V}9jUEMJh)g-m8zRteh93_PXj&+T;)sH8VuEy065v_sW!8~QaNz8)iERF
zcvMg9zC@Xnw9x7&^;t|G?lbwT>&%*Kc_oqzrpW1k$alk3ZwXzYdbBU{Mpji51<cv5
zZ&`-q(anKaB|uz3o5RDfPI~1ikN3}(Qu<u9a=k33_`V$}&ozV_gsB`Wj|mC=q$gbE
z>MGWOpEt{SNCf0COwfi4aSTBB?EUG>a+laIf3PrJtReO)O~nAQu`ah`EOB@%n-JO-
zFR@sJrq+7y03AezM+6P0R@L6I-7MGqE`v9Ro%!Qy6_$U9<Q)TN%(5JFx5M6ZQcbf_
z6A_!2aChHLFGACf+gf{P+C!Cj+G_G@o{Oj1tIp2+)pZnrKkZ{Fc^%y6OTj&)(RT0-
zI6W!ZIUhTFL%d+v^4AbLa&p@lmkQ>x+byr|E-wH6DS<W!^wP5QrKj}8V*R>R>x`Fb
z#<ZA$59<4l)lnrRTx7!hl=RiWsfU^Y<L{^Uo6`m(<9;${iy4(8A4VNE>v(!>CA*NO
zkO;CBq&Uoapde0Hul7(Qk{o&;8H38tjD-|2uWX=Wf2!M&Fx(=~+}yof29F6S%n90D
z&0+0HrwP8W@g??pDgz7aM+Rz+&CVAGqrFw~72F4dF41m+G~D}wzXABPPku{pi%@dK
z%fzFf?S%7Yv%TBX^ZWgGoDVyz!khQ1weN7|$+RlyeHJr<NbC7vh5Fh`b}rF-EsBXl
zN<OUCa@OjIjuv}0V6jH09E<$jRn`6M@#>r)83?`X<{{S`aL`s5fuF=CTAhbz>P(wT
z_3*Uwrl$`#v2~D7%8Sv=1t<w5NE^^*Be!vrSe><M^RQ?+XL6Pl()JW>xYQ@dp_tPG
zG+*Gn)u9#d8L$H6(P+8oZTp5LGC4In7{-mWMAF?iLxbi}?x;LJYlE<ti50fM8yec%
zA-vRL+#Xq+qBD4wKI>?>Zc1whTq0s7avvD&O7)f8RZ?l@^DlOS#j%Wp8a`fXGSnf)
zudMY4*IjGyUF-X6EiigRJTYsTnT>6Q7Vv3sC5r30R8o4w1To!9ONu{@3X<yB7k<-E
z*msk)s<25?a|(Sqs!y*6z0bMpHl!d6n+0Qf+A8%HdLuUe8Kqg|<e8s}v1G9R8G8|&
zKsh|Q@9pWc-O1dzLO}aCq+nGmPjK6@^a4#KArUu<AvRBzWB~SJQlb;Ffu%X(($Vj9
zQaeu%j2(V1v{?8=?=P2^vbo}E%?O8I(XcA<R&<-#+_b6&eoSeLrpy7Oi4SRSv0LkF
zDXo~CwtNxgg%H*tA|rqZ&~xE%vKpy%pGG-cWPdC=#_&y@@_PQXU{Q2kUE#U5n~ewN
zJkD<T6575QHQA*#`hNq57q!nh61~b$*+765jtY<0(!yX5K~-r7uVqZ4A1y^!D2s8i
z8{n$=tRv=T&zU%7F##iz4`}XC<6WZl%=@Y-8(5)vWtO@wf4I+10$?&Pnn&nU!9B2#
z5JyYFu#=atu(}LxkksghYr}+iKybyFtNb)z%BN6t>qN2pw2tB|7u1h5ms*hUYV*AG
z3NVO`7H+#<Zp|XT)xiv7SmJ%D&?BuP{IrUHQvn$MuG6`#+3R^2xC;e~xd7l!4?A^$
zuGc9P_elkN1qF4wnJ(4Zu_k3(74HQKOJX}X2g4pgHXTfJi+q%p5fe+DYUO75{&#xi
zQZU7OzrrN}A1k-w$|sq?vcz2%<IfSNTxrY#wi0MCzA^4p2j{cr5yu1$so8xm+P82h
zPAi0ZL=X!mo3+syW@@h!%bHdYv)n?t7ieo*itz#ENe_RSQhfl6Qq~ka3)rO-T466n
zr)BcDlQ+4;W{C)rJttG@T+gXJ)@liN1~_<Q-nK6Z_y*9sJ;v`8!UgZC$J~)8Z8BOH
zqTXl3ZXc<CU?k2?lEIX$@{p5&y)LCfFauvgJEK!=hx479?BcLWFq1X+iqP!@U6vZB
zIOUd6+&(0FaR#k@x78iZy#{b7L3PJ-F%TFB2c>>M;81`=vh$s44UP4?&58j-x^v>Z
z%;1jK)C(R(20c;vQ~e@w@<U*s!nz4A8$z+`UVy?z!PgjlYyBhc%Z^*!*_51e$w_M`
z)5u_g1#H&k)05AOD~q+lDqGk92B4u!t*IB`tIPT!J+0%20*+2d)4ysKsYUq->2Fe~
z0Vb0@yn?Q3kAyw0#fcR-LC9H;t8J4jX7^NZRF7{B$yNErPBl0DIVkzc*PLOV@mJ&7
zAHOxE^tJIY2{A=Fb2~zcMeQqh3Tqv|QPSk7Yl@<>ZP?X1#e^b`%_N~`LDIa?=vQR@
zG<rTscKuk|Bzvt2U0E{4fP_`3()n6^?x0rxp+eHjvgFfUwO$9vb*g+^%5Iu7bU6n5
zHBGQn?>P`wux-5#HBWYVy@rD5r_2v6&1N=Uja6hPI^B8;6nH(=6g6iM7TB&I>pM0A
z!96CYb<1d|r5<~H$|D|JLs%*{(MqX>y%o30mi<3g%QPWP;he$3-_PG~zodYc1}>XW
zpy(5~f|MDpnkRI>sB7D?&>P3q3;z|0{OhcW{MX(01v8}H=M&KxDJ`G#r@s{rGa`Ze
zo>sbRIR$1z9(`Y|iGc{CLVM?s1{FuPI~ApK5$`QNR)66aq9oZMWIs3khS~obNIc4&
zBo)q^RYBcLA}OJLFI2bGbu&;<)qVtv!X)!iZ>r&A$BntRG9lJ6ct|Z`w{&<z+L^%;
zH_|g~c7<>Pl7fQ0T{gO~4~{33B~K;x*`_O9_5<2l`{`01pfw;?t)eLF&h(7`#$-|E
zw@^kREr>2&%kgOaS$R~t1srhdJ{%*Ydy9dy2CrATlAYhu4Z>$&byckB*`ssli>?C@
zQn;}Sf2_rw<WyDL*2NS3ru`oIM9~xX91PfV<~R!e2pkMZtUm*P2{_Y--F|_*{s4d3
z`6hJP>nVV|{#ZRt73UM&??+9%{g2#xBXrqA?Ys#v7ToVog}m<h`oH`Cy-ckIg1>wP
zfAl}_?)SqAefwU_fWP$JxDN&h@As4ZFA)5t@05Q?p)415_^Yh2Jc}*5{WWtsXY}VF
zxgP1TzSknEo=EFe6jBW}*fd-3OVYcr$f^c4WUWySx$oUG;yCR{#z2HSe7!RbJ=)l#
z782|x40cyT_-L(%mJF6u!(aqZO9Rd-p4mtoVk4JT)M7%xI|hApwAmzlm2*aGr1-Bs
z4do!Tle_SYvxXsSce`$<{p1~1xK+BwNKU&`3?TFRSb|mNbew;Yk?<&^HM$t%Q{HB3
z`mr=|4ch826sgggW#5nicNl_R6~F@8I;2#IkZc%X_=8$Y6U}ODQbG5qFgmmCrzpj5
zPq0_J6nD#7a!#_=_F+`6-Fkk9FBd9!BMlz>&+2b{RGDVQF84^sR~xKf=P1Lasi55p
zBN)W|07pQ$zmrM+m@tYERj8h&-Wj&?6^Kp2<m(7O5`mip|CzL6c~7j{R#d!(eFtZ5
z$n~<pP^picA>DQ#&GG6IP`#^wl5tOiw;}twNiYNAB@50L^u+j1E#v(rx^wgezt|CY
z^;vheb}l0@RD2k#ltuA}?C;_aQCh8`*LYpiQ?wuWR-qm%QE{tv*zgg7{-PO4_?DQL
zdx9S$L8)(2d-Y+MZHqcn0Bk2TM5+wmM3Ln)KcI4G2R%~K%K^0azm2Qj8ou1)%j@Z_
z4qLL!mi%%`@l2oP=^Im3-CKv$Kc(1Q(X~f{VtY?6I=vaqX_o4RYp;ki8;xf1W<6Mn
zeW$do#TkzokE|Q6o>7YynFP*78Kxt}z|9up`Qogl%V()T^3036&PqC6k8vXv#ue@O
zPD(f2&T=9xvP?ZchMY|*k{3pr4C5Sm3Yy5CR4Wo6`vd?47DveE3kss?$e^#Tu-|jf
z-XSYl^Ur}G7`$@3PzZR7>VB5BR+`pyERW_@bguryrk4{CUwlNW=44LJfL))f4&7=D
zRxJFg0FV3?E>n>?`A#9w0;j_H=Hplidj`;F<|WW(uXYL#vZU>V5UKPbYtc{15ndGq
z=Cp&9Ay_0S^2}Vq^CV(88ReNWvcQcO{0N=q`yufGdqtD{;4VLBaN@(owSDG#HzO~b
zGjE+0+K8dYB{u;`+|s?~kN89I$URc%c>{Nt$+Jk3g#kY(DQhsb_0ocZiGKeUNw#fg
z>WNgQzAno1^}~EsW637(a<k^4g+v7_tSHYrr_aub+@JsX*C8<_BSW`<A#|MZ0`)4l
z+gk5?jL7a&%cO?nn`Q(|D&K-<#ENEzpuMDYZ`4YB@WvXAIBr#t9M@*q&jc>@5NABm
zE#I{{o#C8q)6CR<b}R9HbX@N(Y#{7|pY33A-oytn9c-TnH>(BFHVp^QaZ3a!xbs7A
zLh6Y9@duCB45&_YAUU*)*bJ?Dhs$+8>Nr%OKrrZ8K1vIBCc`G+P=Y=`M;b3Pf|HoF
zeGS-2Y{%NsS#eA62-Vy!sc5mIEJC@cSEjA#y9rB`&$8oPRd08KD)8k!ot(WjawEF~
z44-)r3>_@EUqIs>awax^)1asmaP66SWERRmb7-l%??|!JC+5tW*OOSuy8hzm#SSv1
z_Z=@BjKyh<(UM+CF*w`?_Ey1Tc=e{3%}6L-+l+$C4}zv%L8+*xH>6U8HAll{n(W_F
z8!3T7*t=8c7z)5a>@D82FYs)e(^Basr;Fde<y`JYgsdb>UU$rak(fl2JCy^42$t2D
z#&@FiyVU>(Zs&?YwA|DkK-@vmOV@N_dd=Q#Sjm{qSj>)SOxBFW-LxkrO65?HKnri{
zKv)m<cEdrQ8Hv3Xyk2jEFR7pxTlZDR#D~}3Abu`RZFSRu4s-+}CQ9=N65=liM~Q0}
z#m=9hmI}0bj*nypY(sR8x7N*zNQHY9zWrO`8O-f4mXOjbd77S$(!cwgjr+QOKW*<+
z4q`J}q&FdgiTUVqR9mgsXTMaU<*j@azmP%xtnU_YSNSX0GKDu|7kFx5D}w+?_@z&f
z?Es6hSf!(T8~1#7=r<}Oh1K0`HHD{2DT%J}E7H=~>a)hU2hIjn^TBXM7zNDgJf1ZI
z6Q-^pA1Ak3NZ)J=Q+@p3i)@AX?(9ey*Rs;ik9l%>-J|voDqr!F+J0+=q$&DN(#M*j
zCHDb!2T6UhKcm7diBN{1dd8+H2yinSj^``m=|MMf*_0vU4d)&QWxh-=q?7bh&B7VI
zKPZZw>t<{4B$p}+PrrML^t@1Tx%TTLRsztg2siI&4+73b{p2oPk;DD=@^<NPo!Wu6
zJy1~i*CDYY-dz#qAr3#;Dq@DTsY|a%T|+T<u_&_*=HgonXMmhPc65+$5;PIm7BE#g
z$50|~AO_?ie~sw2_>SUB?n1czt_9X5y~J#TAZ=-<uAvvbMs4Jm9~0U6hAI)Eu%D`F
zV~TK<=k7BURg=*BZxT*epT>Ly$i@wBePhA^TD3_W)|$pLat)7n&o6xIF>6Mnj-?Nk
zj*JK`YSsgx-%3y36+FB7;AeOu`s2APX*hyn5z*xp@pEZ}SJ?AP6TB9`9zPF|dq5jQ
zv|R?h$xm2Z99#CM^}1S3LgOYKUwJISX{|210dw0SF>;0G(ES%{S0asR9H8a>Gb|W|
z?Tk9I!@`o!!Td)@urpDIi6@RWQS0ZPpdNzJ>htCUUiO|(`eUVI%)k;@^AomoGr5X@
z*}tv!*ufTip&I_yYm@io?H3j;2BO7UZRIeRW!i-}wJ<WM7<|LUn&QmdW^0i;;85Hh
ziysDUWX_9P89AA)jxd^uFvkmOPYEp_?B)!LZS|a^(N*kO6B`Y`+kSj?`Fvb3{<7sz
zQHeK;EoTvQv<}bsgp?bFAB0tw8F>)C!8=O8P0Qn#-LpP{sXYc*lh;c#Lh6$a1HlFR
zFa5VxX_o}XHI8RVwl>3zu#H4k(lIv`k_$Dw<|{-xj2iJ%a&G5A>Twsw!fsWF#J^Tt
zjMGQME~nX+?tG+XN5@1+p5w8aN?Bs@F8psdON#j|msJs^&;V;z2u~^;wMbDhs9_n+
z+F5;?zKj|9Ga<WsW{`_$(|EQmr{TKJ2A_eu%k7DkKBF<n$%;FZ;R<FLLw*G3`s%xi
zw5p1{D$0drcmCpT@GNZT;J;bOrXfL`Cg_TitG~oguu3|@SACfRtl{))Njb`sIOlYf
zXJrAof?jWdl(?4l+U(bYaVm-H5cnF31F&n7VR9Rw+bCH@J;o)6)WZk6jaoAJ(cD<<
zP**F`N<QN3!{D`-V~}>BXKR7E-NUx^(MZ0~WTltemY`1;>9UUm>_j_{6P9{&XG<rA
z(=V;~{bC0@^5_x8+O}ZyjhGn9&Th*R>kp9e2ohZecXr5ed+)tHh*?~gR|d!TwK6Wl
z^Ln=#tqqOy>oxQiFDJRg*e{3=A+f!-lsH9}J7NQ?*9wafn5=9m#q`)ihHu90lvJ4+
z!sFcGSlmXgcO20~e$)4B`%J1S(IDrtdGT}k6h{FwW&N9|A<9<Cp6_Y)0#9s80r`3}
z4X||J5%ryZ2cuZ^fxR|~N1BFgc&O|QlqP-Zj{H~bm;r-XB&dd{abAjAT#sze*Y`KX
zptsBCWv!+o)7hzb(In}Ygj}gin5hze8oH}3i_9;X|JHuo40PE=6Yo|?wV#IgNGZGN
z=!d1EED#4=c5xiIrLP6llv$nfDL?jbN4l9iJLC1zk{a(RqPcPYUPIPxQeBL#Y+)cX
z!sepy`n9$Cz3F6gle3fhkF+^|Rs{sm_`JPLY2!FMF%5L~dcV+!K0=iiU(c{fIZ2l<
z$vrij>E&pTj)@LDv0D{V4J-8IEK#^MIy1BzF)!$F%>WVq<O1Lp#`~nEw_kb{ep;Bv
zSkI-S7iHB3`r^okAIVTI8!)34Ki{8IwMc+rjuG}U)8RSv^dr+kB_NzmTpym8tH%<W
z+bNq6Jk>E)tOEXa*OIezokuyI`S~bLHEf&^#TJV?C<Cw<mYNH;n~`A(jrBrZ6(U?a
z-8vXj1XlUQ>L@`?Lv>ZK1SHsaiL@QmCx*-R0139b@E0`ynw>cvW&58SNy6<PcwN$5
zPEF%N*-?hldb~o^@Qqck2W=2Wt@GejhR73@*kl$IzxNqq$wL!^VF*Dl*MY%)V^c+k
zT0czf>cSEyjCF#n5RA9V$>)_F7QfI!X)x}?J}5a1H1~)|zVAS>1OLunU!8?ZZ@oVR
zWPFeiyrM{vLX&ux{*pyd379-qJ}{)lS01RUCvfS@Y8o4Lk;rEo8&NJi^*0o+OPE9Z
z(vv;&q>yZ`b9J|AJH(sd8QZ|Xoxpnv8?+slLR|c9wOSmV73}sSz6y*kNEWj-h3y$f
z7a1<k7Iy3FIa+))_^@puoNZuoTph$v@QTyWqqzAyN0rm6Sme>mOw3TiP?mR5i^&wM
z;4Lp|dROYk!lbYgle^Dst-Dc5=>BlUsXt}M-Xz@YHoCfrnN_W)m2_-ooFum%KqBh}
z(<Lvw3xYWOp{s5yShcP*K}@6WBz$O*x|N(Jr2l&E<VoNLwKIPwgbP<*NvBEahKFN9
z6T|PQ0;Q_8IVa<q_P}3nflfd*JbqwJ7-jI1eKhn!=ZIauqd{h#AZa%u_1Tz6S*X~_
z-r>P5kVv+FSW)URLw6VYIXCe#@MY`!ewvzkldt%F+p(ALFB}&1dGa_{A-q8n=;!O}
zcE7XMFwoo8{YoJGb<V#~>wH&Hpww@U6C_XJ=KFqXOpSaa`lI)?39)s~$H)5Sw-!(L
z)+M}7z_g|X?Bn^i1n$2ehS(hnj90wwXe#E)KLu&oH}4*UX?g)RsuOKh!3qLT?lAeI
zp{E&}jImtQ!*fGEKfXRA`B7OmQh+hH6g_GCLp<In#E*b9x|WK1QuDt|M>^N>kb0VX
zk$LCw8A#H(9bpk#Chb@Lo2`(&0c**XYg)arx#Fn&m{}s7j=|A<-HfnZh|rKk_qMR}
zh$)YqIsiV0-X4V?07Td}E}4~cN5)5LO*yMznnY+p6wPr35-H=QEwE0Ntz0ZJQU1E*
zN>ZG^v)G8o$iEwOZ>KxGJZ*$EU$t6_;Pt#!4LSw$T;<4#JdcZ?!cg3e0TBB?(NxQ<
zPEVWznsx}jlg%h>aULtOQFj9K_a_y5oTLrf&etyCzWo(a-XxalS03p(-`=-gF6imo
z_d^WG(X03Oc`@4Blj$$1rsb$u+H$1iFWca_*5nB8-TRR8NeLj@ZtsQ<y63QYWMFO{
zNT~3T#N$@VgtNuJ;q=Z#&?o|b6K1bxlEh4nH-nT^clM9EZ+Vo|R?t%|ficWaLfDrH
zSW=dxI?~N3=jm;~bl{uabZ)oaS_&06?~z~4DPw;wA2jZF#Pyn4l5yLoLT9Fe0ITm%
zhAqB4cG$;XHj0*ePFHDKvq1f!Mu^9Jr)4NaIO;s#A=A4{>NQgEVVt9gb`cFlyFar}
zzA=+@22nP`D6Oa9RYxP!PxOUHbZ;<*#|w-uxTmtQK~4a#HAl<%WBJg18|+{z8*LX+
zx^g*MOpuv&*Fqt3nN$`GEw>)6W<VWs-7lLD`VY84?xkWApNb&xQ1>N?M^Qz{o@jz?
zD=96FBj_41f|V?1qLKM0IQUrSIQ|VTbB-yC^c*GUUQh3ZtLTuLpQ6=C?JBiI*oD$`
zs5!or$BYw4-3-A&A$=o=O{ky_n$HB~^7omGX~?rk<M8Wajg`m%i=l*V3!KepOMRkW
zic=MO!#+`6TI1fy<j1&SVg4IjpACKgzM*lD^v}ejrBc>r=tn%J5|Mf#p)e(ao`nBp
zft?ym0&)ophzhQGyi*KbOT+2{4pmRVqBOAyvL0N8$ONMHK|!q&)%d2`gUd|{Q7NVM
zHnTJFC<D;JdDWsr*%DtzuN8;zrXHSh*JV8Qro7fiFg3uPDX!)aCUIL(bw@jc_ZY|w
z(k%`M!}``nGtNioc9*<HMNSo6ZIEQWt^~#pr4HS<qd@J9^c#`3e4Ugk-imyBi8dta
zkI{%lFSkJ37YI(1r-+u@r+IAKqSRmZ9JhmiGn{H?!i=;})eBv=p~%y&#fdG$QHtY=
z%8&C}2|(M5zT4u%jptRFUmVTtqeAY?#)mI2HA+2k$oWKdScZ<bw#_fJ{s^<@7tbZQ
zEVY;ukcx&pFtPr+jXP1W`k5o(3+ck<Nw3CdnZkOmbeNhaRlyhUgp^<2bSVK3xx=1H
z<4eRvvMQP?AoW{Kuf(NUy5+W2UaPv!w=C`Vfd!#(1wy*boC=#14@Da|)fVDMOgh%o
z{J!%RguCQ!Z=bC@e+fwZN%B3O(|3T439`;;uesS1OV=H+v%5qGtDd{+KZ{6QQ}R>C
z+L%>F01F)>)aHt9F0TdsN`n126tvnd0PZdH9>QO!92H+`ux0U0$RBl!x&9ATtB}%i
z{HD4}MTaoex6iO(5#zmR=l4%D=5u??(RzE{s0Ufkfa=%5U}=w8Y&H3kUzv8GpOik3
z*69e94~<mKkA`{4kA$IpuiC5GWLav~<+1@Cj1LlXxpk&msjZlLOG${tCLX_uX_XPg
zP7zut%)2)&ur%o%XhwzZ^~etBvz<HY!>AU^RexEO##g%gFavWLyHq^&f23l(p!W6~
z@ET;^l6kLH#c;ucvK^Frbt5ODd`6xiKHy!hjl>;Mb%VU{LOH%De^SQ>qn*|k5-9kE
z!uWkkYgH{#KbM$OM*<@Cjh#FAKyf5`l8X*cjaf@Wce{Zo2`^!XU;Ey|JiDm>CkBAr
zU3y6fZ>qusd3Is@16_I}g<!{fKK$kSv%?N|z6l9$V8=g(?yiLj>Rp6+cE2NtZWbDJ
zZl2P$_Ltm14TJVT_QSJ`SS2T}l$<u6_Am?^L~}=}W>@PDl*ireYnQ*byI-_&*&X@v
zbC%KNGf5^gXx^;G$A@pU>Z8uZLHD%&spMZNvXhF<%4}7lJzo^B<Q@L;u8L$EIOlJ8
zB^v6VNroim{*s46K*w*h7y#zIaQO!|h9N1rQy)hSn=C_4=iW@UnH^>9J|3w3?Ig4z
zr_D+my3X&~;78Nd2HY@BExi2Fk`_A!n4_vu<Mwi4?HSQyt!;B$)3$Rc5&8Subo_kL
ztq|%JrkFxV@%@|if@XXb`&6|;W|47!kMH?}3SBMS@n0qEMhMJ-QszUJo{ia7Ouyxh
z$@Z>0EYr~0BIBI$v--Z8GbKjcx}2C~$~qFs%8E*W{)|SA@05-4@FZDix#oN^Y@Kq*
zLwXBbh=vr|#I#tU0zMV1ooGTmGE7g`p@00^a0~S-a4NK&$j?M_0AlFbZM1pIi;Bgi
zxK}Dp-lzfa#*hkPpE-LCdJvnPTh&;pT?E7?=PW6xADHp#pC%JOy+8B~;y1TnMQfK=
zj$2QODt1)AIz6EDN9OM`z<g%VM63TgtNfQsQHl{NsElzYD>y~les{L7l){uwynY8s
zM{8#+r$YTUON=&+M*<A_N&vBcK)a&1WmdrLUXpa;;k0gGOgMg<%*eowN0H8$L)+vd
zrL)?`t3k4nhq6|MWTlZ#AHtZVWb#Rx%H2=JKTO2mkH@35Cdr)OZ#aoyJdVVx90EuD
zT~O}_%AmEzU^H1w(DR<xgD0sgkVXCU^?J>qcMMt-VgzW8J52lund$tObpSgQV_3+0
ztgDbV=rVN#3kJ$RJ_l9HJvGUrqw*8~LQy0-U7J~*tk1m4?P7FQW|LAItbg%5X)LWq
z{;*OTS$v;3ont66UIhnZLM$U5Z!n7zoNh9UVgM9_3`8U4yRDCX5OJOf#|}FSVsf);
z@9RcU7e9Ttsc0WJHA@UCIZsNueDJhJ%&&8(**nmOlV<N@jK@pFlD@|-6vZm<gjM?9
z-Y~%%#P+9RtS;>u^nt|4DO+04SC&V(hAbJ<l;-+X;7<s#<uqKSv}I?j>n0aG{*?Zt
z23?Rm{k~Fb)l8O@cfaA(IKDImr@d7)F)=uc@<I_uGks-SB@%s1dl`^|NJV_eYU1W%
zk#!e_O`p}=2rlaCgkRtBx~$511&t0OFy$}d5}D0O<TGr$b%!c#CSQ4;0@{)lEysD?
zugBW8Ntmgklio#P9Q0M_0{Z&f)@={MQJopEua$gW$J^mKvYofF#R#fMRR?)Jn?+<;
zu^ePY+gQZVebDzpz?qUE?_Cv8Gb}6SuM*6;sryDUqLsoa&{I<Jhd_$clyzE)if%s4
zO4j7Xc%mskwmZ*vYMpe<Yga?<Nvt3n^1R3~5$VA4s~`3T{5q>g))cs&N;YKHzgiW2
z<{w8s$#UwD`cHpbG`Rh9cBYYZZcCzeYy5JxZ*M0WA|1b3$pH-nx&O<Ib%ux^w{5>~
zdV?w=RTt5!JtHDd;|Tq3VO=Q0kY@ieEjz{?XJ<4I=7M=9Bw*SMTWS`J-&<ljVVVb#
z=@RxXaORdY`+9LT%2}$Lft6-umI3}rw98^mhG(INHUsQh-xv2z>--6=%^4=Y;f>-L
z3_9CD`o~RJTkK<Gi?xK6(Dq@|K&&D5)_aRB)`;)M40GO}(WMLC88>Jh!`)F$uh&93
z2Lx!!OUdb3(>IqBq)b%XO$Jw&TT9vVksAYJYOi?Lq~&V}*1m>DpMyWXkK{NN@&tpP
zKj!|?7s3j|g9Q;Vul1aDsCIy2K59_aM0Bze7U2!|Q$=65Oyj{eohbV_^{1PXjkL+!
z@DQ2slsI16T6h&m@|)wgl!5H`()Y=qXmMHJDE5r!A<r6qs04NiIt9*8v}?-AQ}nl$
zE*eqrA37~^^xRfE#L#qx182$HKitolagvcQp*Ao&Sj5n|b!yg(Wi<y_BTHiWxBKnu
zC}qRVPA_dOMOPRP=~Lu^ID?l>Scy<vBn4f6RsYP+8Z!OX4w%wO<dbysllFrHFPpaZ
z?gND!*Xb+<MXL~YekpD?KZrt%pJSv*@?*{*+XO~b1w6znszf`e|DB+v*PT+3GC7%9
zdH;D)0fKo&a?J9IuC?a6_^PRirh<XnTw^|LN>f_<$jQ`BzHXImQMOH7?jrfkd>%=@
z?Cg`!>In(=*5SbJ9a4tue8I*0Hp;WkdG&&*5qI*5=04##mR>@jqUed)7E^ajG^Hxv
zl9mOOpJ?+uum+&2AzK%cu+5-mpF}D=h?l>SEqx~01_C)ynV0@2lDrcB2OP|iE%~3h
z137}$;r`>@A9yVQBy2O01MWZ$RJ5;5#X=qnz)c{^e`R@dWJ?0KZ)@t#DA^|g1^=sC
z_`fUE>=VH~_-(uPHf24}r#tyBrW`=B*E6fvTe1H>9cA{@K^1K_CSpGa&NAL}Wp;O$
zLf=0o)Cu_sgvpWmGpApdl>Q`cU0biXN8p`BiVhAm{>#w$?jN}5`6lHd{U`hWi8`*K
z$xPHcP(_km2-5aXP)3eWh7Z$DFFvY3hFz;l`h!cqJ40VEkcaw`&rqmqQ#gx=_0!&)
zeT43B1sjy~P&BFwyOPW&xsx?tOa8rtaEir%58J>m!%WMZk4^ZR?qq83`L1A%IpX#v
z&*AjxwpFP3`jq$bPGs?bziOy=*lCb@{0UT#3HM?*R*R$^@|b_MB%7PkurX!e;Npgx
z;(1@kPerNX-5fH=!RNO*NtjB=vId>m>g&;cgocEO&505l<K^|%YSEd2-?{$ZTLtA6
zK|;K5*Bg(hK_6EWFYK@5&Pw0@@2Ou09TgSS)O!J6?^8K7u>*HY1^pN^@7O`_=STdW
zcO4QxD=LEidAR7HHk$WnUvW3;8}X<Y9B_WY@gW&bNiAo2BXGMNS*&m2i!~1b1LW0E
zGoo2ZULTFal@<GEQ7Z5q{fw2`76~scUr_3!3?B6K_ct4#nNk{)r$9>ik-YjzN{aTE
z4`=w<ZEwP+@*{w?a$0KROz211aCWvfS`iaRf$E~Wmb}q3ZOkb^%vw&S+VbULA#>Xl
z^V&{ioKUR-3f{kXAbP65cs(ieaUf;R&&ba=so*KtPN^pRFS<ftFmdbCz3ApDMyOIj
z5Z7k{w!$)T8GU0%fElW!cSBXTqgSS48}#{!w^b%g;Hc0lDx1STerNS75%YSAVPzcl
zpyE09#~T>*db%98Tn*qoJiM&=DJD4%p}Ew+MA60;p8i+g`H0@4+)c1Y3G{hrA8Tea
zOV|BqIZ<X+(U1F^(4B9?0oi0p(ae28M72D2V8rG%+=B1(Z*0nw)rI?v`M>#28lbhu
z>ZTRM`%g^o9J;?}k&3`MrHL52`}@y}o3)_6e;;o(YnjeK0$p}YA0xz!Y2Cw^h*Uij
z2NP2nPDt_ydbc@ArW;KbhOiU~XE?;PD9hH;c|$6<oSRa@H`Gv$*@u?i6iSr!_d@-l
zEX*wrK`jRen#-@^k7i3r=<wqaDm^b@#VLTU1^=*+yjEn#AzEl42Z=VAd;TfIO|A0L
zc>vp&k=}hy`z64judn}8*nC$3NnI%aDLenRjMsg+yPsXsG%`KF`zg9dckzLIm$Mi#
zeqoW+KD!04OD-nDqu`M)!*(<(&|sO6FTn3zioy-N%^(lm+1Q)WrU<4~A<6DkY+Zk{
zbizNttA7<+?B27JT4px9HvXh?59atLeHsoxnB3N)>qxZW&^@J}JeO`bPyewBgq~<g
zFRy)<473kF<JOKlQIm+7k<)8nS+G=GVVt_dp;9@{ZQtK(5$}yA5(X7Ox4|xX4uWdx
z>IU=DiU|ed^ouEHIfCe8X837A%mzhfY^VOQ_~#i*gv%5Ntrfo9`zjHcbD)1;)yHXr
zt{)rNES}rdQn@wE^czslg+$PxsVQxMaw`l1OmbxnavH^r3F;`}c_q!j8np#Tq4hxS
z9^eGWn5M8G8?PL+g~|S0@bAH3wZ>v35tlT=5P-o<vkSrC${O<v8RfCr3~wqMSj<;w
z9^J^slW$1OeU0ewB!v*bl8Ogfg!#OB3<!ZoLo>e%|M3fs0%uTgokq*lQ*wo6yRIRJ
zm;MpqzPM44MweqCyx}|rO^+X?j?z?&Gkt@`DAl03y*-=m{@=Z3(h<8`@whiaFLWKf
zeROv0R{QR7O5$+apeb3i*bqCJ82X9@{lHqeA{^^RU6WLn{wdR)1GKD@pPy82-Fnj=
zRiAr1v9w;lb}c?7!=7++<D(|u%%S0V*mSoQ=Zr0p5G{>~q4F}?77?c;>>mf4o-mF>
zGf$B;sp;FStgmCqDziP81^+*UL#|FqAVlvp3(p7>Yg=7x!aL+{pMs&X?#tUr3z0nN
zH!)V)V9BFjl9Eho{9(&6ETBTvS-w!3h$j?;!6n`h1kdrG-f~+%;@;r}5qefcLNR~M
zBBTyMFl6Vx<mECX<<pVIx{j*cSPZc+&MV2KzLuUq856QoJ5qU`LP<SVa8yvay<AVr
z8n5o~4#mHnPt#7wmg!_nc=%|_I@%?4Lr#}Cf+0`6NR`KgTwbCVr)MH6*ke|6k-Y{{
zUT~1Yw=-jW{8pM)RObwWL*-QUcZvlz5}cxqR!rM~2PfRkP;3!&f4St4$0xJD8p;Wg
ziN<G#f`<8!BBrx(_(mxj2&UUs_F~mq&v)LrT2!Zc#rrZ~JSLW%C1urgz^L4qGWO2_
zNikSiJWfhSjGMp42d7WURJ${Bu8KD}q}bVRKXe$qlTQXtVh97wxoIHwU((Dz;YvNH
z@Xo?|kAHH%E&uyd(&831RLMCDga!NeSUQM!-$&~7*8<R3p<jz{K1w5LvEo%3u7|qK
zap@M1-WIkkgmwdcn@#+pv9-Q)BRSz~|JG7GDB;a>PR!=!LZW}9@4rkpnJuKpi6ei!
zMb3fl^0IRu026&I7irs9(<*(`Ys`$nh5I`$)Mnd@ME%)%;0~dVUT`d+!+`$1d2y+d
zm$80|rICCCoXRgCU^jqp8ZWhNdjBT;#J*mGp+PL@dc&Xcn2{GgG)5WAxSD<BQe7~N
zr<4>YVoDD}U2B<X0Usv2OLtI;^xero&w()FnvL{t{qBWykF96Ng`(KIuSL%;F5)jl
zA_l&@T~6`ir#sSQmDI^BeAwtm%@4u}yj3Gs8H!?lSsU7y5D)uQbDDUr(!>B%nF^Di
zfg{+*F-i;5t7ZsCfE8OUH5v7S5>9Yhj+(I<5=LVd8aO}Oqpl82<}I-HXlkiwCWP*A
z^r=k`tU=!02VZCt0R1YwQh60UmiiB2^l;7eS_PDJkFXrM4Ek*GP_4Am<t<<6;1{E~
z{)pk<0+KTu4oxQ6s|qC)0Wia${ZdJ3PTCE?2J-SVAV>kPOnGIFilwsXD@Z60%?%GH
zmutwkxNEz@qGiRd?+<aYAE0U9FQ<*qm@~S9|D=k#zay{}7qX$xN2MiM)5y2)l~$iU
ziKH`6clGI{LdV6>IcU11K&)xb>m6*3)<^G!_T0VbpF@7Ow-|?6a-0bIz;pg>91jj!
zUkWb;O{)%Fh(B7G`k$cI3x^se#AtYskV%qg>1=d++HdF*SHij}F?#vD<krzk#@%4R
zdI;<#Lae8gNj%jN2`RCGXT79%mz%``FIp!OI~}37F=Jgr%#lBMdT<+_nJj(xYG&t8
ztLRgQ2{Q3tNv%ET30SV2eHgt~-ioXKU1F5^Dk4avTy_RBe7y)Rp_Y=@wr#5bs2Qyv
z?d73IiqJHFI7{BFs_pdb%_B`GzgY&tR+ETa_Ff2(dH++ZO6YwD14!Oi|MRZ`2LoP&
zVYgqdPlG@DpWcp=lu$cwM#u&JBfW(FbFlpOv{5^6j)Fg&g#X9M`U?K|M?vrQpRIM{
zkJ5P)GB=R#>pmE8^FjFklehlw6E|;4Eb6qUVJ<<mm9*sw#f<+bAFP_-ZlkcHZddaj
z!?1ri^8XyUfCp<qx)Ch>hnmE>G67bzb`oXO`!(!3*?8=HU=Ru-n3M}=?ZX-gX%CUS
zrZ;7^&%;uSSfF<yYsSI~)jf<|OA_I-R`{XIhLK+^;o8K2TjZhGveH=jiY*8460)_e
z{6L_o9ary&eGPE)hc42kT)8c;%PBr7^W#-TT70`p_=O1DMd?_42K9};$;K{te&`XB
z%>y2_=ArA%vNlr~s#Q&;JETimg&`f)7<&6JT2nJTyNOL5o7d*AWu45A=prJpe!!6d
z9!N$JuCDGjEWQJTqA#2)8;XOK05fngFb0|8pnkn=N+6^MZP*>ga(>j^(VaOITG4f%
z@RwB91as(`!?`8Swk_CGxzz7q7j~|P+?c)WEX5F7;7WXqo@Z-o2F#PTv2fv^l}m=B
z(Mr?BS+_l5;?mkRz0n#H7cS`(1poA?r|7*aw|#7H`yc({_k<rl!F1hDCs@{q&HG6%
z(6kB|5-CMzfhsYYEP>`)>poE7zq3sYIe(UT)JTdIkr*dYmP+A4e|XLPyWO+sU+4gl
zO4f0#HkU`}{|SvQ+a>?O`A&SFx_^ZLc@*Fco*(4Ne^ZTO&D+EO@a(7uJg%*<otU>I
z=6vwe(ZCkiqF}9xQ2a^nlQ{1sNQm7~#$dUDdB*uq%$=)Nr)1qpQvJpUp{|m$k1{~P
zGnc5CW8-*CztVEOk*4|i5~r2sgrlb~c@J3TOV3m-r?u0BqapvKN$wO)2vctxsR=Aw
zC7vp8pBN87j5%IAL5H6_xGvq0-UXDDi$E)qe)o-tt+O;5t<L3tUB7rMMAZUs3PgWb
z0SZMRva6Y=IT;ZgEhY16+rr~-%rE=ix|PfiEYj~!P8#%_2{U5a%tp;ZIZ<cT_<zfv
zt;=xJux*T<Z+!%IrAoF~HLMdUUjdeVhJAGr>cM{4838Xdj!qIie%zN|y{CdHpvhL?
z5}Hycn<-AE#8O%fYCjT3613g~|32}myjKFtm3fdPKbY6tWp8*U>$#--Bv7xD9&$}?
zry7|-yTR>~auFM;PnI}!7LY7u7e})pk&vCB8%@VPCNYUDB2%#d)J<I<EJgd-RO}K%
z_hTxY$kcD+DNPPSf}K^_TEEMkoRIOfM)7Qwl$KepQpfJIM!t*lS6pYW4!B0*4`8id
zj0;b)1SeDD%{Jo6z5KqSIrnPX_;LH88xC9IF$V{O|3r*CeDpecSCVU;>p&^r9oMe2
z4tRJj3A}64`nP|x|1UwIlY>KNSBw(O8y4o|QVjoCQfiCqhnq5YxK=aT8<HT@tl@*N
z{k(IjNqwYFxLt=LA&*%X>74ak!54ZlmQ)L+-X70F%;|~hn5AjFblepuTYaS7G~+ex
zryM~@t)nW2?hA%WbgS06W@`R(NHnzqw^4Ns;0;n)nAqLo<oVW5jhoH%!9S7ow!;6H
zgwk!!xQ-B(EWPr!6Z=<eq9xRpL(OMh>1KvBGF2<KDrdQ$Fml7F@p{ZIE6wd+=(^$+
z)i#PX9&R>gyWu}X4W&Bls;T^Xu7l{e?`;3xk4E13qtM3bx*By>rUz8pOZN&QUYh?v
zVX!rhdZPFSiBN6wo~zd8bQcw&8+<k<>Mqa(zTn=INk+PHUocmSWz&sn`zO_OR8wuu
zY|*+vomzBInR}lFFg=(bUvPi!SF&a_nRzAsv|`s4Xd#M#w7Vslb3nPe*{_FwvG=Y(
zV1WVawSVz2{4w{OQxBphKZUNbyX4WzE;ScVl@Udto#LHw`goR`Fuc6v#o;ZIpNz1J
z-C=GZq@aTd-S-4}L0lr8e;q^7hzBHV#AK>eZo=gwrzu5V*NQO>3}zWv)EzBC-H-xT
z@RH>dS}vh>COpqr7akv3vr<ZS5Q?ja*Ub8QuGH^QS5l!cO$Nl62F@eBcCtxAr#=~$
zrZ##v1ZmXa)}BA#^R;?X^NTASr_E}+yvJ>Xa?iGM1ZX{fuKUKTOsf1`4`?F8TLnkW
zS~hy%`|^#95FeFFJ#M@CIYn2kl_XC~*1VQ;Fh4W)>&vHSa)#YaZE{<7ydTzAMqM&3
z4a_*)W0&P*sc3AmFs*gS{oems*Vux<TyxI4;A^(lAc*|}1Xy)gz+9^h+}Wum1|0lc
zbg31@G{s@FUaJlEv&)oLBS?k02}ddE3r!JgVR9~2T<l8Wr4p)g7`-q5e*gqP`@ev&
z=a6{oy(dblZ^Q_j8zdMLf`upxHFfx={-hB(tBQ@@BNPgKJdOjv0c-iZ1UP&Y9<DdR
zM5|4#L?N29g4Gt`p(idBlG~-sUmJv+$n>t-Z?-~Ak#Fdn6_{mwt}l6tGd8EX*WC6@
zY~ur>zML#&-ZP1?yM(r{?$@Zsbis|Pnp^E1y=mjIZVUzkNcmf~G3hjGS`t;uVGLH2
zi09gcgBGx+4sLb6A?#z#DnScUOIesmyR29sB2=-u;_QwQTFrS~(Q4x`ks!FTah&$g
zhE*G|JRoO0gwcjbwxHGIm}a<^IbQ&48wTEiQt8hPY80!c%ZBId%-h8NaA8FA2IT6W
zfB#?867DqkzTR#;4Y21X=-<WL8F;O%mQ?T`arHA=v!$%`k0&aVrP&h@rl;N#(+zrD
z252fHeIYtov9d7Aoo(@1SQIo<nXVGjy^{74_hPSY9CkfzCB*ru)Q#Z(Y`j>CCZbB3
zu^G8+8zc{%JI%nLdFUN<?SUtR7Fxepu85Lr<~3Yi19n&;?+5!hn0%F5wzb__&t}2^
z6M<t)5L#-vR&iRJPy}sixu!MGwB<ZxC0XFevf^u6@nYk$7qA8mW+DaQIa`;qW+F38
z<#$6KG&~njBqc?k**5x2a{#Gaa8{{b!JdRzV&KSyE@oNP{SbCNAQgJm;0U^U9Z(EJ
zPL}eHRgi@3U@Hdjv;0c<do~}VG?x{ZfZbM5rBViMzE3j!0HI3prD*R=t<{Wqy*d3c
zW&K)<91{R^ncPbM(u4pzcXd`Ys_u_++!#jyN*Pq1*&P$;6aqsTv*SG4uKg^M?V-y4
z*}&zuJHE$MT-`~JES6C?yPepf`8uLnLFaTx=EMZTt36bkte|`-j@1PofrzC7CqoN8
zVkEy4X)Uh!(3MfLY-S%ok`vPoqGDcHz0)Cqd@n+XbGz0~KlqIv^s9}aYo5I`BRDTC
z{`>&#ZmPH$M;jU8>vdCuN!JfB5{wdVwU+hP#COh0VK6T(Mx<WB&bJ4XwNiqBu~5uz
zb@xDwyED#G=Chuy4*FotDZP@pgPHc1+CYQX&ItzTjz~R7*ICgv+aM``n&cCXd4z+$
z-l(TH=I8AcZ0U13UDI-^RmA@B1V*z<3SYjaeFZisdLFI{2TS|XO8SyY`AS-AyXFP?
zpOf!@`_uIF&nG9}J)8dFZ@)eHeg^;e&FP;{f3iRP_Vo1R<h!q5e|d9t@i%_@(|4j-
z-{Ma{oqWeG{+3AO^z_fa9vIMGrFLEY^cxiaZ90KIJ8Sw8d|?!`AmjqjLYvyVM25Bk
zv5!Y1RCbiUGrYK`?q$<95%g>?ZQb5@2VVOndF`FmJGQvZcwTq7ZBSbJij0<<5M6TA
zxgv7S>)Pnho|qnrIq|xqGMh62$)gmUqAi}J4=NUm#@A9S6ntG4Y|R8Z4W?GL0n7W-
zIwyfYR;<=0QeU=<S-BVF`Df2|E&Of*2DERn)u`Rr(~3gL38d<P`)(ntP+1RG<XFG)
z80$B-w26u>n}Sw)<0`C0AwL+_U#p+gPwSsnr$6*iJz4Xj;MVhR|GVa*sUb(FsZ>wS
zfOlA*{bbMB>8d?%r)%%u%KyDO{qyPWkqcQ!vZ>is#TNWyMDN$O4SbuF@b&J3S8T}@
zpe6(0(29z@=!Z93$f_-;Y!q8G1)#`d-2TG&`rg0$21{nNy7+N}p@jR2*ZndMUJ9dA
zCKnZtudBu(G}A^{hdx(C)!IaZ#F)N7iD@}tBAM_X&)xyoHlZGbw7)(x@<ne@l6|E5
z2!k+b6uNK75Bij5b%C?}VaT7|yM>Bn73;f<x;8F;3u{<ya<TiRXxkPzFB0j6p4o}1
z;sLjjb3Ax$mPniP=s(m$7tBO*L9>+^6^t~`TjSpg?|2>??36K>*9UD?$Pc(i(?6R3
z>fiq92h6j#YXIpR{-A$2V|8}soBn5Jsn5D}`osw?=&}FwaY(@*G|3XYM18ur>VoFS
znWNKiXeEnW5hzuKxUQu}XkAx)4#%wD`<}`5x?5jo`Z}32zlEykvM_qu42<*{EJA(j
zyH101ymo0pR8!jPv>;3Ue5VU!xCxb4PXzu~ZC;XVxpp~MdV7>{n$}*s@j-WZwgPYs
z$g;fGgjc*o3zXK5C`85dpZ(hVAszC2L7pR@%X@G$eR=uH1$FhaUtGhok<VtPKV-e+
zIhpf7)rn#?IT7q0Q<q)%x|?ri-{A&oUNn@;^||RS$STvkNsj?f<=c11rb4E=pH}zN
z>2zw~S)q)5NDZsE8@vlyn~=@c3hO(feX$y@3!-9U=9k=;x6@{8*i~d(O7=T!;??*u
zOTnCum%w15YO=15-Se37rYQ$}3o5q$!m#-<wA9wSVtB@Yn9Z4HRQ9n9)U+C>33Tnb
z@f!u%&PMtKZ}eg5oW)QAq?QG;s_jydIaMrghkmlfC8yx_ffugmV3QvqO&=g41!3ii
ztyx8j?x0L9<qLC@PfW~WP0K;MSman~mh;NCU^KBeePE8>ig!}huekyh_6WXzbPkp7
zgPkaMGV0tDt)DBv^TR>YXz%nr!Xu`ePpZV%lI6?fw)+l}WnfP4mDU2g?IT-IjlQ<|
zBYNiV*)2ba6Edo~potXGI_{6$v(sR>f9}I&9k9k531=XIIWBj*>a?r?hM;T6CZw2F
za*){@#VV|uhfMpO3&^w_!;2SNHPPB~(y-Ofgla0bn;&V0_5Sh|c}7kkI~iDHL3x2$
z5_AySYAa=RVF}ONwMt}VOZ$aH8D(3h4aOzxrSEcfl21dR9o62aA=)}??^c_!N(R?z
zEKxSSe>B<Tr|@;#hsE224UinMgCkplJxL?56nXYU7ugfZGsU1)eXz~$4olho_L*gD
z>9ra*c8%XacUUXfX{);nKx2?}TwQiWMJ|U5Nw-I)_lIe_-`k(VCHk;SG#+Cu`V+hD
zr<>pnP5`dl)}dDb@}0Kr<xuD{r7S%y!YM<Y^1BgiiNFlh4PHO|3ywY9z`c8pp>w-G
zcIf5)%Z<GmywY~Yu5Z8Y*x@?*rN$nK=$SV7SJ=BfQN-Hb`L@ltfkfX1U@-30L3awc
zjUKmY_d{ia?cN_;kDWEye$4Avxzpo6u;r2N|Hc%(LGVBLo=J!d(A1K-Ekg0>*3vY9
zvry6$CdEV^uF@=Ny_%4U6^LGG+?lti?qhFY`#Q@fX1D>OHtolZ#<pmN>uiCCpDS|o
zja}$LWB#!v(GkAe?I$|>Z@I`#X-nb+t$|?l5bL|JCx}+;1^HeOH$gIOStmfYP4G%#
zop-3U#4!FKwBD=kSexJS-_{EP6yFQr3q97UHmi0i*p(S>4HezlaQ+YG3+yE%J!d(1
zUQ%??a~Es^_qy^`&=zISST%Zuhi$d4k~o3gHn|q02Ur6$g*W8O%U2;6v32*IaIYcm
zDFzNPBCuxbIr;!qJe9Dg7S!e5Harh>e;(9kI|{gvUV@2R(~7mRGAcG>w9e2Rhh`I)
zduWbWkOU!D*BpHU39^I_O}_T4HMq!%CbvW5nD_a!T64kF$rRAscuG$=!A@;dRu5Ht
zbc1^MO$g?BF<%$o%`GjLARgFOP*R|%3<5EYFy3;H%E`9kW98*g$Oro(TW?iC8<DM&
zHKBl&_Bfl_vz9LOLCGzv1S{HZ(Z;?W_F_Fv)+?eoA?b~2$`;b5Qvd~`O}@G)LWmIl
z=;L@$5^K0^*8@{r4NHx4$9#(q*&8Nvaq-7-$yfzy7mVpxCHl>}An{>;-jEX|AVA{&
zyj|Zb$bvzdqdg{tHbeKdiI!_cUseoCduVZ8hB}jXd+NTvKJPvVa>?Y9Gx$59xd|(V
zbZ0hSNqI|7dYYel$&`vO)tTYZsUCF*J%tMZiQEPCv;)iB$YD86KFvJX?b$rroivCm
z*s2HFEW6v#UsYs3k*%;*W%X9mTK&zy6t`CeE&m5i%-GFZO-h{2SM3u%@)uuppqPUt
ztprse7vDODo;-%ApRcr4U;<Swm>U$Jtc64yke@TMl0sIP4WjKuDS+MJBttn29ta~U
zz3DkDm{6&Pt%+F_bP4@BupynF8-TzGp!9oRj+v`1G(2ENC=@O>7G^4VAQ9nQ&vh|a
zA4xFH?O6G~A@E(S=pAb_@SJY!Z*hPoiq@01vA#*0*K7%tDOvN6dSpJ!WGRbkTg~@B
zcse8GvNggWjWcb?9#p)5N8YgdURJlb9KPe<KnujqRv1;x#p6Z@3y8~^NA%{~8@xA8
z7ntg>!S`w_7p@zx3wy}Ik-Wa}NlJ!Y``PdQ55k_4y>x&la`^`SXv$&FvrIN3rPB6#
z=YhT}rTeX(5gYfh$6r^KT(f$`8Z}Tw8OjP?#lS6&ufICigX?7TZX5e(*5s@#<fh-X
zwavwM)*$%dj#XNv`C&$`5g`tATvF5J#HChWf7N%-dIb{rYK5f_rmS%nZ0iHQ3i$G-
zSENHH%q8AGe4*cK`bX$<sQHc7EPnwzaC{6@kB?pRZK&++A&P61^CeRb@StUHs<eIR
zV)*#w_wT;xNq7ovWGySYjPf9U%k}7L^P}Ygz(5U|j+);yBV)sNctWoN6<HtrepqkL
zxzgJOV3gM(P{%G``ukzP5J}T%j9>_ZCXol-xabjX;Igk+!Ki}79B2jt%VS7pa?MC1
z1k<9KR+|}lwLAEMcbI<WfP1i((6eH*HE=F$${&KV26Ntq?=r~w8${6SuHuFHE&`EW
z8+4Vnk-6DvFRMOaaC+vZ?SftwG(*GRCB;HH?G0O(1-7t~gUGY#B}#^G&kUII*{^Kg
zWB&@q4Y@VTc^}$X|0?3QNyPyAMXRg#V0dmyh5#sds_<)ptIs<4X?Bb3=V2M%czN(#
zk)tDvLdd8HDN**qFmaA!57ZFH;{~;ZX>SunA3ZT7PKm6@Yqo|Fjw~zN+Ox=(ku(EI
z@gEtK(hYB2q$y`=JI=&LoLxq7!?Pk7yOFe2h!7pM3=`M@>-aKJ1FncY$u9N$#zIIG
z_Jvy43#suX;9$&6+0h!d)iKG9SEJk5-W&Lx08Mi;+~DqQ1j{eNL}g&k>U(C|GG5zt
z3LO@Ag@TvFmT;+Ntryaa-XKkA0n~Au#Ujh4%y*8Q;DvwY+C<PIGE$CJU=S}E4-}Jr
zK0dkn-90OKBd%AMAfI%>*)Ko*hU@L_$OXCmJzx?(pJ01wdCw|hv|2U6{Mum&0f7>v
z@ca)G!s`L>k1v^E70<S&GZbR#Hi_I%F1ux(x?6RLgP898Y2RzMM<YnhHTc$3Q2~M;
z3XBNV3oi00Eu>)N>ch)$<`6U}1*4#?FfnN(5;oTYgKG)f$4cR2&(?DW5m&#M3W`M>
zWXOk?6T)X~W`BaOhCOizYp7?v#1=TfL@oda!}pEKG^#)R5jqFcHT%=_k46v0(naHk
z{$cC4c!dRs!WdkyfFCRX3@)Gg0b?iVADLk<j9BV8Y29uAfJWeUqn!IhTLc0s&8$OT
z$QlWU+=5WEuh;1W5>2uCc0y_?p^NV+;OCqR!ai~Z?mS%609LjMK49x|Q_`=8vR#vh
z^ZAXC^=|?emp@SZpth6mB)4GZ0IvwCMl5%=QX8`7s;0L=4Do9tqT1zD=yQWUJ)Jgy
z?HjH>ybSX`nmHy)1jS3Ftk~2R0_p|i3a--HlgA+*b!#?pY`vnGQHLmOu0s|cF^5DH
zR*&thwE%QKz(%VXc_XVez;b~IFbeu`$^gN$<Saz=VQ>dliKXlY7?KJ^{DQPI1jY=j
z-IUBLdCP=D7u!X3YI`}LSJqUEh7_K*1yK$h^K}cgYZ28xyxi>r8jgG*DBkx1ATqS3
zIzg|k3BL(m1d^8$JHQOWv-+Pd;4*btF9sA7@dG@dQaGy-X-O<Ta>@PTb&v@i#6%8x
zCkWbsdlYLY07*K=Gw(tp0PFk@M0Cp=K+|kRWlDE|NN0Lfrbl%(aV{(an`s5pRbR8H
zc*_=Wlk>{O7olA#E^i}{g}VzKp@>OKtZoaB%{`<=oAW)~*kDT9)|d+J-YJ@mQxbOu
zY?AP_)0iAy4809s%RK(oZS~iC)H1&H{VA{?@e5I^gsdHEbhp>Xir($7W45iutS0#@
z9MBYAH+>#zb&a1$GpqKK*jUB?@-Ti``_U2zRl%`)(>~c|C-@pI9<bQ^^@njSU|x{l
zbW{|hrV3iBl~z1J29OhFelatfFuVOd>`?dXv2H5*^P3%w=%n{-oMM;YSOX#A>*HEO
zuD~N@ah*NLOubMhwJc@hSH8a;B4LPK1m+e9SZ6#4cAr4eYFAkMEqW6px^GM%ieoaJ
zu)w`8Hn@ndJVx;>y9AotSdser_1MjgwFT}kc?f~o|Fm@8u?1$pc7C-(J%OfszduU2
zN;{-yE-f)_?wwL~)2rIYuHh=BH%$AfcSh7=M)<4feP^)0Z~IBV2ncxTc%Yzt`_s*`
zzPiLLX5)Osq+WY-CjnBnAH-j9DmE^!|AxfQJKazB<b2I7%GR8<iN+Pv@4?Z>Gz<Ir
z0))xNXkzt>SNXK0kcPM^nVR?`PbBGp;F7*S>h>W}G_l7H!-84YvWY%8(0tgj<jL86
zeTvz|d+6EEZZhju(EO8|UA)tl{Y+t(6TTK~y44+IRME#z$1S_2rGZSPwOsQoS>bud
z0&x`g^#Pqn3r~B}aZ8PYq80UoZ846ytw!MvSEydWKqr{#CZw2#n{KxsLjqu^6e2xh
z6Gyb*L5j2^4d!v#k9&P9xX6hB1gy%=8$xLV#zn#_kciVBe3yV1mbHotj}@-DRd$(q
z&|#f9SDTeCU4fm*egshynZot~kUCHlt=r0MsRSJ`N7(Ce%HuBHPsK164T*h?$gnns
zC$WT?=Z?Y-z5@fz!xxwYm1Ig1W9d7_m|zJ@PoAH_?CggL-2TjIc6(2&TtVt2t@)hm
zDNazA@)aL(d|W4`k=YLy+nS#@U2@{B&5lNxVoO*})MoQ_rr&M;pqE;T6g>s^ZS7j_
zce~S~l43RhPfp_9wW~e$EKmDmlCp{$(m#7o3&O!BP`tsYDCCb<j1j)p<`NaPL!!(8
zo(qGnqXxUP!P@ftb_IpIEgPT{60%-WRO@@$mOUWim0Z|%E|V>#JDI8$)_RLQIXlrO
z_MR1m{_n%2t(x`C8}r8$q#qea9-?j~&^^g3iM{eQ0BS&$zu%s2&)aqu0=Pg!HAS<A
zDn;zD0+@`Lql{PM_At{FV9%-wZ#`x-q%UdzR=eI`T;QJCLpWIf(plBNu$rEd_i8KG
z+eKOjtnCESzCCWD7{=h9k(2YHTzT*HEYB3mFhsf7T93|{Use(urU22$9sa>?J=m=W
zyS4lIceYzS&1TOjI<2VdWb-Dw=MnX)eL;_<qXa2IU!Z3NQIL1{bTboJP{PI1dcoh>
zw|-gCV8w?2G4>#Dy93x$ZzfTX9x)br0wgf?o<3G4wypo3L8Hqw$2#%ZXGX3Wni$>b
zl3ZquYa5VA6&r2VlozVK^KSZY*+i1zdu^-}oZxbLciVrY*C)`rYx~pn+4#LLT!OQo
zzZq-L(i!kT01=vLWb%%gRP>9FB^BD1|AO+O8B7uPKb9@ppa&F7sZLCNR9wvoX|uiS
zwiHp*#8kg}MTOSP@3?GIR={MtHZ^Jph;%V$WW|>&OD>}&&3KKeAyuAgpo11t)4EZu
z`UtuQ1mPbsNb7d|v9-idPq*#Q_#SVG!oq_#iT8X<z0(Fe!|nEfOC<Sto#M7X59}Pb
z{YehdlkuJ95~-5$9q6_{;}{t~=?Wu$Qajd-AW4$C+l{4JCwIFWN!II(w|Dou9jfE>
zU^41H$4}yQ?T;tfS3V{i1wUiE>urBV%w}Boz3oq^8{hV4OvkjHXTvo=-A`%-Q2$e-
z*z6Om*yw)ts^8fDjPCxIYIgPX2>ivm0d9Xr9`bOv!0pfBEc|<%g{1C;4>=7(-3n7_
z4)iqa?_QYdj7jcsn3j-6fT@#v9wt)!<YmT)FDq6+8SzNV-#%vA!2u}qKO0tUh_=&>
z8J}eIOU*l4g{y#-O#VS!ha0DJgPMHdx-afyMsAbncEW=tNaP>4c)srdQ_efy1e)aA
z(4X@+uTp(i`&(S+W}o|ppDs5Dp)Ca;;a=IOC7>g2CIb!P251VR*?~HuSc`-*^Oj+F
zAL&1(QFqG*x?=TzI?Jm^X*}e(&iWU&ka(1-<d(NZNPl9Rh`80?d-`tsJWnDp!tppe
z5fQbefNo)c7X!U$7Iya$F?yVpY=(yJ!b>qBZ)C0ia{-lLz+0~*Q*UGqzj^Y-#;NSR
z)TYyyaV|lnB|uS(8bdn{mp$#akSlU2h^)*yjdmZnR%Ci;HdyNA;|wAl50muAX0}aM
zon3pRVVWU=TP)oyw;zZTK{lEz=c0ONXw8;9BWqSInO29h)fgrlCG*Yv_TkI%?udQd
zDYq<@_S9|rr{R7972+ExE_`}pZuAcBYCAYoRCLx9I*I;&`f3Ko|NoPXH(se3IVXyX
zWx;$3HZbA6ERm=ljW!bg+3-7BFsu`%f-uzc0p?>%UrRmT_baJTXK-%Iqg%E)n(WAt
zqf2p=O4X(pc4UUrd>||82>upm$<Y1usf%M2!Kbn)9+pCGB1<m|iecWd5y|c6dyw=J
zR_EHI(gyA=KKWyZ%rgC&l!C?)M;d9rmigEfY#(%J<sHPT!A{xRA3nHp4)Xg8UNE&$
zHRR!@kX$3wHKr_Y;rRn`jLJR!Lhiwe?SqyFjcwZotJ0hpeYMk&&h2s*vy@8e5wlJ@
z?eU9y3cE4*=R_Fw!7n5u#B5oyS07$F)a3xw50;)&#hDs}Jf|BAqDEayUNC7Ln0Plm
zy)8o+vOoZ2L?1YI2QU>>NpT7cWZ$!8gwsNbC4|5%Xv6?zhpw^3N_%&Cq9r%5nW<oS
z=U0~&Xw%9TxD)YrEGH^ku{A|G9h3;pNTe2{k_uPoa?L7D(q@rlQrxkshJ=Zw;6DZf
z^Ed(rZvjq(8hqSPX$)61R<^F`#$wGhB8j#&mwIlFC9iFoSti%(M(}!b24&5B-e}YF
zEN6GDI8%H%rB$}#HOuOzVrR7EQ<$Itqj$E>Q!+3TBtbY`v%9Z0N0S<oCXvN$l1)B%
zcX53a+*A|YMSM-noNL_y?Z)b*=VF0ruR%<2i!j7Qj{Q*a8sb_<RLva1O*XzlYB?h>
zLtS48f_oT9nVB|nU(z)zUQ*Q$bnuwl3R%5Vy)6&h*f=&yXLBzMPStA*744K(2OeFq
zg54ojPhjDwaI|ce#qgDt=6v(OS;Cj|K6X^{ZMh}mJir+Aurvn12YR__yCT$E#D27a
zqg6(ST;!h)>Og}OtM%Pwkq}~2lCn_P*;yJ~#ER7wXLpRyYR>D50<0tME8KuFv(|Q2
z0_Q&@WN4~wJ2G3BVwASE%=uyy*ScI4%~(i8k0rwTbfQI5Bv|V|BX_+<E8K|LTeeZ2
zXWQu>abyJxBqFON)z=nK$!N`%veG}Es7#h-FG15dbz2gl{F-h|Qj%3sOr{+mh{A2%
z!gVO~20%8ClOD+nxOb1j2JvjI?mo2%TKc{a{GSbLd+WHA?bw7bJrk;n9@Qo;5?a(N
z*(_IBFq@iiyQZcLi%@$X0{%2yg;+|1Rbj1qMN2J}D;`g+24lOU`OaLW19sKp#Rilr
zk(&@Q&McaS$aA(XWevs?u&f_u^-#<0MV@dH>}5WdyEt@kS#VaVU%`&1Fk0lmCvamJ
zj%y2`Ut2l8rfs2}vK6gpR<nw$nrD#|KWEw)?m%-1fN=FDuVnR@&XD$3_!~_74Ita5
zX$q-0Sx<qH^(o?GC4~e=It*fN@Kijkr@+Gc1#qy&Vqp0o1u^v~1^=pBc^IJ>#lGr8
zwu;aU<6b49T1DQ_DN;>Dw2BUT7pW<NW)-2hgQWFHNLFJ}tN^1bfejuF!D<AIVR8lV
z(^UUHe&z2|RQ-;r_#IKpJHi>BR>M28es@gm>WHzX6<Ca{#(k2priH*0ssj^}^OFO4
z`v&nwU_d<u{?n6SKaItGN+$dym`_iD_w*E4Pvdc(Iw(#N>d6>Sy9iD(og;$p)Q8>_
zTZ$02(;#wF^dtmvod!^wQYIh6blO5}iWwPkJf|JBrkFYr!EzeVkYf5)0LN(nr70#?
z1~8n`5Sk*yck!Fj(3xV=#RKpegUl4$GNkwvs7z0R$n*qgOe2w)JiR|^hsIHu9<*u0
z2u!>9N=d>shQ2fg<{=$<$rZ+rvXLGSb!l(JrGuSyu(J+!R_a(2ag3e@!)OG4(P#+r
zbnK$^4Cf@=qAns)0@Vm+Q4bnX0?`m&Q7;lv0?h%eq9;Yy`?vNhBq9wx5z5dLAq<T~
z7fO{E$;d)2ZcvJynT9IV#SBW)+J0d~p>!=M6-nqxP=rPy2$6Y8SxGW_PzM(%fp8jf
zP!|&@f$W1&gOY2Ro&qiCK}bPk3rfcz1f`+_C8A^FCjlAAqWvV(jH3c|k$#d1KL#Su
z$daisrEAH!IeV1lq?MmN1o<a%^!p?Jq@w-oTM(CwY%(6zWHh45Cyi$EU?h{LK=k=!
z(R@Z>Y^I|49C-X+i^m@esb>^QkHz0fu{DzrdOYl%6wNS-&NGa=lR$n4ndj3z*{NMr
zlW=zSz}Sfg*v8}Qq-(0<adpOG>bPY{SI7c*I;jQH`&k(ggd7j~CP^WUq2uhJ-Xu|d
z7&6XSBW465PC6RSxMd^|_!x_XGa5c&ECNm{`b`JXCV9ex$Tz!aHpw&}2lZz3!j40`
zNk+OE2?s@DC^sIwLpoayBiwAiE1Bj1x=lY~O)}L!WSd^Jnq-O(LbVx*XtM{J%{XM2
zajt+g1e;OlHBaO=7=>7~ui-LkcgCXB82p)pVI(5d>|)QPOfia1vyD5G7Mu$q)AVA_
zB#`Y#rFoD#_1N0<{^_aX@MT70%XE-q(&9V6Fs@AE;Y-Dn*#k=^ez}dpk+CQ-5t<Le
zkQudTBiSqsHzpw{{$R|QM=M!`7-DkKB6ca+3iW191xW|`U{q_g@T0LwxgeCZ2gCB4
zVV`%5=2I=>{`1NgX;wG1Fl4blF+FtNvJr!-wiWHiH2F8JVx$=OY*8$p039I7l{?Oj
zJIaOo$+~YJ<htz~j@@mv;@0qHY6#Ml^`Gz3t1Ft_8u4ZGE8J^iOsnnps}C<tTomd|
z3R*2~!iIN>E$x&G&((4>o8n^hM*T0Y+7j=Sw$gT?{@KWyPK>VxhKLC%SPZkXE>Ygk
zVd9;Dv-0A^i}5sVW+|&DeY9yI1+#AeHz`ah=2xXf)}U(!N42}QURn*TYkZiH-UFQo
zd-)Soa`PQigA+|p!g`dx9fy?dvXV<}g}}m_vL58D2wi)d+Bu?4L<=G-KTD}zdB_3L
zB}H1Zlmr%+o)RG%OzpDCD=C^#)GV>XKU@g^f)|2!Ry&%fk+P{dhQ<zTM9!*W1Aaze
zyvJcMDUf%@sDbT6_J*^{^h^5}J?d5!OFZ|eMPDxbx$Y|4TqX6ft(f9JGVoWR$Y{s5
z)&Kwa9enk=rd7@I<M6sBDTtlb>a8$p2ZL&K0#32XHYRi~n;J|YFjdRD7y|B?2und#
zeO1XhyWwfMVx6gWo_4hZ`rr2eMlnxqCJa>;W`$BbZD_*1AUUnsRKM`CorHR3H<cFj
zdPsXOPM1Vyg;IMmxOLImpdqGp46PbzrNi{(1pgp}&p(OvTQjBTa{Qv1=j=+Ynl%;E
ziqRYr^UPn9){ToC;KIam>m=!Y@zyeBxkk3@r7DDIIxus544u%3_ccL3i-W>Tnl{zn
zuj&a|(`?0sxkpq@1umfpT|ppp$?p<FO{jvw00C>u^5n7FS<ckn3LKC*WmPM3)Dg%>
z2A_~o<7;Sdha|$oH;BC>9(~JW{;565!k5SLQTY0~*_4ULNAuww#Cz|omo!XzmPmWV
z5~K#jrfF3MsIVqEdy*p!F=tP?qH2uu7QR2^yTm^Z?Zl&aoGW`2qYS+zz1qhR98}qx
z3F{m9kE}HtV+Zh^Ppvh*$$Vq;&Y;INI3%1^8aItIxh@Na*>N5EMlpo=w3U$ajrm&4
z;%uR_WJR<sQ6TpBL+dA8?Zl&*pAU7!2fq;bV@;R4tkiWh-_WIIl=FgBHRjz_ZNeep
zYpoMtm0QlrLT>tn_$x0d(Zww_-5(4>_zyE;@x%4@K<z&GEcE+(qex0`<|}<1!I$y^
zFw~EaVMNEr06W5HKErMrW}I|sA?8BJ5LA(pR<*VF@Y(n8zUise4s2g73+s!CtnuYy
z3(AX>GCx*6h21qBG=DmzZ;%-3D>sfF@PA#?Y=z}(=1l-j&@VIfe%BVC7|~roVXk;t
zF!DziR-drNf@SreNaL#T;rm1E?LymswEy~3AOFNGCw%LWSnQ%+!&j{qYUcsdLn?Yf
zV9Yae5kw?GMF<OVXi;>CC<900ZEPY61+5r)Bd_(=GzFWGD~JuYzX3`0MqYemSu<Re
z6_qQ2?7eRBd7G_=^Xp{mwJd7$@P>t$H0wFAZntdH_8T)ff{3#-NYXKnO|!xTssC-u
z=GJpAaBxOvmF-&xiQ1G3k;C9%So<z=EOD^2(r*(J1!Ey%lVRPL66odkUHr45#jGQk
z@mGU%&BHsrneKU!XS71^y6K{zq^Wk)(r1vOmc>@|w49(!aF<p!&zgc(7QK42_dc|2
zdd;+nG^jvzh3EED+uC2rDlV})He{)99h4IUGP67@7gp}LL+z#82Z(mcEb+oT^(47F
zu`}`)r=3j*AJ(1yP>LC&IW}gCS|PBI6?8E<$t4LjRbY2Kt50X-|7Dc~wi9egYkuc4
zm#hb{HZ4r3BG1SPJT^Se^_u0J)~wi^+Po3W5gB3->s8^R{_o!fnJDC7hao3%&IgO+
z)2<k5JX@?_uF{~)?8!~Vlj!ArdZ_#{k?HC<{-ODgl8P<ijN$3o^MobnpMB<7ElXL*
z<>tDq7|mZwq3Q}Gz}^ZI(jy88LV1LtxVHi|Fhmc<a3${%0s!6_)OJdlD?-=OXhutZ
z$Ala8K6(!%&|gOiP&yO(#(%;EMr%nH0I*|54<ntCE13tF(<y@}jJCTMRg7e^5w(Gq
zWi_kTT!j6rqFK+iy|%!m!W2!eEsm;Us+5>5<@Pz3Ysv?W))aU9m@1d2sc(6V%9ey!
z$kSA_jILv`H7ZfM<0@FvBP&T&D^F9eGNw{xgfA|=I_0VAQbtsyr1uTpyB1|k2f)Po
zlc%UWNv}CcZ$g_=ZPHeeBv4GKGuf&iNjV3D6(;*ujwIKNjQ8><EPgT=Q=~Q|u_`3d
z51umm#2S$CX)THC{1g=*PgCnLzRDw(`#!q9!`-t%vX4>Ok-%XIUm0J=(QePz0ql|v
z)4c9HVs)3=XprrNjlI#}t`6GipmstLHd?@_)obD8dOeujK!gg14G%l>tb$!gdE1nB
zOI`m$E;6|`D!1uLrny1}Z2w!fnWEi?-*0ynanL(fK|ArF=8eFga?!Rm8M73FWG#}Y
zKg$_`y#f^~m*Tj_ciKa0zdA^>T_`sa<NuhEb0V4o@)R*<1PVF2G4#m@OF}}I`h3;h
z1spmlkxM5*1ja@55bRFy5PiJ9W%o&^=lC^#c?;hnXUmE~SO<3=IAI;QN1ziLyJK4R
z<XmA7OuZf81OMTE#l(A|XwB7v(|N)EpI7pYtgT1;hhcS)*H-nm$TFq2B5Q3_ws_eN
z5F1Liz=RxjfGoO3uI0L#R!ayr8q?BB;AJ7_w6KsL!&38R=eus?=Ev5y?F?Xe?gFnI
zzU1?Q8CzF#_K&QRHl4R6y7k2XT}29}6sGXL=HeB89}(%<N4hQxHi5U3&!<01!AMp#
zs%F*jHd!`mBeu`+4ucg2ndGqGJ7;T<qVc9sMLs+G?CkjqtsA3PpDH%#*%|%r=QHxt
zAVocs=j12&?`P(}pOc@+PlQ~NE8_oG|A+iUrh1Xh)IzKIe9{%-nKpX$QJ6DmI;?pd
zZUB5GL`yRna2V?;fA+uavzjcgi4=yy^AniDDY*xq-<sZ{U-2BWS@mE~KA%1x#z2*#
zOXiMC=%!(2dh+~q)|tAV;%AdIv23HOZq_hrDmL)SVR>Lh!MWJn(@j($*ei9(?;O}=
zS+R`eu7(cJF}I*|__ARM#_JimtdEZsxI|4&BIt20M$+Q5KL_4^W*p|jm%o9r8Y*=1
zywab4wzpS$?M`r#$UkaNycYwdJyOaFl)?GsR&cmBU&GP}g+S0bN<5D+s%#xe)y{K5
zu4L{!vjknU!z3$4Yel|4>dK4nk093IRBeMO-WGm@(Bkc}C|RX95fl$$8hP$1l{@RR
zwGL2w0k{uK2$NJhD-sS9A>*#7f?^R2Hc8>hml-)n##ay{x({^|i|q5@o>`eNEc5R{
z7qs6aYYA|Ynv4-dSNb-A=%=={9Qy_G8r_i<yqMT*X6wSAvlWF#4uFv5p9{0(0XEfl
z&4)G#4^?n;OjUQAo|yv@?hS2%Z!pepx8<XAv~=_)fP)Ryas@B*o=f|)iMI-&k(%%S
zSJEBd-sRy7?}fRP6EA7}Z%`j=*|e8C|Ldfk?J2~pt&kWt6P)nS%AFUpoH+$W@wx#4
zGJ)QT`c~A76Fg5ni<a3Yx9w#*(Ru@I6tiG*!$ME#jkU(n=O>?&DS39Pxm@5ef=%>Q
z6KIOC2wI5PuSV~PYWqlTDGyzQVy&0c2<Ann>`SjjyC;|8O6J`FTv~gO4(d8NvHxh3
z6i)}yh#%)p7BXk&3+Pz9xsnCX(sFH%-t0W*-O(#~Pwp8mJFwp1{I4Jy>JQ>f|KNBF
z8&2D+&S<Un%89Au3by%eiDgH$VlT*)d?kgfUZB=1peWs4WrM>AI!%1&hOLWPY4!9H
z4E`7UQg`kG=z^I$`5k)c_rrH0c-h@W>t8o;$8dD*b<<|_Ut!q-3bp2d+17cQ7VM4{
z?jYE-TaU>@hgfsirJknZQXq?kj@hE1%fYh}^>FBwy@Bxi*hAny6*>a&ieWi`=|n+x
z?`7){^LXrzoTH_?Y-;ni36vZ!&4s9c#d7>&&_`yP8*cjpwa!MpjFCx)Plvq`-2-A5
zB7yaXNq#T(W%J=<17q2X&xc)6m=E-`^10=uuM=}BZ`$u$C($i~`xkZ#eVa3wg9@WR
zLT5pXAZm0lu3YFG8`)>H@U>J68X8zcyg+TA2(6sBBo*>)OMx(&tuXl)U+|~lgQK_g
zXx?PEthVuuY6IOoo0`mNL7`{PPX0##0u^446k$||Lqw?cl))>#EJA2RDWI><@G!lJ
zo)=0^w79W^cb#$Y3jFu5RRhL~xfB_zUDdpc$(ViLy7+0JbIZ11oe?%$La=v>wT`+-
zEi0*NLD%eP*kFWJ)trYX(Rv*Xg0QzbB8OJ1-U~w(!;yQkJ0h)49!>DAKN_e8@2vr4
zv@@E^y3cd7?|I(wPo+82cg?o$%>`Ld)SS~{2nsFt`2wJvB{RJz(R+o*aXYt7t3w^T
zaFFteRewp%io!smShF0=&sw(jHwVgH&)o2S^bquknb?|bBxoCqOoFX#mi$g%gh>uQ
zbcU{2QId+~O#s^k1_`(Qx$h0YMk_`#lB3Q>9wE~9@FDM9+I#`>4U}QNAncA+8&XQ8
zKy-kJr%LgqScjs{3!5<o79`Bh8e2!k+ByO+j_io%$MgqyPW-UnDrWeT&(EHpJ>N0#
z2Z{QI{}ueN^~&4-UM_n4B!QT_nN#PaBs%VcF@?{-kN){->(?irpM7@r{6x?Bvr|2L
z&olqo^!X_Xl*Dx?nwc@x@y%Zf)4uRtR=LRnHk&v|R?p0JhvI8{-@@_pPVBt|aRVU*
zUX$OfWyO9o%=C`VpznOh^&Jtxp^TcTbqDtTtqxvC(_PWt^Q}FznN1~IBzM_Xxp}+h
zWpDRYU<TI8qA)h`oaqnVS8aFK4yry>UARP_&i8xP$jm@CwbtLRYg)5KQ(UtewIx$=
z-g#-;%TwELJv8Tx(6VGAN0$^bd5472NNH~|VxLaqT5j3)yE*D?=;_u|HmIK0CCgkp
z;T=M0x#HeXy?{C;&?Q347^rLc&^D|e&>AD{jbgd3@VYBnuadMD{Y49OX8hx(wi6mx
zTC23vTQ8Icu*Q_{86mG5RfAGtNRs0hgODy!l?*3U$&xOCTa)It{ZN~Pjtbe@oQ4W8
zQQ%vlR2G}DqqS(wpx#n-x{}}14WX56gh_x1sPU%S=JnP<-*}*9v#pM5+BOd53_PDb
zf428BhZ>V@6_#?f-H7as0n4>KzV|4!*6>yoX~y(xQ)5tB%uh&-s2VoGU)@){W(fsV
zCkt9AMr1`A;Y8JGw?YoS5}wvv%7P7OimI9KeJ;%b1SV{crDMV4Va2E07SlhX{?v|+
z$O(S)SdmJ~`gHH@Gt<2ISf-VvK;^s^`en+ThjpBGEdq1?iwXKEzUBq3icLtryT+M-
zmc+yzuO#T~<c?OTZ+h(pe|_@d{N3N*oWH&})e<G3gqzv671I95z1M7S&@k(6ZJZsq
z-T{zJb{<;NtsAY378}Aof_v<4-*XyK((EnN``3Y<bNgyuh%cL@0VOFvwgFGCqMoex
zY^yxJg40LWsywd!&(E*Cbc;dsF69oZM_@Itt^4Zt1?VXP$}ff@w5{)<MF{H$*hjCS
z_v)gcs^-~W3Yp#NxhFbi`kw5}RFLy;ugNQ}ZsX9frju3&KY?0!5p4v4dSF4GTy_cj
zSV|Rkx!Sea7jfCaEZ-}J)1B+-0_e+-A(m1&wNN(^yrb@N<M*v+d(k4eTX6VRwg+gM
zmEOpP+*6DtfJ~W@8(zL37eX}^YwNJu*Mw=Bk*TIEWmUJp^RR0M2S+SzJu$gJmr11D
z;fQ^#e|Iz?M;{kT|3}mdbu=TFYu8GRiv_DH<d!)z4+LrQg|CP_2~z~$fAjX$+ZUiF
z=Mqr^*`2=oSXIf&nPT4V>T5bkF_Y`El56fEgTNsP0f8qKl7N#xWEGGd9(9jcHuZkd
zQ9h#0w|W@#a$$S;O-w#D#;&+>UkZ|(Z|vK(1ooH^QgqFq&T@8lrgHjx0z)tz$Rh{J
zpC?u1==sr%Tw6_O;?LWCFGz7AD>o2u^FKQxC$fSOWmJ%Y(L3Y(MM1N{y!_Ka&k#vW
z!XQbB7$m`(AU$2_@d;bBUo|G?ypUDKEao13CAd0@)gVl`=(sU{Rsm0vEED3isLNOB
z>tvq*Qx%XA$>l36;61dzoU7a5LfK1Kuav%tPtMo$M=8j~U#`utPJf|A3re0?;osD)
zX;8xsR8i3%n~G_@BuUY6-`-Yk^zX?lT2s_<Kmvul(C$Li>dPE}0pJl&NqK-ik%8D>
z#yZY)dChysitMlS2w&pwq0_|+@<s|4E-rq@XioIWo!~#et$59X(kST)(kve92Gg04
zeZWrUjn`=?*E^-ZVD6&uWl_kv#p{2JS-gLDIcgH`-(A`{=zq$^&hTM~VL|yg!yl=r
zwtDIpTRLicmA}Ts+u-Qwj*gqCT?VOMe4PCpdgVjc{FaMg;dA#C>u+mQh-EeFq)uP2
zs1~GT-4r!112Jr3Sza?3WZ=7I6*L395kg)u47=wqY%Oq<1A$$8iM@t6LvExi!LUOP
zOdh9rf(}XH9;0`Z7j(`GUT?I1a60QWY*w%g50*xwRUW7D?07rLiT>Lecu`NWvr<&=
zS+QzIVX_YnDn$>}U*dPMmAJt#ynlE3pu1X2lJvV;f4ldthCf`h>W*hDVlbFU+|ymx
z`!iGiugXkXb<ZkRkGj#@N9=v*+6UsFx@bAUNh22+_Z~SnvIuDFJq{&XC5i};G~?!H
zpRm(Ife61QfrFJer1$}D7kKz9c8vQT;*6E6MOr1D{^}RkU61KYR<6hw*G|Ls;)NkU
z0t{QBfAv_Af-hJAQ7{SDN(x@fDjm=2*gm0m_nqAf^4j|?C7CP=mPNe+a)ArsNcNa+
zCKpM~ZhsHPn=#YQa0AZXU7WvqeKA|-zgo%rX)ULXVpCp+ZpH)<m_%5T6zG&P5Xd7v
z?xuRBmk{&IY4L)*SLn_MKiL0e@9(?gwyk|}Jb(LDU^!<k$*pE2#c^_u@44+yv7J`8
zwxeq)>Ak<UH^GpY8AKdnN|2JLr{}$Y7xo4~kV69C%*e4D;*UIx$W1(M?8nbGE=(ax
zzxGm4@DSMQOY<traIVXOu@l$Qbo$|?h}v+{7-~SK2&!v9@zB=*`7oPu$Zg}39k%DX
zey2Ix*Nxvp+9PbtQb5EwU@*-^q4s9c+)J!XU=mI%$%-j{`eT{g&_xHGeaE~twz{VF
z9h-N}tp3@0e*FvwB`{i*ON_(^%c~X#I;R?;w0`-yjYZV+MT~UMu50Pgvsezc?uk1k
z9JBk=dr{o-d@;G_<#M8Zpr@)+^7M1~SD<gk(Q%Qc+WlHdHm@=axRFyr*IdW!oq)1?
zLMopA-e0_Q;7t?6^4hH=wmPfvn_fK)bqL)nsxY!%K~n+oNCm98|CVyLGfh`K|7f^D
zSjIFW%g*v6&(r={Z<#dV*`@%gf74DF>tpsMgBa;S<i-o#^g(x?t@iY<HuCS;1iwC6
zr}g}QJdWe0QO<85Vh?7NGoH9XrnyjOkywn&ckgv0A3*y1DE0oRdvlNJjFa(pmqTj4
zycUqnsZm#hq8M^3V|RdD2U^e-D_Kz^=_Df0b?uAq)-1m+X>#lJij4BXCodoD;qW!v
z1`|wmW?CI6h6m`EJdMAw-xh-l-_UiOCCNP9k_GI~2w{c6tZT6b%*Ea*z!Ys?cvZ~V
z)jWKdlh%2u$+A}Jml-cD!|}TVS&2A*8d_cCB+*zaaH%^;9@azW%g$3xB&A7%ws3)G
zXJ=;!<@NQ~UlUOfN>Y~aRr^6NVWjZv{CrCO@5P(f5dOF>C7FqGslTcoXb|=QHmUZ%
zuD^R*gQ7Iw1g+6dXCp+|-_5VS{BlZO@&Z!xxW+9o5t$}9I2R?M01yRYl3%x7Vy0jT
z08*F`z!%F>r;e-LoAIQ?3_)a_A^@*IY|4(V#H7VQ81M<n_$?!I`G-PO>lz~$!(qKN
zH7p%=qTY*=l^-w;DQKT;oF#a=B@ya8=^FlZO?g2)x#vX3azN+@W{@;5)`X?xg=I4)
zNO@g|pJ5C59m%;V=BAYusfBKn^6t0_3?P9LLPAi>`W0QqXuH-&#--YwfQ+_dkL$Q>
zweuzJr7GW|j0jAA0~+#c=qNR{0-U&SNL$e0Ui#UX6|;-d2+EVJtn@NL7^dnolM+!8
zy);*}xK%o$=EzgXFOe2k3<3Y|(7Uvv8#iw&*w>@!^axpqD2Oa+q0hYf{g72F-q5u~
zjCdu)LKOx95D#_M2#qSq{(-7R=pO35dC<ZItH8C~(XpeIzLme*@m9vxaX0HyR2g$G
zWB0<1AbZd&8QTL~%-Dup&zEyAM5r^bO(v%gyem){UI$5m5fq2q$l)+&YzMxVvF&&}
zV~f3`vBllg*g_sYY|R?M+RcZ<*DMt|<J?YK#Ed|p!nMOhrsR!g%6PcwOp2^3k$B8z
zc+=$RwbW-y8UVAlj{z5tAX}q9AX5&pd_BBaMt8W%8td*%w055kQdJ{l^7weo9S1jc
zM6I+{6JzJhykL?Z$o-OOzqlhgsoR5hf)~^cL_H$}A<mOegp9HDJxFDYMDjRGg5>1*
zg-y6K0YsO1$%;8m*b~>nz}8E)Vuc6p)C5DCoVO*-Qw=hhumTtfdtb6bt;LJ$OOh7+
zjuny|f8$G1*Pv^?p8qKG1bitzP#GRKtT}g%T-|LPB@Qv9qFM{fRP8rN#{^cm5mljm
zUZ(N|l&(w4zLeLxQArB6P%22_Ku{t?$lhVPyM;#AE|>mjWbc?z{81}<$5SKQU}X*q
zBDkhfTNA-mE~QAg7l=VMXW3B20_mtxWYD@HV^aeKRA}=$-=pR_7b&}{W*L{u>%m6<
zu9q?R%Bt)kSVdyJ4IQ?B$#Tg-E>X9OlAQpJM!+(J=BIsNL|wVx{ON7o{~y9Bo><E|
zW#8v(_Z^bZER${I3&ZyPGP)uODy*qX2C&D%%m{>Tpj2V2qYZYVNC%u;<c0v0_%`3E
zkpcX@Etoz4zHK);TRwSb%kELsb){MAfSfeo3%uhu7m>NJb`QrJl1F$^>MB4VL1npi
zk3g<bsync;iJsuZIc5<SYI|_E8DlLJfINUddJtNm!y>7aB8L1}tyvwf5H2biv2`O7
zB%q(WinXb@&+loGUR?F&k2OWI`gvC<H9r&eJDmZrGUhON9A4Yrv0u^))@5KTg<@q}
zo-FT{==5^=%y&cvZm}JlYG^6*QXQRYqf_nEaH?IRQ_Zc^-QYI{aLR9`8|t@sS#vrR
zZ`)~KjwBwEWQ0Dn^(s2Dy#d+vSKJ_jJRm?TpulvD`KV4IK{!}+4muvlwFsE?uz|1x
zwNS7Q!-=htnVW1VkSy0UVP4#=y4j00!n_<mQ3NV{8}T&e=^kWIJwGy8vK58@{8r6d
z50+L}<B}+0u4D*i!itq7Vt&$y%X@rx9?;!Q8&oq{Zx|oUU9)Y2-dR(*+AMYP(uh>}
zy44O?IMz6`4=~&~12qBhY976ck%|bm-P93mySNbp@`o#9L>=$ieRyImu}$}3L$ruF
zg<;{NEnvh@jS@kcVnzhn826#$9E@=uMYs<g$s)=*8{<B7<claa5hZ~%q>Ko%pS1hX
zxiqh|Cvn@A7%>U1eH-Q(!6CG`Kdq5@)lt))#F(>MG~9<rN7LyM27c5ELsiZv|4vw*
z2yZc&y4^q@3t56#Rhyz*=jqDycaU2W`xo8<0~o%+Df)Itp{N#xEaH(KumwqsmWd1n
zNix3T03Lvq)R-(KImRES$-0W+8T#oJTZv+GV#%o28+7#({l#VL2Bl`IqF{NMZ5~kO
zvNIP-X0KawQEGP?m`@!DdkeM}6&6AqS0=p6@;h=z3mG0U87^j}{EkZzwO!PWxcM$(
zvl4{RAHd|A??iXLwFKAJ!s%eEB4-X2C2TegvRR*vmdtzZhsH5&P0NxM`E&CBj{o}G
ze@>qK{`mMWXOsW<+i#EmI)(rE&6D3h`KS4x-#&SAeEgR`z4^n<)vLepC;$9QUafBN
z|NeRW7xwCJkwl(6`Tf5|b*~}u@w}XfVuDlu9I)ylh?oi5<-F9Flx1R8N`HW@K19S0
zg10t%@Zb`5Z2ZcHi%tm=0+-oK9+|>uo^B>Clx(#Y1uZrt)uyq{0Q?IF0Ap{^Kj>e|
zi+!>fS1je#Y5<T1JnzoPJ%H3|@LLm8fsgr}xEj8kCby_1+3B2u+~nlhK7OqI;44N$
zwm>vRLm-4mnVN4y2>aA9|Dp>u;;h!ir9?sAfSB;$%SWO?0Qf)HYbE1&ol&7%GX8Fi
zz7bmqf2NxzQl%82XKFZ^In>R{BH;2!Q;LDj^U9o6;|Nq+NPQ8dKQN1C(r@sl>vhHx
zfW8M!6_(j<n;XFNeGhfyE2%cQ$n`T`s`|v(4&EEoegH?&h3T96dq^g@wli6qf*_;R
zsF$(=WkZhu<zFvFF$ed)6*r|tMBh4$InUxxqXDqCi%{h{5N+%Dbf2C|vSPBRcslId
ze3U}Yj-pNYRx_ahJ3z$0ZgC}O?c>dR&4Gk=qTzanGusea*Lc!w-*|{`td&OJcgZHv
zkS#n4CLX(iTLm&eCblSdt?QE+n`5L(|8Y^YK(W?&Fe%Ge38^d0;`L+L%u3v;UHR9X
zd@s?%+V7W{KPU7_BP~?w^3aT>m>A=f1uUvuo{-rS6C2o17>Z>UE2l^Un2!pkCKv#0
z3b7(Gr)#+sCD<(JnkKyT)GjP&a;shiXB~9!gd|UNT(i4u&D@@HS%_-UFSt?rc9KzP
zX19~BR*xk~H#rUG>|#Kj<U+fBpdW;iD~q{|j;0qG<tuV586&UEmd3wa`{iUbLl(^-
zF<~o2<p=`iaO04(T_f+S8R+cf6T7WC|J=VF3JAb5MFm)%3MZiB;_6bmYP>F}h+psy
zJ`?%E1=^}lsJaJosO)*i(~4$z17PQSNxrzgM6!IbEGPF2T)KFf*SyAblD8vM`%jsK
z8>Z9-J~YEaHB7nzz&srY*@!I(Xw-T~cI^Nd=7lYlsH8}+hO4EOzG|)8V}!brHA1-k
z8Sg?YIjj_bK7~C-aKEef&kb9xGg`(6aXkLBV=i~xuIfzFJe|-?ZM&-<UW7sf>`86J
zVBOT^P)%VYC7}&EqXahqTg_OSIwfYnhH{@{8D;f9S3kTsA$-cF=Ks7T4H<I{lwyIw
z^)}Z7HarZ$F*JK=s(CVWfBH`~aP{WzCjaS_Ir!aA>c%P50}-`B^c!wKx2@0i)0IfC
z*DRUpGCV(_Mod^<76E9jD*@3~JjJ5|eJ<F~CTv1ichy`lp(V?Mk;*0wHWww5##*v4
zC&yqWG*wwkA%O1yFZ9y9$O(JTB|xCy+``gOj54<Ziu$D52?p`TzfpzWLchsH`5U|S
zP4pnv%qR3ta8tTUv49*b^?@nSt32C~6_+KwWm9sk1P(W50ar370M5@+QspK0haIUm
z?e}3CTp{IhPGps+OL1MWi4liFo4<>pYP6uW(BbRqOG}C&UF$SBc&zrE>m%6?;)bz{
zJgG$?Sl9rP&0COwvW*TGLNkGO=;SP6Qqp3B#a(%6f}t^#*56mP0xOzhfv|#MdE_dA
zm7-);h+CH1oCI|n-1vk*V!{D%WlZQQ#B2zXENQ-Abq@E6rm#o;WHo@08N;jwohu2O
zm#{1|C6HKG*I#oBW{U1*|5?>j$g|#yhYWB~tXN4?TGBxw*>9*VnWaNrV8Wabn7Cw3
zs|koThkO!e!eE_YjsQfdoRYU9(#49A*dQuHAvFXivtL7I$x@P5AdT0|G~^77HpwdK
zZqSV0)EWOt9bOA_(Isn!y_Sj~%S&D`189KN!(pPU95;4z%EK0E#j_Wzlyy`l-e-z2
zYUxFrY~ZqkWe8HG+Dg%_7~mpGq3<Pi`-TQT#5ae9;NFNd&XL!u*;c<?XI)@cj|96G
zJ`m+^SOJx?UB;Fy>D}%o=3084*b+0)r3rj)avtLgi3lY$ZJ>)SCQ;Qi#iOpH{Xs3r
zAN#Im^*Ug~h6F{_r813i#e$xb-!udqEeu<Y9y4){jfy|j3t~W{nvchLs!8jEAenV*
zsXAjQ&WmUye<g_*U`sc-l4?U2BFk8TmDy4IkJ|<f_!20!f<CVkYyPpSO5Rx{eY+X?
zj7o%&Gyw@<_A=p!=9_UI!@6Hs0~u&s<QtsKm(Hd^gHIIIg&LMpd2%|-)P?SBKHJ~s
zy%#s9!lCqz&9$Y*{i#VmifVoLHt6H!+aNx*5v);!wPf!AMe01ZIuO>iQ^mzDlv}-W
zA#gfJ5)sNVG?)WIXdw_R?&%gcy12T8myKSyfd4VKeYAJjv>8+EpoU6<iFUs+I5rPk
z^9=t93U+9Zo2|lLF!iNqk}%RK)CZ*bMn~tBOJ1atH7&{w+GtK}@1qI3`I3<@4Gsng
z)ev%9W4&SOjH^uhS8Y%NtX}ju>s5ZJQN|=^n${SlTXVx$Tt3oK#s_NvYzOzi8oLh$
zbLZX8Mn-k)7dcIuymBA8NwHeljDU(A0cq4m7jE{Om36`XpuToOc)x|#ZIt99pXe-o
z>%7r&w+S6an*z<_Bs(p%L2q617gv{>NgwATN4AI0#tCj{N$XT@kc^c+Od@&g4eQ`B
z8S#kcsk#r~S_DIetdfL99wluybW0%DSAd?L6)lq`lSGQB?M?{KWl6KFF4C<xfB=b8
z`;uHiG>(NkY4_R!y3VLJQO&D7!5BwgZiYnXZ7B+1)sSeV<8$;R)YgSKmTEQ<Smri(
zi!M#cSx}TUjNrE-E|hUbliPb*q!N$~Xvwiu+X+f-u7H&v9mO5ddYO6NmNVT!AJ>12
zJEm<J^@){zC9}o9>Pd(rT9sl&OP+uQkk1|O+RB!vFhLY?M-)U65SH{}=`-0atw!$q
z_Cz|n3zx>3gSb_)^Mn|PS{~CKzQNcL@T3<k@^G${Qb(cw?c9JtSeL2O;jM*?lM;SI
z{tP~JhZ34svrODeQr-(|^+M?{Zn@@~8_AQFI-uz)@lq{i5-K2WDFV3@b=L1$mZ^XH
zICjAF?HN5^<e1jar7=zFteWGr5bJfUprrQtllJH#45YYY5~6@iwvVqagWDD?X9X?6
z@u{IZ`JB+Lt~QRs&J*Eo19UQ*B^}7Aon_Y)z?`UdfH}O8%LRx~PssPW_Pf1bY(jRA
zeIQN<LK_0w2hek)O$1YNe37k}&X*%E7R#G#&T4a3+<r$<d{GD~-x{)gW)L%kSObF@
z=BSB}nt0dnMoqk{{TeiJhllMvR4bh|jf>8pcRs-6ttfS%0!Y@B46}ifEiH`#@4Tm*
zY0gRwL}h#e@631qP|yJSxZAW^<{Ui36%16?4!te~Ua57w2E2bHb%cQWJER&9Vq$h?
zr{tQMVma=hn?YdFv=zrrSxI>&>$~)(`~Hq5I^ZrGGOf;i_^Y>W*$lYhmZ>_i)Cqoe
zBk}D6(GIIFx9jDcykm*DV+C%2SMS#}mt5rEQl7<ngv?f{okCEft{I;&&<kl9x?b*;
zo&XK{rD*EF&~?G?xTxahLFX@2B}y2w)VlhTFKkIy6RHfMH$@t+4P!_#Ei2gsSxF$E
z;eak~yY>$uaYAn+pKZr$f(j`C*2lT8+`B3|iI*58U^TO9=S&R={K!eY87dile-jKO
z<FZa6u@O{|dy^BY*y{i@CDB$O%Y@+!n5ep!X#RVr`+kurRd5*dcNlTqR~ymASF5U2
zht3-;<+cIg4y3)p@7y(T;5CWJ<8KLqL7-}3O^|4VZlpF#cG%q5hKQcnwgph&A7CrC
z8+{N(H1g!Eo{P0eryU!8I8}&t5~+^lEgRb<wr+vjF4aJ9P2j%e%=C`(46@L8E_ph1
z_|!RqgI*mhgOh<$1GZ?9!0pulr_r$JAZ!h1nc}kGF}r1(=<PpfRNJ4!F0W{u!i))h
zv0WPuL)v&d9$kU#h_FC*Ls=jnYo1@T9RSdPY>Bb25fuf0oM{WA$xg+L+IU594(_0;
zWDe|#7B2@&R}JLe(-qC>f=w*hNu6Not>Evr!3@B_xs2!I*LyzR8K|Jv2|*<<esOJX
z`t}KF0Ii$v4KeSC6)#I>GG^?_fKbOY5~I~^nkRrS9#dr4dt0yBu_b}g_MUqZ`r54&
zkQKOEV>ul-+Y_TkXdiUVC!)!I68vP)<A@Uz2VB(Hu;xV#-%4jJBY&@0u_5BlR!omH
zNkF}0B{*W9qmJx|kp+iJ{UD~ldcQ6hLL%;@+_s4{5o}>9qIZ;?M%TK5i3JUNM{Ed&
zY8P)`#*6m*=zte`-Ma=cK#+&&vowGe*c1cn*(JAZ6K^pfI!Q;@lQ(2BJFQUza{$RO
z?t8QCrjkb0ICNWIy+d3ZC|DL(P0nptheIz3z>KJA6CXf7BX-U9m<GG-4Zw(7wh6%g
zZ#RTK6uDgTwW;wA=Undw@&nEIkX_`C5DlZ3`3ZR|O7*W-kZm|{U#j*}F!@%L@csu`
zBpm)8OQd5#w5bg;f&q?cU_a`<*tmPU_*|09oQOit?hZ#lcM`j2T+wyp)KK%ucK`H(
zi=wfD2kWYhmkOkXZa1U@zBY(9v?+v8@s*Zr5fPNzY%5kQ075j0s*zZ?fp-+P9ryJv
z#+coVN}(!=&8N+#`IyX5APBvNq}UImy6&*1+mai07^RLCT`R8hUrM-u1N7em6jffx
zDY+n$=ZlQFG>i+#`CK$v)gz?{{k`IMG-H_iPIFrrRLr;J&v<TumB5uqV9mgfZ`tPY
zNt-W4Q+#}xKdwQd8$8I$a1j6Y82%QCaZhwsZ(9T&CfYuv-n4JJg7)dX$SAtrhx>)w
z6gsLYM$OZ;L#Ga`&?pOA4$CN#dpb1%o+&P2cMwBB`k~@MrgfC80^oK7@zp?)jDScn
zjrY#-58#p(bMkFmg+zxUUnvP)gM{UxBs@>DDn*|ukVnty!%XQ;8@PVe>|B%4VV#Mw
z)`KqW07xCM(XB}wlE9$RNAimp(O?3r<9Q(BTfs->y)X^UTBAu*Y5JDW3PxTmX`Zvp
z!5Bu1U2mUhS<+;Q;U1JIPLQ$kNRp)hZ)vjRxkZ1>EmCwKLtrg>nSYG3J+SKPkuJNc
zw`X0q6pwvfjrC0k$OI~dwcoD`%4s$LQ-hZ<lm>-o{hPMG4lKD`SyL*{=d37jdS^_(
z;HAswq{^L)W~>9b6!#<*<eovOjgm$nc3#F5gK<U=X=jO8tqZZ@CJx-}iM_F9v&viT
zr@6vem8<2gi>Q42f|Rsauu{<>d9|7`FKp*w%V!O)N_k|<QZ`1hdre6~-WiGzGXN<}
zb5SHFh|yHR#F}Vo<$ut3W0jZE8~GkruM(&K&wqX!Uq|eyey49W??sWN_o3JX3{pB)
zgr4|D5}}X|Dst*qx$f_II$$#3@#Z9$+*36PM9l)>Da%WBxC_6me+<-~kXIZ*=YTd;
z9$C$JULzRR3lOqhsdHt_6Oxq(iv_R-qFfTmS5;QhoQX<i8}D}dkc$w$Tr>6_4?^4}
zYaef3wvd>_6SH8!xNhS&t8+@zQ+xATSUC2cB^pj-omC6o3;y&$OTE`st1Aik)&8Y)
zioEZ8MeJ66{nHc!ZaOQkla#Gl9zd)TIr+BUr#K;d&%G{D^~+ZwJ~G9!8aIX$BexV;
zDhYdE7S#LkM66aykhS#Ygyw$M6{R{HN*G8#VPQZHF4%u0-7@|4EHr+O(=biS_MqDR
zA&P4%r3IS=W~@(^Y(hCWwer0ro4sq~t2XQDw`=BmsfOz5%Z`HEI2wOv^+>%y_+xSX
zPrJDOLsvGR10-!+MI8NX%c7xw)IyeHspz+6^jI+Tnbo(c0c$fK(719Q?pEA!ld4FH
zD$n~DElM<_C6%lUnd6%BS^bXU9_|^@f5P(oDWL(Dq0v>z<ab)k%NtbYqOcQVD(U$7
zuL%l*Z>u>jSQ5bZjoSUXN8f*c`EuwqsdtPZ2>;!jst8XjR21QVuUr)jK<w@0Xj=P?
zGI)v>39C(}FS)#pt1z|oTJvcA;l(SWe~r{!y6uD^Lt#HzQDdU-S?y?%u-ZA1a(TN?
z)vDc1k8ORy)K;jApLqA%MpWcpLuhL~<%X}HlUKQ{3Rc&<X?-TNha<HX@(R(^<#VH-
zcnJ?QVYbbbUfPG=4c?DM*-P6t(U6w$F!s_lElN<g;y0&##jrx>hkW1Nc{w+6#wQwJ
z*cNg!5BZgBi;|{pA$JFUYb%eC)0Ewv%9Ng;Ko?^2QJdqWk~}_tJSEqB#WPxD2zh03
zzsz%flej2sN5B<-_Lv-t0(z9toMg;EXK4<zL9HO5vwbMGM-FcOUZ;aZmm_@Mxl&#8
z($&k_Srt%A{_x_}lzgvM8GS7yS5xCxdm5hjkP{nqboa0j#OU+>JD{cOZ~Gj6i3#)D
z6T+Ga?x>w*Dqg;0>)s%VmL!D_x9q>XR6hvGp-Lw$2}Nd-R2lX8jnMi#B`;rHy?gcI
z;^x)M=j0Fi3)~f+r{qS|=3<Y+V-pp0$qd`K6J)}K=5>icz}BZZxy*TK3po2_za$g6
z4#iefwY7S|%M+CJ@FVKajjwo!LawV49qV+`eMB}}-7{WEu;o<^^bR_o>fiB73L1)Y
zVeK?T6j%;US5co%kERewdNe&Uf>_4&W$7iV@20vlZiS-e#+wrIoyocJOKg1ZCh9bB
zPV4H79bX9X7O-1YGq<z4+|h#HX|%$<ZP9giqL<h?oJI|N_j><+;AtGt3thxY_aPCh
z71mo>T2QYz2uI5~_8UW(vj&$w%w4h0&Aj)>w)m@gyrrSqpLM33KXd`q8sJxhiX!VG
zQqmwE=_~EjcIx!qtBaR!UQJi&J}ipm>00pIpE=qp5p7;Ed&m6X)T+`5Lw=db&SNRo
zA`^@5^1=fq;&UvNFrgDQ!~3f><#LEdQ!dSf)FZRfe7TH{f&9e>eqf=nJsTna#*E>?
zf(m%$(y24GX2ptQ#BxJg^y^5ylH|ip@V-K%J!1W0W`BYCARAO1>B_UYn`>*HZZg4j
z!6vr8%A98m@TtvR+wZ&0Yg3Q0%o#f#zMXAap?opW9tLs;QCYKWQ<u8a))BhE+9!qf
zl&lMW$1}F@83LC)UpP2XF8Y*4WNRAo->CnqvvYe1!})mo-3^qc1%L70ijL}tXG;(=
znM}Z>bo{fDnbYhE`7_hs7f@@r;7LjDm%<hTg|UTK6pkuZG}CXNDhf*e#Otv^hpYP!
zOUI%2crW>S2M%ql?N%yucH}gs7?9!fl*r90<N0k}re`iR3?L)w4`%-sjQX>A+qc7B
zJ790_Uk<V|gF#uHvp*U(p@ThKW&ZJF7+pYO|Aj{$q1x}kbGb|;k7Ky-XoK74<nsE(
z^<~p9vSa*oL;$r{LGJU5^j)Sfn#0Jd$&#)ws&e^~OMn@S7f`m|baF7T7OwV25UwWL
zyHRTzFaCIOMQEjFujD}_wzzN=)6;9r%o;pG{oWqqGZY?TbcYR}Z}_nSmUmk2;K%aQ
z)IA&Q$MXBHK0qk`o;MAg=zkU870-FeX(@_9euKta)`U{YQmpWVff<trvu)pkG4FD|
zO|Zr=2OS9J{4!TsNeG&_8UK7ja(1u##LfHUKebsA>RDvJdmde&yDr9OYMN?WQ6lo3
zC84sgaZB>|c(%v?p0_NeIMn}L(F~{W?IFy3&FPQtUE?*=(Rvx)T6;+)1JPbI*CQ(n
znoG5AO@GOec5)t(<1$%${d)(`fyt`e6<4sIH@F<HZ4QjDO9yrW!mf_DXzAze`ndhS
zg1?d1TtaA0sNy<2%%v`T3X<EEQabtiN1CR^bG(D+T9PWf@*A<Wb|8#&eM68a!J2N{
zwr$(CZQFLAwr$(CZQHhW+NZ78_r96sR8(Zfzo=bSMbyVdkA}FZ87=k44o^o=6_U4?
zx><olulEsk^WBl3dQb8oT1ounuJ$$#W}en|MB(aD5T#Yt&^0Q(N_bA2UI1Z<D{W#u
zIc#HN{`+-}q}|YH%0EXP^n#r)Y)L~h@SpZS3s}Q@IC!Tee=xq?5JdBSdg`i>T{oV-
zXL62pVL^L?)_5H3$|L2hf%+K8AbY&MzK*V<?Dcv=J%`TG;zS#DtSY?I+Q(j%x7>RJ
zr&7nbt{+mn=*aE+dh9$dTX~$m(2`rr?DSVC^Im5Afj78uHKs!oE6G47^H7(<nrA%0
zWPAzTld(8w#m1dkwh>X$XrAF}qcRuj_myBK`gsP=Vx|jc;hFM;8vI6HGm;s@8LxF;
zqHd~tV0w{xV|6z^JF5(gaKf&<QGXscmpLom^3F6aVAz`B-PIjf99djWmZL8B_QI&8
zm41Tz3`i4ts>dP+>(3QFq`2SO%{zslCZ1K0sAg)ahSs)ePQv!5z2;aw8G3Cup7Vk<
z3wI?imOtQ%9z#4scbK`ILrW+`dxgzp*P>+0zEFAYft)9q@<2zB23}3CqynWn-{nv`
z9I04!rM$8i^p&-~2xZ?t@K#*82ohv@ZB9QQN>UkQ$ugI-qDB5PHTEpweTvD`>)&`Y
zh$`+z89_*hKc=XG#C&UWM>OkWzqQZqvS#<FiFWidpQnY_EOOmJynhj_-mY>5;;$`i
zeWk+WGp$=MacAZzU_P(%J50gvbDo0Qjw?W`JL5o!QJ>N9vY<2eY-A*%2z}N3Aj^^&
z<%%8guFj4#wNMecS2<f4gnT=A(a<y$TGP15DLLltEfGB>3&%=1_s3uaj@XcKE#IC~
zeM)V}VP@PTQAZhO>t0-L`l?Inag(BAE7A!2jWk4^h>(!Z$lQxn@7$Jnxw(b5jy2Ww
zeP;^nBqo!3uaF7dRhXZhDL?qp@4gDXN6<k~BQ`*Jfj}Q3rIH`}>H592(t(x#T#{Db
zJFnn1EOC<3=iG6xt%^^X*3*g5NeP`fZwHhf7M#L>IRw+EmJYXW8e_um?*(##UJrsj
zf(_9ea6gj;5N5|m?=dl@Dd=qFNgF8yLzAV9=gsRpLGi2H(oJ*|h=jR{iK*Dy{t5qQ
z$VQ6cB8z}55!+4RfI*b)9b>PjS=kPQB~WU{!-D(<q(-}sk7!qqC~b>&YleHbKCIp;
zK=vFemfT=3CXw-?Q;jQRUPvVi0{qP@fp(7%5D9Kh@j6=1g$LY!nRNi>z{_%yggj``
zNYZA*47iFQidrxcGjdphWm5!Eqx|$S;;%_e_T16XMsPnT`BA6@9oT>Zn84#+&GPF{
z2sWY~5&DT1%_6GMvokHJNE%lX)v=2sO02}S#@#LQsPB!f+I}02e*^g|4AGP*L*B2f
zJT?MJqV+)H;%h5Tim-w*BUc~ggM{s&&OR||6|)n<z`&|SMtV@sN3FHZ1ne)?w65Bz
zlw{sO&@exVJK9WzcS<HWn#RnZDHnHV^;aT0x{$GaQ{)JuufRIui7|N_HpLx;<Std(
z$5C8~G+4|4x6?LFOBk3M_Gtxk@o2fsQo=MYN6Mv|=zfd4%Ll|s1Q=sh3JusIkq;9+
zCmE~7R3iboFWwq-Ly)B?cvldm#vcbE5FGIdYC2YdC%l|kKz}wM!-b3rzVPCb_Y^IF
zYf@J74}z@tC7i@+(D-}tU1~9Jc&#|qZ)1l9SonqZ&}Idi<@nRCoh<C`1Z+!MvYhy)
zt)vv7sh-s-C#n6v5O#-01yW$?1l1B*<(;?FVK89k5i<na{`hM9rGcSUb)!$xYJFT^
zL719hmSVW1wX$uypeuUVs$LZR4quIY{o`{!2M&VP0>OX;6JsIp2H5R5F@jygoarjC
z%*j$9R+6`Iz{o%fJlM%N#5PyPZNMS8jF2pOal22SN(xNi^O2Pk0qej=vpC)X&%>k^
z3Y|jH0b03_M!Z#c;o&@s7+?1j%PQ-=%Bsd^1yOzMo4{0|tdy&%HZX_SQVSy<{{^0W
zA+UeIfEU-Tx}rFC{7$eV+6!37d)79C!2o4*4IbDt&H<v$Cy=WtxC$<@=UY(4a^!BM
z4m`m@CSyC7mq=&67+TVej1!rm8NV8~jYzoECY2Ahn&}iY`detdR2W1Q&4xsg>9ABl
zQrNn~qpnB5ljr(t9TsQ1(8jf8Jx<AQizX0MZtTiW1ahM(t$CEDzM+;6fhDGHs`5m}
zYZW-OWN_3E60bD|7F+%(nK05(4Rx@Z#5p8qqv70w$&@)H<7(<53%vfXc2VX@T+VQl
zaU@`C)^MYBq$4eLu!Ls~qe7p|EtVqh>>yetUuhUgqGRi}uTC1qSPx^nnNU@;_JX0A
zLB`SyE`Bbe=lY#y<}oZ&kp%!j9<JY08d@DYlD1%_{XZ0XI0}2$r8{GNl9WW9EkLa(
z^m=j26AV8iM=v4p_JtLzBJ<u2EyJ2oqo^6C0{0pVG<M0!30Ecg5p^wKDhju$Q-0n7
z2Bb`qt7~C|thx<p<V*x<`8UU%QI%Iw1uvi{Peo+liD~Owe_}^Y-?~(zoi$y#Xr3r^
zM#=!#RGf1Z8lAkAbM$-4iTiOZ+AhXNZEKT5&I31H2>Vf4)q?lqPJWRf1H2RY=&rX{
zm|!c~gH{xTg*&=xN3E2PI;@`5%q5IiB5w}4nm(3{(uMljx5CnOYpLl(<R|Bw-<aRm
zH9xt$uir0m-ZbI&dEGYVmow=1c{*{M_qp^rXP?Kz$@e{#xBGc;dbzUqn&kIQTBp|b
z>i5I*4ej;RCP5_sOUUnmxiuG{-~E?UmwwMq7IndaVq@O<$hmsItRrj=rGx-U1{t~G
zpC8zf{eo7LySUn;FZ_aaZ}X<1O9mWfWO2`r(Nx#HVxzy}FKzy}hPJHxwN5kDCsK_y
zXd|M83%tU2Akbp1Yd5b+8_titxE4;q8qFU?f`wfIMt5^w!!K45vV~E?CRP!nXeDeB
zt7v7My!qdGq?u95Hd={WAQ_9w7PrAFA!rFB(lvjxPboW-?$JAeq;PTy+i{8rNI|PL
zm=+2Ec)gW&cpa(#y<YalP<Y)U#i?ZUwtj57iVna&w{iKK&?(B&PN{N1ZUU52V{lDp
z2Oj_ur0=Mf8I`~|WnHP!rnc(%#7^@}i*j}H0Pi<bP$Iq3rZm`Xz<2fgTq88@sL%1w
zQaDy1Wvej8s$%CU7XDwtR}`<lQ&5{{>(p?boe_r?(IT{req1zLBS~r!;Ef)ZBT9O9
zHX@lc*D{aZP}=E`>b30or%nVGO{R-~JUSP3zs}iVG6M6Jz_W4`08>&@Gi;^s#MA|D
z3$O5-TBbY|{D|UkB5h3@03qq~8;-~RoFD{yEhJ5={j{GinTx&%zU#|aK!I_kcp5%C
zfgL&LHuV^J?|V|s$jbPov>|V)5`wckvdrXYU){uLMa{%V=Eg(M5|K2Dz}U%$l{Da3
z!|q0;y3&7C6xP)eB`qk&Tn(Wd>-HKAwW#d{b+rfDr1T@e4%Hr*{7Ob~Xc|QLFi{VJ
zLVk6_Hp-&|lo#e%98y2pKkcCRn_IWnM$xQ;)^pN~jgy54Dd@@hjA$O47UQEu@gy>X
zxbKa0nz<i7$pYl<BJf~B%OUtCYRBj_FX-9v@!|UQplK)hjkT{r&dyS~^!04Jm6KAv
zvw#13fZxv|EVUJ1;TFVR<Pg2158BmHzA*0@Z-J+#X++j2px<YrEz9{4sZmqq<s*mA
zlQ=+IeoDF0qp?((4@CHExI3rPly$7RZ;Eh*jYYK2$<|<0zie%%kPMpqgO#<@%r(+=
zPtSHqT1o*UZ$quu+$_WmPZnKb2|UNpVMeKX&Z&@s19(z}4||OhS@IjWMM5KvqRRY$
zJDi2CYh#6J%ATzN__q7%^#_z=9#Q*zPZx}{vQ6GNMJOpWp2R*{xbW$pk_&pVVT=;S
z=B6^UObY8Ms)#?%k|Ak3CIv3|N~7@BnO+=9PQZ?e|AIy#q&D;A{ZOV7Y%Poe+(N`_
z69ebSdPR1q5Jt_g%Wj=ZJM>kGlqB5<_A=fp1oNI^Lx8~GHTe<}exU}%@H}uQwdwvi
zJ$Yd=VRst7R8}J^gVd&%XMNhqSO_RHCw0<`G!hVXdj#7Jj2LH%IVC$i2Gypgoft@g
zgyZ>!*Y>fZ74Z(pCVp~x)EJ=msLYO0p6<@C!#Be6i)h3Qqw9SdD80B7?T*D#?cN5-
zH^Zcp-K?wSs*ci`RjiWGlp4mRhRS7<r17g{FGw?)ZGva)GA3=1?@e4M@VSRT83hXp
z)^Eii`IY3x<9{jEkB4&^NY!3`RduMiuZ)`rF}uC#Caaa^*;1LUy^Dhj^XG^DTXB3%
z+TkHVx9lr2s6Loq4$sz&n}7Jw+l1C?^!mlcuFiHQWorJ&n5B7yc{sXCe)|_c*O4lQ
zBaO_Z8Hsv&V{SZ0T^DjU1a&mJgp(bkQ06|0mi$wzk^c_7`_d*_C<ET>liyJuqcc~6
zxx6f6oPth^jWHoeJV^{fo{umERD?QAvh@XsRP~+uYu&KlaR4Xe)p3^Wb#Ecgd7hLO
zR6MPB;*$EtTQdV|t53LR<|2skIcGUp^3LAT>kFHkOa-5Iyb^Jn`Lh|VWCHb(r)uI7
z6v@nSi;!Dp1tG(Bck~Z=z`)gN$(~`|Vsv~ak-SYk_E7}ovTgf~ax<KHzo*=%G|ZKC
z*kQlh*p7xcUH3{euuqXvbkLGQ0OA=)qvO(=CdAt2XCa^-nV%uKh|A8f>HQt@(j0fT
zX3CkF-3uP<WhMWQ?-TXb(`Piejep+wapuJcn^75EyB57WN8)zHTiF#qPkWmrbZn1b
z8@k&MGT*I;#@jvFuv><<R;=r%Y*(6pTlGliq_?1jb_wds9smBzi=*(h66@Kx?DWO#
zO{7ro<@jl2Mb1$PCa}v&TK);?Hc%@Uh=wW(M@mHwGNy;q^GcdN81;2?)kW}zQ2U~s
zIGgG^Jf@<hxy18w?1oYpZ42^0Iv10C{Xfj}vUZ*Zd_@nl;HO3}W?5m6<6ka2IFCVQ
zaq#1q?o9(dEXGVDZO;8cQ!8osc;lbXk9}rpuZES0f3>1aEI`X0#N16v-Mp2=Rn(pf
zoEpG`cScWi#m%+h1q%P2YP=lFipTSwn?_#))|%J|)0s`X#b&G_sF^U2aRwg7cVXOY
zL1cpWCNx~9jPTI7drBY)=l}`0xIG{+$lA+2xaB&6jKs<u8@M@wXj(&HBrD_0oF6(t
z4{8n}W`KiBlZ8*Q;HK+qna94DWF4Hqhhi*&V=~2Fx^vAigRxUl=$(5^V=48ZM1u3x
zyU83rTds%t>!bD*ilyb;bX}z)uY7kK<K8T|Us~o#e0}JfBHs9Pdo%{rSVlYc^9aZw
zH>E>i_WNAFb+vbrNDdG<r<*xRaoyScbMdOMvRoK<X{On*(tUTII3NBv&hY?ugrKQH
zogu#j3BsQ1Q0-x!?-eN($y4pt8h8MwwAJY410#u9ZF>OpAr-I>dlS6KcfCYzh|R?H
zX|UoB%%OJf$Gsn7y$R+3huTz+@6lAYC{!&d6#M0~rwrJ4qI7Dyu=3={^B5ZsMG2v<
zXB@*0N+1)+rQ}UOE5$-$<=f3lc8Ti0qy#NuBg6=`10Z2S4zTs_qiHX2(NzPIr3LY>
z_<7abPsCmidSXmF1CPPDvl@+O{@R5zFqI8roRa<JO*=v3?9u_F`w1W&<?c{(zlPsM
zX*xx8*t3v|bzi$H(>)Q3aq`E^Cd)WZi^u(PG9DNDs7l4Ix#d5aIDI&|O9%9x+vZyw
zg)ZNlU{?WK-^b2e0>#3Nt*h(xd=$AxsmIgpweiZ=wS?xsbNgu?T}6TE^l97m_P68^
zI4$ky6Dq0TvYV}9GXMnx$FRY%)R36I_H2`~f5DdEpvb>@vV&QD34yE@9mDTt`LGpw
zv1$FvFyj<pnBV`q*Mw=-dPX_nF+0vv1Px(1xj;~cu_QVg=>+OkK^!+d7nFh$C(7DY
z*4AY1*WJ-UWc^>OKmeHCiZVWk(kqn)Qzn!CyG9XxovW_+7n+@-EnBH&<TNUm7DESG
z$G?H`;R?k~S<jio%Ka0txHkZER0$4^VU>jp3?bwh1_uhmJZWo{;}4xiC0)d(=+m}u
zXey;6MR<}ESwZKD8<C|YTre-#WU|y`+!j1L3E?fR;b(^l)zNYj6H)sWT)cfLIj*L~
zw*mQ(S462)5ETfz8L9j-5F2d3!X}|@>GjY+lfcsBN(5>(I!)4=N8l&5PBkL{*f4Gb
zBCbgthpzH0Fyc%9;%c*3KO_<B^wO*Nf*p!$$}Z!K&BvvbSMWI|F4U33<ddY^I>nG5
z=Bym5$TGj-N7v1+*syiG+ouGDLfm(vFphv3wGVz|=SGyA2r`#)V^O+(&GAJn2x4@m
zv&Xj~**`Dg-Fe2IC$K3h?3>1Y^_+zEBQ03#f~n8iuCjld$^{I(Sc@{a*?z1FD~L@w
z!HUb9$e?;5PJ*u6T4MruKMQ+JJjY4hYEq#_ed0@g_}A84m8RsZfBb6e$mR58dR|$k
z-1I+u&}ue{zRD;ETgy8?M2j_o2fiHG<oXz>u9Le_OTaGX{SJ^|y!a6ND~BBTce{IY
z6Zxq-9#5ZGrJ~9FE8vp(7LIvMVopTNaf&69cPz`u9#+K&w@oA;L-=8W5`|1M5<{w7
zrKUEs)zG{f3_|2h;ka>uq*ctE>OpG6+#laNX+^wl?&`xc>wj}BSI$G}P}N_Ad#29f
z84R0dh5SnwgqYR-;yZlXrudbabc9^6)@Cv|7)eHfK6+*2vE5yj#=Z_dXoJJPMhav6
zwD)kq2V&xdq4OD(9ytzjL%p#Ev0c{0gzq5^ZGa;4;K6??+_Nko<a8ZIj3pCUOCs*?
zJT=9~g-Nmm8PH4t_?J;e)QmwRA_7d=Q0y?-+p)AJTz^_O<<w9CBObl2JZ3{YK<d+L
zI_lmp<}sb%ff;vHgW41ek;DVe7MnD3Z~OP|L`!sE9z0&4BWO;mT{$@meG^niwMgnz
zbQD+|L~&0tD-gHt$%-n~Xxtnl(glAdg#P1ko<=7sdIM^%dAdGip=7&K%1+JT`SSMZ
zN+%&oBb||!&p9wC><2iRLhsBl$v!!WgWM5q^mS|?)gb15G0)Rl3N~$Q2QJdNX;q}d
zryoaH_}xw(ewPh7KkSnS`OvfB@e=|wU6qqXe4SMuxHSUJ1lG<YT*n&9a9P6ZWpXd5
zhe0=hp#Y8~<p)|4punPvVjkevz;{l>=LFI5IeIMO+r1aW58jGMZZ}n6{SmpNDjMaV
z90EYx%mc7?BnQJJb$Y$;`xN_T7WtFJ-A3f6!A-Z|a3a%@<rU>SVOh`-;SPD%h)jd0
znyIwDZY!rLwzYsRc86Q6tG>=tIO`{Py*7B4l^cf{F{bakr*}sE8u)l#L{59hw3E9i
zq}qWyyYLPYW9qA5I`N+o3|Gn<C&JouuO5$t=zUn9IrWuER;HCZc?7hAbgLMGqrM9}
zJ^eg>*beocEt8SQ0O0+%0PwpJJ>dQ-$dWMhA=*HC5j`{_Yr>TRnm`-{bn3vWuW|P5
zl=zYxxdkSg+<34s{=}LvpH`wU7$Frj)GB99nt}I7K0*{Ib~Ksyp!_FU81_!1G_DsM
zD&6+c737vy-yzdijE}fGkZLDhzs5A%vpr&?0PgSgM{v!>Myu<b)13z~TAhLV@*|j1
z{*}56>aiF|GD)=wrw=7RbE;I=U1?}Nx~dHpMC!9hu9f}xlT(+}h>eR#s=>=aDrmkc
zDMg9sO3oB-#sbmCV^ZnKN`tar2}s2FZ88q66Q^!T-W01e8H+sm`pc=$61{~2@k@^}
zg7k*tZ02DIg{9bo73&bM*&exdf|QK6DB$>NuFk#A%&gd&l+R+rrA0o&29b`KtS3bF
zAh=k;pFuB`U|L723Mf*?{#t{aETESiH*l|!HMY6I+4c_6bdUq@dIJb(3So*wwuPaH
zEL72^p->HUa0tl~%oL0n7@yvQ1WlE#x{PKBio#0qirmEj@vmt}+n1Y0l|`2>bs^R)
z(S%%&NglA<a@3?n<(e|abAC2w$)_qX1=PQ;`Ms0*9eX$H#1Tm<n;n0#9UVwQ_r3y7
zux>c46!vU;R(IQ%P^m4Yq`7q0&EM0Omb)5-NnTXcM~kF}YF3HFL-K;?rFA2`<$N#S
zC*{8?i&?nIw&EY@<;JTA=e}7+a9L_H2KB$$c5<=lFMc>IVFRRzsP1Gh3AiY%E81N)
zHv4-_u*ddbc$<5CP`!rkctDGooY1?2#C3I^f^O$(x4O#M*J7}@+<psM)9{ql9|Ikr
z`d6y>jW2D`VR9C^p9k}#T4v<A@rOA7ekQ$pubFmhGpR`*Ot#YqUUiyg#ghJgduN0E
z+>dO%+N!NcGyraU>B^+V^zlE%7D{RaQ#UT2R8})lV8gi`tMyXFhU%vat?Duh;c}tL
zL4pNNY)I5RMB`ZCTV>AJQF3d@;z^D2R%$dFah7-oDX6B^b&akS&LkW=NxTm<aT#Tj
zRBM)DK|?K9Ec9@a2&kTXNfE(?+8MHgX><>P=c4#ct-}R(=`RVUc9Xn?G4NNh8L9lZ
zRN~sM@9J1J(O$Cn!i9Ia8Y}$Rh}~KAE#!PM)OGCILQYQ?@3AlNzQaNB_ylxL-O;bi
zK;42h^r=YrdA}9U<5iJPZKgP}R4TrUo6st5{oD(!Z4~xC`ulrbna?fv&Gq@ZoqqqO
z&3yiyD%0ox`ujO$J~x}o_jS3kM9<I7{qr7Gm**=s3wM97P-P++H8(qJF}nMa3;p#4
zllApNzR1^>8Wy-KzwoXgsdiqi%^*@;<HjMV1E%Qm?dHz*b$Rh`8s+Trk69whMa8ZG
zkG>4DB16IP#Y)_D&Wi<822Z8z@f@VC^K-8WXQ~H#NZ%~}&I6B+oSsS}N|pONjNmAE
zICot1d7T{UFYYKu?lX?W0%TU5PNTu6N;Fb^s5uEmV8`d<&c@51m&?EC@U0b@NUB?t
zm()GkD88vGxUJ|C`<P&adU>P}`NMhP3o(%)x0px^K!Wq*C&Xoj_8q9~NV>=_f$FO=
zxR9syTf*9c>6fDlI)n8k=G%+{Dgd^+r(-!I^Wd#$+U%hJM+9O2%roY-5ThBgRE34?
zPw35Tf>fgkHTE9)uk*6K^Yh@s_2_K1NBu?L3!|9X$3hCoRAKr6uG+rRPB^5ggU5`2
zh1Tb*L=G<j4@>$<LZR`jQO%*tMUxR+L@ya1Vzah{QWC(e6UZjoDB;mhW3%;DQB1n^
z#7|M(Istos3pol$m!W;3YP%rJGR-Gd+_~J!`6!l5%qs=gRi{i_3+AuZ98~$t7R5&F
zg_T=jjPlb?)fKjN-6hhW=4j<Cf=f~bWH10mERhZb>imfZ7g`TJu3CRIMa>zt?qmWq
z2FP_^<p&@RSdU%B?(|<ZS9d;jYEM3Id`6fK0PB)dAsL$;qz>7Jug8{3EvLrZp912A
z;JL_-6rwtjN>w1cX+VPF#N;WF?S>kw=cX9rjO@|P3P8;Z*)#vv_dfv)G7zJd=7PBF
zOXR7W`5X^&!m{q;i?N_jH&GW$=E@*FrOb|NhT-?va*ukyq|P28txDmP-b4bq9XWvx
z<go`haraz1LAX{(+m}bNFL~S;%w1D@kD8WY@HI}eIC7i@lu~`;z6>=He-!3mj-Y~&
zJUrJ7vA{E{{(Y=}%<0KsWP}V<rx}TI9Cc2gT0^tl7DQzMS4NNV<Ud^yr+Bq@M!vwa
zn3}>{@rRLrQFTwLzghYHK?{a0j~A))uCBCwW^aW$H(cnL-PhBggL9n7i;VDQk#5=X
zbdm6EqWtCBC;iUB>?t|LvG*Jw=frs=(Er?PX1D?%nc_GJMKuD31YuOnKT>*)N*c0V
zVapBZ#BWZ4d~2m1bN9=|%K8NH%KWk^7X~+ho2IWjFOlG?)>dK_eoO(y>;x&o52b_v
zRnTc${~2tBd|n!uI)k{}mdiXS$9P9b6xA5i$qDWDcXC{L#G$S`+gFRei{1Z-Z0;a-
zPB=P^Y)9H)O(vBDOEs2?T8jSDid$bn^lDk*ufkCX)B&81Qu9XHsi#{WK@@!}Z&$`1
z>Y2P3?&2`8RHYLg_(8mF=yKR2SWH=2p3b=c7as|!>>`j=1o&WQ<9&!2T0nS{p7nGR
z|D-_L5{FalI#<-735UoD2cLRSuk0)AGW`Xi-?R5QVn)LwgJI@EVCG#bBvUFxA%7sK
z*yGcyu^8sQJo~a;tyvU{{}#Fsi27ZeW?y~`2{j0*iUl*%z@*_o^*lt8TX9QOiaW9s
z*UK1pv;)!8j0Sfg2MX-nwYxjy-p0(*D*wl}vYC7*@FN!shS=llpYu|R50q(bMe<8w
zc-@TmQf)w>yTf3#Z9{5iH@Cru6qBxCM=z)9(a4eI(MZ$YXAHXhZ5!VCVFd}bP}eiC
zBkod4!j%Db$LzRkr`W#<=bU;Q2&b!<cGC`i(*|n8g=JR(Wgb~pRwXK@e(nD01KCm*
zU*xcjljss9b%TAlVJF*+!tYIL>jW({NW4@ML!}4JQ5itUF_(uNx7b@{Q`-JJyx<L3
zGZ)1$mwC`9MaH%u=GO8zEFHcFf$6^nCqzT6IPV$iAV*lU%^3T~-wR>YTW*erB2Zsc
z1})E}u%Tza2v{QOZ6(i{C%lu*2TnK5uvVCg5T&>7XSo2DvePH+38u9CxN8bYbP3Hh
zggYy2Kp-K7GI0njpVB3XX<+GtimTL@apFCvG@In89KZTcm!8r_lpq45IMLMb7kBD|
zP|jkx=6ma#9ITv9n6kBg24vEC4$&viVKl$bPcBO6`OPnH)j`n@kISCPzdDy>LK(cA
zOVvCqyb1IvdrX3;Ir`=Am~I-90QY*BOWe?44lJhJXKb{4nc_$%ljFX~kC7BoV!5LF
z@9Di1fV%kufH3`{Ht&p0%&h{SY`Gn+rEXY6WhVW4)s(;1x5%oP8C%>WAp&z|dX?1&
znslVrQnQiBPwso~euF<Q?#GGkEw1nDdE%Fzxc1xQ{>kC`>2dk?I{9pK@k^8U{W;!q
zdm1|c=`pTH^z04a60+ZJLuiH$=IGQjhd2l0vz9coq2p;0@aQ#IEQ<hB;K|JHSio0q
zqu)7p89`R6{|F3<W7Tj*_-)sqmUrm|Q-L1PVw(xz1SUx9mHst%{<@g5@9?4jUd4@L
zoZR|mV(ew6b8F8EHyTpMu(qu7=NSDpm^$8M>UVQ*)sK&4#+ome0&&3R3*-2XUnsh0
z7`CJdnaEq{@Q=4{H@IC;uC2ZF*D9C&zI4IA(8H0HY|(2XDlk}(mn6HH`7wNu^Dj;9
z*FpQ}`jPBS=lh!6%SvBFW@Kh1ye-V_G_B5ITk$=XKM-FO3dZxq^fi$@aU%Vc`V9U|
zm^{haSFVq1Qy$!m8_@kBd&N+Q!XSx{!l0awO8=9O&iLcz9(pdyXa3^5-*H=%8^uCW
zBcf&c)selP*@oN;=otTRm8!-HUsD#xC=fUd^%fA9=-P*kEMyh8`PaRUU0(@k>^nvP
zwwLci0Vjc;e6}bdgwXxjOH)qHH^HK<1*t(QT?VV?!Sgkf6y%R&8QNm>hOj^B{-oVm
zG!vjSb85U!NMf+XB0U)6YHUsCNJMb#KClaJLFS^X209cC2Lsb2X+Bf&+4dMDQ*2@l
z<yIs3n)i+iv{Y<z^pMLKt{`nO!Qkrf%GnUUX65~Jbk5*<myhlnQezy>{+y2uDx0<A
z(m)Au8MZiR*eqF7PMO)wzzP9~*`GsK?O%=D>B^c5VA$oxB@Yajy|XB*WM&Q~!S%6v
zynZ$00EEt68eHx*B|-bG3MF)rQ1dE;Y!q#YWzpecg161cOUj!id*$d7L^|JM9i^kw
z*WOKnshpX@vk<WH5IkS6ew=HHS%8$(W=a(4a8aoh^Z}jod1UnP^K)<i&Ob}`bAPnw
zyHw_zfp*Odc?64OEpZE3?7sC}ST5brivUGdRb8!Y(M}>IO_hOPfI_5Mv7zz@nGzP_
zHkwEE1GB+9a}I<YYrQHj;AT#NNG7Ae6``3b&5>>DmTtM|nZ)<!##MyE-F|N<0&u;M
zh@Q~r!l`T?L(!tQ+3Ik<itsSJ=c*V{w<C^w^iMu9<3D^b(ccbrKL`mo5}D_3i}#@Y
zRO5mgezUd&OLzc#TxbVghuI^+T6{2FKX&ggLW{Kqk2S{dHDHE1ck#`*p-n%I<}dg$
zDY&4HKIY5s@mycszn17I-v=C@Ka1Uzm&g=eAp%n$qJ46fa}q9%__?TC80s9Os5k6>
z#yW<-pJIy4jblTdg}`@OK^9RA;Y?l8+{bZKdo%6Tr_6<m>4#;3LIa+|ms`DCZcTrE
z<h;c44T9c~C)R2Wa9t>K46*eMB6I4|Xpo-w-taiHF2Spi%yUlWcwes1CV=R|-qu6T
z(*=I=vjIIXaP(LMX0e!lU_1;*|McagBUX4%w)ssjrO=#2c-4vGjvUsck#_2qzpe@Y
zcF0M8i?Vwwazj6`gKU=#nKI_&B4)xBA|`{aG3P)wx#Bil7)kkatP1&`#4bR~+-cvX
zd)Y@%c8{zR2BT(pth#p*na^ca)mWz9<r%#4Oj3^Br(r3(kVNY)$axZly7xRhgp#0#
zhHmwcTLAz;h~;+e>k$SX>1ThAFg+`dejE^a4NZXhWG77tD@PhRsk!6IFfi6!P;eJb
zigrFm24mZug{qXQEhdm#>LcML+TyV8jAw5?>`M|)DQT6^$@|B3*%bx@=sont%D-sL
z#KjkHtqv9ekNS>K8fyGL8+2;?s)0j&KQ*U)Ra|_9USOf}zeM11BA25DFOkW{JQ{Y{
zMx!|4<L-@&yVo)3TSe`o(Xo$4Mm-qy|GPCX>e)o2KlU+=Mzw6#@#?`ibP+@Q?QH8@
zob9~&$M+EGAVI<av3rk*pqke%&LMHpYaaXsO8N!^!;&Z=?zqEPl%?8{<i`Ecr_ZTv
z9eCRGeVlQB^nG-V?q-kJXsszWZKX@^bYDC>_L>-9SkOW_SwKVqH)hFso<M~SL!6t6
zpdfqIEz_7-r7=N@p>o{%`{cUBVc7b`3!ru7vnQaxM}64<4BTC2PLEQ<S(s;eKJ66L
zi+jF>OZ|#d$zL$DG-Z{TnVwb?V;C2}7RnpzC@P0Ngf~_{R`Wak3FB%kbNiilo+Iu{
z+v~+w>64Ra86k@>aWi0bm&5IV2KA{>_=hYKCk`A@#qaG<ZpFSiBi&6<Zd<n~c0K?9
z<0IT{K1Tm}2YAwGDxlnarq=lVb?LO$y(UP5do5-7)X#$+ag#3&Prp-b!N_)O9@jcA
zN$whd&DA2E5O_Rfr_m9dA2WOD=}R9q;8N3qZ9`jx9J71UFfyWhpkQ2(nwwC72}oPt
zEmqxrH!o$iqJNaTnuJyNYcu7O8uL4XAwIAgRb$#UU2BTkh}hpm1?&WJIBsR0;*f#E
zjG^T9*5o(a4_ewhDn<pa&#NKTZ>p{Tj2|XAon<Dd6S0O6hNXH3TV$xSZIYHM8GWF_
zC@_|Q${x4f6rZ9~Q;_aBQ`xyRa6aOQQ0sL2Y@FRbgDo{v<2}2Hr%kmsbrj<XXH?(?
z8p@LgQ=x?k3b2ru_Ve5%1PbbK;K1S&tI&TC6T`>!)YZb$xn{Vq(znVHL=yg?Vo=-j
zYe_Y-ul8ZKUf5|{(orWL3*i_{Mudpdd|;&vX}fI&>Wygo030S4#(UW_^%dHURQkGF
z@wyQ{BKt$D4@I^YiIltR<y3FIpj<R`znnUo;0~nhY&BpUsUbnpsyt2FF`d$0a0YPs
zb|fC(tvKeCAWv{VP49fzhW*b`YlVF~!<qji??H^c9{Sj9LKeJ(B|(`|k~$rtJXT)1
z6=K~-ty+VjQO$dny%IhnyHh?VFe2x9XE;&eXJ6<pBo$8b24;5sS+^JzbN`IGQ;qwl
z55+4~_TQd~tS4dFaiBylePi#}ZErzUZTm2)E?tCH2zMr<E;Iu<P0&<vSb4hr&aZ0C
zmy%?ulWIyy^!c84i-*rLJ036c@?h$dQIA(UY;ji^;rtEb``M$@b>Mj(PNxfT(Q*zy
zOyYryfmvw0t0K>Z3R-(ZPF613yNvWBEcLb%{;s$x+W897nVuhN_T`zK48iKP{DpQt
zRf*hAHnlJxy43H@#wO1vmBvzWa;aG206)o<&`d^--6aM0FZO>jfAsmiO22)+pPHCo
z_RP)C%=P^oeZM!}(&ln=czxbin#%Nj-Q2!c(9QL|e}RNmVEO+8NFb~F1rpG^b<~=q
z8imXmWRM%25{1Y^1Kj@?N%))G176d3l_9BAZ1br+&0&vB6WQBpyVdGj_q+V>Jv#BC
zZ+%9>{c%`PR@O=F%y<!XBUM_xgzW?8BZ(oZ^+^iKfA({OWVHO9ryIz&w3v$Tv2r>q
zo}gy8u`QBpQh6X<4Y-rO3~?P$Zr?;$5e-UWz&DjG5lj?C90-R|u@HXWZya)9s9cOm
z+T!;y_BcEG*w%JN52CU;uWtQNtX!BmTE)Sp1d`jo!HHL5BT3J4u#!ET75_Tiv>j}0
z_;u(||M*)OP`(jR48L2KE1IHTlD8%UT_YO{bspWU0mPUSE@ThuM~c6su*Vx)H2kQD
z69u3`kSYL~HHA0Yb~sgaw~bI+Q0MQVE(2ewTAABAd;8^lHiW!Y&wo`CtXb%6_)_WG
zaJqh18*}_k(@7F8JQ;mGbr|Xd<CZZ}0d*sh(UJ?W+MoO9M8l$zZ!$bka(+&T`~yO+
z$<xc~f)OpotI8i{fw+xI6dK(~<#})3h-w{gU8x5Rx`0_9Q+=ew0W&@3wZAdb1M0=u
zWxr7{;^vD;uEL?Ea`Nvoj42z7zN%A^ml?6URji5qJ5R!>F;PW?RFBdb<wJ*gHJIDV
zV-kUH-er~cHbe8O6>|JZ8mXJb!Ua@g4Eudf?JVA4QplfwS5FG;ZN<{?;V1dr_#A9g
zo1wMW-eU=Epl-@1VkVo1R>bpOG=KU88{4E}luj62BOGu2sKZ5e-SZ!!RZLdFz$<)8
z8`cPG2DN~BcdHN-@k{);mZ<+wt`xe!zo$k!mu`THH<QbR+pV0ca>+7E(nL{2>N6JV
zbo#x{tZ%=eWy^UMN3mnh3&}iYT~M%4ssHq9h~0g9g|jwNH7IpE0*B-&UzRVH7HBGN
zWbznQcX8>DmCY0~z^4^mX6!oh-c{w_zMFRq^5(bK>E@{OEw{%-6?Dz^4nX<j9iQoE
zq!|u;?cdqg2yG3gmngbv6S`lAefo>)^uj#-fkv8`(w@i)7)Asqh92`yfZL{TB4*+v
zh9w5D=FK(cLBPs>*wD9Dw0mMi9T%k7$<<cyY#=rXOg}%Hw^gW5C9=zeoA$0Lm-|D(
zqpNNu&*o#MJkY)VczB-rhJ}x;)VPj?uiHRQUO}Ba<>jvTGWFc;<LPVCaPqy){}x8S
zOA-u$<Tlu%v?uacN4#1YxGF>#=mdP4nx3JvW#9~a-c}BSsR>&lIE*o?c*Jg(Iqld|
z^vm1;NE11Tlx+I<UzA<SSnLV3d{9I^7n|8*#SqG)socm*z^FvB@q2iM9FU#lpKD)D
z%+5TVtb+Fh+9?DVb0}DImaovLzvP$^1M>o(rAU|uSgKfZ9F@bQAm2H#GCceAYZ1$K
zC;h_aE^FyaR6@DLQ*6Vr%HrR3VYlh}07xy*oRf3Na0{_pZ+U~Lv>(*7zkFkXwU<JB
zVUhVDB8uIue*n`nk(vojUaMWBZ@1DHF5+y2^=Nu~^0yrjF7x-b#ote@+q0daazl<$
z*6d7Q6-YsY_>cRu+yz_p?he3NE)bG7Xt(>NYyk6&N>lhzjRtle0ixY_L<chSMh5;l
zqkZ^(PZ9Bry8t(s5Nj{sGKwL%0fjjf@&oK!1j?U)V2(kuc*C09aY<ZV<SpXz3u?Fr
zGn@pMk3p)1Ko>&&2C5;Yv-oouI=BxT90f~`L8b%`1%h?r-vW_5TajCPtlvWt0|gxf
zM{oh7-i2`RZ@!_6^He|~Aw<DDoy*zTqbzq3o&?tU4l7s!F<#h(IxNpdL05zYk%Jk1
zI#lrkp>5raGMONFrZ|d6g3|ZlN;pi(IYN^UDNmEk1`UOeA)p_?_}}%%`_&6$XcZ5C
zmkbMmARMBFimcAa-;BmO002CRy7MCtG|a3ANV%igJJZBo9ra)oRs`5Vkm=jx7W`Wa
zcv#&i*9djh-cBwLRWxzUmDJI+vwIRzW^p9msWB@J6#C=3O($KylD?sYK?IH+0FT{J
zENG@BCfjo8KH}hDm}yi5p8Mgb&H5mo|G+1bN=T5m>-O%|^{@#VP2;S(5PT~|k%{kz
zJRL_ig@LXDf>`c=D-xQ@7>0)R7`p(hItgt+<GszxL;%G6j=rHEgQ*dP6B<c@<>^O4
zqeI}08y-&adI&k7j6S;brpn@bEk8buLV@n@fgAl~(gF{%?y>KQuLeDcFLkDjTLWKY
z{Pr0GQ-G|=`eB_1zu001L658R^5H3<dd5oZu`f|Kg}cE1+OgG$RNT1O^a$4Z-c1Ex
zNAuE3^C&iiwu#K+5fNf(bop2>Bu*=*K!@Er;glhX1INl;0V6}6+dexO#?8AtqB1rt
zMh`egBI}r-FTU`W82=GzxrZfPOhro$Q<{pNz#za&KlBMmdB0WtFMEgl<|g#AK;&8%
z><7~lOgg105%#Z=;}lqRV|QO!u4=cX)}I;ME#BlVvkttw613F!;8|DEqk1UD8z%B0
z+TKdJwGyqkt<}@jB^2?iKV@NB+?UdZ72V+#{x}5wLTb>AZz(6X@9cYjkGyu31t7%#
z;oWXQlo$PI>>XCzKFxWj;dG2IIMjPN3-ZidAbO%%JdUGV$Oh4n6ueC#N>9<9Xg(40
z#wU*s8{dz^CvxS+oVFqFbT3pisE@$ZiF2~9dwLqVzK%i_p92SY<n-`7<NWN=6p;_Y
zC~qJbAac;c03hCBaR5ep2aBNv*MJQ{5Fk0Y`j8lVL*!2ZJiGcOJ4~BHudA^#-}vs4
zsoQ7vHV&71ej^I!%Q4wv=E0!jELGn4ir75?>H<}bl@F#C&GZxm^LL0^G<TXF@VV45
zjzy=tqnAww_;@DZ%Dp*OFMc%Q{M7xqruw<G<>$Ks_>MyD10PZF{t^2nX@RMwn}OrG
ze%O6ot!fS*ZNuiWKCL!~vJ0x59Tl-0*YuU&<vs1T-?ZoJNwpEC)M17M<nt80p7cFF
z(t2M1xNe&IewJQ%xo%!#RF<ZY!7AeaJXk$?e6F4e$L8bKH-g;LvZ6zDwL`Zta7z`d
zlJQPxHFf`HakBL}WZlv<rjY$Gl6b*>7dhNgb&Kcks;;{WzC<nAf8Lmf`FHHZ@eMd+
zK@^$#34Y>j%Dh2}Kmf2qI|$HkPjhxC4D?GY0R|2z9Z1CXd-RB^L*RJeY|$;y2OcCA
z7zD$(U`VY}($H?f78o>7qun}jpZ)QWrUAL7Ee&D{CWg3Q_m&qJc<r0TcuT??5XmUt
z7X7*tgT7&)@~|ra8LTK^lo=kdojvgbU4j#%lx`2q5FBAobU<KpkYFqDb{`L0&76qQ
zRXUQpCxHtH5f$<rK5?jTuwk<YL6bJ1Xi$VzxWE2DldioBad22L-!_nX4WRZYARi=D
z9<U<yp<qM<ji70_pysO=gd<JW*~S?eWqJ?R$Y(RKY>948cxAs#GTHrJhsg*pW)m5l
zC`8sgh_Wf^o<)?tj`$lsiI}W7j>0FF^%a)^9*M&#tk{e=UJV38cc;QQPE=`)mmVo%
zTz7gzQlM0JVRJp(IEAyFxOJm+HW<$BA}iiZI!+|(y47fg#EFssO=kBr(@4Smj^8dV
zLbfe4`$??$&#?J*oyA&ut#gnQ`x=fw`S!wwB(?>c@Bq^bcE{;MzU0>VL*^3{443FT
zRGFXPw3ebjfkl5DWbK~<#c~b<MD*wERgL;zNB?O#Pq!g~vyc2?khHIX4!~<bf$(7e
zEMhZJ|J;)d48V7qFX8Lb7tyTZX?B~v0Ww>bFQ$Un2o#qX*5D+AP77w4b?4D1*~Lvs
zcWqD(PbXyFW<7pw(Lc3w$_>3(r$3-I9vu8JqJL_97<;jy|83`y8TqW8S+@TieW#7=
zZ5D;8%>bAHV8Gf4YECP$FLs|H#u&oOTe1@Q7)U)}UUTBEEgAbU%Kb)UGv6pMVOBGo
z4qL>cjP%b_`*ADxB?zq*8IDl|on13PL6X8AZaxPbl&5?2_6pb(V6mLS>fG<Hnv=Hb
zK(3k4s>DRBqStPS*hYw$vZxn`hv&-VCz?a_l8Yp$fn=vRwYkgW{i6ah_%j_b)f)wd
zRdyE#hJ_!70Lp>}48tc)qKaAG^6?5%*M<m3UV00l2o`;@8AsA$f1-%OT-LNjFofka
z$pj_Q&qx@vn?rP{1I_<t;XostZKdUr2%IUDO1TMWnt1nqtvi&@u!eAO8$(|~ICyli
zN!l~8!Zl>i+60co5cjwZO+%5BG_PQ1Z!ZG4V)&ZD#QaXQVnc&gkSt9Eb)VF`d`3h)
zbdw$26=!K>WmP$Kr22mJ@v%Mr+G$;wcm3qUtGM*&{Kad@#GEws=+n_FF*P-D|G{Zl
zc|^<x?B`yiZb^g3$jofa*!h?N{q_W#^Y$gwI==N@Iqs)i$f=a9!20r7L6wb#*X#E2
zgI!#U{)1VJo;bEckr2-`4h0iTZPmM#^;?}Ni7c8|mD|z^^OI#2dtZG0?QntCl{-wg
z(QV=in4a1pjA(eS?f?kCdZ<zrMfyXjD*SZCz}4?i2#q2#|Cv{C>hSWzyBs`*ezo^A
zc*$r*Q|s;YTZybMKnbMXkHU#MR&Y#t6;P(jP5V6@#zy~yl4KPEFLXgb&(yk8WG-IO
zx)q)2om_Kx#kIh<#;SU1&4L?qR)VUuzuV-a{3(`ANP+*aHyqmWE@^9E)7%wpa(zD%
zgEmy$|52t0S+&CL6Q;B??P^C9`P)jwSG-g%2U9(jOZ~LwH72_ooyVpou$DjCAcZl5
z1S>$s0atL>TT_3g=eD?K3(s{!%)AFS08KZ#*OsKT)WrJX$8F`%l^XK#?{!LP$WeL3
zS8jLA*ORJ;nD^Y5<nRqsVk*B_TKL3Q>fzSA%)|8K9PhC!BaE)E$+rh>oUH!w#-Uvj
zZ8(Xgv{X&&_(um;9VDM2WiCGlZycv&b>Th^3X+S0M*;D%CLg}+x5oMUo_g)utu5-}
zb7$xPa6W72U$F+cg|)@E4zHVT_hEz!|DrmF<dOY4(`xlH<EYs+e+O50B&hm=#2SQ;
z<Xe@b*LG`_KyZhGL`(GE{e+f;Rxu|$ZctL^#9G90i5M4^#d4RQ;ljklX~dkb751!S
z3#v_^IDjizwP89(dWKBB2bI+k<&GTl@t483byx|`hy<)w6|T$8Njw)k7S+PwyK$R+
zxrxL}$t?1D4;d0Rr5fc+9zm|hSjgiFZ#Nr_<@(@#&;1>sX~7hA$n+Wq@qc{~#(q!k
z6*Ucg@fD)9$M3~m36E|UKn+-T$FPz({jBUlQXKsR^Jr{lt0YS))ZWO6r!H%0`gInE
zvmDZkoV;MGm3?4xyALc73vcFH4paojZ2`-2^sk-LF$}y=e?1%7w%e9rET)*+(7G&(
zvU{(k%o9{F<wc&=7;?NdzpG8^TQzS-n9_nA(L5Z!wsfcP?rD{ZP3PHaOV_jJN~QI3
z<rno?O|E5=5@Zw)<vmJ%kBO6BUf<vASG`X~v(!4JLf@kW(pV;~G40)D`yCV?E`RM{
zxsu%YHp%3H+0WBb(}bK?VXMs^XHfv3Ou21RkbFKe1q<q<PUSqlBhK`Rcm&1j0K#5t
zm!X2J@XF<R&hpvgjH;aWrP3{lwiGqh6Cs+fEGtZMQ2IvI$L`2&Q=-D$Q*N<9S*1TJ
zvZ0jw$#`~L(a~tlbgVKx-wP=EvQ*as%HG4-&SA?t^B5duH5xHcG%04xj6$agI)}AA
zh=A8zoj0(Rc1FNCgAxg``JomWZo>eMry}rtQ3`bp{vdALRdAK3v4O4jJBLTB)V@mD
zN_QmvF%~bZPL<Sm{^VwK`>ePJ0B)D;d(Fx}BjFh!<^=%!xDCjAJCJ>5qF<SqH($f6
zme6{}2biTBH{Rpf8UU?VYOFqhyN<VQsc$Y_a++T6a917=r@Zz$+lO8EUrrHi8?ew<
zUmL^OCq7Hs+|hz-d*F?!yDs22%@<%eL%nV0YvO->i-!XD3S(s%JFsYQC{c<hUI_fu
zd#$qVr&ML+$GdLvYMIJ{uxMfmS=hD}J@RB}ni#Bgjwl0L9h!sSKxr#YL?ta<lyg;J
z!jk7B_ifAmns7tQ1~{n1CaKITS1OE23%0f_tTJ{^tMdmDS<6MYmVq1xN9}-9`wcDt
z%$wLk>pBeh9_pz!^w*hz=R*P<8HNttVarMlR}6N~@SjDk0#cLN$fYUG6jx(XBxGBB
z3g~sbGI0u52Do7;Yn5I1)4m57Ou|12hACwhWE)Sgf~6^ncEDW1s1OQA6>`_E!`ktM
z7_U)ERJSVhTj}n7&inVRmd)b}_v!J#XGvvy&hDl;#D(swDFHPbm8y_4pBb6t40&O5
z0!1vMfKvYZF=z~SD6wh~ID7X>g@e(+0Kp1Y(KZtLr!fMrI&!94$7ZG_5Ui_2W80Wd
zJcZE4d&HRNJTjY~#sWCl!^XnpfmgYMH=#0*s}!tlI#%h`(BHUsdOBFs$iaVHA_}`{
z|HxG_=NP*v!!>tXd03-4@=`n%r#%5H+G|a1CQ7^p3kX3O-?@$g-5?HIQ?srL(b4Aw
zr3BZv(f;=seG9XmqSLfJ_@m7j;H*EcYGni>@A<g1VUq|?`~k0(C8LgYBYn;pUGqI!
zzev|xcU`PH<p|L+Fbgr-H>jRBs*p(w=FOwW(7px0CJMBzfO}Y?;yZ!_LD?NyEN)kE
zZtsjUjRW#_9!(feB|8@FonU$HC%SIiY*CCWfw(HDx-*?3<ipexZJ^`(nQ8D%Wze@?
z3Bd~@qd;lVlI*S!@C1pV4))$RJPPh!{LF(ZwN4sRtr@XPq_f)uvpgpq$$ro)G%dWP
z=BQ}H|0kE6sh(eAwOo_2ZD_kH_Z`DqK121KBEzI`Zbd+rmkP5_=;-7$6F23`R2QP(
zczf}MJNx6Y(yL;|-w#qa$0Z?HM}l3sLPwQivPpD7DPfLO)4!gG<JfL-10<bh&qaS%
zH}Pkdo9e)p_VYFbVHLHx;yAx_%TrXGeGezyRNC**o+5!;^=5NHIs0a4-iQ@A#wcaP
z7EL}^r!>TfmZ|pmos9#rg$gGrpLc+>9{^atE|l{{?_O>|k!6+O;$G1^o`L!kbVJ?^
zSVe<2x$9s0`@|_PPfeo`s5zy~muD?#469<lqx2KdpPl?CMi6VvMgc}94vE0QdYQe+
zRQ?Y|i548;miqMyoa%z;B@SCr54>YhsQ_Zc>GacjFok{Rml2^DnnDGh4^X!lo<NhL
z?RrHT&<U+^)N)szM3){{f~yoU-gz+};0dhPND@AOmCoK1{8Q~3y#w^z&2Ywki8H(Z
zv~3Z^H0;-T*Lt1QYfohkMr=3vQS_9vlSV$ts@h`0sEjc;h;EVBVnt81S6(x{f%<?X
z`8A-ySMY>F_D52hNZFFq;D;!xM)j`6s)3e2$2@3Zhx!A#AiR~P^Gyf&R@41qh3Ej0
zN2NrM`4A`;<=kZvFq$Db3W^MH-ZsRIVr7@3E{HPx3b$GY$V7UifIs65zthSF_QheN
z4BpoxxXDoT7HA6pe*jNFu)jrefGDQ<|De1nhH0JxIED!U(<J}?h_MJqz#W~1&f0tc
z%UJr0c@uMMm01bZY)cY58<q4u9jc#QKXVE0Bk&Yjbe8<g%nZ2FfaizE(sXEr!O(Sm
zxIw}be<<TsqYXaje&-BxeQK)Mqt1nn1qZ#ByPP^`!Df>>Kj>Mtnxxq}J?kS<Lyxdg
zX<FiWo<+AdIb8b-Z8<hm^mS86BTnp%E1*9}kpj%llTNj=jE5dpOLfQ8)RniGF`Kd`
zy%r#XGEL6@+L2hQb+8Z!^jk_sP{aD0kH>ZFv9VC2mGC<D3Tv}cC?0cC>e=TOI(3b&
zMrhK!Zz;=Zv#Ka1((t^Vx&sd{IOln%D~uu)mJU(Dyllpmyr`QM<aBD4evd9Af^Q&2
ziA#wWx!8kvl?XX1rVFkgyC2th(g8_hrWpqRXv=*|bA6%CV6%MbYpZ<8YqNYQj?1TN
zuSk~v^0`QMZ{c^v<#VBqaZ;c)hAF-*hDrX|UldckO#uwcBwqpSk@v%4TmXN#4sj_b
z9SKrvbk^VGR|s8NJ<7R^B)vtPmy^LfTb7_>Ro~gwStiFwMBK}YM5o~7C-__F_!`6!
znqWb(I$d^NGwNBL?;-*e-^sl5%ze55)5-kM(L8mToN)k-4Fe^8p&>`{$R1_n{#UHu
zWq!8h!yl8?vg=X?l=JT8m0@LaL1kvK>NLHZ9o%v_T_dNIhSW+`+MXJU>C9u3k%$?(
zw<B)G-on)-erfWhmKDRBdymvTZ)?T-+#7w~a0aw1>K{n+exF+PI)cMkq-Ix>eJ>;H
z8sx5lHj#cL7X_o?v3!mnIz5I3e5VYELTHQ$MXM`st1Pl&Se9eBWVG${_!xNPeooaM
zYq)_VUJNrmtb*tO0xBCLECJ^*hKMVZctU|F<)SVUD-|s?%Z*Zycw#846*)HQhKknK
zh^olul73pxI+HeRHpJTWid{FBc(cLfCYwI&c3LGXjV``nLg;3_xK~7Tg)r_fZPaT2
zz}hQ)or+Z$alOr)g?cNP;`O;+oXeHG&I(#Bwx6`R+7&zeifCQ{i5nAQg3h$C@tY6t
zwze=>R`fVQ6C$Q97tzp+m~mJ_5WzE6pt~XXZR#kdFZciV@6{gKxKBcq1Nkytb+AV9
zj=bqIt1l7Lgm22YGXdG~gUKyRR9;$X{YIUlzDnYy(*~6zY15AXk4N=XVjdYs|1@^~
zvUT`RH5A#Sl`!tWt_Q+nt40b0k8JbSSRlsN+ii(rfkIB6_cFc`9m?iBkL~#=b<vZ7
zuzoS&&AOO88~vSEmSy2Jfy%AYV>xHB(L{OJamUgsy48gc&o~DE%o`v#W{VQRToby>
zV-t?Iroxm*T^M64azQ(BY*f&T#EL4ej1^^qAnf76@8=EKioH<d)Y*DDMNG$IIc3OZ
zIi(<`^Rb*d?thTQb~#y8%X2w7!*)3t=JhSm`FQVdqjt3XfTxa_oXQiicB&nM^*2?=
zIA$>}Q^S?dD3;*dav=H~xRQq3!!65hyG2<FE+1PH*(0)3$1a9|Z~p^p95007ThS!+
zhf<c;97yFXpH_RvZRCQZE*UE$9zefbVA~lk5hS4d7*V1Kj#Vv!)i!~}0UUD=h#h7s
zRCT$7IOcwrR&5@gmgPBvaI2}zxh#Xw5!)R}Qpv%Y`nPfh^}>t6P2uz6IU*Ne03^RH
zLQWC2tvoP+%i_V~sE|x37`~MtJ3-B1A`8Bvw~{IN5WxY)uU|F>WtIf!gyy4h?H}Uc
zXHOHY`aMSu7J`Ut#(HR=kNv>lY;|bRZ#7Q((~p4{$!aW0!vOZ-<n}<dB-xI)Y*<rS
zeSB37cRGA)VosQTCBDC&ROcz4Wb*ZX?x{~oO=544%PG|aGeFOS5~Bb(6#sExNT)Yw
zLt(XrwT&@$Sva$NDzBDv;H$gZ<l|NJaT|*%fpV3(LH(`H_W+HnNfL{!*D8Wce?!-B
zLZYaBkJMTy9GrfiH=FauO}_#G2uL;&2~on2;UUFv&x36xiI4K}fuN8VM9jxeu{%+~
zqXyiq`atz{+tL4{Th55-F1DsyhffLhTxRR_5zpr>TR&#^j7SbXB)d5S{9M571AqL&
z**!)+xK-5G8br<<|HSRS|D%g{)rKjsbaa5Jq;Hh_&7r6d{$=F)HUgtv2mUa?<NtRu
z;7z~ai~d|DjGayFL$`4HwG+|?*!3AyYzZGL;+@Vh{EsnQQw$a<CWgP-hZONAI*QkN
z6cua&><F&Shxj44sWyGc=MYj%X1ZAc8Tx;xO#vC3wc$UAWwSJ_`M>ASGjpAx`rAHP
zO9(Ye2^%gO8EqW=DpEU2F{6`ci$}rgU*=Aw8igUPxNBQ@>o~OqfKimmG%(RR9+{_&
z{;_8ET$b}^kB@@Yxgi`<Oq{yY&h&u<gh*8j?hK+B8Iht5H59G5>mEhRI4%x42r7Dp
zYy5dBgnfVaaThR1CwDJ6X?@w<v+R9xb(P{!9;^V=b-_FJD7-a|5P5ihnEB8k2Z->z
zkkSq}akxH!aJ}7%D9ONY3RVJ$7|8%`sH7;#fH?Ggcx?Vwcq~I9@h~#x0^&C@&H|#S
zb1)(<;rf5qz{URm$u`RY;Ti}d;rypA|F0*vt^e!GqFSEv|Jv2AML`YE<wQZvwpBrm
zZ~KTiQC|%EfA#;Yi4*fJh!gk2NjQigU0V<(>X9Yt5oy<<$<MKiofP2wk)P#-^9LBR
z_3hSpo7)(W!1bX#$Jyq=zzv{0!&l9Nf*3%1n62i)!VIB2!`XnZ!3>~0%Qc$^5S8qQ
zQE(VRfo+CSa1v-P*@!fv#nFfpN5YL6i8S7~!i^E#y@easE&rny_C%%suY{FxNmRyq
zdHDar^q!~;&Ha0MgiXtTpZS-~5Gpo3&=#8!RP29}dfPm-()_bH7NtO`-gP{2v3hU`
z4GE7@=MGR>0{xNhKHfTC7wlcFg={+Yg(3A!Rj9KMH4mr&kwk4&!;wkSs$$MlCtU`T
z-7%;O!JT_vuH3Xa5oZdQK*MFURX6EASP>~bR#0tH;)r$1RXw6KH6({|o^F7!JACtO
z&fwY)`0DuG_V(58^RpQV*Rlw0Z5<-N^0gT+9BRlno&*}Xm-5o%MiR&wRDM5iw_o*!
zvoSY4cl!ErW|=BSN~mA>%QztGJD@jOqL;|I0pk*5B(vw;1g4(f+%Ur#HHiVm)U@o-
zmUJ5q=~R?zp2U`pNy%Y^3C*O~9!8eKL%^E$1ksL~h6=)sD-l>^w^XhYgl~4zV;R(p
ze+)*!m03w;p{uk}l8iXT9~E1E_wsSOi>Os*ezQ=iX-bcx0w4$4Jmgc2+EZs`Wi7T0
zCx<Mk5j--&x%DoTawE9Zw;WykJ?JB}bLhw}XL9lE6G{kDvixCwA~S0<ZuEU#vUH2e
zM+2&fGgZ<;w6eHtPJ*@`xuX{LsB(UO&gY!yR>~LPb6>0wHrS-40|+b6dPlqRi8_=;
zutcLYB_VC+h_k`t>hrC5_y+j5ci;*l2LpuB*O>*a<s6-ds*p@(B4(8!n3^Ug0E_5b
z?9ph|9E5xF6UZPCvgV|i>nxE(<wGL2-Q^nD6@2AeWS^Fwqul|8^v;@lO!{dRW@Gff
zLByzhdzlNs+baLL!GT!~XN8SWNrtMB#MB8+C1NAk7_E04OQh|?S-^b7^p4#l-9or_
z4X)UBjBP%SZR(^Nh)zg+1ZB)RSe!b3*ql4#7lJm&&O-c*zyqJ6+l}8^xgK-UO2sz4
zWf+13<+D3kPtgX7`r@r>MBhJ&C$Obq6K=H~mUc-<Qx`Nwel$}r=nF#MO&hU)_+EB{
zIBhYs(Z8t4<S!DL&TZGzkEflbwvt9u5tiNOnv#z)q!}18g<TFJKsW%&%O1XeKd7^S
z?aoOc<)jbN<H{p7wvPx?0~_cUc;tF|y19Occv28qg2NT8P;yDH(}~*scKwdGJ$$H7
zSgdr_feVc7UU6mlrcSl%k$a->5O!{0{M*z3N*ns9#3B{!fQ<||E2!-56<|th73;lP
zpxdYk9s5t}NISYz71C`I=~jcb&=rJg9_ECa!V%ESX_m1;?y}KX_C^=RL!$YApxd@{
z`XW@S+A6K@1MWlRC5${~jX2wNtvtbRM*U&~%iHoTrlmc}aOVVt1KKo#qcWxWqYR|E
zNq%^IKkn}DKT98eKkpw4ujf;jPclbNoA2Eg-m}<wE>B)Q&nF9JZ@N>`ees4P+}i3s
zRUe;$`^3Ic|A1_3O^8ASjDGhYhck~aC>s7kLOOt^qTQs@YjDjXzuaa}^lXfZiL2<=
zH<khLS@O98M7)Kf78ci_|BROwQWS--xsgb{|EWXZgo;rLauWfyD+N?2r#ghxiv~ZA
zP~mzB!BF8P2u#!!<i{&WO0tN{n--#?I;Q<#71hUMl$7vE5>vr({hY#eLSt6+#U~UL
zH3Ss(nL~20U`4MnD&$?0J1i_r<uOEDH7p1h84jg7xpBj0h@S~_xz#zm=DughIy1-G
ziuO?z5HcfdERoeD-Uxc=W%~zT*&N5@Gl+Qr53qw21!A*srtXRs)#L7Q;1V23r<Wev
zhMgx?%EOAAOb<u^%zr;ze<dN!x08|T9~vXB6@$R&<q<GvB?Gw0NcIbJebxGjEpk!<
z4qT-v0Hrg%DFP>I8iSeL_wpeSPZjpwn@0kmXOfl}qN{bkqg}rjoqi=+*+X&v$tm#y
zL}HTej2Z2tZt)GL>Yv_{cM_{vdm)Z&0BiSH^)f<DhjYppsOhYsxU#y-7^vM~{)&a_
zc&OcNH4v8WnbR1A@|mp1#w?dcLi@N!VmDwFjN}bv;D0+%P`JVkF!Az(g|R0`Z1LZF
za38tcy$zu3Nbh!cnNk&r42*o*Wk}a@arDc2TCNGvl}c~ju<;aNN*L?PPitP&ajNY^
zn7q{I!=l6D-BO*|%QPQoh_2fVpv+}3un>1&<+Coik{*CXK9ggg+Yf+}1g41)IZdge
zPGPLz4wwp+WuW2A3F#S&d)3U&(P6nA1%5%HY0+F5!GogFQ_qC1FSxx`F(%HF7-+5;
z`45U=YGKk`Fj&dvSqZk#Iq?KnUTf0QvB**DrWlv7!F+)TNh(gd0C94WpP9u%nR82K
zD6O|wNAYZwNzHh#1Ong0oU3d{i0h=2F+M^8<ui$v6OOGZ<5nr+5R0vGe=mTRFOeja
zFpL!~4Gw9vCw#QEL)Uxw5_1iNm{gVrZ;nZn#7Gy$BtZuu9S~0hy2S$#Ye=X+ekGgq
zHZ1A}lc0ClIxKFvcfcAqGO!JcTRSvrs!L+0&J~h0b&VUx9Pw5Qw4rsNF3bK{G?3ef
zJ}$P^bhOa;>%nhC7YI&8dBPkc2p-d)N48Ly`n_a9NMp%P_b5r$%5~tTZ@wFE?<)hT
zBZ&9(SS`|$tiHl<aqX~4e+*H!y2)@tzfkr0Y2FO46_&C*u)4{3*Sw^P?OPqNtm*}4
zZd1Cr6p|?@WtK;Dky$Q!P6a6?#jmT7dyPWq(rSsc{qFf>0<9yYRBh6a(BoTaV^?_b
zsMZX4(>9!14q>?*PQduL2CF#1Le>MPTv8R)D<5BHSCgbFkxbR3IQ%F84pAYR^j;&{
z04G5mJB}DTjL_Ky@0bx-UD<wU8u!DU>|&-=ppH!t0W*t*8H)~6i+I2s_GBpZPJe~!
z#@_plc;N7x)Jo!wZDE{Q;WR8h_>L+NCMFc{xj{ZgxG{}(U<|>Hn!g?D<U}zB#2pFY
z@#7LbFdV?S!MLW6&-$@#bV%6`+2x)J`@^5W@G7>>t7D-BI1hFFbDM<1%6egjOfK+{
z1~M^s?&F-~gG^2m;Dk&@-pBx%l*>CEhDaXxP8yrw=@1GP0y&JCVD=b?Ny3<hG)>`=
z<eNCEb`pLa-+2@T5_GV?PHJPel+456&+5(@$oS6k<UV3z!Q*2;@?EeKf`oOY@zR4o
zVJs(QkF30@ibB3$)Ui#bS<8xIA21I6CC^bPRF+nAKkvJQ&eBq(VTB@0y|GUYj->M4
z>qDW2-uk);+~Vib@0=Wpjd#XOfzYZ(|6+W>)nb?KR3h^<f4%>}SjX%lFyqv5BQVWU
z|BbN}ZSQG1ak80ZHxVIg<CI@WtCok!M0AB+=kv7(n1_R_?l;7cd9&C608#_1Kmbyy
z{FI&gJ$<9&o4~6r03oV$bHhk;KJCP~gq>lMT5!~Wx+b{{PWwlBqOJMqE14uSRI5Lh
zSt<_V-;QNT!{4qC21zzHoO4U|v&KZdW32cHxHg$s*|&;+WB2z1_*Krf8dz!hj%#lq
zI5tf(Cc;{D1Xaqn8*-QSn%~<KWuyXb@+a`@dV)=2`xBwLQYGl_bYIxHWCrSB;D!wZ
zQ~5gw>%a4&=9tk5;a{ookO}z}Q4$lTLzZG?r^fXNPk%c&jKa+jxl?~BII%^`Hfxt}
zL8vs98snUysx#GLU_8P0oGAr5KwxO!4ZWz2r`={kK5C6YkgOAgAUzlmXnVt{Sk0A)
zD-Zyym_Ve@?l!!m3?*92d1EuOyR^VbnF1tIiv`O@P#Vcgj&J$=!|-%wQL9d7F}WP3
zA@{ot-c%rX*>OrKRsLB|a95k5$m7z$?)%eD<_e8E)he6{rr6u50+2HfB)p2fht65n
z9SEH8&`Cpp1m4)*I!m5^5^Zg=5h4+RYUGn=Qp<~!48`=68o59%2upH`naey*A74T!
zh?QGE^6PNR+hEgsyQL?1XByV?ayaDP+DO8VGIZAUbi}X|pyjGNJ_}Yys1si4qP;X1
zgxo^c(9=ddA&t=z^6pz)2rDc)x=R1h=l-;K%Z20A?<rk~vbYYY_mo@${Ya~V^XyQT
zMIxOv2iM2z@wc><#9sFEf&Ge6zZD2I#V4slnd$2e4vw~0+mQ(5@v;HM!sM+*za9+5
z-CKeim%70!WhOI2S)uGm7rFS3z#Ns-LqJ=CES|Us>Om>Ry*0-dgh`Q_8c`I8r^fe`
zjRxsRuT7o7kTX9x*VAAvY!_0{HV3I!59;x#aa2Y=R79KHEF?G>+%(m05NUcWfjk+Q
zz3JA}+~Ck7a4-!87PES3lhwi2m60NP(7tA=YG1TYyC&Lox&r-JxY^byPCF8#;sCp%
z_KA_P%Tp3Mi*5FT(bDQc^pqXxEW2}&u4eA~&Ary)AzRhep1#zvTTgSPqz$|?YUGpz
zwn^I6FpT@TbQw)N4C+A*YtTkRNqbjW4nJL?hkQi_fBbxN^5vJ^$L-~XSq#>b53EcS
ziuG)yNS^|s6r`K)^WWo<2!Bd=A=ppRO##xwaz6SqUkZj8>?eBBKT=VJAl>jjUaEm%
z7nBh9o8^g7g^JZ(*818*8L(v>zZ<)`9o2l+Q6+~TS`}eNblO5jb_c(HzHH-u6!7I+
z5qBa7w(|tEt<r&3t8ZvM5e9wd;^PrHGkUo_-P|57Zl6Db)-$Wjl%nW4qjOh%E>;zK
zl%~e6+1B04&7kz07EaA2TL+qQU&7XunQCP7aem&!fOaKhfX{mC;hCS<X%YZ75_i}7
zWPoAwho%Ab!Pj?2!Ez&d!2H|~mZhFNo{M?hthMx@H^~X_=r_SsstVW(optYgL`R4U
zY>=%8yZiLCz5MGbA(0Ygwz<Bh8!xu?g(|DX{qm(?Pky|b8{dQZL<bd<BCAP0;f3o2
z7vZC-UOvg0HNBF<t0LvJs5*Lf&$v+)PoHR{jW^18-r8v^?}W8>q`D%g?%lF(YW+EP
zE@ydUBLDq4Wx}PiT~ExQHBRQ`OKfN_1k)S-fgomL{7QP}PUDQ<-~IhMKmMOFKYX0;
zcS5kStFwT~qKpnu5ULQ`VCf7}ct(Z;KytAh{R$fQWOE^z3Uus>nGKH@Gs2~&CyMr%
zFBkuo#08L^QUo`S#M=ofSCWnT?7=ZLG{D)4jp1BL8Cw+gP{??=jL8~frlztcG@9Bx
zSc;t)D-s3GkAYnSNP@(P8T^J`xSWVYr=O6N3l6D*(=FE8Yhr0P7!^&CyF+@>tZG>U
zlWw)QQUyFkmEbvQ5k_?ak=7al^Tdbjpx2zwPTNeJ!?dVk3ZvMLE^f09<*kgrBvkBF
zEfxLR7-i=f(-mk#K(#mG^HqYkgD_{@!*7Jynp7KJ6SIq;rBX{VL#q74m7@!hjru_!
zd4&0tS|gD{DqK7i5eFO8NZGu%U)DsNlJ86_%#ct-TK_BRUd;PnX5z>XHwc?-1OE`3
z7?n#k#gpZBC-jc*-VA$}Q&;z)CUOOTtQkAM_wS=_TWzoRAt1i*-}9-WxZk+BxL7#&
zzQ3=mI=VSIzhg1{K6De`5I-ND@7$bU49Mg2^QnT=_7|5k)A5%R^mDqilb$nJR)^~L
z4dVPy4Ao=s=L>tHXa^sPm>wMk$jLU*%5EW*gsZDG<tO~g<!|1|8M)D*@GEv(o_49E
z^a)4%y|v+BM|kDHI8Uiyc>D4C?F;bd!rp}9c##Z+r6bylH;y|lXx@S46uB}uZh_k@
z@NQl1UpmJ`lVE6)bbxhkSrj2m+(SuFgEgU9fpJc|uZVmE9+l9jmq2ebKe64D?0N0@
z?r9i$utGJe4%i(SjR}YqO|tAyf9QA8qRsb<p>x=tOK?q!)cWLzVA}CEG}E3`^^r?u
zZDMQ5MWmfI>-%ZtJL>^onztGep|fUlcZUEk)yWD}xX@S|>eG*0->pexL=?+c4nLbH
z8>esZ#{_AQ8s4?C>^03J;qXM(06u5FtD>`B^vIfbfojAJ=tP_3wIlg?uMxta;XtZ%
z0BWKliSc_=iFzaImZ`c0hlhb8LU|~BIUKr9=YR+%mfAfG6MKjUcZush-$xH|sFR%y
z4fhvJCPsxRq7`%J8f4^HKuLa8!BHqr=Js03lsPRz?B3R|^aiU`&V&Gc^kQ%ET9(DF
z>*_^PMiWDNU$kNguR<mX#t7jFnybsY<GN@)#>d7<1tD&4;=0N`E3{!Bj0KMjlQX6x
zi8_Vi9<6v+u}G#Valkm*ac;olQ<AO%EnZ@~4OS&)$5v138BR%`pW_Zp?H~XMy@WGW
z;Du0(POyvZt~gWqnHIoybh`Nr>{{-TEidA=JAlNJ$oIFLHi9GSRO_VQO(2`uO#R9D
ziYId(-A`}Xo&=LrxGPj`gb`=L5HMu(n8Fov`LIP|<sgh$RdE}->Oxjw!>x7KTYSQJ
z(^L~0Ql2>tOVlcBsdFezDG?PxU@_}LjKY4*$1zw`i%}E}g<Q^;ni34GQb#&-H$wxT
zf<4G)@v1Pg2<3Qs6Ov)$_Pk4E;A*14%J|MQMc!)CR#EDZgAA$0RJC~wTHtTcXFT2T
zu6*AY2i=2-?OqN1zuI5OUW~)3hC=u*6NzxtHq=?IROMu#73nqdS#b_{_>F3o_}B&R
zarAc_eY9)J-wX#pv4s+IVT~Q_v=%f=0wC^)m}2dQVeyt2%PYyscMY5*+@i$A_@SVq
zpdwyixn#&Z{ZWp1vOHT=TK`iIz?%Sd$M{)@HZvZm(h~7X6kkwnys2n&iReO=SZZ%*
zi_J>mK}^t}`~9PVXoe)51Z+w;7@D&{ZNpFZm&O{J2>k{$#jX~SQDoaj+IdDIsUS*^
z<#rw%N6)F4sPKqDDz#%ueWXPeLDq?PR_<Mf%nVqrp%9d(yo|&KD=nxu=V)RgeRxY<
z;+g}(2gkQr2!(aUt~yaRncvUH$8Ty=*YU`Z<02S=8WT%WmEZX1l0Nm{dGivsbdzXp
z9d(`M@l<BcOc)d<QnNGYM|h3R1o{i6Eme=2Ow7mO-dhO{vOSsc^g}CArE#3mNl5rz
zwT_3_hv1H7(Np82&~@1W2QS>StR{}5qgzz!dvmUKc<=I8dsH*Ml2$8fOjdHV3kar0
zI9PNJ!YH7G-ZqC_b*4#viOy?!4)(Go*iJRqx`hXP1xn_JAW;1{_Dy#+Y{;(C&9>1v
z?_@t)n3FL7wDS7V*+=VI%h;+!U~#@>-y*Bz1TBSegOoA7g#+26pd8UKE*Il^$~E#5
zI3Lwg-EocxlR2q(w11vT8RYG}FMO|cX09N9ze{<)_hq1POG1T#**V?39~XyP=<$Xq
zO;vBP@__^g4?REh`wgZcL}NWUP?*>frX``Sy@?`M;G<{nqEEmwQ(Jd21aM@ObjFUX
zioR7>oV4R7QBJ}7BByP4bXV)M`=9bt;(A^sZ&qeZ^@lI0)Y2&lEyWWnuqu?V6ztv;
z%y^SUMCoRA7$CV&8|4}iXVpxqg}LXW2!sNY)Mtcx3b_F@Whm;<pgj8$3LAWxXsvoW
z;k@o=H}^e{*2UJ!d4Zuk*vMT^*u=N7<wiIU!rNZ8dO_DBJE|0}2FLnQLAY5|eDg*M
zI*lpK%M`oCnpxr!nu8i8K#x4#ku+JQvjXn1J<b`{-HbvEHE{#(nrP+00KC+wSsNKm
zIHs&o&;>0@hCulGWdEX+gP@=+DoHmOJK=^@l<hE*tMuEp%|X2BmV$yjJ!nMqs52Q9
z8AeVR)&gLvly@N-jjiaK_t0pj!oI*&^=hj+>4w7geW<B7L959d`5tU>O^HuouR&jt
zxqZ~q_l<g_&zN8at?3XsX+WbnOfYv0*OwxpGavFY7RBPM#oD$Y`(UBTuvfcA^aV{=
zHn!)^STJ|5teCpxLf<Ct`7n3MhrW#6_d3Y_cg5je8@u0i_%L<D>m(iYbn=mIO&h!0
z=_Vcc{3p2lbdLBkcK>5%>jt-bSiN$h?jIXj%?nzIC!d|CRjXOI23b2dSl|xeVq6s?
z;dXMh5x9%K!GptzZPWP#0r$}s|JJkVuui8@Xt^MUVFaN!uJY#KHlg{5X_n&)wQ(%g
zVUlc*Xq8~QiDC3+H;&tGU=1Y=G1oF4n#BmlG77Wa!Wg2)YW;V+iEcDpO!#HgZNs<-
z!W4KlVv(X?yz%iv#~yhRGYvMUe&yYB5O`){yP&dFG+akbURY}^P9Qpz$bex+gOJNa
z(JbOIs+bnkSg<zVR4R=$nvWc*1}-S@S6?owu5#eR)~uv%2nCYD?~SOv63@}3D#8Q%
zbNTZT1qK^(>Lei8(VmJ~4KR{L!;B}|Cbh;Gm`KXpOlZv=TL+2koS~79W;pUX8^qmW
zxSSlBz{(0QxNIam(^@eE<zQ3d14|u-%F^SH#$&Dnq^-mO4G=DZf)qnD+!AtpfTdjn
z>fv}`S<j8PmhA51@d|<Mk+9Hd1Ydo=Ca|t+t?u};%LxX@YLt@RcxtLdhaNE<M_YLG
zmztrCcczS8T77(Ye#+Az->y#o_)IZ9?2C{tq}s-7QB1k{@Zl`Kmrpa@ul2%v{ft&H
zXqS-8AsPxdIj11ZHMsG_5u3Z-gj0ka=XxtVq4*G+Qz}F%dL89(Dg1PeIGg<ti?e=L
z&*Q{SE?fNkh%uYh#ceyvX>+SSadSJHnE)1xD4QAPIM1W0GFr|W=`tQ|KRV21Xqe3a
zf8`&cdx;T1IZ4MpOU6El$G*8B2$W!D+y*$4k82x@A$DsP)Rp!_JKMmtS`i4BwBJ0&
zrOd}^0fB|LbWJ*S{u)TCSRAD6TNW)B5`~5Dl4;5v?jRKA5#0vR37}{v>U<5Ejn6T;
zUTaCxSa=qM0XPv<)rFD4>B`)j$}U_BgM1th-G?s*yU^T92t!;UWbt*}RE9TSX9WO|
z1lnBg2hbG>?8-kB3EW84)an2VOZSkPV&>9OZ^n=d^;IDr5k<A9@%=Bo?|M|YLwCzi
z`NR@-!<<eJChCCjX{M+`3(<C5@(HTxNP%wrPyc~zaOE8v#m<-WUw#7NeM%uDcONqP
zqgYUJN#U)y+F*c~^ME>5akNV**fDkWB+XW0W54dVODt??>=5k`c%h^lz>wP5x#dEM
zJQC+Hf$*AMivlyAFzQS&VRMRo!N(?DM9DcJwKOqQ5hsFwcOuonl(iHaOO@rTq9g0F
z)|T%3CuoO$Eh=y0y>uk2Yw%cF!&V?Enr$K@)g%#*>{MNAqq1*y)a17M+vU*)O=Iyd
z0njQfMT<$@o%c=ifq&enx_1ZnPPyN8mO#=;>!zSNF)IYhC5~FNfH)(%wamX}dtoF8
zq`d$*x&*<Kqj(&eDAmF()-hXI*DzirTqp?=5b~73ESqtX8uk*xif%-)D8$|9fARa<
z?bqAYty)Ia%Yjz>(O@yIyCw71@&M-HTz<btKO(rf%o>^CO9}N~7Pyc42k=K>G;T!i
zxt#GigCBm~g(%0CLaF1suVXEnnr<LL7=3AW^uC@xk8Mk9z%gSMjTWn?$iYA|fSL^j
zYtizGP``DH9%*pY>A<tu=bxefCZMqZVyQae<=W2yD=?K|ca!Rk`=kS;+C@C@j5#69
zygzQAfd*-yK`SyaOaS_Zuv4wW!8%lhp&f}@-x2UgYb8co4EmFEPUgAWb9r?7{eEVt
zGD{~T(^U@Dd*X6m@)0J}G>iyAm=U}dpx<Jocc1{6fwCwaZEa9kt!I!EnOjVY^T{^i
zvu!1aQmCQ;6=r6mu{sIriitY-&tA<n9F7XNI@Iy+PsM6oCY~Rf%KSbK<$xXUi%|CK
zeokD`vuu`sIuCz0gIEM;w8bvM>FyUq-meT|D4KPYJnLH9jfk;zLdG@5JB}F^9<C(M
z?0wuLH|_X|<tFqdXg{ba82#{4H4kxb8b0yZmT?;R_BNDk^N7sO^c4;$5RhH1(i;b3
zwA#QaQ*8B~`?13rpUtZJ!CJGg6SOb@BCxGTuIftI>~;>!*Klk1QnVzI{MWg>RMqE8
zMZIMdAs>J+cv}wu$4-Zc)z+idH#?eC{wnV%uKpE?UwSwf2?`J{fi}8v*Ef?%y`}*S
z<K5m3rcz^*=x6g1O4JK2ETYb+VQjW-e*&cRvx($p3rY|pV^T2Rsb4+i=hWWpJJlQP
zf)?g(mD}m&&e1TG=leVmT}xTG^z?Z<;GN52vwo$&iqrni&lTV475I)h8kb;~$NP=6
z_Q25Cx<6Sa73oC>%~-VQ2ry<of=83SA*!Kn11=cL$t%&Mt<i{3&IlP2(UP<+iZCyB
zqhH#Ce4<$JiDb$poGKN6{6FE)6wCjmJmy&c53`11vFj$2aQcRQ@LyGzRU}Iu(ahIf
z2GLBI|L+!<ymZ3p*V=!%I~}FskN%fC@?GhKQ=PT{j~C#+!Pv9zZIaV<e(r}%M=dfu
z?((ZL>J`IlkAXDp^0Sa87>=yP{=+qj%k*GP^C;?@@;OvYjD9pwa^B*81-cDWzun{q
za{ySGH{E4t@m>bab^5~q$~7nsFmbZ)6|3g>C#NQ|15%*Tfcd(*3E903mH9Mm_a>1#
zL9%UHE_3kh^`PSl;Gv7vIlZ2*M>7aJule&f(=tdQL`D-TIRJqyYID<=JM}zRYkhU=
zFGaN5if^{I$F8y3P)FNl$@&NZ&4rF|xe>soE60&mk&>CeprX8&Y&j&K%h4p%4Rqk2
z2~`ByQ_9oSg~>X;gA!7&idaK4!U;-*15|Xm9t!h)bVN`j%E>mFAh58V{Z_Vs0JHCg
zsCJgXfnR_hw-76KJ_^bjO8Joe{d6BT$3Gj_%fs{id-2`p`~7_%2I~F(vydi+|AU{0
zkBf`v`}fAKr<0raJ08d9OF#Jy_4n!i&ddG7h%~;ikd_AvcZKI^owd>%x?|bSe1kcA
zK|9XCl2*ci;SPnvY0t#d29|bRH)tnuJ>bZ93Muy|bH6-tb!||Y)Or_Lk((LRtKAc1
zMdV~#4Q7ja1xAdi>eyj1;?dp&da%5#pEp*Spn?0xTy5e0vdMaK?2+&<Pnd()2_Fb#
zb2Nwwt8ZNcX17p7k;=A}zL?><buD#sG%e~?NEUCEE)>R(xUrvLk5EaT_}G_tiYDa!
zL(zW%yk3+!$Q2dASO9L*!-L-14)R~oT%V+`3^SQD@FM5=mW=*e&An}TZ>3w>ObwXE
z%)>f8toMlROb-gSKJZzj-cxkVMun_7*g8sGL*BE1zm5XalIn6Zxp6v`R~3dtIf2zA
z=xHz-UcKm27H>7EiYs_GrVRq!IkprfGdgvi&6Pt34iupu()B6%7nzJIrcTg{HNs`$
zKbmD*vGC2twKfXErr46UU{iMIDyuG2Vr(sb^0`=mwhA)TZv)iFDB{L~%x(_Ozl%eB
zbpD)fZ>QJP?vzl%39Dv(2`U@yrh|Mm3~X}@MS1~=gUoIFgh_1P^VENmhU~$x#o?sQ
z`SUtt{WEWZv6=8dtg=f-$`e4~*EaL42GNf<s=TV+02J3hl|PLwg+SYnLsXhx{5n&a
zBKq8+HmTDvc4NRCKjvI?fTtuf8k?GV{Y!2U&t3-uc2~_-j=#5u*MG4d%nsro_M2w^
zKThr`M%Z=P7k%5dZQK2|ZQHhO+veA{ZQHhOn<smWHItd_eX(-x>aF^x-uucgk9S|%
z@RY*k#|~+T47JzqRZ?W*(5P4!y+|jEC~VLXlL@pV-Z8Wl-};z(NhIQD8v_oP5BpJ!
z|0$4TyC&t1%t3QO#!Ws`kh~Vm{){qN?1|RS`-mmP{H6l0fFfCuLt>#1c2O^N27)pt
zkkx77hGx^cOWG^RU#s4{)1PWUu<@jrkg84z-|FBsc4|>2N}zF5P*!Xh=kf9$LrUL$
z9F>%Lv@0*)@U;BH)9Xfp7yUIjb)V`M*1jae;KEM>DTd*Ul3U>xANpbs6;diuqZv1f
zgd2=$0qFt&FIzWYxaGSC)(*ekDn^sNwr@jd3@+OW6!H&h(n$fhCUSirmzRZuh!lPS
zLL^ZeLQ;>~7x}UH*uV$&m*A`Hhz%WyojKb4j8sOZ^2YPq3Pai7Mn3xDbzy4XAymb+
zFitCu;Y%PX?PwsIK7ZYRZc8K-z^W9CG%&GZX<^TwK$_ht19(&BLtKw=eth3#{UCAS
zi|(ORX9y5<0DsgiOBgx?Q()XKZ;umATtPij-|>=ZF!TnTI!uEzp@d>cq|X%FV-7-#
z5|`Vjm6Pmdbm0QMCE>0y;s9FnT#6Gg+S@8Gt9jn^+tD~^gsDh)n2AW{O&Tm-Hl6?p
z={i`KAe>IOL~^SI;yYJz5zVNbuiOM~bE?DgQ+LfvL=h+L@Y2=UM7W|3Z7zbwGMR;x
zEJNj>kk%^5FT$_kDhhawUClee4MNAQ;VEIu_6eCjFOw9fb)6J;45Rlrn8$`Gc_fi~
z1?w7{D41fOVK*H921&WB45VnpaX>$X7|H`c&sm6wP(5}FXbPk^SHRP022+4NlL7AC
zNAqKLng)1Ec9LRTBfFybRsw>IpCy{m1%k>maouopsT2HB<~Kb|%-@-eHc-#|n+$p{
zF%4;p!%SXD)^Z9W`BchM%GBredSaa6;w9V1$d|(@f?3WYg_MDQDygaBgaU6Lw*to^
zy^D=W1=iFE8(tww!@w%8?8ATe8<A|`k95U^{2Q7&J1ywK2LsQV=zWtoX23iHoG6zu
z2Lr_w%ARy(dv-JE63yZ{v)7sKE*OZ!47wP?jsca?5PFFc)J4a*va*97d^Xrg%l@c4
z*#x>RuI4g+YzHc!s187;NVlSYo{2cj1cT#7{s86D0nBgux<H^EH|;y`jZuh=x#rV_
z(iPdL=OmNc^@5E;vG<y8`~@k0jm10%<}oaCaZsLx3_nv*ff22E80ZZh!iTNA$N4T0
zZ+T#hS6|9qh9x*mAS}H6N)hY{z2&`jgavW|-tI-zgXnMOy5&@9)OrgYXj64euL(-#
zKd9h6Hs9ZQMzp(Ms4FjfHP577<)Vb24;bdPNV8iU?_O19sd)>14al`Sm4>N`@sS*u
zxBE(0aYa9K&qPhl3(~7~n%N`oiWRzeRe(WvCH?}H)ZNZu!3TE{9i?e{$DMC6(+oGP
zvUV9t%dV)KFxX#k;55DZu}1j0HAA4S7#~#?sR^W_noc!`1(u=Q=pWN}(P>~=Uro@I
z21tFgQSHkh+t{mOM?A0!y!pIhk;lE<ABcRb&5WXpUqgZ<sR+4vC`sg_!zZQ~+O7rz
z6mh1Dpb5iwXKLdJP(Ba$B(MmyAej!~v{tn?$62wSDh;Uf$TTeqb^hQ~MM4lFvRwCJ
zbPml0YCw<6YezF2wGnXr6(NvU8C^p-yr8TDY9GtKWu2FP655=d<Zuvai1j5F$WUD5
z$f&#nbHk)DV*&-JDG<M4d&!B?W%qV=sknwvYR;Hdtx8j$Xn|mi91xF-v$Cw9Bi<t7
zs%FW3+R9jHEodW(+*Xml&4*75!3m8li?7eysJ;_?RJa_ib08}6%3+dkVbgNZMMW&<
zHl`?-x$-e@3{&-TBM>F3>weyJFlsF$=e=iZtg)GiU)bMV{Y@C<3o}HwdCn_cdgL%&
zS~MB_5v5@|064E6Wh_j3A2osuOIq^~o;!&GgmR%t1$<9bBa8UE9@W^~MneKt#SRVD
z9=SwWpQ*@a;2c`mHC9!(ge8$PrMrqf$IN#J*gc@e?Pd~VdgK?tqdec<Gcf4^iWY+m
zJjIY-K(%95)T)w@TuXpF*G7n@Jio={AhU%;zn&=+Y)*d`Ns42xc>FXIKW#7M*t3&|
zAV;ALL$G6&EwRxHWgl2f#IAg-nwU2ZwzZ-h-=r)bvc`~Ud%7WSl!6;d`1}0^rzpg<
z?9;nxKBoNYQ}KzXJzsv~wX37F{aSwWsr=gQA>*>UxvKo?bNX>al_Tr2`zgk;?DO}c
z=l0)>*J`!Wwj0y3&+F<x3;z5w<eP|;cG)fMxb^x!-Mx=jWV@1%Tb=)o$o(@{+J24o
z0wYdQ+|jzBFR_f2N-9h88*k9A2D2YR5_Z4TeG||@uvsM@oPvRBe7fZg{(1FxSs#~I
zt&K(G^?9urNcNrHO>@H3-pwx)##rQ@zcs(qII2NGYh95bd$xau(hfHk3enenKL7(7
zOO1vkf<D<&N;aok!6aV7$h7{D7<P-7^oQ0S_3f~0QiwkJ1I1p7qbFcqP;|4~)HMY|
zUy+79O^}W6Vccwwprr^NIdhkmPwTXpH0`OAM>dl;WTl%<JJQi!ktd0rXq*iT;&K2{
zUq#U6cOrtiZ(6mTECQA2Zoq<BH6#xYpeLhPljB-s7K|nLrGNO{F}U(7mPk-IFuzwl
zy~+Y5u|nv!Y;eh^iK(LoZm<&RQfor52Ax~d;eg^L08{|sYU7YaIu!}p<U>@6zVp7v
z>VAY>!m88w2q@+C_W^3;#giF8he_J}Y4>TSA-0lhj#h(x^j`U4Bj#X)VNIVxgRO2*
z`-+SNzp1cg3>&@+%+e!R96Yb!+_aoSD*-jkpBlm-(|{B+@&vp(Bk-QPd0^Ja-@FYH
zOC>TmQ!_GHn6HP(3L?f4=mr1p&+6ZCN2_)#dSPl7EDLj0TEmf{jT^*xtjVxUfji%j
z{G;zXAfC?y%XKu|SS44Vt+iGUvel^A5>lTjp0X3Sys|0xh8RIbJ+=tzBiPiQ%f32$
zIupVuCZWoE>ZtWP!(!7<OqrZh3v&_PGu(^Ag2OL_;wU<|6+x-N4~c|TGrf5lt%ait
z#hz5FZ`o`rQWdW&%w}aDrATU`Pw3U9!HJ^{$v6=U?>mRpK*Nt_BcdSZHeL(YNh_Bn
z(y~0LC2u=EL{|vwwCAW&zb|M!WFpk}Nu_XxWo8m_ekIz$DT`DMT55A+RwT9_==$5}
zRWi7cLXnBdNk8@W`oC0I(+$foPIy!@*8u5r0fn~l#tnL<w=-YInx-Z*x(!x%o2=!}
z!L1F(+Cl<lCS*y}i5>XU`r}z0mvX`ek^CGYw-8zZD4euVbSoHuwP&z!Zt}gr7-+kM
zliUS+!r8P~fbjJXu^!9t?<Vwn%%PfbRHGsn+0mA<V@6k4{gAk9F~V4WgM>uYn2`Z5
z0?8=S7B#e#zi6%)SU{j98d+C2d^vR?t~+am0a;){oCVBoA3;oa0Q}EOZOlG&O0Nhw
znpGT|ghj(5D`H7|jA0*}p0d}>HofI=tUIiA%kX~51^~ozOxXtP$!uXZkmsxU>j-t9
z?@;iv7rF?}EE~M`{^R|RLExOT92%t19dIq`YZ;F>h0{ky)L;F#`af{eZT1Z6nrV{$
z2e@bHkI?7A=$O`<{9~}&NEODE3!s`1R8G@bIRd>YfhxR1K=PY52Ym>WpdKymFHfrk
z)eM=q3m+{+)$X=<#@anq_u=*30z)>+v?o0`l-?#O{Hm>GkX4_A;lipF*2YPAE~v<H
z>9!myYH5>RxxPFn;Zx81cJkYO!P}3x!Fim=<Z@$#J0AY$N&$5bW7n>WeBHD_&C{+6
zyHJ)c9?ANlD?}6{P47y-nqM(CXRJXW^tlSCQ?X2m+Iw4L4J^SCRy9Rq84O36RB+88
zSU#A1++Qz8yl>$`8QSSp7bkj_e;0PMMGj380LhBXqP}siegI^ioEi$pq?8u&QM9|(
zY!Xv4_4q)1!V~hTVn3)O<>{pENpFWQa;nBXA77Ag`Z?BT#?SCQ)5gE})!wmXPRo>1
z8I4-eiA0&-Jx#rUz>oI$vNw2|db>N>+VsA;QygvN_MtP-F_fEr7gor+hd!$T60}mf
zhlK6DUHy85U;wNlvWqy;$xqD!Uh%RGj}g%~0?)U6LD;P!N&P`MIr*@8u4J*?WN%R4
z0i>@61HIiIey-OyYjcwpO&d3%%A8(YJ8&Ks^c4`v6wAQ#&0csZC({k|-~R>}ai*{b
zW~&v7whGXxkV}}u1YLqr%2wZjv=k00;?w7+^h}s|PBU(I1Cz-tivATAlxj2>u&?q0
z_mdp<8|kg#9A>g<-RxNN0GEzunX}2KMxfj6fh$`2!;HP@S)6FzPEgBr&C%{QRIxQ2
z#M01vAyd0m^Q<<C$ts<7=$9gG)2@!c7>NHnbLPw$7L&ag==P>H$ngR7{e(*;oke(C
zVBWp{ldbZ{ubaSc(=&2OWFolAR>byn(?L1C9vrDEVZeTvYdwKRCPl6WIbvJEwhNND
zw9AHim2^l3Ad<F~BxQR@Qfew&R8FlBDq}K{8g=|Ul?Js?O_jOO@N&SlZb0sI3HC_2
zC-DNXuAhEU&Nn0WRd>Bo2p;Lew;<B%Irn&>?zU>{8&5|I*SjuhjP<T0A?zqKk)VhQ
ztF@;!DQS%mA^97cG)CIEMbD+=FOF+pmv!4AHeru4LW|}-2u`{xW-|4_aHa)8Oy-Hm
zNZqU$xU?;g4E209iHZ(6LlV0ad17j2La?QIh&(Fl94R~Rc1eAyY{LAIk~2Gr*uHZC
zg*tOUY$_Dd5||na3|BHr@y=A*lC9KC^g)D4kj4lD-75E92SVE=#CBZYK3QQP`|I2M
zJyxZ>AuLVVgVNy|tJ0n|xgO2WUD&Wv6<eQe`o*0YEb?TEGNjZm+2S?mZ-#)}GQ)%$
z&ypqJ1vie>4>N%UWz|rA`pt_UbqO>j3$av&Z33POsdRv7{%}|BZ=kkfv#DsO*rKiA
z=>a&Pr73<{AYeOLJE_%KL_iwp68B$#VNb_=wPc}u2o9Xt@y1fQ-7i=WoitV+C*OeV
zPR_Z4v6dRy61m1dH!YJViuS}h&-5^?nk=2)jhlg#aN8ElvjV2v$(_K~fez%@5Rj=*
zRxkR@T;yoAlEAU;f1ED?Hu(GKe~|e5Dm)(c`TqJ2rH=Og`raSTr`3Gk@9*;UyuU4v
zPR5nu&&Iu_iRt}ZoA+Md1L(Ype`V5Xpau1xN>6W-9m-0~k8uTY9d=;DdO@JMEFm!f
zj)}#XdHL5vu)Cg67u^_^iszj~_7iJYnf3T$s-gPsDF1j&%@uEun>q7)OFD{%6!&l(
z|4iH3T>ma^Z1A=X0)`7Q+E(*=Njbe>5dq$Gc+th?=^9IGm|Gj9*<V{s?w~2ES?{zO
znu{T+Wo-a1+Me0jd=lus1-!x^XITPsrxuOlc(T_)q35{PnSo!gFM`ToSexiy=4QM8
zQF%Upnbb{~ZsN8d7k>yMm__SDsV3riC0aK)Kyzv*#n<jnWFJH4n;Hvq%J}H*fNK&T
z2M^!**_)!m%5w3k_jf$j0ORX)@zpbZ_Bo2*)-=Arx(Y?KAjM{YC>dkpL!ssPSo(gE
z9N(f{03Vb2@>%6zF5w^f;Zx;|hk`n$h6WS;^h(a(ihK(MGaYPeVDfhiNX7Ms=Udz5
z!=cUV@`?&x4$*{fx;6Xl@Dc48+z;Npm{`7Xg;0yd(F_QdGJx+>)NL$`4WvYz`UHZr
zgZbvz_A5a8vznp3P!&|^HhyOxsZ@LB%<N6>zdVkrYH8iouEfqzq#xN-pC;~dWog-A
z*Cl9t9%x}6qtj#?<w_e9ikr@NCE^4dO`;Z!%Agu`(Y&{B>Ry#`ag(VSxim~$D(zH>
z&4s0sMtNGfGU;EmLm+ak2_jq(DY!sQ_EA~1^*1t~ivi3FOHO%B==Bbqi1C9XL`Ne`
z2y8h4^jt9Qq_QKS5c=&;$J3q^x$Dzh{fRtJ4}j0+ASQbu7AqG49HG>s44#JRn^g?<
zwsm(1EpuS-`hYPG(F|4KGqaMTsRc0?2-1c{d0)JWT10J3TDq0VI=V39KpaILvH5IO
zXBAY3U=O&6IX74xS2pC}66>|`xIVO}?9ZL^FGH(}3w$t5M!SJ@)5FlE+p<Z_-z0cH
z_X<833Wr}F?~i+g=C;|m7BM~5zjj!E7e`KI4xM)1s<L)33+ctEd_G}TnF{*O{jPyt
zu<)dbvBRueoEXfCY8P;EW>R6~Bamt^8`IGG%A?u>J$6yWt^uMRlC%-a-!h{>Ir~-B
zhDO1iCv66Y+q`0mucuToe!O~_rdbPwq?XPZ2QzyWU1}B5{BfYTHQ`x#YGQ*M^X=<(
zNfa5&(Ic*)Q?1lgn)bTG4@+z_9T;5<IFB&;`?lb7jLs9aAnh9(S|MM&mzo0M&hrs6
zV<UOKrGSX|R&LUYCBYg#`>thW8rsG59bK#s7Wj8=CaRxdL{k-8rtUKvvy4s;a(C?;
zGddT2wPB_3UyqTFwDUZ_vUxf$ufDOwWPZ9kJ?t*r1bZ}>0db38|Cnt*nNIn-Gr{gM
zE4N?o%)I@%;I2(=Uu|UB(3!Q>&^2zVOx(4#u<nA-D%Kbta?={f4U1H14~{fREOE|o
z;VPJw#ubG}GFS!}iVHC(Ml}|0b2c4q@MezoDH~kkENw;qI>p<v9_`|s<)<}Qy#x*t
z)L}PkuZ-Ug0-Q;osULKeiNR7$R%DiGD>o9)UhrA~Zg?mQ$fiIY?<4KX2kLc@mAGai
zH~8+DRpOxa;`np}m|v?#9WV!z?lq#mP!D+QhsEX*@KOQn7SR^u3H%=Q3U+|MvJ8+J
zbg_{z&P@X<K>7G)@}-)2E*amCEUw}Dnd%hS=9(Rg0R5{Zuqy2$d?!M)&Q4{#-4Tp@
zAo@K0xyn7GIVVmrCX|x0m-$dNngAK8blr<cW1y)7+LOnM>{=2{qDYyF@yWLBV3)R2
zZwWhos$OYDZy^}r9&YRN{sL5{v+L+$`zvbcl;}_qRF8bhv<yD|S?OPCTWgVx^3fb7
z#>OPo&5ekx-i74k3U|=z!z%xH!@R<BYJcCW{sG)bn2#t;EOEdO%n<$98)dHvOB%`R
zcYRwU2-N2Y_9&?|>}&^TLf}F`gvN*hI0kNfWeQ}(s!VUhPs3%r)_?Iwl3;r-b{6us
z;>=O3rdw%|;&5ZiNpq@pt;Oh@d$$`NKrd}^+l$==x}-1TbELiO8W}uQzE21iyE=+M
zFP{A=5;3N$JB~}kF}34kcdaMvu4_!&9rMXyeWIZv?g|9*#@QdPEG8l^0A#>DI{;ol
zp}!7GC^?<5d@h~JDxhaf(k9(=IE8K3q0!;Gtb^rdVJsUfcaG+gzc!x%ya!FOUXr*?
zA2YZtlwwO`*2vWW3yOUPW>?_l=B5RqP#+v*bAsvnqM4nAhWb-*b-ZJ%&Zf`^N13?I
zv?A8d8Z7Hp;|bgD)*lx~PCBxG@8-yPn~=Mu70A={UX+`JB3ywz9tfFCLvea<1(Pu+
z=QQtZFH{rJ<a{CMIZzv5t~!px5spKAm{t8c?=PWRero5z0QcE5F={)~gQ(G3ZWxVP
zKsu>R>J(gQtO4Heuz|$vB+ccd#I5>P!4#9?UjLK#dEUx5oavE2wCxE;5$6Sgv<qdo
zYYM#Ut(8k)w>gMB?D@_!^C$zk&lmTbo2?l4=)5b8{_$X&qAA5J*Nk-Q1UI?dOShVn
zBha%Mm#_O|2T<$Dk@d4`rW4FV+hUJSop5~(%gD+|4#esobZ<1B5}6qLuByUL;(4pc
zxiSoEH4HBIRSMW=1*}Al*jDHO1r!r2+tP7oREE{=?L8pfG#(S%G{4eHWX>?VEB!6)
z6UC|XF6v+^*@57e)y@&wFtb#%amQ|p;o28vg2{BimouboY}eGHmsmC|L4n?J%i>!i
z6H)9NxDHx3c)M4wADvzR+uBJt`dwafa*GSB)s)QY37GFWPXY7(UXe(SAk$N3#fPU!
z?$jfQqTZ$<M(PR9{n@c>a$*u8Dd5YN@_hC2#+B`!%0QLH{5r$S(GEpRa;Vxo(IymC
zxnu;D&5M*#v`bJ8M&RP~ySYuJ=u9~`6swdA?;UAai!=KfHwB9e^JATO<a!qy%}&us
zpWEzi%Kkh3%J|5aU<KWA43VV3TFWKCdNie*O|V&JhFPVKDzj^udx=%bfS=`d>32)3
zQzBlk*9mW^#Y_J+3X7m&i56851#ad3<J2N=mGRw|T;)i*$e3}wjWzUI4?)M06?qK8
zb$ye>BIP-T`PlM=*P{V}j<T^Zx|<&Zft`HjO=4>+E|-_US(P)cbhlYu0!`P5qStZV
zyLPBgWwKbGY-N$vNJ$k-8iwf7a@O(&?wA(IaeCuYIg%lmGR;v9Y&hAajw!;;QQX%K
z_?p2KSIw<{{)_7<cKR$*s;rP7@A`Sr_m|j+f_{|wZ5)O0r$>wOZv9Ks%t(t2ollBu
zOJ`lKg93^eBL<&)NOz46YK9^%o%pndrpE6pW|oD<Ch2ryOE|SZj}lR10G|7rk<-qB
zm~gJ*F($;G)G*yXvTuR3V@b1Ee7u-=Hu*)kiH+KWS4_6)1(+TS!3_kZFWd2nH|#a&
z=7lg@4LdCvs2^pL%x0J!7E8h~wkVy)8~&^s;)^NSm=fQx%WA1BS~Ki&<@t{z8oVRs
zf7`8mIZJPxm#p{S+-e@~vsK+3sGS6}#{Qfi-OD%y^ptc;VEsfB3q#D7cY>-dfoti#
zK-=dW1!VVhd;i8gx|!M02QB5HJNrux$p`sLUlb!5Sk6H=#r^ZybykX`u$1T5#H&n{
zi}e(^Q;Kw0Ch%*>QZ__kIR|~;Dn^>#7F&Su2c@ENV9@rmExbY?PVxIpS=&#F5FbH?
za>ip(A+g}BzL{mms(d>tjLMIt0Y*j%{}#({nZyKvq@MZh{Ob68bFxv*tn?PYC{aSV
zvyIIRQ>YbqvAo<fKRspJrKS4A&XxFt-$0Z7+SPzEArNd2JKGfqHiZRioPVnv62M2D
z?cl^$%oGU#8;OToT@t{s>1|z~1~8sDM1E8kh@bb-LJbAVxgOK$PM2~W+apA+vlctl
z#pBT%olWf=H=vvqq6K;PA{R|naS9swOa*V34LJtN&ivl3#b-8<*29$?HkU<)qTNsn
z#>RagFcf<;+Umw*7znkCOU%63n44`cQ$x=G@`tsd{uCEG4lJf$f#C3ig2#Wn%_oMH
zKr9fKiMh2l!Ru(7(QS?VG}v095^7dL_|~$kZQehs$1lpLl$Z>g?k99LU9?7xM%mU%
z*>9!(<m&}=jX4(%cPSX+5?htGYvKP!_UtUg_!abwFE^h-LA^iUPx!w+_IHP27&x_m
z!Kvb2j?fUUM2L-{?qUB&*po!iganA`$lMK!S~|Jvert?9UGYHK9{S>1Be19Dt)d*j
zi9Kv?=){R$!A{m2%~MAK1PyO&ps%{f_yG=&R~s+b>i-;ltotu)cZnhur{G`VrUF!)
zw7(Ots7cew&OEE(wmCTZo&Xc#8FUzxEl_!)`!Q}D0nh1eXNi{QkoZedM)m_i5LY~K
zF+j_zbvLE6{THjp7V0$nkyEu+w^a%7K)txsLx67U*cFLk2XBYxE4oBD4YU7gw7#VL
z<gX3?z!J-<!1eGF8@~~mtbOeo@R3K*Hn~(!D1#ya6j9LD3Nfr(R`H1;5u@xq(G<-$
zFou`w8gY5B=0oOvlg*FmYywz?0umD2YLC+Pb=BgZ{ChEVeHUu>=^&w_MlACfHp@42
zi848ekEZT%`oA{y-$&Cmm%2W4_fVvQ&9yHc9=9GsGC0(>FA!yaLQ!E!@LXc{(D#Hf
zL>}a^xCO0-x5O&Ce8x4eFVmDCyE(#@DvtA065FYT@I5ZlU}&N+<#?N@(ds(hteEgX
zYIoc20gS{Wl!L|2i$UN=j5*s@tqdi7_*^mV$ZEo1CUboG=`Yy5{9HVxK6qz3X9VRK
zT#gsZ2jSvBPXKFIV|$~rjWPFuAjtq;Vv&dCMPDIxSA}N!D!!d7D~W{h9qU~&Z^k;a
zku#$zc1`G)ByB4%8x^Zf1}v6&sw{0zO5h9GpDgnRwNm!#`g*3GHR%Xp?v=Gaxza2m
zZmihcO)K15^!ZXhR|@i-G+DaZ`gp02m!QCfMpbJpxy|`rh9Ln`$cZSHt{i?g&^Axr
z;E#wSjOPBDrn~v@0!_vkwGyk_@MPf{{DoI&Ae-Z8!J1VpT;J8v(92(ogdf66$R9$<
zWiqIWt*QeDpib`#cfq=HGW?g@&yGs+h_Zl4?jJ@BilosoD1?qYV;91}5spkO{GH18
z1E6douSKr?BSgj%Yyv$}aH(6Pe|xmSJ3%EGqSA2;yMEWaJsPdkI28c{qO|is*p8$b
zu3wK>UP0vFdEZDN^U;O!rZ7%p)IDquG5&^1Os|nJZgW$xr|4)<R!@EwnBiNif$$m>
zQJ~Y=oJQY4a0?QTEuEZgpnFu60=6!fo7K+>;eUtf5u5TD(GPYK^P!~(d#d(Pd6DfJ
zC;#Ak^nuG?frR2EbKFlm_7+LHNfO0PMP5T0^$)1;kfiE)p32kh7twL)UFNUDg1wOU
z47NlVoQEo(4pC_e-5g@8zuw{l;(fA6txvw=F)LT8YM{-h9#n2@J|<voVyN@4w#uCy
z3yowkf{JA4ey%RY_)uK{e2DQSU(NVCH-!Geie$*NCHEWwsER0{BAx@N1`n<IW~m4@
z$gGAas4JjX3Uh}(=jBd#6Zo+_>JdWj^l9qz)%ijGW*AOC8u{lcm6TAmOG}8loC35W
zV{Hh6>F=2e1BGogD(C+=`fNMXt3G~W`}jyk5#ou9l`*=SRD4ADTI@}I=$n&eoFrW0
zC1frhjz1h5%y+^WcM^>rHIwA!X#9^|V=WA)z*SWobE4fI8j(ek`)Ym1^;6-gLll~<
zQ-OB*_DNI;_M!rOJa6s{#8V_<N1~Cyz?1C+Y3Vq6-PY7nMCw%`OSU!%_rY1#(9Y3g
zNLJzMim@IXM^CBP=!nRmDm7zDeMKE$J|ng3_o4Gs)^nJ;sJ$`Tn~H6vMmUIoUh<Dv
z7O?OUX`ODO;RC4~KEq%h@axno&K@2=sLb5P!-5YAU@<cm@Dh4#ir``$e46DkR=$A$
zFF7wLAlfn2qM}=A8p=~&>xC3M?uN`%@|HP|!W8yt8Q>Oe470(q!<fsEwlS7%y@jwz
z$zWT1=<S4N=DpQz2#O~I{u%(kj8}7Tr8PZ}bTUMQD-iQ>puHCiX64vY`~MHlf9Hu-
zUK{O-sh#1+<497%6@^{LGC5L1aaKLNQFCosc-JkS$(P2$uq|I90N@B_coH6xr1H}5
zYk{20nB?v$*2fOk{BQ6)#l>6;;egTfhg7T=H!2fb;*=!pwKr+h3Vifzy|4)!#Dn}o
zmP90UhIUNyu5N>1JqYU0B>E{tf8><iuFgt*PXBX&YHn@!!e=uxruzLyBx=dTnC8OK
zMQ8<z77cdK5hnbx0^(Go8VrzJ$dEsQWyRRzgnEQ$0k%*u0A+1<n74=r7#qGCKNj!*
zQ_nBiW?mevr?2JgVmP=7Z!d#qhI_p}Tg7*mZ9)yxMPF5KNxj%qyz$40xQweVC>FXW
zS=tbhT8!5Ta~yfNqiV3p<OJN|c%3t?yBme-YvKppH_^yL0(ydN%RvvT>%L{~BN8^b
zO0Lzx!0?zSSjr2WC0wN%kDhVCs3~;!E1q4YV#oN;nt0mF)5jH`S&1NvLY26i<+PrN
zO9kMbrCCphyle)7ZrcC$T}-;DteU(bblI7RboxIFuaNIl4_Xg(1$6iMrm{@7u#&M*
z&)m=t5=@;SB@8O|g)61b(}wa^x8-5}W>ES(jk!8^=G<-8={Fd3Yr&8yi{?L$^LooB
z?RWS5<K_Rt-2R8g=lo0R*ZO5cUvoFf2S4XnF?T92l^Uj{Ltjr=|Hs+a*2tx`$%Vf9
z84Y^fq1knZ`f51TKcDKe9z`%aPpVL}VfWKsaJ6(JmmwSZ2sbdBt%5zxtljMQ?Q^s5
zP#9}!(P5KGDcgKN2*LD2uT$aA$YM(Q5??398D!yDq(vjy7T6@pcp1U$!mbm$S;rVi
z5N@EY*D-_TkE{`HvW?tDhT6n;z6@h9T8#Z**l9(x1Vrz7I%t}pXt?_JPR1B|5;yiU
zuiS7?gFfZR7R}8iopm@8t>~x+V8BWZ=x5jSyHDiJp&esN>A+2d>I%(fGD%<r$x`Uz
zLI8db7GN2uguJfL$+CJ%|L#ZaRfG;@G*cZ|oT=T;>amzppymcUI?yt!14goInDRv1
z_8c;jN|~Aqt<_+q3&ATuFA7$z?ReOidYe7|hs@`^j7?loTwAGgR^^?8Hth*qBJE`k
zXaMlj6vUew6ULLlCSf!a$Y~QR%pPVU)zZ)684%MmX}VnnpnhXPY(~LK)$DMO_T}3?
zrD;1gQl>=-pNyi--}_BU)5SSez$&RaIygJ!s#9oJp?hr1n|i-~2<XFUY`+vGl$ej6
zE(++_RovM=s`|ilcZ-zWX_1h|CgcY_IH4rO+Q0C`7LvcvjGm1Y=5Q-CD0dl^p36rd
zei~+T&GUE#Gn;i0gTHXo%x+CbAX9epgg&0!#AZ3jW^t=Jc6K(J76ljuC!OTuu*9jR
zFj~eK;xZ9uGuFqZV~|e`a_JYOaf#|jHcZAej>j~N#<(`c^B-ZY+we1+hhY<rBz&&#
z-I(}AIaNiwROAhka9r2JrO3%*1=e)4c#Si4bn8c;oD-z%QXVSp7mSGIl&r%UZp|6s
z9n$*K`7dQ5;(7s{g2ytoRANO`oxKx?@;~fd(21JHZb#Q1!zNG<f^Z%U+>R;;u~geY
z42oaKZ~S?`DhGeM!~*Cu&VL?UQ^BeG#8kzJSIKCOp*FXVXszO@oDAU&x>sJ46Oq(b
zexEsjANVq1C!2WQKr5tDvl<h1dN)*ufzPnRli7~67gEhsOUI3K6!-y;Vn?hQ+0Ao*
zoP-35feENZky(4sX^ZE>B6;ThurgI9?9iuyRUF|`0)9YMHA%IR&=8-Wsqde2Xft`^
zS3ZZ+f4jiYq3uACBnra_KKrO-vm6O3E6897Zb71B(c2`gN8vRNu@E+30SAg#QzZ4y
zuo(|ERhib6tO@nB+Jx5YB|x8QE)YY@m8c(yy?bMF)v6mBkYN%P(Fh*3cwbgcorrT%
z$iTkT_2J19NnOGh?&|<8Zn=8Ssm)=-xtqs`qIWCBevb1&HgDKc)q=1o0t*n#IgCVu
zpgakzrVK}m6(^EC;GXLzRV?$yNenWXmvrttS(_fesS_&@B8&*$D^j#?gv}^=E@2@_
zVLvcu9LQpXK+48W%gI`HwTe#Bw7(9U&zqm=M9GAO0)SOGo%QSLEgN(qlX}$WLUQG+
z7Q&<XGWd!=mIc{m25(T}_>EIb4%D_8Lt5YbX;am@jMYate0{hcmaCQfasBYjyXTN$
zo8Isal+UB&r)GP~M3j{5|5f3-T`&N3>dQdZ*=3;c5CHB|5P98)MCT=74XWt(LQ1_#
zqqK)?rI-z(0pE|N-_6nGPdCXYU_~y3*>iIrOoW{$SdBCnkR3w9A1EAR9dBcUNpEPx
z@dRH@DusTl-PI6TRMtRjl*Flgoo~cL5qxK|q6yXqGo<(2?@1`v0@N4PXBL^MjwuMO
z{^!aOjj}|7ow!IVQKV?XNKmn!p&*2Ql%h=Xdb)*2OKq#|%#D5tyz@2IOqcP;_vMLR
z@5_Q8&Nmt8tGRdU#;`G_Lr-l>&nq4*JmiuBcOLXl2ZSGQ6=Fz>mE`R*nwzz8VI=}5
zG-nzP8JDllIZh3{oWkd|*%9SCbvvmaDCx=UprTY)A+PH0U}z@s$|<+k#I@4V6%Gv*
z4yfUPEv%Aio5SS`LGi+M6rMXUW9W}H>RMlF60ajPFo8o*wflGT(n&Qp&UMG&bEl(}
z1Q3Fj*(?<F#!`5#1Qnq!K;bAG&)%B1`w^5Eq87JX%Z1)Et_iO>iUe<*tuh3KaR>j4
zEqLmR@%Rst|JvZU&YGi15J+?*ISHgIg=R;=JCx98suq48(pt$_k`jf5F%huI39gk7
zUejVTt~VUpR44zE6ZZ4;<YNXX7-|!}Zm<t!b<JxU{S5H7MWHGFB3}70{zt~sH}%r3
zdTf<5FzQ3?T1#5MFsz-fjpI|4LmlUJ3p9nO(vN@r(Vv5gKyHG}D@e=8<A=;*iee9O
z>7tM$)edvf%vV9&SpL66)1~5%lndVf;P-z^_l%PNY2CK}TfJoxO@G!<E`0eCXaAp+
zlbg&xmj0JlspuVH&TkVSl5)ZOH}jtj-Byt-_-#MmLs^syU6+~v_Yb-ba{+5kv_6MK
z)bP9FJruA+cRoj{PNJRyF4Of_KEp~#6sz7g7|V>V6qsvInCzb1+U2w*6BYhgN7{Og
z>h^sjOzM1&62RqQZA^WJhQ@XDIo;q3^)W}Y)LFyLyoRHapPg5fWf8DYvkmTOatEYo
z2{`4xUH=(p$_U<sX{OBfqwkr7Bbb#EO2fo{iV|r9)U5pNX;;NC84Dhkr^GNAD67_4
zamvtLOR?F;wU-#$d^x=O_#~U;dTBmZtro>I5I6-A<mH|lxr97rYF0#M>4?0@QnbOC
zKsIv?S0liYS2AG9Urjc1WiJG4&niGzp(;oz<|yS47SdP7-HZ?L^Tsh=q8JtBM54&d
zdi-I*3IzP3JGkIMIwgKOWZbxi*lzpJJ6Jz=@1yVYX<=czd^x|XaewiD>ipq*`92=b
z3V#nD3kwGaZ-0MIDkmQo@!#i1Z$&cn_Vw`Ld(BGuM1eTDJ{}tT4Yq~iY#KLK>$G6q
zN_Yo3yFoESPa06bfaL;+!DT~FSN0OWRo-YLc-3b{dG^nHA#*$2b9kj)7G881mzA96
z(kk8TWsGNHmiwv=xAjQ|CF$6!IpEz|2(mM=t{&A{nJN$cLRn#JbvsM4dFYwWk|4~C
zZ-o5$H{In$4$--z`n6c3B!{P8LQq1tUp5ps-yG+C$HoUYhU53`gwZgLxQ(GKgSYIA
zGl~)T^q?5t0anaS=W2igVa5cw>2E`>X$j4r-qpryEk=SZ__@G+Iw7xmP<LRL)t+w}
z+Ls9`Iq^P=18Uc*+tUnzt@pI=t#a#GxtAfQ0kRHQUy|@3>Zm16HzG4%f?<?Q>`;jz
zQH^EV`?BW-fLF{t8^fCOCT{%M3t<O9eT*ngP7IG5ZFuR@gb0u10=K`6cZ<fU3a#pL
zVFh)V!b3K$Ar!P;KF~;wSL&Zq=dMC+U2ImZjg2l(kJb_Q*p`a|`Kknc9faAGlhDae
z`E<Sx4@#5L>}GZnTNfBeJYvvjB#L9K*l?DBjDTT<E<h<LwUe;v6g>*Tx0%Exu0rbq
zQ0jxxP&y_-+TL}?6dncgMl3wDsWkTdyJ0)Xq7{0!D@G&X0YbX<n)O;#mHoAR)kUms
zORY2-A*@I1rV}&vuiXJk@nuFy`?8BDrL-=Q-9P9OeCc`KY;s&>W_ES5zjqn!$lxgP
zWj~|g-x|_6Ep>J~i|Q;)ZvXlyI;6h6g})Y?r;U^u#A}yW3(ORH8(foPV@@hF8seje
z3YFf5b|Kzr^V6wO4|hs*sj@8cDw`r$MiFjhObpF?Pjc_7!xDOOSCETO1hdFGHrWL|
zxsf6VQi<tbdn;>2v31@&<Q_R)qd#r+vi1>pG}Ontu#eZKAbgq*n^TDptXJik1_jV@
zF00WD(`Oe}Fl_|-%);L@Ie&Hepbg={Yywu+F1LWWD@NNp^I1cda4bIMjJ4brv(#1y
z51UWD!;voF7IKD5py<zD+xF#S>Gp`e-lnmZz~Hp%Spy1<%A_0!`xP5=js?7cRMpPt
zYVy=0QBVjEl+hNE+%DrmVJ;}h|BU3u=P)aDQjcSIkg_Z?iITanee0-9o%_9<7PDlT
z5686$LVYrr!Irw~=to2;<iTRhK@TIPG9`eR^g)q^hV<W`J=FQ?@mIDgt_5MnsGIHV
z-<Ix@r0*d*V9m;d;sW)9_JK=Hqll`NCGOjPcWXCH)ey`w?FJ=+9!j~(u13o%8I&ai
zL+VhqDs06oH*mFPSUyazPYT4#jpySYBJQCz)vzEDqr16ur-0+rtOA9Fh=&B5i3XE&
zNV84rX8j=;5@`*^GPud^9BX8Sa9rJBKCljn{iZwXZhU4~dcdAuqA+})21cGN5jS(_
zlJP;%a56QQoW7F~0MdFE#;xBLP-zOAg0p!gm}1DdCM*VI<q<aZ^HHo=x1yWSibljS
z18e695tBGjgK$kn6B()R5#YXYvM-;}Y-74aGz;jFhk?=u<f<+cH|b#)r-o=$eeM^D
zLKx25ApzjYMWirVrIDAjXay<s8HgRQWA!J%)M=O!sRNJ{9rY0dhaL)p8nf1BTJp+Z
zgn@oaY9RPi&e<PhbYi?b^pedV@soU_4Ca2jlTFiTI}6EiQp#LPL7ZYLLG*Z_Em3J1
zdjNPdzY!36?nNv#?C;tFsIVLkS^^eP0T1!Rm%s!oAE;w`usiqAu2FUqwx2JWIIDxi
zX+7e>|3HbHDIhR<XPUSTyY15!n;<%i>5YyoCoXSTqTg``CPb*TVxMCeze+l?vGEy*
z;N#wUY`SBW(UOOKUP0IXRZSoc1>Gk+F^ol{!(5;q8gO_cteY?E1~7J|ixqrXzfPYC
zZ{$o2+!>b^sOIouRWqKn>Kg<E`h}Mi%?DVaV+6KAP}?T1!{g#~(66C_8l+&U9dDO^
zXBGs-L(T`GD3d)!{NfC*B2<PE9A5T;7b0&LkOiNm9mM}l;3hZ34s<sa>t*Y5_2MH?
z7t{PDQrQP$&k+gF$>ol&bHwev1U(VKs~H;AY<oe>vS)9XdEAMD6qlkRbLo@M%YT~n
z&NK)m^j8t#>2pUU<$IV@*VLpqY|rgddl7v?cF;ak2W2n>cU;$?fgPRvdQ>3CL17Zc
zmz-s~eI>sQ%4@ssSagEgkwabCyXIXJpWFEFCT6e{lw*R5f>hoFloF`sAVHEPS{<Ug
z54$vN3u^ESlm4(y=Q8|=#Y^jjjqsbNe&-GstaB-sy8S_pRp`LwV2ZGy1eJlOwnS0w
z<*E1t!)v4f0pd2aVAMYNPL&KC0qaJ<A9GE9O-N(|xGYp`E-}{4M9MrX-I8^2LLJ}O
z6p*62GAva;8XtjDf~(@f)0kp+1@5{WK1K-VlzG-7^~{P&fSLQyELfDqt-4evCRuF-
z>7ZY6gpy=sy3mQNejT#Oc4<O>Y6!&*8{V+MS6F->9VqMr6k5~9<w#OhCfGo0B7}yZ
z!49qp=<$}Z8%dkfFE-O;nX+kfAT`#e&(lIsLNkMbbKoj7w8^Y^@21RpsjadzyiyvL
z>S@(%HIt)rIE@R5MNPiU=z!%NUi0}eX!;!0uk`Bk2>7iS8Y`_wBbK(7W<KNjxPUbi
z?(VSjWS*M$WakWdKgLOE4gxHzgy=F7-+A|f{2>**d8Z6Pe?c8769V0#Wy%9SFNYSi
zw2&eHXVZQHwFE9wRiz8^=o$ND^bFKgP2%#T^-E7+&lB)Jd1`N#r!`gc(O>lOVN_hJ
zYVMr1eFYAN{+MLS%EO=0Pc2l552(gKSnNZARGC_2H4$0|q*_kl2-l!G^})b071=wO
z4Vbp#GppDr2aq9=fJ0s}%o3k!fU<SUN1+v4l1MD;{+pRliK$Q(2-u>F*V@>YRSkm-
zN4@yF0+!+>9k*`Suo?gO^&o1lWuMzltN)O8_S*6rug}bjo?Gp|+Qp0IH(tLG{~Gu1
ze>1loE)}1$B^|dvng0dg#WWKBvGzW<nHN3q+P}UB)5@>im;W94cV6+i<1njVq&VR<
z`8}*G<6wd0@<6YVTDc4ms~!kpw++o#23>INX`G%RV37LL9X9uiS4YQ<IdQSfSWtSa
ztCGG@`~K-j7j(&uk^*7mN&bOr!yC1gGH|fMHC}{QqZ<I7U|ohVMXk5R53rudC}7;5
z?G=eMJ<Mekj3tyL!&m+WrwC~uaJeS;8p9Sjza_SRl6*)FA(OoHot2uFu`lxMSb!P)
zNE}y%24^UB!9S1r!_;JA>)D`D3%xXine09d-8ihyu7;{?A(R;17?3B6Lzs#h{5soJ
zMzj^(oYf#MfJ7fn7L<Z<0k~HwG10sj`xGsI7=dryrRTQx@gt68tjvMc)%>0*N;uAS
zRKsQcEk<2<c|kCxS%1@fb!^$csLUQ~NH5Nh(qBVs+Ze1-@82S4{5-&o-vt)uJ=j!Y
z<@!h8;#Ntwe@)j8EKe#FGUg|1M`Oi71-ygw@`NK-QnyoK3j+)rhIA6lH9cxO_$bJA
z3C-g$V3nUX4&fX?nPr;>)r`8~0Kp!VP@1`lL}>mik5!4mw^a4b0|o(>U7%1hL0(BJ
zA^vPs%@{UcLALMbaPjwpS;Lmr?K;FfM3fkIx<X_sU44@mNYUtBo*81NmLa(dU)SGE
zPn&kLV9;TrCJy_PZT84>e!i(FE(3h|3l1d(Q?5lp{9=+UA*QQ;!3`G!ZKjyUSi#hs
z)z^d(TeWJ*ny;|@kq5TA47^*&N833YzrcC^ct+FQLY<HD;p2)r(?lv$TW4a`v3fT`
zskq28j<+zi!cNjb#Mo~?(^EY|TkE`@A_o4?ji$VGudB3iJX|aJw5>;VYzGLcazN(o
zHTeKsz;%P~{ZpJ@zmZ@Ok)H<?Vu@!c2&8$1Njm2=Q>6)LOqJ-sh#TQc&i%$vzI~Ip
zhsQfSHT#Q_NTEhcrooI*aXBskGMD`lY@+nb<<oXXul8is)Vh@Gv{5HnbMBpLYP1yv
zMDvufqln^bAtsH7lG}F#g)|~W=^3s8bv#k2NdGVv@g8b-|32J>8^GWJx3Py9N_Kdo
z2=N}F>JDS=2Vw6OsP~BcrNVKWcutbSG@?he4lzgmU`c}bp&f^C5vvg6+@J8oK+5T6
z(&OC$I3c0DJ{GH_?e9|Lmbn>hFBbbneFib-6InlbFg$>=Tr9VeS(6LAK%pp9Gw$G~
zwy_U$B%Tv_KdsqvpOS0#<@}LOu$GVgI3^hVBZ*MvtI&m$I$FYSE*5McS3bS{eu-`9
zz*x~va5x4|ci%gLQ%v$oV}aFvG-z(89iOHQZ|e}gH{7Y+07!H=FsVyLNck>cTqj?`
zoI9c*8*GU7d@aEg8j%iuXaSQNk4EORR>iuCFm(XSP8l2w!*+sMwAtJrtRhs=Mj_2z
z)gsi{>7eMzG*&#u7WVMAn2O=8Ro;-=Dx|RsG}ZtYK9Gbl$&?uDg~A%c1H?tx(u)g6
zkJ-hzQJjSKKVPsF*y(j%JwXU8rC&#ooI~933_er{s(9_&wjZUfB6%(AvL9Lk)pT)4
zQ*)Xi!|7~(7kW{>^|0Nh@q5F}6@lvtqKVMi*cz#!3=Y#ND4fWl+DgOusr-fXhh|~B
zxn1D+4irhyNh;f4QrAi!S&imhG)#TLPuBH+gSPSWB79|CQ9LXpxsn5;&^u)s6dy0c
z^57Ynl!q1kL=Y!TD0_~&)w`2eHSBhD1Bo%nH#srCg>IQL@Xx6H3eRy|CYVgGUId5C
z$@FHe<@Wq>zQUBU!d_b4R>58?{YshS!SdW!e=avfcrLjsYyQp|60}x$mFtYv2Z<LE
zWF!wKlBwx%7a#i`Uy-6y=37mK)F^Gwas>*9tx1xt*3Q|WrN?S>|6;x6V?CA?tbX|l
zeb(`sODE&TfSnwT`$o=g#agD^-cDwJ)!u|JVD`mH*XX&e>TPG?s`|ZylBG46w8xD)
z-Icg{`v@)nB%hi?U^k+0qTgc5d>-0!8(|OU2Cdg1AOT8(bdI->^s{W^#k9_A&Ght8
zsR#|P1Rj@I^h=^FV?($k@3~*X@SB56sa`v6HjFAcs*g1h>FU5c`<G;zQ|5Odlo$-A
z$9;VK37V4sY#DDHM%Rfob0+20^1c^qb=>YQpod|#Rxw4N>aws?1)ti-nKe**iwD*o
zOV+7_SsVKkJM;pJOR`QY>;;MGXREU#i7(_trxY!<FdkZL0;W6uXJJKR#7BB&RZ;vo
zlTHI|z+-Mu9^5=0V7O_j3MGuyo|bmZ-H=7YHo`FQWLq1O_WY$f7w|%OKCoE5Wgt@a
zswIA+?y0nw$UMCE?UsBky^;B9LcZDbrLPS+3{NPH&r*ao>Y*KFOS~96Ksx<QkzN@6
z51`;}QIX_w@R`(a>>)$7PumgaV(7{6_Df)G$kVo`G^nL{|5ePZdJ|kc_oI7P2z6OX
zo8d|X+bV^L2w7_$i~Y4f|2x*j1z+7}FsjZ#md;4BNmb`#$ZQ&w$b@nW=qGx1XZ>R0
zIkuWFB}41u$4n-uRUicnx0@lUc;uoZPx)f%V%_dr{F!GzREDdx!5Wg-CAu5*r4bel
zcyoHrOn!_6u@se#2YkGI&Dx5H<#7|i#@Nq858X)Pg)lskscfZW&m^ruYbd1vvtiMc
zHbR)Pb>Dhfx<a-Nv*2<fw#ae|RV%1(CvCh7b>B~=u_d%5Z4og{%I_f2H~~{BMt|mH
za;>I%n^tit_f^%B^z<sJ+`5AiawqRRU@_gL0o9Si>n|)VKVH!1wd<jVKd;+8$+e;^
zZ*7XD4CpVW8ee{Bb#a3q-i0ultsFlBhb0Z;b^&88c!_HwFh>t6HB)X=$A)Q7UoLSn
z7f~XECA|avO;gOb>U56!q-nA*<y-GWXx0qSJgCfCVD@r%>*q|4h`zp<D|qG1BC{Yf
zHFhn#@MJctr^l&$DqRwLH?5#HMRJ16x<4$j6`A%lbzM8uWOy<SO6iD4ySat2EUcV)
z>T~MoJ*x!tuv3M5OEr)YLpP!+5$HbUB(z1keRT7(dFN_Lec%^2Wd{vV;VetoM=AA8
z@(=FSID+I8PCKA?{S>svhgR?Y_rQa0DD9SCUbnV+5p#6Vf`-6|dy7>G*XyBmh{3IX
zV`wC<@J=|`Pt1`qL*Sy8l#UA@w^gT#D_(z{-EEwh#tJf!A4(O^0(Oq`ITgv<r@v5k
zm(RKx5|;BpGxr4?40xE%w;`lit;nQB8QsoquCkOnV{!tNn&u2(f8eLAWVhj9KOID^
zoq^$2fSUE(?Yt%&HTK&bq&oVi$Z=|IDpASsXkF`{35H8GTF<v-Cber9R@<QfR~@*b
zIc(kF2edLfk!#i7iut%b#NU~r=&qEJA1BXAmp%;J*N0-`k7^eC*KTz1Ftl!#*iUZc
z5Jl(Bc*HN3*@5DsO45_eY{<&dHr6sEttQ~zDTRQ%8htU8Dh|EDQIqCd^BV0(l|iW;
zEHF4gSk^aab-O%6#fwV;#ZDsCh5d1Yv+Q!#;0_p2S20v=OcidIvJ;W9C`Nn&)<?^A
zaMC%z+u^%6f5N8>^|3<9!5B4S-dP2%A3s_TFp`g7ae;P~D>>~U-&wCLIgTh9<hGDW
zm(FGu5E9cq=?~+pWxUqxgshmQK1@rs?<DFLA114uc)akJ6XyG($O1e3iAcEs_d5_@
zuZA_FI^H^9YxV)Ng-0W5G1k)It^K5g_Z^8Ukt*@=i}71IJLr<O9L#Co-T0!eZ#>Mb
zB-MGGCB}ZuE63*PKl~Hvi^{GePX;HxJNP$YvR(ogw`z_W<I(u?=yc3!qiYO@!Nz73
zRvAhHt38+Uhx?HefvBbHp3UE>aBbDEc;=4%NW(A&{FP>VX`+)H{~rJ;K-RyOwbF$Y
zn!B#|y{!tMPIsfGFs4c0koC_TLjU^ajmD-PpdV@*&SFdRY_b0NgFRJ_3HY*eSXQo3
z4CCml^8TG+qKf76y7pNLc56sZ|5qw<&6IX}6nHbSKvrcsX{a$>Lc8-NBr?xYZ*tXP
z5GQK#cmX!z7qABULsi>s-;Fd0^^;IP3H8lu66$-eNvJ22P(OBjlTbei^$#i3UxM5n
z<%mCT-wjisX<GHXvo{=HwB+(mJMYe0_wMLD>JjGQu47Y3Wx9LkbX3QtxpUA|g~A}@
zL8N4DwGgQOQq{}uY248)!F$7&JwxrBN1?ccrZE}SI%d%Bev;S+2-TXeMeR>LmmN_m
zgRhrMHr9rIu%qc!&vz<%*!tvt#`Jxxngs7j@SX(k<~0f4z1JjolS%L%JHAQqo&@iQ
z6TF+|=COu!ERo!6Lm!r{?q@^q2{5~d4ZUqK?|^+r8~U!ryaV!h8~U!ryh}$JZA0(0
zn0G)PV?*z<n0L~&aW?dQi+R@yOg8kLYZB!f*CfhMqWmPvPon%J%1@&Fe~2jWgtt?d
zlmR;sVY~H3HyR>hmDhpn&NqEdnUE$BAz}q8DiRDJ-|xxpDq^pi(&mQ+Ic>eL11t!X
zKM84mf-3l6?uS76s_d|<Wr}4;9R)x9@Z`ydj<OQNre`;-_hrWP>1~pgDNA1|nV*W4
zR9zKk+h*wVAOte6#J*x^EtP%VX;{pG!2~r1fP9sqG_{{9yR?fS@509Kq`Gog&Q}f!
zODjwHYbW(pRbdz84ZUInw40^uEP!AKSpmROsqPzBlOA)z8BI1oQY=n*UE#S!tqz!M
zf6Y+zbkh31;k}oq?6@hKTjO>HbpcGaWl%{6L&K`1vd&Xo?ME9X?t-T>T-CecHxjcH
zyOTd|HaugE&E45jm&(YL!8hd0D4uj~bVvmDdlaP(yl-vsysCg!t$~GhSH9H3pF0l+
zKR?WvhD%2H@eck7!|75=?^aj>a^V7W=YQ-y7X?dPn^e?S;K_E=^i@XJ8i^+qEAC!|
z8m-6XjAT+?EopM~l4V^<oO=VmgqnYup(N!iSH1@GnVdbz<qX;b;V`}rOHf>8mDE6(
zWe=#}3^C_kRLJS=3n`LP*-`Z<jGet?R+fC=bC}A=ce3wPDF`)0ims#_5>>B0$0`iZ
z$+Ll}^%t_w>Fov0i>!}Cv@1T)+ue!}_-tM3+@Ts3B$Ko+xeaRg<t&FPG;gJGMl-)c
zz~)z!XRcW6mfS#nhyjSXv|Ppw#&s0I;>`X<*!CVYoJ>os`Kkw0x~@6alT*x;sxyu=
zX3s*K;#xh7*b%5??gyCDEism3yM}g42Kw6)DhYItxuC|%UeC!t51)QKJpBIY{J(zu
z{AhdhW%c={@i}dL-ZVbvjnBIIy*~Q#=(F)hZ-7w3Okd0OE1rd9vHxk@y3<6tU2oh{
zyZ?FZ(XeB<R+P!)dR<j^M+m?PH(1CUCC`GI&5W?cdO;3gq>D_h54x)M)S}<KZB52%
zm(?HvlRf;GT=iFBq=tMrzNYFplk4M_e0{bel&s1ua}`>3)quv0wd1klYWQ8F-^%}=
zy}$o%+s5{V@qY!&=dNYDM^c(}&Rg%CndK&F$KS@OzqZpp_fF?&AQF-=CIJlr+EH)r
z|NboO4S=9Tf}m`-=~U<sjcpRd>we##U0d`%7%g=`XAaK7Axkx=Qy{W%?Mx3{LVm?H
zVzoF#l{w3(L!Mr@OxO(|m1;88Em~g}PnS{$SfN-hgJm@YtyGLEsE=?~fEuFt9V<4d
zR{~gacaXiM<W^j!MCn}C+P~pJ-rob_IsWy%d9;vAJjI>*6A}^Afz_ED)K;LNnI5n@
zM6*^P)yLp#xNtUhwWaU<>A%T~+4Fy&eLf>!%L++q&NStPnh?d<aAH6%Geu5ZL6^Xj
z;IeQb0oR_XsX1u7sB{s6P_a^KcE#ur;zje|HWD=c1rABu1=1lIq-hgZ{#!d@SKG(Z
zhK=ebh7w0+1SijSK-Hse<V@si$wjA)bV%H%wO+}J{~X0gZMy)%H_TP>GYJ;*0rvN-
zVvvkY`;1>5W4ZxrdsZ=htQs4<H{QU)H{He!whQZCgLL@Fqp77F2mA@0b1_r!&@kWx
zgu3tr%QWo01<oDl7Vs}9xdUUo?dO&a*p)}rb4;nK-hqYSR~STky_2jzRQO5WvFeVq
z`)3xuaB8Uh)M8CM1D)>~Ch-rh&&_wQzWb7#<vBvO8Wn$07idOQGeXz=d!&mKa?3?N
zAvMqc{Al$srK@@}W(}`_e{PJL<|`LjM=@ZZ;rTBUPY05wIO2FZz-(G!$e0T+x#Ig6
z3uw~<BG4@)Hm$YjUt5_FC^2<+$=t+=hbC>nN299=BFW2U9OMLu`88dz7G;fLvnHJ|
zcqny(ScVaBJyvF5R!}j0v`w{NF<P-IUg7X7s(6MHD++0@0LR0oG<Y)R=DTJQlla(I
z?r9%M{qE|`LmbCzs?@!#(hEU1T+0i`76;4$fQg93C|H;sX6J^2cEQ%3K1Oxo14}!w
zwC;9bX}#ZiB9>MwqnO4|?Jq=i+)xfw2it+_9H>s$jDGV}XIK&gDe*?$vNW3lN|i*L
z7q(3adsjsZ1`!kX`vv{^Q;cfC3(cxlC`MZ7r7zwleaXFcG=>5gYKNrQyX8*W4b5KO
zf<&$y#B^W;yn8YG;t#XWdwYbS&AIHax-fj~SB&PY>RpI2@lHu}qg@gK1B(B0b93ni
z;-lAvCbW=ZiFzBOkuo3Qf?D&@jC{oiy{9e&-1lyNa6u6B{#zVk7(>ZDl2LIC@p*=L
z+mfR*@|`F)mOXJXWKlHDn|oi(Ui|y)bJ#+`?)z&@4PN;e58GkOqQ$<NW&20XYBmXc
z0TwW`cOHDvI22}0*S;dVaE@V^VIh}GE|%ukvdUw1)uneiYXH6MG7ggmE&KC-OJDZL
zQI<x|dXcp7-x+21MN8Z5oq-=|?^IsQUi?SO43bQ~fI@n{m*y-hyDueOJ8{$@<Kv8@
zJlO)E@)+k%6;N>;7j!*J4teR`3P<n2-VLR<8#X9~SitfjsWf#qBu(VrnU52@y`Vib
zATmbOBZ=bj&agf?k(ulvHYatOB3hHNYo01%lN2$#Ir1oJCr!&q<LS~i86k0#M5&u3
zNZuq}`X+np{RCjM4GA2l^&r)ZlbTPBlstw8PxjT~$$>om&dAe_6(DI|2ii3D6DWIK
z4-&CH(XUh5a}pgsb1*wb+QIDju=P8b9ecm^M9vOpr@EvSjb{puvlx-|ZQrVoThWqf
zYcQhgH4`4%3eAS^uHHO!v7oL>dMuPBgZNe(Dh!7-9NP3t=3x>X)w?Qsjdm#PyQ?=)
z9htcb(bh^^$ylBJl8ZM?EcL1{G(LH9!|9{Ws4?)sb&O9<{o?FvmRncy!zQx0?W1D}
z8o7kG`okfHb9WfcuUN)JFJtetZJXCrSQ44$sFb)g0657!Qc$;|V(AhpT$FAB#i!`f
z7h7J@J4P~Dt_!9aDnJW4V1tWMPc&iP#3J;!k1#%Ky$Wz2eI{h5VZP70_G`uHC!GPj
zA{SI=t6$Bye<nPi_7T7AA2kKkl+q5(2K$?H5wi)qa$=Bh*uuJyHqBz}{tYLJ7YeN<
zX~*i#wKcAU8hwJ>D#=RQle5(^j+dsd1<$BvF2Y!EkQZTYE~{)6HY{fxH>)<CMJ*Bs
zGwnb-m}w7okf0sRv<EZoPCJ-sqf<SQr|oty(}wLgMw`;iv~*Oi#3j`$r^>uM1L@5L
znqGD!YR0V$qv>7JaWrE}mu1nO97v%Eu!wp9h_ksg6dLvU>Ej2!9t75dz<S^a2Z5Cw
z1lHYl5LlyAJ&>pEb`V&@_8X&3X#y*&^xh(C)`)u!Wn~!TBKWokAbD(|l?#9+Vb`~O
z{XN)Eljrw}D>^USP+FoaP_02pHSI**vdu%69YH)lp;f<Sn~?!3yPU9VeksCt!W<4k
zEQcVLhppcsh^6;iPZY$0F0UBICfQ!^cNS+C{bsP-E2*?kwtYN`H#qY;F_ypuY1oVA
z9HEV?6i7&P6no-u)}7H3djf2t@AQX?>mf+F;K?3@seAa_V?s>9*9I`Aw8Rg0E_Dk~
zDlpFhY}uy?FV#Pp1HM%1Tn?=Lz}kD(@W9%k9q^?N_)^>LfG>5xm+Ec@mUduiT{HS8
zU}*<@sn|phROdi-de-njb)bFH_)=g?`1Am#9yY9hA}l4enEjT(lt!TXM9z1~G|j1|
zBT_#uTCX%Us+46;BDY1sR9_{F_NTY9k!%LlL-ZFjhGZ$iWrQJoQ!^^4=Z0qFW^_@i
z=yJb|;2{(0hz?OtGmUehS#=j@2(9V-Mc$JIoMWMj&A_ap(@EP8^6Tb?kw?<F9||gl
z^kWBAtY6p#w6XnA#d<q+Xk)vmVlXiEFp6`)5o_83N9+*qdkCoe{RGq<;(fz*i1+Oq
z>>=LwK%NfqzR-SSwCR8&b}%m=%*$PCcrY(RJK%_s1CE$|=71yiPlqE07P1jm@c)1F
zJXVTVMAyPvzPk;Bz5BQJm+~PtsX5iz>Y9oC6{C5<MY<#XtL-;kSaI1d@QpFN(OU+w
zQumaDOMYH27X5ZMlAJ_O*EHigJqzijeZfs*x0<?^c5u<jtXW0WidMO+Wq!|y(zMbf
zujG1d#kk(s@@9hl#n!Qv^ut#)yOoPY@*FSxE8Ck@F<os)&I%e8ypoo_q#v%Bt_E1q
z_Q32b+XHL1!JH?v2?PEIGY^XAnn=S2G9!sWf*C~NC8QuEto${eiAz>pkMSE_Y`@t%
z-MB@>o=7-rO!VTWjhm7=w4=5R-{{{lxCSb&FY_6j5sJmw<-#aCSzT33WC`bRa8g{1
zz9Ie<H!Uu>=Co+t5b_NhFz4m6o)=aoVRx+B;QJ51TU?CYC-;WmCoVp*eS)R=PFzvV
z-tdyAYspuzC-oZdIpcSRx>E9o7yo5Qt_C2NoDGRfBw)Q$WWCOR>5J5}4{KKOk_k-<
zvS3u#Rh*|$k&}`ySDIuiDwaNFbWxjEAL{2F6o{S#^Ap$Rw+#Aeh~?`KtXvngKLn+<
zEU$%O9V!e_V6FoQ%t(rgA>^%j24X?n>r?0Yx8WYnvc}+xIjNPE6(V|~dGc#KjaE-b
zisMIUgIltSuF*9NXOLGB#b{m7j77>vwE{|#oTI}hTJh!GACmUt+C1rnXBkG4oc(Zp
ztjq%f7X;GKZ3JfTZ2#~8;hAO`Q|jBe<*c1P=H76``0R&ka&~zR1}}2HAoGHX+sU9K
zl!-fDNnz*_xuX>a@#g*657$4Py?pul`ueADU;nS4&R@NEK>>#V)YyXu3*p1o?_eS9
z{nis%2-lTdjKZ?O=e=%AOO^xeu^piSP0KKDJwZqrI2#pPM)GQR26+XKhm;XJ*dmPf
zx6!SJq%!ktj>%hL>YEYBxELghX)}}sJF7-a5ug8s_W?=f7(R9F-q_|-*j2D2gK~90
ztGa&u^6K?Xz_AYO>cFlJ>}q>Pzj=1`OI8txYGH>m0)taJL}?zvpnhLrP=_eZupOc_
z`v!Z6(mar-LzE`8-xzH=lo1%7&!LRKr^RIs0_$-5opOYOz#6uLz}h$1gTQ(qPX~b&
z+HZ_D9m)tC$_R9{Lm7dC%P)0mpBzU#xcq)kF26$=0SFikQb+dAF#?a~6)WhR6{z~9
z1+L!oA^ca^*C5hAwt*zMHqmJf(*<ef8$nB+k&2n`H_1+sEyMvTrYB_1Af|i0E;ybJ
zx1=_^hKnUr8l!|_r`S~>c>hNPNBYSw!%w&j>QC>d4$WUK(l~N!0Xu2y+IQn=YxApT
z1=URHXRU6we)^a0!S>U|G*(GrqH$tqBd5M36@!T2frnc`uG&_1ShH#&tCGyAx!Mq=
zzhoasNp-g3VmZVfE%G+uiX7Wf9M4F-Ub8Br0IZ#pLf*Td;Il)V$P&)bO8ck(CNE}R
z{Cj*fOw?t3!KO(oH6>R`Pu()M9(d&2;YadH4n6W}_>mP=t5U{U*OdH)s@28dQ*e$;
zI`qjm=CO;x$Dp@_NkVrCGll*VmLB>`Sbu*yhx$u=&Y%5(=iVhfmnc4!GOvqzK=y9u
z9N`<F_Rw1|hnjQbg>6|^1DC+@fje5%@t_!D<b#rGNHzNRzL5TK(nBdp1WDD1IbX45
zUC@fK59^94BgqoFq+BRX?pNHVZ?g}&qM05P17XUB?g6P}`K(0?PiCK;#zo`AowWq3
zWMaS$x;0b(mK|t&qSTW46mm$+ge;q2IpI!W*;z|m2sJb7%sveCnb9?5fGjInuN9!L
z(mTovIxkpzDgVdwM_EY4*0iEpRwI`2+P#ArH#wOzeb1PH+&Ze6pqk}-+!G)3Z07er
zkK^|yb$&1kpn7BIz>UA?I7H<%YaA+uX|oSp>0vV^b^v&n9KaAYAR4Ona`~jGCNXH}
zuKB&goISj7{z$jGawl`3%i!EP#l>ER2{85ve9G`GC$+?PDFLZsYvp09-db2tXP5|N
z9y~EdwHnl2@luy`L!>A+&g4VRu3w&?lY(i@DmAg$q-sLwur1)86$PP+)FNk<%49V}
z-NU59ztZW?XVd@v)8FhrKA-;APk;L?2K7qDSPD|0Je<)A7J0;Vfajs&nP&(UQ*{AK
zktg{U>3N833ZS!asO%v!8W8dfk(=|pv4OGSGlL5a<TXw}A5KsbED!O0_(e<XtqY#f
z*B{LJqlLd%yPt0DwX?qkcaGUE?B#Q*9yt?IGxwd2fty>}E<<Ea4xSgeAnzNM@+aHL
z`x$xN`dCM=0J`y$koqUEUFNwDTXqLgp)r(|YrU~MN>1J%9lbx@Jpz$!w`1y{U+o3+
z>FDkS$hD=}%ED>DQmqS#$C}1<bbPV|qi09YrMYxyQkZXS{<}+c(Nfc{1#9x<FJ-Ps
zRx!hIc9$X$MZefZ<&BA-6+>n@v{bLameD-k<ZFXQ%uB8nERtb{1%vVKjx%m5$O_8)
zcus3DM=#+?ur)PVO$wLW4shbEpM>|(HMM5h%)NkJP8#fdxGVDw(JLNARn5qc0y6ab
zY*%JM2rbqtiiT!bA4@wFrcXO@;T2k`uIvcTib6&+hb;yGSyIjXIP6!rBD^eX4b<|e
zvx6u{-;%b2HF2hVv*}VW!i26ike)5`YqNr_ryqn2G^(l&P&@G9g8bx<fjI@Oajs=P
z>)7hJ@g9|eO9=!D>MMjx4GCk0^_BFN*?J4E_h`SKqY*9?&l#b?(R!GHc^Ee<B6<zy
z%M8dUEsMRmmteNPWt*Puj*MovEBtu31qVq__eaJ+)lsqet{1aqnxw){Q?@C909Qb$
zzpD80Uq4P8n2D1gXYh~DPXB!R(f#nRr>7?;fBp92o14qmf8(bg|0?S87JvG9@>lly
zZ;73pp8mN{Tx~5k7kVnIDbC<aqN^S>u(l2U4U&KS<(###c|rh}a$W0yiS%tnQOJ99
z!A80c+ji`d3c6%d|FNmRXzE$F0zPmF9LGDHwO{kBT{*d9>$F*fp`Fv#OD#h|#?Vbj
zF!sH3MPzA|B3se1A=7<9Q(QYM2*}I!PJnfZYK!Mn@QmwX)6~+KplkY`_nJ+$Gy(-L
z*9BO=;A~HwXajQdr*%&vf2^2hqT36!0}DiQSFJnHX4HxnfQm)Az%a;#th}1iF;=d~
z@rysKj?FgsuV3?@LDvvcqrVSqFl|Ai-{un7S>D@wP^ypWWBGCQG5>h~adY~foRqvM
zxMG<UxzTCx|0Nf-?j(9ESyzhWbfd^UW4DTI7_C%?%JZw>97Xl4U`+>h^<sw~<Xqhn
zD0}FI?Rg=y+b+eyP5k8l{rn@2_p`sw{&xCjy9FoTe!Tej&BvRMuRmU%@;{&c`Kyr=
zk+o)*6<hEQ`}>Z45uPS%csx9x6<cxzn6+5#i;BE3Kbce7vF#4%3*%BI=8&Q-(J9jJ
zuHL}mqzE=@o^3qZ<`Z39%8U(EA?i35o^U8Ooavett^SSDt&Lu8=<kHg>#lp`YE}aF
zUv(F%e_&7}w5j9MTAdmB8nB`I067h9trf%iXYUQs%5;IVeLqg)uM76pRnfc#i*J`@
zd`E+T=bM6T<~>XDn|-~i3#QCz1z5+<2&?l2sYOWDMS;;I%4j6MyeFY*J71?)+%RWD
z^rKV6^(mlauRW<sQL49JK`X8c=WyW>xUi0C8jjSf@!i;>{_Z)@s?XlO>ciSd*H6zP
z!@*(uzZmA*t5^A2s^}Y-5K3;@2CoYh#4Ip%oj?qWw$er{$jQ7McORyx!UJ)It>w6F
zFjH_{Ae+aG8SkxK3Jhq8>%IL!LnPJE>Q*gz_<oryW|O}ZZp5*|MK`B$#n(ePtQ4$=
za^am)--8Fjb&u!oTujJYsm=dhf8c5$mBsAkE6LPbsp07dFAfeZd1<WA${Ll7@(tLT
zXcu+UJRb^eYWBqRbS{Xj+!}bRuCm>`pm-t06s)ju(>s2<)juw)`9`>M;iuwD-WmoD
z0XZf91$dzKUgmX$=$lGcRI}wk_D#vEB{QN#wu;T_m&9lvHrn))nyFv*r!ndPLx}lb
z$Edu6E4Isv@Y6`oOS(2E|Nj{B42S6dk~QU(nvpYWaqjtU_=XLA4?8#g8rAF{HNT^U
zEjUR9VW@5ObSf7++;T$hS5h$>hi=V;N4IQqG-=(CezWn>xj1ShwbrHdd<w*hBlz3V
zY=^=2SsUVPcVBI8T$HYn&l1J5vw(a1xOjA5Zp&m^64WLZohw^N3IM9KFo#ntpH(cA
z75u7#_c7Z3ozT1>C+tI3)aH+;aX-&@j@aFOK6~+p+2^4&=l=$-u97b+K<W`2Qm`e>
zHt^k!K7E2E%&9$1l3@km#$@5;)cJ;71q<7?!58$F5mi?V3>1=~-iw;985bG@%tf$v
z?2W8RF5#(r+Ia;~ShkZph^7b8w0}7cqA9e4XxiHjqA59urenu<5KRxF>7$CKL*Xya
zrc-!q_SrL%$+Dy(pF#m5S}p4yQ6tVvK_*R*ef*c<h5qk%_B71S7qa@Mq8Ynn6_=6J
zzU}%RV9NJC8W%<kW3&-3O3RAn<ai;gSiG~+5Y6Ij;U(qheai7ff%DDus?bK96k-eC
z#9~lO2$=#oNsy(PDOtl*`^jtq1zpJMyIRvFyO9N}sK_E=E89*G9G8|v!@FQAZ>+)4
zs|}(wD;THZI8j(au=v9fdC0^-$jM)^f<|P#&a=?Cb=>@*x|U6u!+ztFq3-->NzTka
z&@&l{iy55Iz61n|SDXvYs=KZXUZ1G;#pk;hukEjPorIzGie<Itcdkf=@-ECT$@?!p
zSMPW4%cth}!-4nKdg+O>be>RmI3Q3Rp%b(;XJjpft6|o$pHNGyGl%b!TOLT+9%3q(
z*uACA`d^A}|52Ad-sMr6Sd$6*%#FTo?k9vp+GyUWkptp4$!nUeT>iNkB}DAn*RKuL
zS=7Zf(->+A0vDkW`!9>SGr9}W=ilS{O#f*AZ+`oy_b4^E`5V!oHRNYZXJIO<UE^o1
zPC7nm7xK7y^*9!D*DGR2iA}$_3fLlCZ(d5F*@vOKa@~HKtYncZvX=R@V0U0vz`ql!
zb;al4>ZPKK7aA!+iU7bvF|D~+D$8s0t=Mjt!E-6|twD^HY!>R9O4dD?dhIygGmM0x
z1yS|dMYt500$?L?(J}zCZ_!t)vx!*29EG*aXXILz%pOG89))pbFxhYGIV*tb^!11Z
zv_L$*Hys-#U)oq6*D096%%5$XFf$+SW1Bw;@*GdNya(`-Z_Zz#m2i&V`T81`jl7uI
zO5A$Mb28`V=JoWcm?kHJ-2?K84-a=I-VW1!!w=Mc=(MNPFYx<oR+Sv%T;|-~$M3F=
za}>j>`)PGQold7_Ug-R0x-T*+TyYo;SRiHY5Eq&iHj-oWVbx!gkcy3+-z+F|6$I&K
zRG6=TQ{RF~LJY7}vq%^$H&Uj^<-O{Op&rip917mEx8o%ouuEC+tVhynixC~Kd3=F6
zThTi%fyKhX?U%Fqmf8h8+cRUOHUvUoAJ$U!%G)-M`O;juARZm|86<dfg8^K!br*p-
z^&RVay_S`BOXX7e-Ox|APRS`mV#5bl^saAfg(PgTV3{UT5Vl^il2x>54@%Y9ics~X
z<=+#lZIpD~tH6pJ4M91toK?^3$BZ0(C$6N_7hHi-egw}SofY?VqmKII+Vcg5rZv$d
z?u{n&JaXoHdhNRj;hB$x`}IoMRV~hvDZZgBhVU72uND@-L{}SxFtLZQ;aTfSW=!>3
ztKTW6Oh2G;_!Lx2jb`M6ZU`-ubaUroo4?M?YDb7G7i2E=YKJYGZQNy)fg!Q4Pq(KX
zV}Z1FMb;I|Sk6S|0BEQlP7&CL1cn>`M6?c$##;$@AmMPFiyVtlG#-NHD1h13oEZ=>
zg%s0D_8#_Hu?nrv5Y)EAfGjv0GG1O9m78jJlKQxqBus!K4Fh@uZ<-y}yYpA%b8=$F
zbqYshK{@1JLM`S9b8KeG7p~)(XRAb3WI+qXCWeRsjcUN<dU|zC->11J-v;xyUQ)m3
zZD`JYf6qg=A!Z@$$F71C_)f7Nm(MP+(xcI)Fn7`%$M)UFGgmTAA&i-~!Uy}h9I=Ca
zdlg}0i96Ww)xMLRK+m3tkv$PTQ|t{F^#?5GpW?U%h4wYPgzy0$v{f4dbSa~sHyTVt
zDriNRwhyCYf^hFCCK572Nkv88TZnjjWKhP{X#Bzc9GK|CnCP$t9u)gTW9u6*0&wNG
z4y^*{THn%_W6r<u>^#g~EMu^wJ9P-r)a3?mUj7xw4v(ab{bsY?8oPP<R~&oY%hGnn
zZn$52?7)tGt+5Yyeih3yS*|Z*#YT7WUhpLgx#?K0Gs?8BL%KhA8_Y&~Qh{DM>|wM)
zX0%vIrK9VyvnJcG5$+{x>dSr(gM)%C4W5-K4hfkvqE@mla<dkwih{Ao_Gx1yB7GXl
z+(6re{c1_>Wpz6P>|4aPHIo{28?C8cO>8vI9dqW)TNL+?RfweH&WRmvq*IrPZ$|@$
z495T$c=@>^M{nFh_bT&`O^J^1+kQXM$bZX4ZXGO%6LboKl|!0{B)mbiVqcOU1@RLk
z)8^<zx@|BQQjX3QN-h2Qd#+7;#2u&eyYsj8fk=<<1e^;q)~Qjec6)Fu(`^VODLWev
zp}`d1y@+IBEC<U=iY$8OT}%#Prx8JYg?^{im=*5V)!IVh1a{j7+<4e=_t#@1jq#FJ
z8}iNhtC)${nfp%oqLJ}VG42FC0wn{$rxjnTVRVlz#kzEUb@Th0=lu#@zckwtz=aH=
zj9REg&P!&)Yg47p*c|(26PbH#jxbJ4`$MBBzhe`^?wBCFZ}NJ@Ht?R|gj{4rox7oN
zgkt$cwYg|0TnaSfaF%^M22E{Lru*X0+D<)u5}bK~r`LORbJrK9!N#{0gcLvn0!K_O
zthGGo<z!p%arCm!<x}$IN_%TnL2Hq%k|m*tmi9QC*|C=1^+Cxks{|{^npU)A5b5Jo
z)jlcjNq}e|-_~|*OKHUzT6#oo@-V)4;9QS9jtAk&Orx6o1EWCgks4=?`2k;Y947OA
z@y9XAI04FBP7s1ZMwn(dbE26A8H(ET`iv+M0y1pR+qJy{E$HoYw8f+_YUsW?(Xv$Z
zWn~7YIW4Z&EK3xfzqz<RYrhC|$-+A^_&cGwbt}eXXEt9+c}q?l*v69URXv|&vJ7xH
zriw4sGkZp-X4HM;mw;4N06}wf8&VA{`-XvKe&n#6Hj-u@MU1rXwkHkb3byJ&I?L`h
z#0xJBY=y%O4N<(@_#;!?UKP~*A2czmHybf2aW;Qx-XOW*K_zS@Uxe4+Y8H{X%vs~#
zIyQY0+i4iDw1xQwKyw%y6zSOziN+y6XJjP>1n15-0FxsH95=YhfKZ1Q!jj5hdM`aq
zjC{?()GZ3SoRMoJuOWpnv{BaR;0qrfQdbeU6cmuEl9lq<k>Crnpn4F9aAxMZAYI6o
zu3gIfScSGBuwAU^9c$w5ylfn9aimWqttSw&17fm8vNFdKdZwi0AI!+YBa@{ps@Xyz
z#kBjy(-|S>jS>b>B56Z5SFWmI&H`R}%k;ghZgDw6!@p7Ns(SEl#p}p;f7}RS0e(6A
zirIX}!8`qQk*W48eA_suZGT<dLKgSrb-7PcBJ7&BAO9anyV^$vcp{T;EDD=dcRXWf
zSte_t6990pcV6gXDeb2^Mr_T;!TAcJYrBC>qp`s7xeF<{met-EHOI=~nQLj&cNem9
zld-)Ig476JSa6zb#j;x>??t1B9x{0knY_KrameI_cF5%IZHG)=a>(QzJHA6E?;(@-
z(K314qE@1Wb<`H2I<Ww4l3G-{!bFJoVC(80$oq-?^IGQHf9lENvCmg>&VolPMnqi{
zlWp0w1?&pJ;sSFhJ9p(~D{ZU=T@!}7#=dggbs%iU7*yF&fGJ5(C${BB)>0@w=LOfk
z5H6@(8vL+#Jny<_@GiY4%b)pr&GP<vBO;}FJSbB!+t9L@Eq{LB(eo{H)Zb@PK!TJ}
zejuU7+fU{U>RR44J~`2C$1UmKWkv3=ysXze+c-W!)|@M&Qn5^yB@=n4)@k(;JQEFF
zyoOv%Tc`6q;X-LfyZqJ%Y5pM1AEf!P9i;i*c97=DL7E>szJoM>kmesxnqScY(f#=P
zFK1f?&$eTvP?*QkTtQ9KP8fylB4<{7dp{%ByyOK10hJO>mnhSMG5IfNL1BlEUh&fk
zi#XT<P1~cKk?*afX!i1kE@1=s5}b4$eewl-7we^&IXOx7OAru`kD=G&V=oJ$WQ8k|
z^CeSV$26k?6d&&upo*+%<x`*V^><fqI`Twg_HU?kHnfwk|DVg(SLYY6-`<?PX+efy
zoir_t@?{|pTt)tlIY^=9e%04(t+lQ`x2mrNfl(@>P|Yis_ri7RGu$f%zv(&?R8ttL
z(IzMdH~_O%R6yY}u01m=si<jDYzQbFGjcA>C{#B^>=^)lj&Z$WmD9!G8FLD`sNE&;
zwW&I~hN`LFFY3oSBR7)#qh{5HEDJe@k(v{Dv!X&OqIk|STJ`9*_962+H@j7VZlxJi
zqhvU0xNsR0x}rr8lznaH)x8KtbCbfy9lN5f_6)!O=_i`!h64Ze(|f1ZmrT<sh`}8v
zd;ijUO3R8a2Ypufln-CP>$f2*dGC5?FkJR21(0)PHuXZ*LSNVOOR85XfCC{>QTQ6E
zl^KoGgl)%gq4H=5H%5ck;OMVd!Ki|yT&`@ml<P8+B_p*EEMrR1YBM9Rb_d_bvWmhv
zg+W7y=-c+dxp3+J04x*FcklOOgMj&pr=*k~zqZeQ58u5;y&tbzQ(v%!r4tD@3qsA{
zWiGIcGlV*LKn$pEcf-nc0l;b(-B?PvEvXfQ>_L2nUr^8f#bF+Fui&t@TC$wiWnuup
zF+LqCd-tHKZq^Ky8@wj?SVXvX!TmJ5#p9Rr3KZQ9N=88y>!TxAgqTqgQ$L)u*ycDK
zAA4vWJDwn+MYIZ=MmjyQU7Q-Kc)>~-;m9gaTYEOJWh6~SQT%5Hm96@>E?V3ywY*tk
zfwS#{;)mB}?F}{^WJb9I6WIW#WZ8@XqodlJ>|tjh@r?h>umT|lW2u<A0gNdb$bY8S
z61LSJlAEAp9+E35>@$%*?alCmyLZ_uVNEoYXdV6>&>Oc-vCHD+K!}iZT864iP-bxS
zw(u)p4;E>WObtTQ)|C^y2=82Djw%L5%CQO&<Vx&ZlkQtmD^^XHHP6S~k58_g-kt^Z
z29$gcj+4aT+`|v&a1H{LnxpEf=W;=A|5K6Yvlq`NaBT{C&%9+_O%Pk7pF%*A1orU!
zzd*F^uEqNe6RhId)^vJ0Z5QI*lP>#Zo_emj#6e7V{<JTf?T`pk^9+9oqR`ELqV@xZ
zGb-{aEsT(T`Tfhdi51*ApxHL)QZ{8&!sfcN^oGKA9i{lSXXTt>74ZN_4S=G21>f&q
zP6(f|nfnPIjr0oEf`Vz7^^$?o1c%5c-@x$0fU>k+-~Z7}8BhwRf3$Ka0w3BK^!Ho8
zMHUw66vp5+v-hqZGcKQcZ!JL(8wn{x!>}==3AHuE!Oa<~Sb{QTGy(xmF&E5lG)?F@
z(x<JS{{2gGvS{kTO^B9~6jCftp`7)ZK$oGplenh6(mrvC2QUg(Vbcs{8;=j?^O=zP
zGk2T^2I^iky62tbxh={^1*rvkbaIcAwjm`~n%+jjBZ;AXm5)z`<y07N3)K!;PHHGX
z0&Y<Mh0E_>#?QWWL}G>r0GE+<#ikAf&@3QVz)E#Mk7H-lui3;O>lMXp`gIPS!bPCM
zUNK)7JT4x)SsMcAe?Z^xjJ!4Kby3(d>sCPTPZuP3m%N7Poy#TN*eNdR0t3Un?F3TJ
zm9FY6!YBy1gXWdIWrAcyt#nZAy|K?$jOJ6swS$Okixe3XcpPmiX$~jmThAQa>X?<L
z3(YDs6SL%V)|*#HFzW#=Q9lZ(SZgHJ3EGTo>W$z<Byl;#n@D_2bKI}71#j&w&n{XO
z9iu{G<ytG%4NyyhyPU~2ZvoaCnqYPo<_|_Q$T`Ity0}MiPZ3(ST~vPCt^aon_plD4
zhE&GAS%VG}Y$}?jw6l(&Ti66O3~F$M>Cy;3N;9FqZ+Lrrh{&**(7bBwVO+W8tpy(8
z_CgQzhzZL~H=v`I4;j+tZ4WojV3@Ww7QMA|igx3a#GL`1BtGr5Lk=I#3^los`S7FL
z;&1S3<8nbbT?P6hJ}}rTAtm$?U~pPmxT1Ia%b07wlunZT7aY(OJ~w?HL*~bp;M&BN
z=-><=j=4EqGZY9#!LfVOyxC+Xh7zr{v?fdqZRcN-&srji6;lOWtCbNvfCi8gWq&cV
zn=rfmPuQXM<FQ;o*FM{kh)z21#%YQ_ADfrQ(cn%^|5ytcj&CK4f>p3kHmy8m<5!{6
z2+Z~v;52DG4NiFw>^`AKCtV@#tLRLMY=1GKQykNb{IIe{kTbEtMSK+;lt8mf=#yJ5
z(y-s)xcRX<?qW&pKr{-rrk^XeK<{qrS3A8Y^y$AJjuKdDtLvFh1xcHG3#QgZl>}(@
zTm?4kw3D<oqQ;pOu43>^j}1R;>5PDYm5xWiY`0rG#_aMO5lpP{5dl3M=XPO#N&OOw
zz3fG7T;A{tZH(Z=UfVb4Tka~~&shU9QZe%#9Q}}F;o8?gOg2^$(<@%((=`PMg3X$#
zNjUPvE}aQBZ3v^d4*|fWJ$4ut%$b(0_rZsA!j2_R&h6_{%x(z2qG`K87F!8(pWN(*
z!k?Npg<Vc~EP`LLJ;*^pAKREPm+jV~fBVZkhIqQ0j$3L46eFl7Y>PF_NwSvfx^P&@
zzNUa)!9XXN<?ciO(wRF%Sc8mgWA&^C4^*TXX*7r1HUIgBaFG)M)h{YHZ*ZmcC>IHz
zz)rmM5Sj!6x2zLf_z-BFUuB<_uj(vg%$wRAb!ijq#N%fJ@t7h?x^Ru6Xv|i2OC`vF
z`9{#;Q%Tyw<1W^}jj+U|{#s-h<;Rnbgq`P(zz((p3(L<Jm;jxmN)oH-`-3q-_^OT^
ze{hb?3<FE(b566{dkC`0WVxo=CNWG<mI?(QaeS<kQpjE7Vq5YHrb|wOwb_vfQ*;R@
ziMmYw*7OOjwJfRT8Q9DCf=H1fr{KPoXo)x1&p8QE3;-d;#RS96N#tF-(qqT+G(RQ@
ztGFTEvk#=8gaBr2H|Q0G9GQwS!b_trQK3oB7nc1g?{pnC*qseFn&%HI0PSp!0U9A8
z>Lo?AzLyQ;5mvj93rkPbWJ~By?$r=$v&8|OotPVY&x*qQ|6$Zt&AR4|VUY^LkE|gt
zAx0eANnXkI+M43a)9rafcu94KrGi|BN8*No?+zhWEj|gd#_eII3BZ9?72kS{Xh>hu
z?yYuz1p}PfQ+Ek_6H;2M`W4gkl)O`0I4|DQ+M{hJbRFvB){9{k?io2bE7q&vyMgAJ
z(lZQEF1FUAHRhL<RLUbTJnrxhdh0=NJ?O3N_Rp-h29nL5Q}j|%+sGD7cF!vs1hj)3
zOGgn>g0{dw3!*^p?&)SG5KM}TrL%%xxvzdx(I{F|*sMMX?pGU^XK%fogdRO&1bKvV
zfHZjfSXtk;`FobJwN5mwlkoV=$TdS1qdi@c%M7YD55-`F&CubTY03-L@VuLDE}Ph8
zoUe^Ff)iZMfVcfFtv>D&j`kt?7sCMOFn-fNkm!u*av+{B$Q1+d0^IJ`AJ$YDUH)sz
zi@G;NJZ$b*G)@o5+E*=~`Y6AeC(^B)Z>&jCF&pX!mAls!yW_I6QtfuL(XO>kqCu4F
zIU_5+T)FNtx~3V|7#dP_XWMT#SCCgzU8_cX1la?e@Q>)E^*jF9QX-5r>B;SQKv3Nf
z=R4p)A@@mAl}Nit06-bI4)7C`<^T)?EQM`uBZvZ|Oc%RjQ=tvv#BEFL63f_k1&h8y
zli8IW_gUdGlTt}~D}Hn*#>nRhMnZVPmh7S@J2iR2m2dc$B2rjT#l&8T12#1K+3Gb(
zgCwI5GPZPq5!<fV2s8rW^aAm5M3<ylD@e$Z`K;qmkL}YUnR;~M@OW5UXfy2FB%Tm<
z3#b&9>iUE~SHzX3RQT!Wb(|bbM)7lOiR?NYPqM9iOf(9%mV3ugMDX$4vQ6UA9Wk5T
zPvKxox=wf>(=*ZrH6}HG=iPYDPrIdN0Cm4L>X?0k85`}kSN_I!Ym1X_FeL|nIk%Q9
zmsy0FP^oIy0^A(6Zj3<633{WYofbyZGlZp@`fjI9>d>=cnTL$O<c8odb+`+^ue)$%
zcYXUdSjFn$x4|3xP{FcaOSTotl52-CM_Uz@w9AZxAaT6Ysm7RvPl#xcDMI@U7(4Gd
zKpZC@YQjrbbIL64)Cuv{f7(!k#2!C+nla*G)r&N^-CD=f!)zgJ8sKmtn1a#Mts0-C
z^h<Mgj0ji3QL^y|!!q1BnL7<3E;{7|#JI%s(~T?Fi6EEQV+8PKyX~)W4dBovOWj*|
zbunDJ^gajh>k@G4w%a~R-2jf=c1y>#8>K33W8e+o+-<i#7<3vA-gZmH#TzyGEeyRL
zoV;;bavW1{6mH&j+iS6harL%aGS1$pg=u5*_2TZ0HXjUN^z~Oc?C&xGv+r?+xr5<1
zs@pi;Un-{GPOoEVzMbDb=W@I`Vjpu#432dB*#RKB?e@gxmqCod?e-95ZuAb0#UxBt
z-df0o0~m#goem%wc48JLcAbW7=rIgOSmYCt4ikGE3pl*po=T&5SO~fGEWIo!x_QTX
zB)8x1sG^gwI@dujjpN?cCVgy|S!O<ylF&HfN@L#_G9SBw&5OQLX$!IHE`}}=Hr~5(
zzTD^6ykKghG{oVibXg({B8Dt))$)bT(JS}(3%SQpY+iI{(CW60vntJq(Um(5;oLrE
zF-ys$9x>~r+dj;=r?4Bne@+DK?R_8_A!bX9z5M>Ahb)Xh{b1@jRlFN=)U<oLaUg2c
zg)X2<>kEmt!_%8Iggy-fKt{}kV|M^kL6sDzaDd!*wv=#MNU;PLm;;UI>Di-eY#pT@
zg?L!~rE6}nUsJ*G&Mwa#TCAfjz!ULzEGH^kv63R4j#31#BqGEBpa}Xzmups;E?pE!
zCdD1AGz3g61^+qfn8y)#cndHhXs~fZrZKQ+%xo>`#$nCWBB^huE_HB@CD$&@ER$tf
z3$8cMAg!6tYomHT%h??(o+-YZ(kfeV%`#nA>=|A2DNIm+(mN~jln9IjN)Qj%Z11a!
z(WEV~_GXh@@WIvV>znANTJJ96YhvVFV-9FG)+{|23k-XW*7I}-LrmmQW6`o9Ze&DN
z&%xc~{3}Gu8F?A2_)ZYq!$Qi;jFS73maKS5RX5PVV{R)%^-j&UJZxi!u~Ax^``Y4E
zUAQulUTF1&BP&+0JH+aVEF2ZSFBfIe&$7~tZvi+<oH_5KM<sL1EgBa9#-N3zwg5i0
zk%Ww15vwcino)3!$mo%a!rMVTXpmys@GgghFf=78u?QpdY@>v9#n~Mrw3>5WQGj*C
zeFY9Uq}F1pnnvS41Z0?A9a<^#c_~(CD`n0Xn_;QTXVHv>L=28ZT%JzUXo>`F{TDo4
z7pR3>GJDH5DzI#O*<%=4!2yZLYDo>-f?hJJ*-}>K#}k#wwcSgQG*11N4D@_KH#R8A
zi6|;SGY4+nz;!751t>W+-1W$_fP42S$6z>GtG!Q6fR^DGg8!ptO<ny+)zWr54^*f&
zdQ=m*NNAx~vR<w*VKz13wxl)<i%`c80e>1;A*Rw`R#+om(Y2w<6(0_*24%Y?`ObW%
z!@A-nt$48kp-SY|g^V*B3`68OE7wwk@&re=RX!`MO7+r-;6pdTG4rvfi$nGH1!tA|
z7ueC1gEnyC6Ha3sj%%yNgwb+BN!vj?Wh+|IOtXqB&9i|JKd;)@(}C&|0O6WVUdie)
zjUmmi@HZIt8$q^BlN3^MvYrAX>r=$XN^%K|G#Ct-!Bg?Do&pQ&SHQs<i-8q_6by++
zDfn0I%)@~m2eGfZkgW##jN@J<p;`@mp_QbXh-fu9=v}0y0W_<D9(Rzm9tp{6EQ%Fi
zR3#jPM?<h00b`h)0sJ)CzmK2!`xIHfV={h6<noR%hNtE5j?CX3le;=%tZ4}rBeQXz
zWUOf}@PzEZgy8&SN8Y|pyb%~sPl5mRB-l@5ai5YqeiF>5C%}7p3aqE`I8QAUr-9y+
zF`jl2oQ7nM0eq(}^roSuh+#YRA~y}*geb044{B4&<cBbwwh)_!l#F3KryaDWA#q{=
z%c(~~8j`mnI8Hq%O+$302g4~1p=qG=UHqmrbfzKd5&-y&L1r4-GVJjwP???rk?9H0
zm_{No1#<tO9y*M|^q@`aM_}5;S4twTL+DFmU>?$umwaOUC>`nXP?z>bTsr7k2R-Yc
zXQhrc5y$9hFpNgv7mbD>Psc7wk8n=HEovhYCG<LgS=50>l+bAmuc#A=D51|DtfD7H
z*ZZfoD<mQfJrT;#6Cn(ZL>Ee>7s<#%4Q^11o|%R!)W!@-lG=V{M4@ykC>2TQNl=7F
zAqbIqN?J)WdQb}&D52vt<e)YtP(rs4LJdmJWqJy<pa&rZjZG*WgAkO84wQ(FjV%Eg
z$f5lt_c@FT)JFPA?)WhffkviGjY(Zg#?9FyEhjDg>><cMiKE{i@h27SXWxXlWMq@^
zs3xNkO+INflLsT2JO!f9CyVAY3S%=B#piIwe_Ln#v5<O3q4YTXofKU&385#z-bs-R
z2hn-@ad#5B-$Ca2bZ>TQ71bo1ojovih8=9<@paNA)$zDGV=;C7GNcP+5j>sL1nK>>
zi~)q40Qn|KARR)-*+IQY>h)pBIAfKV5r{bHXgK4Rk$~f4EE3LW_=K?tIH~A2Ekv8-
z3HKu3?4sEu_xU)eH=`GJ9NJAX(#=RXC^Cd{6Tmy9AIpA(o9%BU_t}GP(~Ve@+-n!I
zO($ASa*q!}wHb+Mvj>{ZIAoV`rhqgAn^EXBPh>V2g;=w%;xcM?#-h|%{F#JdBqG%8
zV$Y;ZaS)wm8+RtnITu5w>BO8#=(Zb`=0W1rV@uQfho_Fiml=&M(?X6(^Y8r1xH5^C
zFBMN_4=kBs<~9mP#-YRv^!XqRnNf>2@|dOJ#w0k!AB-9EXeo=}LrhLu#406QuHLM!
zAn3qcjH*Npf6zB67le}LVz~2WkIxmO`P9(3-(UJ7&2&u*+b!lNrn}CYW5gh<ZAH5=
zP5w!<7%4hF8x)HtKnF-N<&HDsjxynXvgX?dnQmK`V|N=JxwU6A)dgwO`p<Uz(-qBb
zE%|cs75=kBht}xtm*2m%eo@FXDQLBH0UN<Bc73NXJfF+WT!@R68_mDCYEryY%1XP1
z`bRA_omg893=soTFd1fNT?Ws74ij%VoK@f_UX1V4MV2x>>FS#nQZV-gFq6WRhU}`e
z$Z9mr;HY-jHVCVMbsZiig!e!t!p`#vBDsCW=HLv5Ct*HH*N#KT_PUZwqlLi2+q51$
zSp)q#ZtCWUIuR|1timWIy$X;62A353nxzD=`0$j0PNSh+E_fwH5*k!X-0%+!;Wx+-
zg1g$1JS~+?jWM)(U@dZ16&tWK!oho-111HYoiSoy^OECmPMCh_{$fVmh+>KN9;N8>
zML5@8VVkR@I<^&4{AULC3M3iL*tY8bA78<v*P2$E<;U@LO%f1WtJRrd)C>m2=meZ%
z8*NPJT-F*?AW&7;cS8ucV>~PcRr<1$b9TeiV#QihZN2St2h6|k0gPgvT1*(SEbI!U
zSlUp9`;z2Tv#I&uV;c$0%x)?}=*^J!UYvFptrbeG$>7(;NQ1UBBV!oR$Os*_CMVbj
z!F~QotY68LqRa7%X5VuwwW>=hrWK<(1m@YlCaoJ6IlzU9<<?Cy`x2~W%5se?*Gp9l
z(X?mg_!=6a5$|h)b`}qXmo#l^p0D(Tlr&p$Vfl#CRNxX?*A+NIm;5f#)r2A#3=puk
z+?hO9JIk3`TY&>Ir>wLhM=gSUWbp|ZwYG+aJ0x}7&p{lIc=RnFvQO>VEj&E-9L3qs
z&1Ri=eatz$1Ap(Gvy#TUo+b7@VhK{6V$-xN0~A=3j6KPoh9P6mdPUV3<1IYjXS>8d
z_U*)@Sez?&6$cOW7WHagLvT>#I1}bK@Sj<uHV$3DtFX65^(OO;i#vlF*I<zFTIsNA
zoXK)sFpQ3C^=}13@J~AmIp5gFhBVFwI!ji>=n@5De?K&T!skvrn)>-rLwxjs$R9Ob
z?jEJKq4|a`;apd;WO~KwARUG9(ntiD<Ce2^AvY|akykbVv16nbKf%+j_ZA=g{fs#D
zaI-m(xepc#^L0E1rr&kNz;4oY{A<O?@iC0(_!vM(7|mx`OT&(nE*-#JlU7U>S<^~)
zr-p0)?z^iu9husZ&C@F?WXC;iCm!9vQ(I7%Huc{9660Aa$OfZk;GHWA{*Yjk0HdIS
zynSN7!o(e~q$rutO(KzESr0ZR7HVV_hbYeiVoOW9A=!$GB_oP21z+%t3SDf#QffrF
z-0o3#mqKcuF$X44v4R1*c97H*e$hj*cYU#=cQ*zHs?x?(+5YNoI#OIaYfL+5)v|{G
zw<88yFSuP*OoQaxbVq2lgml(Evg4BRo5SL=!OYqAZ-X&#O_hREJ>`+`(XQSsyb`Q8
zHJ6Di1p!uI^w>b}T--$}tjP-50YVg_!Vi+Ha38a`9njS?%P=8&3#ZW2uek^X&ont<
zv*j#&!H(Gw^TMbi8^?>npoyMdxmK)L02UK)D*zw@Un~`FqRod;%+939c)??6wqVg%
zP+qtwPK5e!hK@ommwjSx)S%HmT5ebk^+G(2_K_<hp?fK&h@mXC-OMyQ4!3L*0y}o3
zvWl+REawXN<z`y3LehK+wHNMa5iN{Va`A?VrCxnWo<|-_Vx+)$lBeXC*_MWY$$as-
z0t8|oHfQc<l*OB6oFXiXzpHqZr&EVQs#QLp2{|ofcDvvOi)FAU%ydXRk0yO3N*jIh
z^_(hpUiO+8wxkOr4CWonY5Br~b5P-g$|2@Y`UHS(AM?NpE~|C+288%GGNVPpJkA$j
zk)DK<Rq>o<w1Qj6Amj?&Xi}~Xhw39s=1MF8vc{7A<<;d&U*tl8({M!<xBv)1_rHA>
z3zliKV(*J)xbORVRxrlytA;Bwm$G2Ai?o>~!4e%eg?b5+Ny_$qb9MRBzV_xCU-NQ}
zjZ?pQb8ToCEtzK35DSF0u%b;vuw8H#JG(re0qn+?<RvO*y(M$tK7uj&>}y`I33<sX
zjsG%)`&+g#KZLk%p0D*0s|&jJ#bu6<r&F_LQylD67i#+1@iBS%=G;&L)dTx8OqH|L
z;vQx`AT4QTp}dU{1YS_!cXzD9at(GpW3Gv&t4OqEnsFO<|AG$S6t$<~-f_|jm=39?
zu5yw+9z*s6S}oa7m4kE>eNy^EYaTZ?EkjG2<?yJ$LVJMq9EVKXfxnCn_%ST~j<fq`
z7MNyg1o5dw4toYr3eONmKfwld^WCfOKz6oVpjK>A7xo^`g2Gf2z&1(AaHx6y=SMBT
zC)X%sja=<(ixG0aVwS<N;AqQ=q!rUQC&;B0q^8{sk@u!01IrA=xj%ihFUu;XM^KS#
zcwvBqd^$wJA+O@7J;?y~(u|Ocv<#0q^TuM^(=FQ^$j(mtosk`T7m(&8=B)hgX--1-
z88uR4qJ(xy^~%YMFV8^Aaycno*4CItIFg1X96B?aR7n$S3<XjmfOMmq#8yF&hTdW^
zqN$Nanb5Xm)Ip$h?I2JdDEm;S2Z8b+P#y%z1KH_s2Z8c8LvvCDN^6zeL!`_av5YKu
z!FFZKxKw4`f{!Uwa-mpOSM2(hufGTTW8%DCaRo7QIEa?03AAWHl1w={w`lR*f1xqG
z`;%DbTei6#;AR7ytZQDwLh<0()A-yVk9#8iwg+!Zq_%t2nEhn<*;rndz^M|~EsaBs
z=T0dADT$mZjVldvq&PQ9;zav!A$0!4^VnPK`_9(pME?=Sf=i_VDB<yF*uZ?v@&9x@
zw12s|x%|~Vv^>$}e(t>NO$?kF?7CtZ%K?D^An3dozfUsNbZP6sQ<BMY&IRTj&fE=j
zY~-#9>_dEV!7`>4?Zsu*k}#p_ifx<1zH=}rw?f`qyb0I4T-aUhUt5ec_wMH&KkmTM
zEJmHW<0n6MP+Dj=LO=uDa<i#Dox)bX-->s551qc>x?}HKF&Ksi^z@n7oe$BBg=q92
z_d+he##EW%U3lZ3g{9lt1&m&8P6dP!b{`EU>azQDQ*zV|Z$32xU6kE4drJPUdIHIY
zPN7`BVRtO$2)?n8{u*=7*}U$i?^BRtdj51ztL{~qVl>@8D^~JIu2^fqF7U|*t`{NS
ztud<*L&X54RY9FMNHXJsTz&oWi!Z+TFPrjZq!ai{ZsUM^x<$yqJFv04>;v=O1Pc~Y
zMW)Yl)7gvFAO5X$$bbW#)`Hsr(o#)`nvilrRuhs>$o+)$h`<92j=bApCZ$FUeYg8o
z7%*f@aXNGY-ZvlIw;4Grpp3R#ua4fEkRQxzmsQ^DYFSqtqG-C;V_3I|>NWf7H1YJa
zG5Sn`Odi)`K2;s&k@c5^bsE-N_S9M8yFH|@4C^X!J*8hq8Pre4>LwlJqu)F;L_#2x
zuU&R{P4&v2&b~ct)0%dU#)22Fygh`}(L#zP)TS^8w2vd~j%?C9+-(VNFCq*<@rIkp
zIz>>r3LbZfz7EkJc+(a?yyrz9lE^*fC~gJvyP;p2R(eKWFUj-IyNi1Ua1@_^bSM(1
zn+8$h^gj4^9{hV1{JRYPt-{}{(?6ef15XStWfT&svm}l3*mz+v#WvJp+^W`IaDZeG
zQrp;9mQRe5>B<j0!%7=2*PvJ7@4lc3p{E12mB!apN-(gb)>7K8loaVQt%g!!g`~)L
zTD6n*tBf>=aWS$I(tcHrQoWNYp1U#CjQp4fT|>iFjCQIM4fZ)uy{Mxq(O{R!Rg02S
zf`|QFgY|uqOp7Tg)%#Q-8W`R9szXE7hQ=Z^4WcupBQqtVGJTSWOnaj-jjkFLR7;7T
z{ZFA<P{QRIt`2lKlfUknOseuT_EZj4_t~l46BB|4s`?Do?1@qTNHw2du~yH+5Dy4Z
ztDZcmEkNSGoHd?<hX5OpIJm(zFL{9mL`pPWP5>nX)cn7k1-sYNGY&!FPFbmOd$bLL
zf{|ix=n^xw5lW%Yr?7zUcK|F5!zuI)l`omnF`R`#R0T3D0CnP4>~62cuGrFA2e!Fq
zVy}V=I2yyE-zhbI;T?`ePoGb@>J`nnSSA~DZ^GwWd7t<Pqm4LAt<jD8SBZ)?GK5vF
zwlOIz#6!K#WQnL!fc4PpQ6rShD@FnG`ko%_x+zmQ*mVzf-Jp%N>$Ye}qD8k&M|$nJ
zo~*P4ke)@08*tm7oV0&5qwW&{9>ZvB`ANdUIDXTXTX#YtY)JZkgRyl!YSE{`v_}*?
zz71qV9UN_deG@+4cjquXLe_d+YjUlrHn;qmX}lH|+pzUv&j9<3(-w_|uGdWD7|(<x
zq}7cL<U}Z^sTCjkjH7YWPCB+rFoIxTDFG$KoNhpRvSmLIpuS(R9JV;6*!JMlmsGEk
zEs+o&Yti#9gsc_0r~~b3s!l|0VIE@>M`6TpWRF7nfK_t*WfUtoNyWuUR&q_3a8Q%y
zy8R-_nPyc9X8)DE$G?MfJvz~~?ZF|)y1+W{^Eb<9>ptOWy&ow0L@QZ~+>$wul7F!^
z;I{!nepC>{<_*|$rm49j&u7m+fAI2;!WsfY`j*|;i6!oCJa|MEqxpBDh=wA!14r<H
z!i$La!(H?j{OZ2qnk6aagq$pBp_q{pYT>Eb>8z!Nz$3%c912ZU_54A1+d{d*p>3|V
zKeEU1(`4W7xaQ$hkB-O*K6$K2C8a)n@b=nizy7d}mi25+9UvYJzgQ2gL3GYr>l0an
zuh@#-F{8SI{h-%CVEdKi8fOLOg#hml00hBm5O{_D$I16+S3kWyyLcT#o5CU!%+0)3
zK0P3qK?_=Nz)a%D+Oer_{AO2x*17pWXi}|fS`4fK`;Zm2;&%_d|HBAco-6h~@l+UF
zF+fjQxB?&p*pugr&{PPbw9JoH*u(A;_KGn(TJBor=xn?3{edE{HO*EiaoH~!=|=Qu
zACv?39<_wt3b?xB>w=L#`dW??jI;hza5~}nzU}q(6#wY{^{1}mG9(+}SCgc=*ESFw
zq0iksV0t!2TuU7DjJz(_k%~WvzKwj37DcNQWm$c&vDP^<RK3>Rueb8rY)xIT3AqG1
z(fkH3<6HUq1IudNd$$JfRm4)#TCQ)K645xnR*C55h`Qp>{hG0~>)Eqzw``+)NnTr+
z8c_ZE&GG*5xco(|%KJZE1cDERcR=Z~`D$;cu8yb3VQ?_4eHVGCT6H^GDzQ5CP+dan
zD(I?19Tb&*{g0X!ZPt#z>h0IQ+$zdyUc2W-p3w^3C>EblNgEbos84T?85N%NG$%pX
zih{J#JgW;@5pz$Mvg$Rg4d<}<V|vXpDe^S^?`He0ZOHL8tGLX;<`F9ov2{^SEWE2d
zvvT3+j=$6?{vzFuU_l%AX+X*Sjh&INJS6yp@czhxuzr^vqrEnEiy9)ZkQKXQ6*<YJ
zd8fBacE>X#O#E+FNjP?bEinezUNfiv>xzNGMHTs+oWN`S<19;-bE;XfIdu@TSeUf$
zfVff~T<CxQL-Y{E{IpTX(zfLQJQ6LkiB5{GqhMKSlxB7mM8}&L6dMl&)*+JV4i@>l
zIe(N?YzcP^Z_l1LECKYqOMcRFEepBaT(6B*_EHL^E1&>-3ryG_QP3gA`D2fJ3s5~n
z3~Zk(c@KUA{AN_zS<74zT1qP!AtJLI^*(Y>LFcTv29HG|mw6Mu;j8f(9hQq`^f1yH
zxs-Y2aC%`7i4ly&x=&;U{3f${xR#A6Cd#`+UCvnrC7jGsp-#sulF6!KYAvxuuixif
zmX!Bqn<p96wkm|D+nTms#9|-?SK#7nuSHZ%3PVu$t^b`+fU6CsyuDe$CvhT4L$_zZ
z7rjNAK0&Ev;$XKu<+4G0g<(&F{h|zLy1-t4J=B)lMgqoFYe~R~3uT&>kPTHIe0mgi
zNL<M5nU+ixHxniXu@s8I$+x@JDSn=d33)5^xk$lS31rn*lBu^+!*3pS>2R<k7tTs9
zHfGtdH8XEp5hdlYV(Z}R=Yq(}u293=)nNS`*PKWxq?m#n5Ro28(vb~Ues@UzgZ5*C
z25W5iF4VzY7c^s#69;hrW)+RB&off8Y6(8YtT(N%X-NeL$zG+U5*GilFm9$pg%ZMH
z4MO3hj2@U6NCfdH$I-P^6W4i{qvBwY2bFYfZr1<t#-;yD)|6KRx9f~3E|vvry=RTX
z;U`S*EnRlVNJ<4^7@B8Bwax#H$|M!D7%ixlMSDEDWt*eP&h0!p7e^ECTx#7m$7iG6
zg16%c-aFb?oJcrf36G4&z-YGT+eoN-+tbr}#mO$(N{|i1R!wM6R8I%76LRrU14gMH
zqLQqp>Izb$hYmJ8Zp?E6b|K|$y>?sbJ&Rn}5Gg-i(ClPH_rGPEDe8Ure6y<<GSSis
zf|#b5<h`t94cCnsTJKbV)TQX{)*&Q>vz!swD-fY_DULOM(_K>cXm6j*Liv$c`^Su&
z5m6UV92+ZwfIyCB40AK$l#tM+xnH`yfPFV*faxTVz+n>Imvs@nL?5ni*?rROIljP$
zx58F(wyYRLW8%)kNhl+HWX?z}*c~&pC+B9)^BOJ)*udZ4ub6lz6xCcU!1wjvujE^)
zokjb7zc|Quk{{Pbi-f4{oG+{cjm(+8XSSp<s*wE#kVRX`^`Rw*XXaH)M}e1xoYTTZ
zp!ZYFo1JI<$nB4fZrd6_|J((#9KPi9f>~YHoa~=jC0z~qrqitlBmF8;Fr~1n%LNy&
z@c9|}+T5BCv|JZ#f+3k-On;Vwk*uhdj>W~hW7L!he2zQ}Rv2g!=t{I??Yq_6qqU|`
zMP596@$C7RMm9#PK2;XOWp}lo&&bE#9?eXilaKKK7xw>OkdNdeA(!Nmg#S1HBOl4s
zEV7+iY&D-x+C)4vO0T&Jb4HXs<G=y%lMv*b$%w(&O!>wCbnilVt|n609-g1T6i&%K
z*!)U*i+05`D4}i!d-BEfdA}oBigq`5TpAkgW_t4cbk>@>nc|B{8d-M1=6=>NYAQDH
z$$om^NWq!d+|$h<L2xW}$?q6h@#PAN(0JG+@Myw4<}OzdKh{sdxSo-7eSECIB#QDp
z%5mODVoj}P!{KayZVl%B%-?21^~JdcR_QNZ>}{1U{S8hc`A5x-4}74sgGxDq(mTK0
z5sn{LE!x{fjgSaLjiV&62&2f>qEyX1Cy+(zEVBenv;AFGjA})GJZjU6ACJJ-;6-g4
z9cLvP43F&X(_M=-tIQ^X;2~@^pFOE^YkjuXf&HVVh0)l_65J%!&Wgm{M0jx9Kxk3~
z^kqiQ@Zc-(5t(^JrR2yy_wJda3H>zx9%MoH94TeRY&Vt=T^eoz-cO@x`QsNUrtPn+
z;Kjtn$~Y7L+=lc}NZ<<Zg<bN<F*UsA`=;`<vPBu;nyU6TeQqxZJUHZhgK_?_O&`6X
zr6o5(Ci~YBCK_et9ZdVhBv^&mNbU3gmc-*5ULI$7Us|S|$fWWAQF*L6rk$tr-%gs@
zo`TQX5s7{^!4nTa2yA?oGcTYhu4^D56C&6>aK#7^3F%w3j0$reLS{NKasw0uwb_sT
zL{FKGb;{8fCtr{$`TW$Ja)H+fHZc@U42zCpu$X}wrNHcnf@~k?eoJ_0Rgk3^mm1IU
zZvj1+wP^O_TwKb$?SN|`ImE8#oFQri%gKrRM^hR5v=`{%ad@(jIXhcGNc`qf7CcLf
zwK;mb^IpKCSMr|RGhB8!dcE_%1aD|Kh-c;pf3|>6c~)noR>yLNL~;e&jF4(T_P!)j
z@)s#&^(9KZ=2NO+Wxd0Q8cn#!iaKYxQ_lj%tc-Yi4hsL5`}Xe51w~=UJN(ff`*|W*
z**&8T*$wa*j;6hK*bLxCnq`X!)aC@tw(irkKny{95nQeJ;E=~Iu{mMq0s=Foz#|sB
zW{ZL@d+*Aig~P1u4Y=ROUV`wg*cE_J^wR+hCyE~T&SM=rJi&3tljDkA<JTsbzhoJr
z`4!9Y!KjU_3D<6^l165uLBz<Ubx!-O5$y}&79!#3_jmcD*!P(CUmF<9Ugx~u6ov6X
zzvwx4XX)F-n97^xd1oZDsi?49Xxp5@98i7jovjgI3AJW!D}!<6UFST<>P|%{r5XvC
z=d3>$-7!#01wlCRK`P{jrU$}kw!+|F{J@|3FOJ#Pqj{a(GVS~u6_iU_L!J17ip*S;
z?f8%0!s!G*jy=MtFg24<XDNeE22q3@KtD4UQ|xFk(X&Fyi6J+x<6UDMd;<U7uhoFE
zVwoaiu7G*qld=20#rUb{-=A&5I>Un4=Zo#5b=1!Mb@1Rv{R$(jsyTUh6P?x30$c>E
zBk~EP)HffDX$(jH&Gv|lIC(U|ul{VapMtMOgwfV$&UKgNX5ag~W1mVhrthk4ZO#Qz
zP}JVjeuyeV_xS>lMkG_>_}E*o@H%eCwi$7#r5E=0eB#7kqFGTO;qhuYsGnLk`ZtH3
z+m^Zh{pjd0?9BSs94>&vYy<R-exDS-GmJ3Fz=y`r6)V=HVtL(*vuzbF;Pz*sH2^W|
zEM+7|t&KcFh?xFM-eTH(0rbt~ov}MsZOB?G1*8K=JXMM>AxUSzb4E34kT5%^Y#mu`
z>j<nkvPGUB(;g5Q@#A)@A;q73@$C7t=Q|31Z>OQ+e+mCJR(bdT^F@c9B;s?ob86j`
zM8kd5r|<&o=wF;Rc75{2vlq{vpO`tnI5o2mEb}j>&reANtFYChof%Ut+x)q3Ij6G9
zZ4|KG#NKYr%n<V5@b%L1TLiypZtT4Tasw^}uE}Smtk`G$hu-(oYdh~VeGejh_D9rA
zojI`cZ#v43rn{uQ<Eee4nN>a?2wZ*@VvyDXfLtq9NSZqwp>}#cI3{_?6sx*ZYjUdT
zoGM06ZmwT_)sc!B4~&$x{%-MIm9y%Gm+S{Fa@pfJ?kL&`_%VjB$pYg%Ydw{VDZq9=
zvp>vbEqaNE0&3)ZM)$L7re|24;ri8AW|v{^M%385Z=+C%B~u!ddaHFq_f!$k)2M1z
zS<`aeFLYQUXS@B=f8(0ZF6ajUsh@VP=IM-l*URDL0zuC07+qpsH^NTaQZ`u9>QDbo
z?q1Bk_^(+{Linc%?i;y!y;vNbI2>}Z1$P|9m5Pihj=J%bh#L<<+vvlCPDa{Tca%Mz
z^y#8Tt6VYxNkTa)Md(U06SjET*K3y9jomvL<FNoa2EaImg2@L#IQ9qNu!%geK%4!*
zHwJZ{RM3q*0XG6rjed!D1lUFkP$QxzCj)J?!89U*eiUS5*d!VO*LXBwjloe20ct!6
zn8t&FG=@Pm1^_gk2t4DlfiniTF99%PPq2)rxpq&WjF<woCrCyV0Chl$zrtr9fDGKA
z{-e7OIL0sl#>2Fr2<SyG;KiP*4NgBz{z(#jY=_;NaI)01E%1cmO;^88;BjB~l?#43
z;ia8zWp*idcL|I#2-X3KmEFcRGsP@p%GO$-ViTgM3TJ5BN3Nmw>UBYt=Gj+;%x=xx
z6D^-zZ?<MC$k`9q<P}%99+x?8+T8*uq2#unvx0$@0mOrnW-GMH+wd*+VJ%hMr{UIS
zEJUU)JoC(+n}4DAis5wUX1eCjtk2Ssl9{+rH|FZ~{(XD7@p<PuTJVBl`a9fUXE#Vd
zbc2=N$eP?!bk+e)nUNd5{*t_Qg&%FAWAmAKpLS%bUaw`Py+;~%4KrN~S+)uL<TctP
z2l9!I*a!WGqX{|suu$fILNC<OjGUJqY@3S(t13J#b7o(N_Q@BaAo3)KBKm#AOf_P1
zF3G)-klCH#eNb4>D`LU!8a5s6F_Wdy+js!I1D7OL05~aA3%qEfp!kmcEAE&Ezi0^`
zQU9iC9S8J$;jr5$Hemss!(91?qFv56?(2pE2Zs=1;O(ED<?Qa6%IWh73;|Ed0PI(5
zo>Y;e=SLoLyx2^_dHd(0JuYPB2LgVy&yUE7tYAbL6{KMFjya9p5Sk4pzMS@&UP)q<
z6G@76BKyGe9lJLiDn?b?ppJ#CGG;xb_(*hh6w}(GSBFN7UzEU;WOzU9{rpw>I=MGM
zRTcanH6!P*9D!f6N<kG@O>(aKiq&HCrE)lO;*+zI{wxJ~{nfP{*6FXbXb*&bb1M{;
zup?=T^yj)_MlMMbbo|rX!j1Voc||ov8ON5XhzC&vLp0*c9FRBQl|V>&fIN`_*<W7B
ze1uRDyyQssU(5(!;_pdmdLwV8=&eJI?TXQyn43GnfBsN$&7#yOi3OP>9<PnQH6izc
zn@k9no|~OA4_IClXBLH=yV`?~F^hLs=c6X^?&{pl!TeJ$c7_i_j1$Vo8U9E?wUJZ5
z-jY!pRz3`{PYB(SaTBG>Xs@q7%zg>E@}X;f%S9AfpnZ$Y)8IbJG;8H1T(77hq@=71
z&DW725#o-#Ibe|D;tOxm3;=xydBrfUCI8YT+Yg>VIIf+YT|ily+)`J9RcdlL<ikCl
zpg~gj*K92~UU0oJ^1<n>Rj^0FGCY_XjTU*l#Is}VBq!!?&%la$Is=+HDEB}Cy)A*s
zz1S-hJy3ob=EaWUMjv>0b^ah;-CwAni&sPa)-GNRf4FAV9naW+!eISyPsgtJKTP>=
z^)L}zE@c!)Z(ecy(3hxm<y%5Hs_3Ng6j<{fIkU6~`ZjwUi)KtkwKkMy-2B`dZhA-%
z;nyT`u@Z+ge1V$<?tjFMao<avvGr<^ma1wV{rb9XF@4F_EAsWVm#_nWVa$#I!&Yct
zJyxXP3l@RwOsm8oxRzBqVBE2L!|d*r+Y53L{FahT76r=&tpaj^3*o!$P~B{>pPJqN
zCn#@LO?!qL@a*dK*{h4!voimemAs#7Ijt3&avkH02`Ed6xIZb_MC&m~_{ZSc;>sp)
z(Bez-PN6v;>|oA?DW#5UFBP@rfv7dV)kT48tt-YRp`|HOGw-RSh{kZzn(BZ|F{rLV
zkB`j;$S-p!$8ejN?6AAm%{%SYzHa?~NPC2XsU@Uj0La-wR_1J0?X$#m28-~lR;-%g
zr$3d&9b$Aa*ee#TgW9#US8UO>vi8^B^BX5PD1p&huQ1gGEU#7^=v->Vs{8fV_Q^_l
ze?n#9usw2dIBcUh%^+Cbc&swh%w0`C^yX=(IvcX6%E@{a%_YPmRj}i6E)^VSnwMOB
zGSncYRtJhKd&`ep<o&C@WzvLa+XAHhopr)^A9F0*%1IAWI4^YD2i<wMwwJ%$sDBhw
z{Q7jAH|ziDIF8#!xwwIdJ(*F?dE!Qy=7t7~ou#;ZAG~km7m)rwNxeUbZ$4l-(`3B;
z<&cIhuO*~QTUg^kQ4Fb-vpYaC5v^#+G^-k@s!R%Di_3hsX5w1Y>^ABZImidUdHLW0
z4qta{FoWBsel~$(c!7S++xRQ{Z85m;g09mnN$%+_S-}4qG2$?obuHHbYTCO5h=C9b
zuS&VQmWGdW(grWJNmgloGw0e9oVYuXX#~==wF{&mnFTWfrXE1$cn@7H{na#?X@@i5
z@i;&K{PWKdEAK!4<3EV32qihoc)9&xv}5ey-=068k^gme@dm;l*IJRe)GPZ{^FXWP
z2qKzk|G(?+-Zr^Z?KeSd^vl@_5snY@-~aH38F|Gk$bID&7{o<ny5L|THKBmO24YfN
zw_RZ>t_FlQObFo1mA2Rn=JXak)0l#bq*D&ymk<~AM{TJyD+a=ZC#2xFj4aeQm8{nd
z2sMVoM*Flmd^m{aEGnjd!8oKr`(*1b!P8q3p#>sn@Riq;S0n=NKx`}rgnnQKNt>}|
zEVt>BhRnDi<#i?h4o4vFNOlQ}PFYb_=ysSAfvdnFei$KS2+Q2QV(WzM7Sky><Vynd
z;GQFH;<C-jS9q3cvC}g`oW%`jNUvd_)D`0h;=Unm!J_BcXH#~}Z%QjDPcdEFZGtdN
zGiIg~!j4A!ENOLXbVN&$XOLf_Ja8XY)VM?MQb{*q-qzq)k7u)ETVA~)O4G{TdGq_n
zEDLi%*9wa;7$FwQoJhb>X|hJBU8zr^9E%;HJ)4hO8KfLw%N+wdE-hF7Zcna^t%En)
zT5kmlnQ_Q)6S{p=mW=HQ7&Epp?D>2V#o!IrwN2#gg%1TPN9!OdFrmjW9C<j*8QUZC
zWo&zLXKblF8e1Bt#x~^P!`8ZE&drC@w<HxQ<H9dm!iqp8&~-pWX5_*WWxQN;u4GYb
z>^$W#T(oI=BlWqOAwaDCV?f0dx^3W9kSGt4d^^2VLic#3Yu5ecm%}kVO4*uG73x1J
zbH}5bI+AwUtBI*==3a0~59EHutY18koDBEi1I5Kb)N?`*0;$DB$P`Q8la!vx6i>4x
zC{9jZ`h+_dKy)rNs}?k4r=f*`tyipMRRmAi1w*==w-pt+Me)p71%!ls(5y0h@$&kd
z<Q2bTl_Do!#gf!5Vo0y&Kgm1+UrG;DhQ}Rg7QvNkhK;ktDGsTq-oi37=MB;^ffR0J
zU0I)(D=h=HAu}DT@s5ouQn95`L8<`b6_Jx39HzTpXmsOp>5oQ^&I!dIv!i!Bcd`wZ
zzVRrXYpSd@5nSa;$&5#V7)%Sc4OJ|Vj#^bby&Ez$HBdqc#HjN<X|09K*=0R1xLRG0
zHu`tHjKNo4Wgo&VCEnZ6Vf$B1C=POo;VwpY;zop*unj}&vwdMC<n$HH7GE}hdfSZu
z`{5K%EEb=$cVZpBLo!+vY8&~&k^Q)gZn^{&))oE(Tyg1E1VT4Zs_^9pM>|nefc`Iq
z>i}x#yYDo}0P)dQ%wB-lu{$_he)G<j{iCRxQqD90IcdQcMCb1qkz-i<hvSXOBRtc#
z%+@DRx^a6%AlDex9mv?!E^roHvjhvZzqq@Eu@MSD9>8Bl5L#fsGOGbm4d}7ivnF0)
zxN2*{(M?E@fN}0C*5>kF+|w#QyX?&$Yl~#f^Py1ceof5p=^T*DF^3`I@Y?l`{hD5|
zE(4pEhLr7ivZ6<#)5{ez-w`#y#rANjp`|R^>%pmZaH{<_oNDLjR0~Vtx9E)noQhlN
z#`-N@HIxp;+wHWkKoTF4WTd^c%`OJAy+g5%m$V_HJRs25fCAGo=i?@Y1o4*9IT&~#
z*K)wDhYf@sC^m$JPA0wxt#H{;AX%<y#-g}eP4kR3!MvQlPy|ZoJMlE->3(cb2UK2C
z_~+MV-FmRJx*Au+2y>btm<g*&MdV`Aipx8?dp@AMyEdvQxjis3n7ek{1-<j8a&uUk
z>c9!9@J(wRuyCz$WuIWWX$EQn;?*K~7ZVi`Z2PGr*!FQF4#*#&jFEJ`8~5SFTVmVp
z!<J}~atnurk8J@XrPm}8q%CG7berNn44i{0&Z7kPVIWx~IcHPchk<;NL?)6Xkd~B@
z(Cu&9eHbv!OY2G8btNV&LTKNHbw+RqEAG!4WL|UCtS2$$u2wDg;qmcoc8q}^jlxjt
z#q>W36Pb)wYiimJjImN0#Hz*=6*^B#H{MZhNgUts5g0-69Zu2LdkRI3DC7~3?1Vi?
zVzNx+dQha`B?s^T1Yl=MD{_LroMr1eg=W~NOIFHiGx6P+*IWJCC;F>5Hw|hz)m6oW
zE;dgnbNQ7UN@j0bds7;B8JJIl8WA3BEh#L71g=bYmx()aM=LcvV=`XM%K05vGU>P&
zj=1?Q;jj{{Q89wZwckk|{MHs+dkbfPt%{U+sOo3CS&+@<ZfwcC&*RWIt_8&he*D*u
z)2491$&WMm$7iR1KK<x^_}A0Zlas%Gd-2W9<?Fxk(~o}@b$N?FeLVRqd;Pb>PEJq%
z++C7jyR{@fF7#AZQ(XEl0jn;d6SqM7+?R$)c_QYe^d~s#V?^vh@YePSo?OCCjbHiY
zqEiMt0+-n<o|wYuo^B^DXjZOeMXL?Tt!ZpC0{<caz<4m|AB->O)kCrvOP2Gx908;O
z&xb2=4<NM`{MN-(;A3$ou7xkB*)3{GemQ3#HwAgNM@QBVUNSml3q(^i1VYH1ne}!Z
z;h0+HUv!}++|{Ofo2<wMhzU==eIywKfd9<i7#Sz(j2hyS>AW$SBW@-9xna6U6)i!}
zv~V&DC`?x*z~zy)6a$CnwY#g%5onH(`65bxU=}S@+~7^u>w;$heGi%{Y_mT$H-PE;
zftPhjYGn?&6!w{DulC0H0p2^*egH?on&w;j`;bg<?N_of1wlrsQ!iBw%7&c*%D>Sb
z<pSLMUffh35q;+}3SOk&Mh9T+H=!0b5N+rBbl;v@v1+=kc|Pvme3C-Wo}$e#S976m
zX*Hhx<88hcKtc!6aJ|!+ZwPe(T%PPZ5Alt+(pY|%Z88hl!joX)aTvKR*~T@Q`l|Ph
zu21G{fsrcx*TwV&inYyy$yvcPq^>ZJ*N<T{rMxqz@<&15DfF=R`(+ki5_;N73stuM
zI%7E|#sqaYt6HcDnV-7Y!2XV*8f{euMH;|-R57!_0AN$ek|;sfY9%$;Ea;kMTt|w7
zRy4acuY$7<hBqPEsf}w6x2>JqqgR!zm;Hhp^>1edRc>`V`?cz^BKbzp;hbFzs8d{8
zw-1biP;%)pm(kJmvY@;qCyFuh+8t^9%XM5%Ml)p94ib~TLX<!duz(s5IomDrzFC3J
zL7w_!)%oZC<4{2WmMbd2L@tAXj<d^i6{_*JVkv$hI{8A1WeBv@+)%>@1eDIb<9SUB
z<N!GM-Y#EWpJTUtxzf{n1}<G><_)cJgXG(hsr|Q10f*7nz=vjdC^t(t0GMY3AzQH}
z0~)nGkzFSMrg`RTks2uytl?&BRjeHH?i`_TYl9H(e~r8lYkC_6pif~>5!~;Z^K-+>
zbwPD{5XaFEfw??zyP7*qMLwm4Id+%dzZ?n?@He#;gLTu?8+L__jD$AojuJcotemqv
z4@%5{4dq^7opSTT<@YZqgwNQ_{S@ueb>rB8mP-t-_qiT$;9&}Zp*h;8Str-;`#+kA
zn>YV7{bNw(;7{)j$EnN%3AI7&8(~1Vug~`WQs&odmd$J#p7*E`6DD*u0IhW?A=--P
zcvWD`75lpjo3Q1REfvhDW@0c>*`>h>sj+J;)(mTM0%k&2_E<{^bO&f*w9hj^*axlv
z0tMF=wuWMqxff8(C(TK4h&S<rD(w;aOi2BiKl(0u5F`#s=$+)Qbd@0i0xb0dOJH|-
zz9A)7n%=S*xi$hv7_)#oDF}e`vz*jI^LW^idDDL%mLU{U&KE@0nPH0SicOt3G<5j8
z2&zR3T1y+gZoagl7}B-Q2Pco^)P=p0+d<qgcPX+)6oQQ%K(cuY5>T<R;X-I8unrx;
zGNu%*HdsBGYZnZSp|tU_njI*qzye_v!}{ZO20KN`ypp#}_?!g84Q^sWAaUUUxHB$v
z6=F6d$yQV>S(C$E(j3mnw_XDnGGn;ipbH~ma}C=vHv)-wb^Rzjm?^rK<9F3AAuoCv
z4;kU0D4C`?)pS%y_67ANvuvmfELac%la{RMH37NiVR>Po7b~|$0HUO4<gH9}v0@}P
zh{{k%4Z+F$*N|AUoa8k~;|(z#at0=wWQ}w;YDI6FjQ^|&uZ6Yfk~N3DmZn1{G_RNg
zG{Exwu+X)@gWX>8VT-h(*-NHX6P1bl%n(K^y;zeCFgw_W!CtAgQgkZ@xQR+yzGS%X
z(B#MX=CBalh0N0&d0RExnwOib3(V?KVAsM2lKc%N^rE-R*pd~!+uy|8NUu|0Vg`mZ
zh0jf&r}#n=LJ3_P>0(PsRCUeJsOw~Z&=%y6f7g<F8?fO+f)eUdxyHC5L0^*3S^|z0
zhP_6QnK&m-#h=*?aiCG{$5TAjWb1<<nRRQaHe)Ewi|8bOBZ*g7H{Iq+ngd<QqF@y)
zm(~8$jzJ5)1WK)-&uik%KVDT4>^`YaC!bM;Fp@4H0nA=59MOF<&12Y%3u_=lA7^5N
zi}@-zG-&Wi>UC+RWmFzP=Y?VD!Qu1cZS%dfHI+e6S8QP|HQ}$?{U`O>@ZMJc$b4I!
z&wK=HQpZ-Z4}c<V9$OO#8``PTVi)wzs6q&w&Y2{Ha*Pe;fDl>;1WS8*iyEC>p2N#d
zFI>V8j@u`Dhh3X9Lk=3KBv|P18>3_Mu(j{-w@|Rddfa>!_KKM=C3gukok4v-DmFGc
zPp^2DPuH~48?@0({OFTA4)Y}wUm6_@GE_q-Y_0u<rE{(_>tFRj39x&~^K5qcsb-my
zoatI?mSN2eXL0#NXPF+X0k9oB0&5&TIG8&h4mL5W<6)80q)jUyA~zXQtJ)DzsWTw0
z+UPROe)F;}*dNT-CWQA}Xv0Q{kYZ}H^u6=O%H1w>7;Oqvq)B#GXoJy)-Je~aTOxfT
zq(HKV&!!1(Xi4i-Zm=6KeYiyOR1O>9F*)&wi`?)7V2fbLP<58E#H(b@hG7Zhh6UK=
zDXGp@Oc5oMjyoY-C{2r^Dbj5ZfCP!t`jSFHG>wD@Y4_Fwx-O_SQ7vkbVT>c!n=#RO
zJBk8WH56Lu_yRo%jddZ7q`HFymbndb(UmJX3yQLZ5&T-Fg)+`*c6(2&TmiBH)f`K;
zO;BnJ1uSuVoOVT<ZRTQI&I~7g()=y$nr_Rer(X6|%oqP^79p+ETFa7Zo`D6BF9Ppc
z>C02NAd0jr3Ze)IOLnvDo$QuY6VLtjLI$S`w<cJFv|aM+gcyic9<u|!!PpV-q*pBQ
za+XG^qfq~L;lLog%QP79&PJw537?T4z=t06gyz+vkoSt{d+DuSDE*~v*TPaGHQ7=J
zY`;dlG+UVs6%hA5LU$8$*Y8<TnE%Hp_JHX-GJC!hnAXpgGfmp8nv=Ye>vgK2WX}5O
z_Us`Hq`G4YqJUhsPpmFO*p^JNifV9tTIf!`AarM_t*fy2LWIWvoy=}aM^frw+ieeE
zPBbULUEaj)0z{}&^3K+N_x!~tWcSzy(u5$iA)tK#JvY`wFe4{t#d;NdIgzn=+T?Rq
z+p7|eJE_N)l~n4j>$cAf;--*lU~tnsXyOM=ylZ*~O}wl99yIZQhV4C7FP*iGi@~J#
zzQE+I)HYB7Bx_2>*+9vTmPUbg-qX!YFl~XToKN7&efOJ+4xo>R&8lU=#dB1_L1pbR
zYAunaHt`zp{;{$V0_N|KYCMXF`IViKYvzjOgp+OufhG5CD0a>?<%Mc^=}kBPPVRIB
zFC4S10YCiRTeo}$+<41WlUN!AKZlX{{()qNRhQfKd_k^QChu5<2jKOGH5H0W@ipZ|
zsz=BjmBuLqHR{^&2_wCbo}k<9F6{zX&@a=c4GdjZ?2gMiZ5?d>LakB4P}=J1E57t4
zU0tX$gx*wnx;Bg<#Z=d-4YHC!K*J-txc%Ngg~SP?O?-AcUK3PE1+YE=zY2L(auP3b
zNWf-g&B>X$F7P9h<}lPMnST=uB;%?{A@LDZkb5HtHRN@KnUYv5kSD@$2V7L$D>VOI
z*|DD$Mim@K`~yPVjMYbU@v^M7xpdKBsj!U*cOct4d=>6N0Ix};Naqp+gFwy3x**Y3
zzlqu`+2e3y8zXvR+Z8~8et@mmAM{Z@qLD|iW-Zn-pLHDc@x4N{lgw=-uWlWe)Vc*>
zJ2w-(b%FbyGSfTC3&=v_Lh*d;^l5MfN4+{)1}7t>hX0SfcW-Xwwi3njw?74HoGM8h
zk&-;NvzeP4mm+CwUC%=+$@cEg@y>wVAc?36bO5w8%zD53uW$hLgX{*-BsGt?u~nNf
z)qNU|gY$lv5iJtbXVt@L)Gs>7jE1vJQ(5qs-H~N9`uAGZ`sd7)7dTE~HVJ*PQ|n)b
zwDER)bp^Cxg$1-(l?C*%=J_?p4hkBeH8J*usfuELoLCE^%T6^JwegDJ6x>0DBDJzB
zR=n&jT{SBA9xX7#Gcqc{j;aJxZwLSS=uH4zIhWyn{C4lhwJR00azl)g7k{{AZu<HS
zX%t#_-|J)E;R~u1aTzn^&45tHG_po(eOQ_RzIc-&L*AABnrpTsFxoy)PeR}7P#m%X
z7rAMt19yAm)ClW?uINNG*iV9<^m^RXiHR#*)IeDGqAlNwCnQ7vD2P}heqVM>k2Fa@
zzhf;pnmk7v*%2cP_LcfUOuu-S3t~zlZlv6<0%=yTg{_FjsB#<Y)(w+b(6D#JhG6J%
z`szGhwBJStJhkWEwul~rJZxVH14u!cVo-W^(H&XFTMUp*(y{&I9axi{*64xR17x`F
zdvk22l1BA7tdFjKhvsacVOd-^x%x1DIP8%?nGwBh{5|Mrs64YRwxK-sM!|?XvJ8~{
zUmvFQA!l+<bJyb??zzPV^drt_A1tb`&=^K9*&%wxmHwX#$TsYWmwKFYB42R@@4uHr
zGRxoMh-@r~HMK!TFqC8JIge^CW!!yv_*9}xhPbf1yTKK(lQh$FuIMUqs;~KEeSY@9
zxoDi=&Zb(%O9j$G*N1@vzBY(9EK>-f<11EV77>)&919|5P(n0`>XBHDo;=Eo4e@#t
zW6WkorBIi|=F<*oJ|;612tqF)Dfa!St{a@`y5wdiY^06_&NbEfA1z$K1^V9}iYgUy
zj82iHY?hHa4Cex>eJ&cTo{?6B{!!3-oDq}zj#=3lluy^>&v<HKI)Q7Epfm$Nxg*Ob
zhpTic8sd{n_M|Ej-Jn6G3<vRVPvCEnHSUqk>RlCq`-!%XsW)w#u3&w7XBjrG_x^t2
zRR}HJ6r=X(rUs`9tguxU)*O~mAh&dCLV2dRgxy{Q!N3nS4|1cWWfc@|cO||WRU{)y
zq_{ylclk$fN%JXs9@inU29Ykbgl>z3F|H70NmiuBXA0nr=k#&5bRz_=UUiu3GCE3U
zVyyL`t#$yU4wTWYNn9m?UaOC!7crv22u{cIK*YC#k4!tuG&FmSCQYU3Ih_cC&gPgg
zlGSPq8;f1%oUu|knVWDAj5H<4h}x5A&cR!n%qc6YKeDn?bRa_@=bgkqM%nJ!b#>3S
zUA5?0^({5mzUs#MGE~R}I)$yiUp17oWB|6tFkxs73eWnHw!053x?Gf|RLZ7A2(!Ht
zVqfsWrBhU}T1K<!13BjpDCOvZK&XwDMj&=x#x#Setsc_O628a<Ur-kZ?r>u3+Ok>U
z?e^0=;jCc#c&jEV&(Dy;Vn&pPgIKYc5O3Me-L}u_-Ia2$Y)jc##pXRF5xRB|A!Yzl
zn5JALE{M@}!8AS5^vVBdd1Jwp^hUnN^{X`7|I<&e;`@m0Rqu42<^va5`VfjuFhNTD
z8qk4nB@qf~uO_E{mFwYwrad+T9&c`f%RSYbfb=dPni8h;<raQfe;=S7pbKh>&H-%b
zJhGTjR#h;p4j^Q^()Y@lCnQm(EEbeC;A)N}T@;zZjPOEcOD{UT&qD|^*NnU~7a@+x
zmX9}?EhHw<#2r{LuG{&|s+`jFsN}q5Svc~JB(|JLo)t6NS^Vj}wtBC+Ru>ZLSNo5$
z*5rL#7O`3P^-og_xNYscj#82n7N}Uo8G2sfso9XN_ujUs`tV(d_gu5A2FIwy$jy0{
zN<`i%fxRD3_+p_2*%ICqVdf`YQL4kPgn{%E76xSRhW&f8-lo6Wg~rcu8m3Fx?$x_L
z1Tn`_mc=H47~7jAo249Tz4E;vo3m@=t2X=TulCIMLJjrPmn{vq&1(FUwJY@&!XKLJ
zf7;FUAG@>p6iU*@b;PmHu2?kek5<U4St`1%866f3duJ^-b;a7;2W(wA4|Nmw)TJsS
zQ83nhXi=gWR#*}hGRHOLv+5m9J?eMF{>ilGPZ17~3|n0ljs9ZAJl23R<)Yje*Gb1u
ze_c=zd|U6aAW5LUZxr_18U66X<$2$2((gDy5dPiVst8XjbQGcgDC#O06tOQi$HLlf
zmBCvyOGsrhJ*V<6uEW&YYt5_m?b!vgzeZ{<?RLVDp|Be)uWF)i+3jeSkjgocQhB#c
z*Q(7;kE{BE>#a~VKk?$*k{9T~me96($}P>Gp$jGpL8^W?E1wDBaHQ6PE=)Cb`ON7j
zUcfy~n5$+=FYH}ogZE=m_R>|GXh_R=9D8Ywg#vXe9y!Zb94V~*z_!KC%c+YqKC}gf
z%SKM_A-|GcR!P%bsE&cp%g!U{C?)qtGQ}r{Fol?W)aE*|L{CnhjL{8U&<u;rl)NhI
ze!1uTCUGvxiGVBq_zBwQ0%nw8hBD$xXITofG+IGGXM0~{5AEFiou|D-mp$`*jiuJj
zOIPQWvnrsLe0z2=Mn70p#<FEY)%5x`PQw%Lb7P~f?iLn;7=7N)16FkXb)UnB*f766
zA*`7gjM`YHqUxIDok0>Sl9YLP#r{i`{((yhT{^Ks*btMX$gt0EWURkqbbfJleQ|br
zdvX2@eQUo!>%#LG-SWy@>`{2iL<QS2qnz8JA;Ji=szo5w*2fH8GOEf3&VJc1$vCs2
z*cz&}R?nz9G?JeAi2ifqD;}Vb>#9Y^DxGv2k*)0R8LuRi?Nwdr9pikeem5*BXeeg9
zw9_CiOglK+MSVQp8$%@N-gwUmVi~o}(hJn`rfM?v4n<AG8zc1E<=prsHae{*>NM({
zR^1s}z7V1<V7DqJ^~u_HM>BeFs}*i-i>{^<eZ;lP>D0jM7u(On+{PZWuuZJ&91^}*
zn0_nsvZz;F3CEIhY`2CmWepyEn7W!iH`C55yFy>x<0~3!`LoTG^M@{gS_AZ|S5su$
zL`u4fN0y}>m6JNUzBoO9c`;t3+mI;2(wtM~&m3K85$#@axZ{4P^{TQJhWs*9xsQtH
zJma(W_QE|j;&am|VT4C|hqqU2)Vz;Iqvmcys+E<}yqZVHKz{Ir?^q~Y-HnicV?xZu
zf)03UUh6ZJ6S1HsV!0tL`gNpEN%HYFcv~T|ykgyAW_N@6AQ{vY>B@uL&9ik+H;G^_
z$f)eEGNl=T`qYlscKdEwW$JO3IcLW+Z)eMuP`;Sb9<Jn$smhvV%c|9#wT|GK>3t%s
zrz98jo@Qj`GX%~lo7L(>)vHh0ifm0o{!9H|Rd#MCV7MQzUf)7%TJRTdt?1~9cu)eN
z(P#uFrTxEanK{i4&`-pEpF^)*K@)`@=DchK3Tq3WC|p(3(agSmq#<be)3C<|9IE-B
zX&q<0$6LwQ8&GIxZ7-$58b*#|ngKaFkC9w1GRp3%Ha$~r%K#Fj|KRXf5bV$9UF8m2
zVZheZU-hywgF#u}v+o?4u)!X6W&X(%SY1G3|G+DcQ0=#%xl|^S#t~e2v_Wkdy1Y5N
zxorAHHjJN+2%z>V$X$MsE@ld=*^R84%yE8NsQEdSP-ZY*Kv{dUmV;q>;aYD5qI#pf
zh+4ro`|k7#;X?18qQOdRap5X%rZ*-ttM>}+dt0o}L3oVS?KXVA;l~PC-m%)ikL8DH
zXV%+~<@aB`hfw@2ISt(Ce-+;qWmHkDxaj3KXuMULPztH|!rU-0W71%@?JF?mT~5~l
zRyE8)2ZBAnWLhf;l_qY+KOZ7S9_*Z`dmsJTniZj+MfR6x(G9w*W_+%vskId)oH3Gw
z+QP;i$v@)B9{mSfv6Pyn{zri`vwg32VdiUYfBftkuepg<$MCAOmlQG(?S+|LnG%>u
zeQr&E$)0s`?xB5^<X->Y&U0Y0g4M+pGtXOd952co7~hn3>;wd?j<;yp=gae{&;JVk
zhF(w!p*f+B>+mp@w(%)QZdY3Ar1=}1rsA35!BZ<q39tNy%3eDVM(MoR`)ZlnZa%kX
zR{%w#fB*UzB)O+we0}Ua{P&x8(%X{sUcHN3i!=RWiyJY-dQBi@-I(xNO-t=12jmM7
zgtX!s@p9S_8~cgJ#=7)2Lztowul^FGd#@8Ylj&jp?Y~;R=v$43d7<uxzU@TOr~l}h
z>PR!Y&cD?+c~e7y@8UHtTs>69rZs_I*dz&^zq)zz;`FZ<FJRwHbc@F#speKH-z4ra
z{?>Ngui&w<Sf?FZan~{Q>iJE>Q@7@k>$ae*dg``So!GQ<2Oi1ZSu2a#P*U}#K>IT>
zeoWh(XTj(Lxuf*T&2EG|NBtd9VZmbS;JT<C4GS)!PX^|mdEUt^`u-T=BQ*Kfgr7(m
zQ!!>0>pm!EZDsHs*>!A6=JU3OiE$LJ^;PrF8`tNgqJN%iWi!}}eYm}Yql=@#i(0>^
zZv5U|TaxN0^NZ;uvX%8%L+BSBTE4QHeB7~JA%$dpD-o8C>)P<OdY1BIQ0A@o8a*1_
zF3I*!!7NelrnKsPyV3c=G^50sjVZ&NE6z5^tZ93(>9oIsC(cYxS?05#lt4`Ua_LHf
zPP&#Sa^{>$O_$OZcl5WER=-P={<c>&PkSV?>4)8(U!GeD(`BMbi)1JQ%g{QeJvv8E
zFV8o=m|Um_F8UPdXuh%%L1X{6nnc>IjeJ~p?*{JPN=Lb_JLs2)OQp5v74-W-O26C6
z75uoa-sW5~P?e!%o8HxIRFz?C{llPq51Qj%u!anMa23VDV6>{;rN^csZZ;cJ62bM~
zx<An*BJOEpyf?iwvP_=}XZ7wJwy;8XxV>pCvB0@$bdFN~z#gzjJ?)UA(i{vThRR|#
z6CJ8|Y!`m5Y^MZGs4|_!Oq`vn>)L)-39Fovnv7_YVZTzdi!sC#g)`T@(e&>3!aY7d
zHnzv(KmPHL2>O<!B%zB{AjmxR)yc^i{nzPBUr0Z)4Pm9JSY>7e2T}(t57Ga-dHt$t
z25A541#Ii*Y8)xIbBxYw;dgagA6D~VUkJt(!qch2K-clmQU+IWgwE!!#kR(=j0Wo8
zf;q+5g<Z`X6J`nDDLDx&;Sgo?j-aW8=Gy*T5?4i75UEA}1T#G=^Pvj6B=Hs@+O0D(
zqHAl@Lu4<rYr$Z9g1A6(Lkj|zA;QVm_~um!)f|H@AX5<@oN+dTQw#V<cs<yNq-7TG
zG7orc;yYa!BK8tTw6SkSNV)gwwRRAm@Itu=2J`nISX2K2O7WN-3ck^=k4KMU_04bt
zU=L0C<PZ^@%+VcLj({{oK{chxoyFo@FSgNyw$}CgtjDe)7yI16ElB*UrF~&(1;JQ|
zP?4O~tTeVS3xr~8#lrq<nl?p3y<E#m(>IZ%8n|3vMI_X6tyOrBroomS7p(S;KKlu^
z4<XD-5}N>zT_2ZPAkmyAq5E4-R02>7(P2V)*oU!!ch!(Y6}g!%gn{YR5-Aad^I2eV
zM_d6koW-8fmEOFv7Nlvka&KZ<H4UpLLB_W;-y4tj3~OvjoQ#6etJ_553ctj;H2pEO
z+zp*~I3)0@xn<muP!YlrwGQiJlU_qTI}LU98M5oNx2aEOkBwS%EF$Z-w@!Nx<cLOL
zxKgs{0TXq}xW-9otG4uOa^e?qOF_05%qXF^7sOIP4hX@$fO-Yyno!&eXib2=oB}av
zO;qj$v#$3zE&_d&o04=dm^G<8AX)bU>yyG)B<)^sJyLmWKSR_*OkZ2pM!iTwuJ_f^
z)ZlBmp(T^D=}4O$iQ>@ar6QhV^wKiCp2&l>3@mw8s4`7;W6o&?EX*~VG1Uef$cmfx
zUbbb4@l4ph+Mhx6?Znil50lrYygGXKU+UL=DZX=kzd*mp)xGC%Kr{LV1xA962^}<}
zCq6oXc!P6tue#DyWhziZl8;;<7f91+P=1`aZJXitSa!%P+<ZC`@we%s<P4yvSC>7l
z3AHyn><P6eK3R*xrLibnyHju_;I@U^NyqBgwr$(CwUQN^9d^>OZQHiFV%xT@PI7DS
zbMCEM=Vgrg>aY3q*Lazu=3?eTj@HC`ee5e*^_)Wuf3?C@J1{vpls3a|@t3-jjb=@n
zgGL_@Zb9VT57CD(IGny;5Jj~yPmKG0pR<VU4jjvAuR59i1~88Alk5(IQBDiudW0E0
z4FVa{Boo!b=T*bgVHu%ysh4d!Mh5B!zkI!AI62n_96QMqd31KSol^*Bp2qZb?(RjD
zi^IzEq=!UF1+O-s&^fvyl&+P$nl{(~2PNrhtx44_&lM?$4z?+IrWU@*MCy^Nv<#LR
zt2>#E-bx$uy>w+MEECn24Ad{y&*3fCCZ`~G%ydk-sK%N{UW#0b<JoWl-(<R63XqQ0
zd;ey@hZ7<&iLU``G>!slx&mvcj-tfg;0$sd5FY+)RWlfM@ATXv{l>sT9UfPEanNcW
zULMXBW5Zd+`iV&JM2~NgQGQ=YX8KDj)a^J)5{D620{P_`bkHqWs<xb3Z>^VKQs^%g
zM8VH7T64nSrKk#jmW-HZKL^gLv+ni2gWcF82)`ND+)<W(q6a^joTje{Je%WNiEgk>
zN=~gT%ZXwvW2h?{qlp*zMEHQ};~t9?gSYJ>hG$F(r4arc$%(4Yhz@rDaqp=LBa$|r
za-+k_^upAVXzR=VtEo!RhTg0gVOh^FD`jcm$izHmt{2rk_PYKSwAvaS9ek0rtv1$;
zBV_lp@#w-(>t{OuXf%xX!xbWCyK@|urZ}^^hhbTla*EcIpsd`vess~jJ7LPZszaP^
zFYjGwMola}odkq;$d~uGga50W>+RIn*UU(v(C2;VXK(Z#(YO2URDbQY(3hiQUGMk9
z3sY}*cgJfm;lFn_I!uq_UcasHbp3y*u!p<5nL968mSRkK^3iSB>14hkNntT!EQ5A0
z?k^ptpBk{$esJL66e5WqFRo5pYTtp`Y8}TfB2B$t*D0~X!Sg@cV5hFE04)Y9>r)fY
zu{4@r+kx&CM49GqVnY?_ta$Otp~B5d+{#y=7QCu#%%R+;bQ|%cjBuey2wc2kD8_5c
zMWTYm0YI24Ucq7rb+aIID0MT5tlfXv6og#NDPDd>EIUPQ$53w_AKA!(UMbw{U(C(1
zas0+E<JrH+&`X8_Morfe!~vrW<+#*>43PVAG059Cf@m@*A=`}G3l`I^bph$ABRhZp
zE1nuy9zI`5P^d;OE$UM72Au>ExP!RdjuclfTa`ebxz6~zYJ0g|HKN+NZ8#~Kd&oeG
zb464yu2;|BmA;?rqPKdg1cd`aPoFV=N8Cx#&bMwPPwmh^5t8@=QHEQNi$%Y>zf7Fc
zF;pT`dw$?gz@=f<TvCNO4hnFi1K`s8PB2+sHI2W=kA+X=LTbbI%j3N=gn><!lGtK6
zinS2^hZzF}P>#H9fEM@fa;o+S?TgH3ymXkPnVKmqMN?b0q8*Xt73olBif2m4{lvFl
z)zi+<w)+$ykGN=`Ix-e-cGF5XSK|Q9$S3@`3)$Icd#1FAn>T<fT4wBQ1<o8oE?6;U
zF0er~l2PS{4ei8=(Q{kK-MDO5#(a6+VF_9Ck}ASdIL8oJPkM|ST>xH++mjSV$t#(1
zl_!pns%b2yHYpK8<h_XSH}$Jo`TjV~nnk8t(%0Zuo92GA%l5?-b|qXb0n_j(En7dl
zgGwMsch{<vgfCV!0U4J6vCCR#`k$ceA2j{~DLT<bO`*~3QE1y2tj)N%Fs9Kc*`><r
z%HR3nSqTm4XVI<HtP&4Zn*=wcH3ZBP6c^hl`fS|*wa<y9t!b7gw4G09q#&Aw2n9>Y
zEI`1-mC~zez)^tH0C5&XTU@nK`CCDsPBVP-YN}nl8cIm|ipP4DD^e`kSD$_@_QFkT
zcrx{X*`rq0CQ3?1&vhNoS;Ag0gQB5(ALSX`rEpOdi$W$TZ%s`)N@dGdx#%<Xc_k6j
z9Fdj$ci=V^xg_QibF0BncWc-7I_sv>vOVPN%lr*IN1s#4ScDOg%Tl2xvU$U%MCEDP
zGwAr-RdAQ0R78-D(rF3wJVb6cUuTo$9R8JYcZigYhP*B$egI&R@mP?ww-kM5nhlbd
z|L65wx)^91U?DJzLdX=2<j6IpBwXyiWY*!dA(;CR8oysCnt<{I>XBf0jiDz&X7(C;
z4i334<;MQK=fPmB|NZn28m9qoY3Q7+AfYhm@PQ28*TuBy;7Z3)5(7(sx1o~@0ZZO9
zWzE{&Ct_M!kV)kETE6b!sdwjEjpyVJ(fRptVaf)wH%(7N44>r=)7O`1<CSC`c-ir`
z?7dO4#dWuC<9b&?^@C%>QD@fAty!{T_Gr-(gGL6Wmr8UtNm_lr6b`nV7-wpG<Qge^
zNbpV3wEJ;bKp7hk0@Y84ERNe?R@m=RN`#c`{f||9#Y1gOxqU_a7=*>)y<3tdFxQS2
z$n`v;i}?8mcYbMP?*sKW@_|)rq4DY7>|&U;wu9`1!$gyXc04rxOykwV)3iL@XBvKr
zXR4={TX+vgUds&yNgM0_36GI6?vAAU)9_LWUwvdd?H)0F*>aJmtVQs$UbWyG*u+b1
zxOlGO+n3#Y&hn)*<8a=&AFfMRpX<0Z6gg}nde)z2ZA|21V!`&wU(BY-JFFjpGt@4N
z0eVa?=xPoE>mo?+heyOTjqo8<={pPS;-~i*kNksd;=4jIs<cnv1(}&xyD~J|Z4|W%
zKCO?flhhpICLf*FFb1{92+bbI=H-Uq@zL*2&*8>(yo?JD@^y1Tc^f<m*EQDDXpD~z
zRnKZoD5WFbDxSbpx1|wBW$zIudaAUoRfE7@6Pn+mPSnCMj$l>#7<h64(RRJO$nN`C
zz{4_3#!JN=!GO=ALXaDci+AIbDT3kC`H5C{!}iR~?>?{BaQ&Ke0b45f^^nRXr%<vn
z8-Z`z?@*~1PM!YxhZ~B)Yrlb$Y#2JB?Vwdomx&0#)<58uoUopA4pur7j9qo}KIRwn
z!>8S*a;EFlS|!zSlZA(bMvwK_al~2nK`@TmX$76g1iWW)-4bJjh6F~bbGHlWPo<dN
zulot(((EOBUXupo>!yVS1&n7gN!RtWM1f|LmPLELD~N7*2AtE>Z3Nd;J;K$QvaW}m
z_SNjQ<2`<7p-r!tH^s&g@588-#{O<*0PFCIOW)s-rDP()(SOeiy+F-Z`;G+L^~fRz
z=rTu153>??A5|%J&F32Ddhehu(2;?Zh2Be<_}Ntb^=M|yk4`n9Er_hnjP0Enn0STX
zSevgKKZSn+6Xxs5a=QVO#&<jlv`rq~Wb$ZNLKW5r7j|`b&Na>0&N_VJKY$5iNFVLL
z+=r<vCdt!MbYjnsoM3>lK$J2gyrfSjW?X2p@Uu$hIZw5JZxuQP$lsWcu2ybaam=)J
zsEFJRfB>2lOBgHcxADyY^w3fhyudfw8+4BKOV?Tl&8)Jc8NBB`LZ8x{yYR=}Zw1c1
zZBQf?UNc8F3sM+#n3WIe0?E%Zhu`0dwTvpHFlI;x@-ZrM0(hNUhGm+%uB-%_5%kVS
zBMJTCFJpXn?)%7TSn!jQ?@)j7YC#&^e0AgEpwVrOLEZj)Xd1f`Utjrnc73NKf_K>;
z+fW~XqQA*{xwrh*9`t}__aNumO~~4CBDVv@FlTI$54Z*{I+!VI4M~+j9T1V3V}_e#
z&5S|qOi7{=jIJ_CTitfnJ8Ks+$-VeRxH$Hb^y+I6UIBf?k9V3FX0~ui61@O;gy17S
zqr0HVJAtEM<~R%~rOVtLOT+fVulwz3Rs&&YvG&Y{qe)rYFlN@$O`K!NLxN;$ME&3T
zHTqv<a#1g=D_zf04iP#JaEm*ZvN11Qx1|b4l6psdW{w?Z3BO4A-j6_W!OvU_Tq!-@
zQIr!C4__=lj|E12&2X6V{H6SdS%smDOhYU{qjml+Pb;a=xN3b~uD^TE18U^-j(^s+
zDB0+*1sZO8Tun)>h7g$9^L}AiD=ZE0)M~<OrtSXF!js}fMI98l!8+S=hlhoRRBzml
z>U-~D4s5i1`-=r^RX7E+u<*$rbMoeE0Xd~9Gb9dJ7&?;joLZ6bQ*le+<mw=K4m#$v
zh71G>vrI9Q7p70UzoY?w<gl&~AOt$pLKq=)Pz8(ozxAF*-i?jDdJ+^VX?YVT_6<z;
z!<aK)2FS}l3(BcT;sjWUu41xDN_96_t6r$xx!_cnrnTf>!7TFD-q<_TD#t(?B1;6Z
z>|OkRkKhkZ&lY6Zmy5HRJPN+jx7uM%oy7$?W#B%8p<#$0XUQ1lXK_o+@tQhFtHM;I
zgv32LjszfBtT$P6lR;aW$rR|wu2wcR&_4c56t|+}9%Jr&Xxx>~RuqaW(+fyn)ZdwM
z{X4w<qeum|LciI-UK-kfZ)oYLpfbu>W)^(MiiSei!v=OEm>h&=L2G7dg>!DGe5N??
z8rbKB_JbGYp9navbCOfm@>r0|4fYiNiSBIw-XEkyYlkA)-Q0}Sj5LuSG?C$NOt9lW
zZ5I?qlXoXkY1*mML2q|~--$pRLKhZ3QrpMDXcpCf;*?Uj`*R-0egtkg2aK~<+1;qR
zo*diDg7)^I*55qNTyldrI>MbDny2WS`Q+8IzRZj`*@{FC3maO8pZF%hT-fRlmsEaE
zUO|R;c-?i`_*X7dlr22!KkEE4=7zQqzO8Tpin3|2?Q<T{@VxNmU3MNV(ZK>=`8jBq
z&hJ~Ng@JB2ho|2U$0f2GYp0jr563|DiGSrtL>6nu7QIvX92QNVoD$kfPp-XT=#f?O
z2#H?<G*^Jf2s*uxp|9cbc0rUp_16HQ?VdKA!rZ3C-yi!R=_p3=N;pWNrd<K!Y`f88
z^&%+h_Evj6F+IF$zeFA&n|~gxWS~WQN>C*Ka0M$it%wC1sgGnpogRgwIDFL_78}f*
z$Ug7z2c(}A)-ZUzDGP}xlm5I!Jk2BwQ_;3AbQ=Jy^fXu8vC{!Q&|vN}<41xs=~_<1
z9lvox5&d4IeN&a-MvucDb^@fim%+?zy@g!opsX`LS*yA^fqN*(eLJHGu2r`>>~tl5
z{>Hm!`!|aQrFW(HJH3O^W|g%BVLpA83%R%_ToFf!NhhA>!|csG&EacOctSpI*PQNb
z(zKzegUZm;S-OX{!SlrU{B$RF%~N?@8cJ{CqZ0tbp^{i)fyKU*CBjMKPRL&BurR4T
zmd<GhP<kM@(fXKU3&PPTvx``iqPIw7eZHf(^uPeeG|+HgKz(J|de9sag^|8ZjEfDG
zW<O|=O#tH<15vjGvqRhoQ#e7N#dt2fO<|8t_j0c3*hHb!=j`xLh5yK%^-&yB5J?uA
zsP)6iqUo4VLqI17Lr|t<NaW!Pv@kF6Z1Q_G`v(azm?%+`5_+m<C<)0P06;-<6k^E6
zxwt9er@;(bQZ=&Z`iByV?%^?I!9QpVb?)NF#V0$&s`XFW{QmUepFO86cOo3ykySLo
zq}^G*!bd@LViao0Hn}I-*!!icLLKMrxzNYsB9NlKK^;V#x-vqX`U`;-!ZmIJy4@#k
z0=i*A0IL08Vm=RxGf$XKX>i8J0ZHb{9uzrUQs!$!M%yy_5Gao3Dp7!kmyXJqbd@?D
z@QClM)$dZqJe9XE`Go(APk`+3q!BdUc_#?IlPJ2GSXrT|cgbmJmj2~o`a>I9On?$k
zL>|0@oA3L2pjCHLm1o4`P`NiQ6-`9HNIdGoE8<OAP2^7aTGgO{Q``UI{@-9FrH9#X
zwB2s7o{OsQjH#>Tb0V|W*dc2!<Hq<Pp-Dp_;PN{RtWf+1<_P@<o2>C)6WcJ8g!-vG
z(aE_P?83BtN(85XowdP8atNksw059b1#L>ef)?6R#c6!*!d6ck&u`rORPQ-65uF)G
zY==7}tlMEtc;>1x>0cI~41pF|H2saq`w^0uEa<b(E8xpLCwkL?a^|IEnh24hWg>eo
zhvS2SdMb!f<rTDWs>MdhKj<)h!<Zj&F~r{wo*Ag1Vrs^U8B%{t>70X>#C%))2F+h_
zKWcAbs+<Y@Y18d4cE|=+^uAW_pv&uMH62UG^bF7cq76NgWcNLnK68vXTi@Z!Xi66!
z72B++JGlMQYnzX%_|1Yt<)Z>nmTJi;*CkY7739%1M$~Skqc|;6)|W;jcOyTu4U%9j
zjUcZ;K7=`OO>%UvEw-FK^o;jobV-O}mXiV=E7&hE0F&~cS0F?IdiFYMZM$$5&41Eq
z)rC&V+0)l0|IuU?Gg2>jH#bfB{?eV^Orz5GLQ9VRftz6AQ$FWOp!1o}+{29}fU%xW
zQYE7%L(<d-CM}}tIKVZm_~w>unSQqTuqVH-c$FBKrkcX4{?;U~SfP*r@0x*<j~TZ{
zCTna*PE4Kx)XsQyO?zO7p8TihKUI7$d|=cm`<aADaZ#cO@-z}k6Ya3_h$urcU_Xs7
z<*<sAVF*jgK~jsB@L!qqZ>jAd?K7_X`KbYQ^+_>(Ez>Adu{lwL0j;$Uv)vlBhPtH^
z>DB$bPP-q2CBBDF$Dflt<4RO|F{jChB4E5Rg<^xzI?BU_D+Fngavbg&vEAZ(WY@|_
zLjW?9bG;uX$v{7DbQpp93&PNOeM`N2-}V&wK65mORVOw4<1!y2AxfvIP__gI?h$CG
z@89}}?Df$hA1Wsc8)#0BsXtiwWcY(`WQOy3izPD?YJ!of@vby^WO>O9rMV<{=}alC
zXCn~1_A#XKw)DGtVPSb>lCb4V#=j?;$RS0zt-#4#omRQ?dbHsPhOegwX~4%ZK+Bu;
zL_4w$?9106o}v`lxJ7(*=&9phPGGUP+3flD?FeU&H3OtEHd|>XT0Rqj%*bd;%~%*I
z#cji?#hdmBuqATMlr28WiBnaap8Bu2dEA61WL3&i^EjKO(G)BO^&nb;Oj93iJ;tJN
z;{LvIs%Ux^AU?xplk#`fm^m)rEdGTWJ7QXXe=``HBo=pir;$Q!M2k6qJaQO3a@??F
zr^TZrlp6~*ofP7#MdKN>l}~4^0=tLNHPaWKEp>W4m}SyDa=6v>{v(aUr=Sy41Tde<
zh+)8vYz<&kuiG+KL{wy#DXac+;#!sdIMakjh!cptJc}C*%Xjg)f$Nus^Nn^+;6J|q
z<oCOJ)XPQf5z>9M`_zN?Y8G1I&;Lcm=E^{6XdBj{vawZ+%VxLqk7%#}rAzEa$<ne{
zYPx09FPGE6^WzG3D>EL0P|MG@TXIiszn8EY3*fs>wwgA>yTjUX%2tP&NhGh3`pz_5
z#E!z#rx_sn{m`5Hd2M7)?n0l$FDnlB?VwJP7fwp%+%*(wyWxOOL`3v`S6Tb`o%8Rm
z^5FgZ++R@O>;BM#%E<3&>29Ia$p7haVu!%r$>)A)VJH7!i+)ZBuDtGb>yBl5lyAo+
zzc+IjKlS?~JZeU6u%qu60HDuAj?y9tv${r?g`Li;qu=!9?$7`Ae)hV`A!p|eObUA(
zZJ{i-<y34V)<3W9vKs7~ku03ENdEPTGr&V}gKmQCZ^#J{c)N^gc*NnQE835=@pd37
zMp=BD$+D8$F`EEVK&`*T=2F3UHl+ehB%`oopl~jCIjGLkQ-J^JRN5hmRZ;{|<*s4M
zEz1&P7#_|b(=}YOT|`P%(peeYSY(Kw!A?Rj-CLA>lKh-kK&NB<d(3d$D^+G5y2k|M
zqm6MkSVd5sn(B3UJAk)d%I2qom|k8sw%pHxr@q*H?QyK5FmEIsG<`aniK79%R#i-w
zrUy@u&eln~pIj>;6qzYvnj7=Y!18r>{JT3-I5@#z+|-YCtCb^{9*~e-LpUedjY<<0
ztD`QwY=+047S{e+tVvpSZ0s+~uxAnQo~U2Y&8gl3W5605k4h0UH~+R{d$L|i*0JZ5
z1hvu`q|)4)!QS@Y;S_$;o1}iyvsH~|SXUN<_3JbJ9c;h}BYvkVGv@FtnHIMh8jYg$
zprQ-i3{h-L__%JC{$V3aNZfS-!9M*LZF{Mb>-X`IWM^LCMP%m2eD(rmdAe_{&S@pt
zEFKicx2+LEKh}@LI`)&K@{CHKC2ci%Om&$!v#=oNDS#_f5FF`3lsLO&Dnj-i<k+;M
z6vm?g;h$|Qo_Rbx4+uBh&iC66x;50^m<QGXPR8yaCAt1qr+_JQRzaw?34^1-4n$dD
zA2INrYJ)~q4n*MW`ZCG1Qu!D<`!us>dix<=^iO2~uO4Z^9C}k&LQJ#X(6Z$QWsP(m
z_{$cGio!vZFLv<|HJ^9^kH4@_1x(}Pk_6kihC41|9q|$`-^2o-m}Zgfapz;C_xk4B
zhyQ(n$)8)B&`0g-BmeoP>G|gO)lTGkulc9P@7t;V8!isIH}G3rz2&g3h1H*U3(bd+
z=1ee|<!@}R4QGqa^z4+~P8h&#X^JM~Ih>zsMHyPhPc|RV(Z22Uj4&jPi4+~#08qe<
zd#cC+^?B5*D=1I<&P=CQIp)ay9uw;&f7gX<{Hj-f655<m)+yelB>W+M8>ldODH*jX
z>DnS$b$f~DRToR8UuHy9XAHe#8%5-ZRlvDPVVt6+<Dg5??`mj^j&yBDScMV)sDwtE
zUmNv7jzwp52@yVvXa%xo7fbPXXZBz72z|Z1Wv&StWUXp?KN}6BlBz-f^@rE_&vqXY
zesgelTR-G`d)D_d5hKYOlfU5?b0Coq+uSc#=n9Yo-Qa*XMA<S8LYJP+q<LX%|L0+F
znEr>r?VuAB@=iu_FJzJreBDk8EKvdkDh8RD^NM=oG_=|Q4rooowLrs_PyryNR7oS!
zUW0z_BuXUN*<UAD*BSu(rv=4qz7h?IvNF!29p(~KujjdC&JpRb4N9jFu~k(q;@fjC
zkjZYl?%>~7wWW3ujT#xF<naSXqQOVnecv^EtX^)clN?o+Oa>~LfrW_0?xd@bPM`><
z<2qWwFmVA~J_bM9iU`FxcP6ANv`|(VK=SYmSLk`fS;+{ywxhd1UzkCKI=3rP4p_Dm
zl7vlqPaaUy89`=P)}>t1s#iM{52+GJSz_%O#|_<go#HxDM11PKbH#%|^jGM{vT%Q!
zOdY4yYtq7lux<JGaL3MeEZd<NURmf}8DQzVus(otNVjn3@At{!;p=N8)5<>~rEl(6
z|Lu`i&woO8X)jjq{+e3%`TvBtfP_qlhZx^V53x31xyc-^ul|Pv9aOYCN)N*?2Om~7
z#gFysde#C03EF6M{Dx}1P$$#7n>bl~Ib@zp(*)kpcEap#XUNFB!K$=q)eF@Tn}~SM
zRU0F&V%}>VWzBCn8Ov5B0ru@^@8j(}@l925K{a;Xub9OJK-%ta(|?b#fQ2$brB~m`
zl=D{P^Y$hiz36tad>1QgOiQP)IziZ3Fp`$4<&|E!kA3Offy!&bfiHTkSka>z<xxZr
z-S^RPF8K%X1XB9`6&2JqN~u-$<l6xQd#P2Hgz!F|0LS6`^PfUiu1wZj#DzT$hv|dC
z87?B<IJp|`y8b`M-hJmk4vx2vpu+2x7c=(WFG+3Ep;|s#%9D*d2$tl~mixS}P|XRc
zlr?4w>x<h+;hY3?acZI?93}9^Lt6Sau8eGTsz=H(Pz@N!d-62pd8(CJs-><{E+??W
z4Gc6jBNG@Obc+#vS-xfKhzE?)uWGgDhqx=y^rZ`iok$^G+Qr@HKHLg=E5qHhEWT>5
zod&^7Qi{pPFZ4wEP`7!!U$4)XoAn<tPpsD1+=i{*e~;zxbzh>8^NgqpLfBptbPW$@
zYYWVr1!$ZY_x5{7Q?!?3Gc@Qp*%|ZaurTLbJv$ilXYY8CgVdx+MYTV2%3?Cdh218x
z%ch0h)-@l;)UxYrVVo}*ddV(%uB<6qoC)7WeEA^z%OU?Hh5R^#sKPeJe8Or(+LyPp
z{z}NTgA_8L`@ZGx#DKJLubeZHl%};?@YTKG(L*&|AZ*PftW|Yno~M9~Pf%nvRprJD
zh^?)@DQ5HH38aKRy(^sE-*)AW2zlJkCBnGc;@OH`uf_KIz;5D<m<G+RI$nI)uj7hn
zeJrShPl@$DG~*dGCuBw+K5LwMtm=5Nby2Bh(2&-^gQzb~d)mByO+(Ju)wE$k))UVr
zs$*jVn!fQDqKZOKOQcanRTEkkBb^3am4bhGZ`hT-B+qlv9B?N~d8xjCN3-%$jIoZ5
z&YipqJ@8y36~(TS<(U85%P3Mm)x#ZG%D7P{(5s9P2MHT_ZSb~^`fRfs`MqBgpdy_f
zmkORlMPhB&jRJW(&wnRP@}$<J(sIM)-DCZWW=p!IFZ?QzD^bpON=e6R)tAB9o&|6$
z@iA5v@TPlRC(&#zcVlC5TAAqhR{>9sebg+c>fgY*<lF|}1SYLmJ!<ez(sJXRbyK&d
zKu>Ndpck3*=%<%i`UA8qo<%noc#M?KG?#)&C<8QM@o}IN^<%?Vij@yQ)a!wtO(CAR
zPPza#-Fc3oPlc0gzLfe!E~R{CWL1wsHWh)%G7#c7@*?@P{7-_CA8-lc1nUVFUOKoK
z%b1#aKRO;+oK8}GJ}esd9D>p>@Wil>jJ9L4E^6buPQljdj#`|f5$`QE5r(c3w|I3Z
zD+Kr)2Q8Fy$juV1c-5ykX|H8x*PJtyYg{C^(*y0<(YIo=q(pbF1^6PnS!nOG!XW+*
zl1SkAJANP8Wn6_M_nnhJGks(EviQ9>`*X5<z5?8>gK7$MI>?InP!{>`eP83%Z)eF)
z_N0!rr?EC20ND9Aby>X#f{>nFhJ;p6EW1xke`CR#!X&`k!ji$e!m6P?Q9g`JEno}}
zT_~=hb3RDU+okzd0!t;94Um?iC_PvmgsBmG=#n*~rHUz$^34M#tY7~`H$4dAsRg(6
zoH{;Z##Ip7^iU!%>nN=cu*s*pCLj;>b*q6>eStVfi!rP_po<cU4xkt|iM}`b6>+__
z1DlDfl+F*`o>H<cUGi5G-mslvIHD$Gi^F&?K<kDX(SOS7aeia{N#E7S7yw3R;x{*>
zXu8n(`!^&;Cy|dBubkIMb6pcaY!sOTo`l1ejkN<YSUBe1cM=<Hstk9&*EVE2%F~05
zOl)-a?S9W?2Lh+;ffbaTNnM4i!F(+`5(<Mw;A?r_)HMb>HKHBJ%c^^bTg~^Ewrx!M
zZK%bWdH6sm;pN-q<nor(J!I_8aQbDR2^oejHMo{S(P|k#W9A@BBS3rA7(Wz%H=#RY
z@Z8DMiWWzE29LL!r?X2OXD%a|ze(crki?o{p$$CV3};||Q78o#i{#vJW!Dc>=${kw
z)yvhp>W?4$^?01>|8QdU?06RB?VdlMhLpK^z}xqbL8FNvf~;d!5iwMPYQ-Rf;-4yH
z*%3&fszW}H8@Go;zw~M=`^cFKYtJ61B?PvWlV_Vf7=}C&oH4RSZ<Kp3HIex`_!Q|y
z+p#_7)#g+Nc)>bg(&uI+`?Y1aTmUXc0{7)yI7+}sZ=lQW&2vGKf#E$f<}UGAvOmH*
zO7@{Fq)2r>YPjf&J0;nYvDHK7R+~~>e`O*BY>mf@oh9XLk+Gc-h;=~!;3lZxx=`6F
z1=!lotftk}3%rBux2t(;jGhkMs{H(m%(#3jxvupE;!1Zgf3FuMx_uiif6q73oTEuT
z!*P6FVSefs3sB9CU1Np<5lmvmRu9}ixPk=S{Vw7Is||8SF)&vhV9$-DXzy1uA;%y2
z!$=2svSH;6fZgFT|MuR8TQVV!koVar8F1Jg(gQP#wV~DEsDvd~*GN6+Kv58l?;=A|
zja#@E!P}=aP6G9|FlB#Gu?@%yM6D0^2T*LM%TPS~79z0VPS&RGGD7)blDr*cd-YJo
zBMBv$h-BI4)=+iOJc?rln3%SXGf~qypm!FPetvWIbH1~-581l%NSMV}9+}9OiSG?G
zXITua^1h6Da!NYH($BVLt9b40cXxF@TUb={V0Bg**_U|XVg5Rz;$3-cP!6Wy|70A4
zlev)*sJe`ZRD4kK<OuB5^Ew@{E+6%fizYCG5)BLI{oTrr*q!U^bYEIK+a3+Z4t)ko
zad5mLJq5`Gd^oPL?IN6GYq4VDttyZ5x)Cf*S#=45AI8$2gFr$qEw7rH)9g!62(_Os
zVwS6yo_nESVluDQvkX?WNYZe!_CHDN7C7^0Ro1y^^iZm|Lisq3);(+vA#(VdrgC7<
zY6S%Yf@baW_>iQmK_qUlNn(@QC)lPS>tDZE0AiD?$ZRc84q-TWrl62CmL2T>SUm~Q
zHVo&XmvtzrI%>yj5<BTnG#%UzDCP$r0ZC#r2bh{6YzX_az+2L3GxJ;t&x)`zlK{DZ
zpFa_c7Dzw>AlFnykG7129r<##XBW;wBn*18h7T`QPgSA7MSQl$W%D0BORJhwoPRrC
zX->{GLb??T8)|>c>u;o$g|IMSDyZ007!22AFO+<qMc7!GDC%%Iurcz~Mc~p0yi9yy
znTt|l^D-z<f#<;CV5J-=Mp|9hC)+PhNt(}VC+=UbL}r#~fVN(ssbTa|zRNV2uLri%
z!e&xXI|$JD7V1h$n6s;`D{RSl($)n~TsszB*jfyk!WC$Z4V?vpe4s$c_dG-DOaHMT
zpPFcr!-dYp0RHM2lEX$pL6&uNtov}^r_)(4pJdqXA4tw{^O<zBnhTq<D4VqgFC`u-
zr)d!H)trz*Xqmc+q6&2Z<r+WtZO1u+IqO9Vx3KQ;A(lmq3AhJ{>k34S4T%2sog17B
z=V*=)*Da4wNoMXtXp%01NNrTZy)9+g8W=l6%s6axx0`2W)5&E>MyCj-{2@N99^a?S
zgJ$JzbZa9Ugqs5stnnqc;*VN3YRd1WnlC)e*4WnUve8<qnIvChv<KsmxyXm?TK&aD
z^-o#}X-KBqx(uJnbHDzw_wRxnfPwJs>gES=TPj_B<6M_%-yVWzFoah04`bhrGdiqf
z)!zo+s?Vmws`o*nk7~&Sv#c7aWB~lP*$W%ds9*E0P{I!1(^L)wo{Y%T4YYEn4tCtn
zS@32bhC*VgYE#AAHSGCGJTjmoueqd$R^(50Z`aF?$QZl0m81tw^)%x<%&fJltn2U3
zjYL>XfA9Sg1&RSH>o|b<`;|mQz7<Q*b{l1eumv$DAik1fbH~bVM@^A@Lygi_!9fjr
z7N?u4>MXGKrnb1XrpQ^>W_5WQN+()&MO9-HQ}C>>NAoa*rYjGAePB2f6&8gIPd?#n
z1jVBH6asGnI(dUYa8LZ<ujamar^?S3ado?hvgyOv_a{gzGe*JbB31hiESxTb4S4S2
z_mHN`zZ(UJTt$fcg?4kX@79-|v6F6eT;*2<iAv^)<JYuY!g(9uf3$*39<&u)*&o{=
z$h92WY(_RD7pi?A!MvJVCW)hK1g=w~SuWzj@E*P^QMfK+(HN%q(xnnN)@dJ;CgJ!f
zaK`1^edrZFBp1%Kkrf(IS9-h5NvK8N1Gu+!SNv`&3|EmRG-~l*S1NpV;70K>@nXau
zf_S{lBC|?cHDIjEf*&;=tcoCjs12r-n(%beFV7LB4jafZJfG^w$UM9od>+@49!ecA
zgUWxfNnO<hbV@#t3?+dZ*iEnsoEvq?BUcG=qtRzlGDP?sr``{H75Yge7c5x7Ck!<6
zYuscDj(7~xI1w-%<Yk8Fo%NFCYaU{v(%R|HeYx&d`(}Ty6W7V6iQZGOYtDjp#$Za1
zJ!F$=wsdK~Nn{V$u|G6{!p>Bi=()gRqvukttB&xLWicy*Sn7{>yv~p<xJ1W`l_g)A
zr#Xc@X=b|;mQUwQ$a+ExD<spILtn9|kE~;9r<={E@}D&wMd?H$C62p@Uj_|gj}dgA
zLRh-%FAkxC6E2E}bTzwY)m$U;3|=<2iqVo*Kx*nZ&R5Cy$qD6iH#bV$d5VSi*sZ^+
z8VQ(PjYDkHl6mxR(b~rwh_67sC$4iot?wlN3A_bnHQ`p>a5n$^`C_3WY6fGnx^0xI
zQTp9`J!BR#>J``N)`}M$b6{o&pwM}PtI;Ls7#g8Jm1wzCR?cx``FDJ>?VlVb#~PMz
zfA-%{<nKmF0NO+BY*Lvu`ip_@cf93oL+F}4)$m7}&4Z}boCAb-gftmwWkG|3l+aU?
zX^MJ~gN>c1vs8)_5*}BPoNdbK7=^c~_RM-Q{TsTOjX*%J08TB-D$*)g3!cgK`73~E
zAuj^U?$g=MimXzuW!d!JNv73(3}ybx?#Ya1YhSi(sWBGCw%YBn9&*DygM)T~>2Ul;
z@yDAj!9O_DYB53)-3g0qhk$IJYKlzhVaObmkBOU*yG)!he0Yjj)cApKymB6(egr9*
zXiTbS{M9br$jHcu|G#s(&t5A3f9Gvqy(3gceov2QT2#G!Z}*k8F}Z@D@0F!SU)QgP
zvHyATIQ4|yL5dNjrT6pjiDJ8-e$hX@8388!&uTKar0>@Oj>dzjsx+ys?i=@Bq;7Fe
zJYclCcZ(>t*N<0Fu)!~`#X>S%I@Z?6d>nWX1V2#xHJ-^a`C-eB>#O<3olBCXcCUy6
zRWSH^z0?2Z<$u3MV1CBtswq8;wK7z+mTMF8!+F_ay0qYo3>ZaMh==2B)u|2?j{*io
zbJ*mdv&)75*u7qO897Kyyc@F^WfmXTSv$MOF@;>U@85~Sov<`Gv&i7Ss1;MZV_W=+
zYc5;YvF6E+R8_^#Pw5WsP3vw8meIeE>8r&_KL1$i?aEt*&9n&a({VWuVVG=J=2+N+
z2}dnTA&NwZ1li=Sy{AzAMMDV7IO0ug3SqT|>6^W{kFppJOy1Fk=PGOSlqKgFhQ5!Y
zG!OjTp|H@>p2{UTFw=W$<Vm|Yj=jk8QV&(*-Cv&W1bcLq#JyFmlHOqTt7sn#mQW#=
z9?%hGvu0&47w3UuBFAd3I(gqm*9^wbEX93jtN2cWhqFr7(3y0@tN(qq&HsaD&m4*B
z|F;xv=8i*+x1QH}Sm8gAV*qHWs&}H4x{u-QE3)y5&5ZGD_#vD5J>bb)vC6)fTVV%W
z8K5k^qT6Z^qeb_7logwA%y8^o=D<KgvjZM;DQr)Y#Y;@r;N*pYA$FhfVtNvQaELi0
z5y;AZ7hqV*ZUT-*OdEwyJvFw*1X-S%t130)p^EIajQjuTnIP0GO8WXqKR5T*W%HYm
z*6_nZPaxP~>r)0YSc=yzvF2TUom}+t+XbVRwnBYt(`zcoX7MD~(68aDX&B9MCTM}y
zOOE>TnCfE<Pi(3_QPY3+|N0B9q_Pnd%7skd2AWxDCrAnX=w5Ix;^Mr9IiIwC+T#eG
zXGy4eVD0DT+!<=0BtXoL<LN2wnyfK8!da4T5TzyUc(yi_7nUzuTwibbpRVllt3<C%
zi)VnI0Ox*X6J%fMI1E&j(2JffvFp04qg$m82hXYzCZPug*H3sr^Dl-Q<M^LiCs>k#
z6*H9R6PIB`qDkDa_*g0~G&S#zu@ADHRmiR_-!_c8FeX_&*eh}d&rZ2gJncX@H{<Z8
zh~xZ~Zl*^R7@3C{jIxxu)5Tf>Z=g*`w9E-AOEQjvB-aD?9FN*ruWN61Yx==KLjFXf
zUGb|GCxQ?+@Ol}HFK$je-K&d%_~KV4kIg^|Y~TV#+R#;rrlc-~45z?sqhDGpp(^96
zfC89_cKhf(S;!L?x1cs&Ng8n3V;(#aCSS;M3Kb`JYCQ@yTQZF@p|jkW!Af0%T{BMT
zf_W_zpSj0#V%lri-WzGkz|-`S9dI&W6az8FtteGP^Pb3v=PJ%}o5z8%s*}YuWmjze
z#Qat|f{LwZ6&T7_(`r7XbA0EUoH~OZOBh`x0IV|O#bFa1_jKke#^G7DH5c@LE3157
z3IX%=gp1IMB&u0c^Y75@qB=Rtf#9KIU>(gkl&1}_s%%`0jfyHgY;qyBN#x;T!51Hh
zJVHHBoI8(37y_Pj4Qk`N8yq9s(@T3HO{Ztx52mt#CUTj!<BM*wstjs*Ere0z#3w`L
z!CW7p1?<jVP|pqOp;W^$k~wFaHmOt}{Iww6D7U%SS^I9072tx)Sos0d?c^|-fB!IT
ztJ&+1W}z&e!3itps3o};b5acM(f&~{fK07ecgfY7IK_TnC_#SD%EL(;DhBGqf3`!5
zTDVaBLLo@3H@V<Whi+MrHx~&5w<<&^tu@gXfHB^YSs<*_ycVFZ{h(!RCQM@rjwmzp
zaSTK48HF!alBo4;SiF=prn~CQI3N1$Prh%rS8TsXDi?58+{c`orr@(*g!oB<XA9S9
z9%<;chnnO_5;n>6Gp%yE<XbIpBNh6{$xC?p%=UU(XM$lD%Enl+RgC=<$*utnh$9Kx
z9s?T@CNYFW{8yS28EIJx>$fCY1$|5bpy`*i>{3pU9OwRTi@)G(iv3*}IoPIM|2Tby
z;4#b?#tM&-GshA(lA?=@mPg9_>u8^Y!-h=+Qux8uCM^qc*X|7{n?S)-zf;e_6Eoyu
z978!r%wUn9v;0{o3ppxWEiQ`qsNgNpAyGI0ncyt)@x<NniYO=wQ*+R0lVS3XoB##p
zTL=M(pAwAxw8-E~_}%xmQ(>^N)-g+>Q$5(_gcrf5n~p>3zrt+lHA1I$X&$S=yDq`*
zCDb7iI`h6lQIJNgV>C2Z2ojb~h&92>c)^?A^PHuqSFGDKf5oW;81&<IRstv{D=9KA
z^^Q`Lv_>LRVAE$N?*w4{dMxu>OoICdlga6n4_ri&#+oB2n@2NNEW{xW*1i7FlkJ)o
zZfXM2XXYnYcN>N=O=~1=_j_<y&OWZk47u{8riISiWs!q&#4s;Mh<~p6Y>GhPn&tgh
zmRUxH|01xD3R}hn48)F9-FKsVvtd>lf|_!pvYnQ^j^8({^{oDO7C;iEUU<Nl@MOjj
zGiRc>vhwl>BAM7Q06)&KRQT`~Fz8Csq|Fl_1%dAC7F#hqH?KqK*<R`NR}9(kh$9kP
z1dEuk>O{+Q#)Ej6;v`kL$G{G1J?^5Atc+E{U-BnMvXx0t(JBX{I^M(^Ppdjq5OUPt
zyd+1HZ=y3vtVg2_Ih;<N7hraqeO4m2hS9JFyv#PKa^<4~O(dwdLSAS|+V8%ehdInE
z75h1q6`N9Fbp_+Ef}IYkS(ZIsdLNIY9WA3g*NbyWA=n+4x;3HDV2OrCA6@L0g(<4b
z6a&F->s3mu<9dIMd&l*Uo+gbB(DWBo;~&{X(pvdXaB>+gPJT3jZHh2fVvm`cn!jT2
zfGU&!68yupN8s)DN8s(YK;Zq%Td1A%o;`!k_M1J^1NC+&3cYeb;gsS3ML5Lyi-6vq
zCj!*~hzo$iv5X7wQS!rQo%O!68Iq^!nk#ezSoE<HX={E%LiQc=Z&AZio|IETgRo1{
zq-CAgt{K!8UbKHUY~zMwf$sgnzQ%BPf;PbwDEnmX$2U&+w^E@A>UYJE6g~)l@vw^_
zDd;0j;eU`*_8F&k*|731t65v4OQ3aqqd5{(9j|wdMBzr)V3reew2A&|>{#rmknvj5
zPfT^ej>ayrkGMDyk3yhzW-o4mGjNfx$MW$e%G{gJvSupP*y>y+zO8&?6!A06IR>0`
z{=wWZP~@*O*1CQsf<%!Ux(P39>TIBw)c?t{YoeYZ?&7OrIyBnD`%P)c+$6%YZ@Jdg
zZR=zcuy2``6A^JySPDaEaM_ld5PC2v=bJPaCORfi4elGIVoCNF{oE!=bPh7rJ3zep
zDBXLlY_?>5ow9{?vCz?FCR&^3Vbi4R9F|@AwVlfF97PY#%h%RZ+Sg9IObP5PC(<D$
z^Sa5}&JnVOMz~vWUrzPLx}uqMNkGKjVBX8u){Im%GcA1f*mG+~KgcUHN|~t<<=lZ+
z^m9te@^3Qqgkx>2U~qdU<?4m}2j)%8$@LWJPJr|FobgZdUOjjpsh_cQ5HViJk=w=n
zg(NRmbM=Cpta*|`J?&QL!*0&HL?lZSFm_YhqE1peUd$wQ4U{*@@i~r0yD!{xL+es-
znw1e+7b}Ne91`O6T7?ZDZN1d;LJ8TQmRCP-ZShNl^Q<T?8(cXan*uZDMsp6~1JlKo
zvVz@}G?jCrDpkq5@j)No553UETV-qC*0agb2ES*M2LZFmCI}t(d33-2Bb_X#<9}=T
zPsgWNPRBdFeWW^^zyDlyfUFJ#<jsAnEKzHxnmI0>tR|gsoz*IlEGJcnFV-E&yz&=Q
zZM;0P?7OT>v2TQV7&R_APW`%hz&(FGuOtdTle~@tL;Z+KbE_aUR`VD)r~slB+;!+z
zopInsWnvt*PcKkEN>0myR3UK>`J=@eB(nn~Uxjf(HA6HtR#BupiH^nDm*tAD#K8Az
z3XJ9b)7kKTW5BAbIWI^KZqpUs^skGYRZi3S!Q-R+DR|`+NoQLT`ol1xOyjS2fBXlA
zM7PE@ig7n(iL&gwVg`MkY6#_(FpZEdE86Q)hrMw%4-+&vZDUe3^zCC>%v^9#72<^r
zM0jGpv|Jwivx1QPhy}V8u95`~VS<E(nz=q5#lXC0L!1A5TLE{>zAzCLY-~*y0C4EZ
zAyGW8Tp8h1RS}oY+vRk|v`DA%+Y302f}=!8zh*qX@3Q>~w6p1BdFCjbVt2OGJSodf
zeXMeE0Q7WHDWY;9n#f}IF#Y-`8j2BqFqG;xHw53QV9OJQj@9)?PK8ud{?#S=<Z~FF
zLsa;W0<8qZ(Jx6uGz9(`P{zEsgrA_~qQy<v%!}@gnO06Ep<$(GvhRcbu07LY970#V
zP3=M~y2fKEuHIYRw!dQCh{Gca74%O^yJIk~o%9~Q`}fQ31GK%XdZUfLM4ZvLtL|HS
zCZ)61Gq8n&JseeIK+ZpIRb%fD0O!l_BY&;bT|a-|_tBgW)0`jHfl@dpx753S!PHA8
zyn{g9dv}rbON@k17Wa@LOPHn<B6xJPP?Zk_%0pD7fGr3EsvqhAX~mc9E~l|2ZP0EX
z7FuC4S_BO~N(2o)Rs;=?z5c(F!eVJk2bdkw1m%T)URaraS|5cLZsJyGXRX&AWYq}^
zYU>^9CXFv*t{sQ#!VlPLb&I0dh}30DG)XiR5e6}&Fu#NuduN?C=fvAM2|6sEzdTD+
z<6yZUTlx&?ZcX8D2PrqLR}}K>kBf^}R7>PT_S@qXV}|!Ti6}e8Tk(b4M^Gb;qHlEx
z8xtJxRY15;670BS6m%)K{L_h*4In`FAAI_WH!`a$KKrxD#N<*<eD<f>Lw0_cabB45
zN;zUOM5mH<89BE)>ZWnIWf?iP6&P*>*(!^=6m|vK&`+ESvR5tc{{q4iN+6&thFM*z
zOu_NL9)^=E?iQ4vu&XTNSVoS`0rj7>W&-{<w%*YqT7<4g&HpE^W#p@@A+mvD6e4UP
zvVryp$q=Fcq5c*YbyVAG^3^cROM0qPJ+o+)XKJd`082Q;kO^3K#jT&-)sm*M8G(d#
z(bj*vt>L`>Xf8o{FQGqPS5<PZwwB~UTe9`lXeo&NT5MR~RaSE>qv2jeM~KQV*;O7Z
zz!js2%ug6r9y2X7V^MFojm=Mx*uBe77+%Mw)j>$6?-==iC-B)>xS$klXNUe*CWW9B
z=x<;1!mFeI``_0ri|F{)aLfPSKozJ|Lv8j!Dhnll8gi!dFsGzC@2%-LRgIU<Hks)!
zK?pFDjKibWd;l#_wf|vLd3}QisBb7nAeg3Xg)qjJVGRFT9XPTL^SO!l(b~$;m!Cv5
zO?azX<1-3w<XxKB^?NS=Lw=X<TLroPpNLt2KzFdJPXtT|8^lc>QH@bwNQSS-ibjBF
zH4Gl@9P3&)9*pN|qiO;}_%Y`r#dI;i&$|%iA3v1dSsC&gA+NX78aP^HirmQ>#t(0W
z-J$6pd^rnILwQT<avUh&VRV`<QbfCS42>92Atf$I9R0_CO4wcU^@0~6SPpC{t*mV@
zYn1XdSnZ7PRbOMIli(BLlIn^mm@8L8f*JP=Cu}P-sS$_XHQ61s@gVuDd*?TK@kBUB
zUXBx#+Ee<^@1mQgvY_W@U1iZC*jy=I1Iu`5$Yp=4TE1atHcuvxA2k*hcKMjfzp0F)
z>3p2QT>71tvD7AizvF9uf*ALr-vF8Ht{MFrE_>!zWfqr78744860#8EkVk<PN1hId
zB|9~%R$}^O;2DJ}|Cmr97O4hdNqC*2X60<^PaDRz|C&tp_)76M5dP#>M7s^6x#=E=
zWEDh&BS9?zol=A<57X2lwW^Aa4=QlWN!J{r^iu8TB!m`1GhS0?MnC%E<7iUE{z=96
zMfzT-KipV3sm;w_U~eu4!poFM04up;P^Qmf#VrjUkhfG)2nzyBcB+U>hk9-|Ek97a
zU4Etl%FQ{`lC}%*TxfMC)liW()^e+oj?)){9-^AkraFh?+&?0<WKRnj2JG~VLoCFl
zT^zvGCxRkt63iJNnWD(YC3}~_Vo|)N8aRJL?*KCPWHeK<AO(N>^9%A25)Ezz(-z^1
zW?yyN$$Q%#&r^ytId|{n{CfGv<vTOjaGBG6B&6RP2UV$K4LO^zrkVP|gQdxAwU+QS
z;bXb&zm~_#@k9v0H(o@_O+fY-QK|V@!?Pw*l!Gj;Knqi_u&gwj(X`;cz)xO+yr!2&
zd6Cv;lRdc37!ETYYjKn)NtY7V(5r{4kJD`PV`EAKK4<<6)fR3VoR3WYJF=)bwHiRt
zU&T+J_kiPXS=d!F%>jhLvQ|th2sgoK-@Qoz;c07Ok+>7kwotiD0`08h1yf+t54^{N
zVFO+iJ)^8Y64%Gy?NTvCzosaIjMs6u<j7BI$XkZ0IUYD*A+n(R-0whXS<aHP0>jxz
zB}ja3sxS%-HjON_yqJgSY86s>>b=2Cy&OJH<kBD~*`W>2EPr36puF;>rcHO1@W*)A
z1O^l)bZYGqAm2<tD8FlGA68n5V^odaArBVlkVmH==^|FfFD#`?n0wBrIOWVlsm*d&
zy-OTT<d$FnZc;viG3vArJ{Vhzoy6DvRQ6xcQ{Er2byJ(>6=pGk187@((gMq0{<91D
zlSP20D^F@4ut?6Sdh-GAQd3QAqF@T$Ae#CheFlI>`Q8=y%xDf(-^t}syP%txcj+;8
z)i49rznl_sf<mJDJmPAdI}#GqPrvVxg$u4)MI%GkOk<AaL=PSyjf@IOWsodiceg;a
z!;89O%a8m+=LqJGR-+4uOk-f;Aw)cXC)JsWL7Pk%+mLDs*0`#v|9W<b?WA&^Yt;1b
ze65d<ok2JVnaCkkfl#_$Ay-Ky;=XLhe2qYP$LnRo4Nme@`8|&rd9`4w-rCQzaQ~L}
zT`$>V>x?Dy*-BzDrE_J_si=QuQS;vm2sn?FcyH3aQv28|WLVZg(y6edkRR#^s<(O4
zXAc(o(Q`V#?J3ciqmxB3QatWQncGz&FbJ2f&*M=hBw>x{ndPKbw_{Yofl|484-YV@
zN-CTKWIR+l%Zvah14@*T<G87nX^QK4qa=?_VSF2~F`&VElX;$CU5P#2Z@%BcShe=G
z-xudkN0l4I9H$Tjd8jOld3cGu<>G0$uHaV%|3#*ba&dHy(;PeK<gikx?7Wq7aUtv3
zZX6EUxky}B(SKJeumjhH)I;zW*|i4A&NtPpCqBP8OxpFBwfS<U-1AsQ;N8E;>?N@p
zmSM?0{)}8fEnd@i#kJMV*#l%RM9(>sTi#-`VX1d(hE6Z1j^2hVHzrO}u~z&}fJHWF
z_yYnd4J)Dc&?#yvPx{CVQxmp2y!9I>jY}W1+U|b=>8}SA3F4azMZOPz?}h|$q+3U7
z1l=bjFW0%uD8cGT`Wu6bA&4a-b2&h$Ki1S>nlCASEVAUfuntQA*~_SubX`Z@PhIYE
z;0aIP7TJXZN3f><AEw?ZwioaD->uzU+q<^iUE8*8+qT_zZQHhO+qQL*&+q?D&fT-}
z%)I7)C6j50O1@gh{6bV*g=#_Dl?Df)?iEp<k4C6tM-NTo_|2iI9cRH+U(#k-o3JtF
zRCk`s0L6?&JWqo_%m$gWJfVmGbm;H>cPKc>Q|jU<5af$0UQ5x;-S~TPb_o#<ws}pX
zj`weN>{ePGPvBHA;*=37*!1aMu<B2*nxV^(Soo+&*elHQPRR(dzMLOdlNwS1)4@n6
zFt5|fBxaW`Vn}lj;|j)p-Fq(Lw_Es5DxY9c;FpKp?d-1J*Q(yji?0Vx(BbkY|8a~;
zJ203wuF;56!MG5dw0r-ALaD?6Y{{Mq)GO_g`%H017u7HG>G`n=>ej|1Q=g`SU7)T)
zIDAc!PvcIcbHIM?EGvk%!LgO4CV_GRq(I7FxFR8n<)PBB4_DQ|;cp3Jq?H_Diwm;O
zest~SfjYPqwVg`}&ea$y|FfqH<n7FCpWx${e96T#C2zZ?@f1eS9@ZGg_^tC4Nd-7`
zenDXkMQ9Ue0h@!Y>vHP(o_B|=BatcARyq2yz^LQ=Pr1a|aluLu;_|jWW=C~jLUjB0
zF5vC-Bd)J>!4l2=2Hhs>a|&(=H`&Yy6p!Y7W49Ii`+w991gODYIcQO9l4U7JhNvR0
zwP-N!6ikYex8>2(oWs`dTnEU6DE@dF+m7Ga_~XvBf|*eo#~}-n-IQY%w>n2JNp75J
zc^@52rZPMB4<s=1u_=E8{|Wte|F-gdadEww`u(0B&gc5R5B}_q+{O8Ezn$!<y%P9w
zaIEeAzJI3e?&#`#2_pD@XP`xKKkD_~{7TdLMu0im-%Z~ZmaOJQCzm5(5H~*0#v>y|
zK%)h09rd(@j?YpZs5>@_@jvrcQ50l)_(0qSpk&xL>R4Q{xldy!A6AIx;g=iTDow|Q
zpG0*%qkyCir=RsKGh!kH9<tl=m<yAM*4WhHT7PETZHU@qf%5X-s{Qr$=N)vcB$$i%
zh%C%H6$w=dYc1M5?7E<F25Xd*t{V6Q_o@TdrAz%o=L|3jXA)unu5-$QGBkD$j)}Y5
zIfe7CBh9`{fJc@H2?_lB7SC?%p5`K`q>Ao)6RbI5V*+^B%yv&=B~Q`fozmU!w9RX#
zA$}^9&~fwP3}6_7b+ywsN=6^?k?C?P`7#B4F>1GC#nvnpnT~?pYE+iZ--$XsxVJEY
zydLS{0M2_71`7eO&giWhX5#vZ@g{OWd^3h#td0`bZE?761}%>?uH(PFBa&8v#u!!J
z)35@*Z6-b(1xl7stb$hpjWtZ<@+b`?FUJsDvSAZZQadJI19bd5G^^T|52<uaU*{1;
zVQ%GcZ8w|)0+^OY?4p^}gU_g?{8-X_Ar&cvqeet3b6AC>fsefkty0qM!Q?yYA6h1$
z3mOWP>EwpV2=k-2($43{j^5lq$*FIwT{X`S$V?1rebI{~d<vOjWoE+nG(?48otZtw
z<~YZhdzzX<)gx_DRX-rM5tpx7VGnqx&ML+lsB`9v7AY2Zs--vzyT+K32d#{r0Kn~>
zAyjZ-XK3x@2Z%bddJZloMLo6;+6Xm_K#17|W@NCqlv`6{TuWYBkXz6gXH%dl)d$xr
zW6zxY3(E6fuOnjd^OO>)5?af_sndKi(xLJiB;^BAo5Z8VV;;{i6Y&;8Mjvm=6q++5
zXYvhUmWYG%j&#d0s!au-Ggmt8YKTQCCRh?kIyB-HXqDCxcgg|;@s9AimSqM|hVp%>
zLRm(srowrYB^fHa*pc~v4Fxpnl%nss1JKK#=ScPkp5O8%JNQ)CA=E{{R0LH1<ydMa
zMU%TBqe;(C(F8tnC*O(W0RMn^ezF^)EYbgRQr#OD_0q)g*8YI;y}dbBoeAwE6saMV
zMY)k^P!b33_wb*f^uR(4KiB_-TwvrP_b}aYdN!oROjdwUn=dgJ*4U<?R=SzEW{0vS
zWlL5BZZ1hR$JVm1XCtQ=9%>i-^b+%ew1UVPi@jC?APE7qJ2cvX6X_nTp{;hL5Rg>r
zi#b?Dking}^&i#$BpiuDYo9a?)W(z0zzA^^=H1?YcesUzOa7SyHS>aLaf-HWPt~l9
zqxA^DjA)L(D4b>n$fwW-#1iRJBqfHWOb-fR+?F*UF)GNvqvC;*VF5zxgt5BG#he0}
zS=ndoN7m1Bh40q7Y14f^mCpUKX<@7^Uun-*AMQIhH!JNTG>NFO6Qh`bnp49mF`{%9
z(m2!lGiqj2rA!hd;nmDEF;u$trDMrJIpyY$modLF=%1#@-4kgiyHq7mJq!3=NpO?w
zFp89a@cJo@|7>=BoAZPVXKt{6pqvO&_3%4!51Yb7|GVVa%^JbNaHAKuttkolOmE(P
zcALJKly)sAE&LexiziUhURYhPk6xrexbV8t`{LQ<huplbH?>hEd+JhK6)Pj<d289=
z0FK3;W3$UNGw;QI!T2afbC4w#%31@-YH7nKK`1h$?ZEFSG1N`}&)Ow5K`g<kcj8dg
zxlQR;zjP;GmKMwUzeURe7$5YCjWLc0lWD2934iC322ao<ig0pI2tB{&<;B_&Q@|f&
z)3b-C<@3x;f?2|0iWBA5SouK0eTs{@CZYi=Pg2bxZTe(19Ep<RP}817(MyDt7A@kj
znj-d;BX*wlOUmBtB<=Viimz5PHHbj;48882YD4az&mdM}pZ(;W+p2N?s8u%-H51Vl
zFmg8p^`g8;BN1|z!h9Yo<A*DoAcGMZ{&-57fl_LnKq^p~V4(5asxa?J3kbH{zzj`_
zJz%+qg%_j>4`qTlx}lqHSJyXL4>m=%3R?l0oS2C1_ZTEMsU;cQd;Tr%kuX9pg}CFu
zEsC7ix^e&p7fl5U(=h;hI8&J##bSLdTOcP)DZyiV2@7g=UI=}B3yT>u;Q=bTRKzwJ
zG0!Z7FwFDV7`T!v8a97f>hDw+zp^2XA}bYC^X_$O6{gO&J$R}U$T8Iz_XU-v-o3M3
z?FPQgycq~N*s-wu%_&#BLCOPUD4DTnhVy8_>Cp^ARgZG2i_TZtUPl6&4d@Dr?zVd;
zLfF3*_^aX-lindPjLTxp)_&N=9uf0ieTKtiV|R;zoRZ}I=$|AgkGnBfXP>M)_FjF%
zO~ocW#&mgT*^|xpEQmobR*1n*eRl%5+n{|PhAxEA*Azy~9mqkiD`Ut(uhGMx{cU!L
zK`%~Tvdt-d_u9DrJKp~^C$H`SFXj%P!JyY2l391p0*JS^^*5S2yoDkBw)aN(G~1pf
zEj1U0Jn2YBxUtnt4cu9E{q|4azWZjelzqGyC;M-0gZ7Gas%Z21UpPiEdgIEi>};mg
zFVPKhf<d<RMLI0fE#Xa)%a;+%9-IcTnl<dfM8PK722(RQ!I*j>Hk;^uJorsQwd*KG
z!^GJiOgpVF`Rd%lv4-c*?HTX{ryP%4^+Vt8qG-Cv5K*=ATI6o}?C^$Uq5#ZyQUhCT
zDNsSdd|GMd#0}hJ&YrLwR*^(RkZk!ZE<}(IXYHA~ssXP9Zb~IX7_gL5Juo*`l9?%C
zd^w@s?jEknRxh*IU`5wi<~3kz{DrBtINR11BQQ~v0(+UY7F@l*19xB@0LyUF%}$t{
zrDS~-s6bQo>)^7{aDa?b82SM~@)OQ=MtRN|MDwno8QR`up9Y8!T|u6uflxdtROD$R
zo}9e}qVw3nC1N$jEUqr$6sv~or7zYOGWgnBHnG#{5_2srIN5OG|7~JA6d`SY^-7G8
zi^0;MA!$0+J3A$tQzTE1L_HBs4gHKr|It`}DM~FVJ3U<x(BW%f0JU3sotwl7gXz6)
z3i06gjs3fTG?O#x@HDh@jJe&`>O?M?8tHbmgh$0_s28n74lsMQKY4OH>hlOY&X~^P
zNLZLO;;>_L+j?@^uvQ<paWa#U0~JFcpRU1WiBnBsw2U*vWBQlHSRb2?Nj_zZ$1tyj
zN6a9ye*Ce1<hg$6$*n0*=m=lUmUq9g?-}l3&W*FB`qIiVDydf*>5vYVw!NDFFfSpL
ztRUjxD$CT>MFeeDo;FdNd{61108pzgS%)*sGUAJKK<CHdznBV7{TJ{!IK|Xbi5*#W
z){a6<xY6EW^_Te*f5hzz_`duv+_lol%wZlGK$Q)QFHtjj#V!Yzo1b6>2#5@p(#=S%
zzORM3N}X`=uNAghbU*1%gQH>!EO)?r@>-lmq_y(<#EF+d&u&nJV>jDy*}^h*!~9mx
z`|w@-`^o%LH59vXxkt#l13ku3Z=E~JzU3EuB>Sx#Vwnk)H?_TB4cmd>jb&aF;+pQc
zB8PqW43tDra{a`Tzjug5f{B#!QOT=sijk4v=swbK2*n~^-`z4(r=;^ZI6LkD?EH&b
z^>Q?%f(UX6qAiKGIM<?90j1{{j8fD<nH(6QT)X%giB<vU%mkntbNk)X>e7IhPn3O#
zt(2XH=g``eYalZ&!HrXbWs8J39nHf%2cSpmLA1p)THIcLu`Jd&IF|UK3s$8mFFCEN
z*STTw;~%%7t=-P8QR#OD;4d6+;1M(@J_d(ziIvjq<G^8L8YI+I|7&5t;62FErVf)5
zC*;U5ixXk{y5#J%Kz<c(p6f6~#8IxVOe;iY!AXxQ`3}mB`FdySE)eK+*z#Nlu#M?a
zj9T~N!(Q6(z>r3+1(HW`>G^T=QV64iqF<VECRzM$g7KKU`+n<>N`dM@fo)LX_)Sww
z4%D7Di@37((=M-85n~9y=k{}XJQ+UMqt|uEjyp8gt(_i4gaCjv8OGj150vRY5rjO`
zU8gbpo5?!+2o)HI#Rhtz>OintI|HVJR)*J2s&j9ZHfXW8IP!=;Cd|73dLD)k);IxC
zWR^(={=(~FAmYU~)<TMzr_=(ZO{o+hn<!I(NUv-D$qu?4zsLNk-P8zKR5nLyl*X-`
znXktu4qlK@-GmZF9ny6k@EKR?1nrCNGqvPsRR*DEDumWVWF)2-rOGG-*DVN!RXD;|
zkg0{E<`JE3=ZAHheO_KT7?J68s_)o)_EV&U{TnA6`}-YL%j0-gh`Lw%b^L*PX|uH5
z19)7<7#E_k7CR58yPFqztF(BgXwp&eENxk{8nn_0nKKz{H)foFxKuo?^KpNeu=5L#
zozI=;eln9c?0J!*y^noS_nBo`x~k{nJJ+h&6--mpSI8G76g|rRD+tT(y6dV)rQ>Hl
z3TbY5Mqe5LYR$1u9LE5(fLn)N+k2?k-H=wO;nw!CBB+!IG&HikI1s3eb|97P7>>a(
zZ{&n+Z+(N`KA<}^GOi=r>E<J%fq*TdI9h0h2I80#3-7gxB1PR$^o#7j*8gp@=4cTF
z7QM($0_{oxSSxrR2!4@CrQ;{Hmrh_O$I!kHhMbtvTKS+cFSX)&qp?<Zvz4F4UqU!l
z3&X}#p6lU+{Zz!(xwV_E0ok@FR3%u%FYhPl$as1|yHKMM)9eU<d3Q5jAMZOTVW&di
z{1`NCfZejiKm;pw4y!++JE#c0M3PwnV--OE$|(|+bc%<Pa*}O!R)}M{4ZeuuC-^%Z
zCjLmY;2qBLKiuk-5h{8|wBQv6xJCbGUgL-sx~$+5PBy3Q|Es&k{IB-LEL7ZyU`~$B
z-!Pm-kKn(q9=1?%r`flsp-iHME*rRnlmBHQ{6E}zhz_f4U*UC_U-mNdPQZxFvwGDW
z_lEb$V<Jm;`J77*ZluiCfN(MPT#BA(j<)>PX^D`MV3PhWIV*9yg3Ae0znS2JZ~!`9
z`jc%p=C_>DetN?S`ZgzwZO#Vy+Bq6ae0WY(jw8e|dFpFdt=spWxDPI~<&bNNB{yIb
z3P7FlS@o8Z)32vM%`qOj#E7y7WpVxO=usn^h-Zk&&q5MTN0#cYR^#cO=iYSZ+Di;?
zy&heEUX@8zxw0Cp)|}xP2$aPN_H4<ESwyLEuP7!ncSc)gFXmw&meanV+zGJvSBaR1
z+BE{4FGd57EF%TgE5lV&53)dz{sic{SPMb?{5ZrbG+yBxhv%8!1iF^a6QcCl5!clG
zb>J1`yD7wbor`g*LPfg5`ndh>{oY@l?`Qw~<Rggtd7316`DF|B``YYhhwSb6eH-lW
z|M{8S?frUrxj4Y^yt|yOQs2t>{c!m;bG(-#i4O|0^S#YpLHD#yTJG^*tY~L`#?#$%
zBOKfVr%z`JDD6uCWgm2~vLE+F^o=s4Pkm-YaQ}$dE00;#7*wXVv5PE^1qAhI`vyr4
zVJKU`Yg4bViXNyrmRk;ataXC#FR5qn#+eW|QvHn9T5vpXupJjg@dWWk*o%qMfk8FJ
zWK&_^UeiGkB#=;osZ27@pn9xYNZA}r$~=-%BS_&0nf`>j+Xj03l;mlSeP>~4z}!EA
zgC-&9$B;~{sqn`GbDAF?X4hqt4q^KI-;Ie9%lI1p-5Su%mVwTJhZ-&&rUh){_7UP%
z);koB(iTN)e|T+ZPdR2LVhpB!EPbV}5#J49U|EqnX-fsAT|_<=S5?Mj{ZP|%rX&;q
zci%$#&XdV>{T%t;l(}wOo}DzutaX)lOVx>q69uN<;MgF}H)%u(R!+e46s(INA-ZKV
zv9QVd<wkP6hS;K3a3f?_a*9r4Y7A{|eiCS(4UGcyZmpoNga3(oLE~a2JNvK8<H^(4
z@iFyNB(<TqZZ)`+qUB-YTac!{ZJvQWCj@DT<P*Qf1VPa%tr0~8FXDj&l9YXHey6m5
zW^D-WvL2XaR*6{oUVBDeqkvj4<3y|0i@F1Fp8d<>$*3s^v;E|!O4EtQMk?!JpTnC?
zs_=W95u_|%){B%sr;Jh}+Y9;K3t57%*`Kcl$xczVT06Sm#@Vz4k%?`K+<Ra>Y-X?P
z%VrrE99P%RtE9xnp;0kyj4BQ6!oUD@9#SJ`v}0JS9*s%$kwC(4E+tehpVgxn|5Fgh
zc5KQWmjl+}jH^5*-7@&lI>wZU!gqjM&l0xalS8syUNS>X)lpe5#QAL?`B)ilK(~{E
z4g7|6=OlNcT=C`{_3JWFP|>)yQ0g^FucF{n8hAgYS%7gPZe=^PvxdHhnBrrQi*kyn
zR^4qo<xXf#ZsTm=n$du3-$i9JErMJmQf$j$s(vK1tX`wF$8@`=E*X`m(TtqvUmZq3
zP<k-%i+C=CHr4OTa))28TKYk|?X3-{(5ejTm9j6j`~ES%7060!+9|eN6BrB(l9C}b
z<+xRIm|&<gF~x75-PlBS*;dLKsqWt_34G!t&CH()D${4a?^9^CNAqEXbwQX*1_UeF
z`-(nflWu-$hP=~25)x7x=m~#P$+wXHpR)$7Ui!Rc>Y1nEXwfRE(>u4xS`_KKaP^o`
zH33Kgd*Hi%L1cphYGHvX3m-jc@e;Rq(~L_2iNJeO=KwP>0~N!vgK!27C@*>C{NyC6
zRxGKf!Q*y}BgTzYCmx`!z?GE9%&}n=9lMJ@$jRnD69H|^0jF?Gu?F#zXWdLX!XeSt
zP;7&mt<JH|WAJv%>vM-z!Bt<hr;Y6m_~tJG<oPJ|pE@H$4UBV^SoZQbffaBCjsR9b
zslVX~KP9*TTCai^j+;EH4FOZ1(d!T_vPQfjmb}ogv8&(NolOpQTP>f$Uzm~Wt`;qc
z9hnW;TpzF8=uU!i^3Q#@YinD(h0*|VaX}ei8i9?<t?u7Xyev@vJYkSLYw}IiE9t}L
zVj*u_+^pH%_hXTA!`gOpUc=Zu4)(ESsW+<eE13S7g$5dq103f^-XJNL`Tdk}e=gXE
z5JN?vsIl|NNbMRoh;lT86#;@Q7cd2wOFUHnQ6~_zt5lJ@<Q5{#XZ9zGD^*Zv#W_xD
zX$aUlW5*pg#|D1S3V)grG@<S^@WCd2Zc3ShMgWSp{Zv*{##%NC=6vpA7GP|<lbPH{
z!|fD|{p6Inl!QFRP=jps*o3sXob%!jgPskjxq1&flM0-%SsG$>m$trUp?ouR|1Y&d
zDX>JHPsSR%v!N}Z;$6tSEaJdPOE`3!1A&6qL=+atIoghFeP`~PzLj$UlQU?y_y`4g
zDV?&7u4+(zEXyNbN&2B<L|f~-okApYr`nDgr+JEd$;v`LP5N6knIr^U|L>_GbWRO)
zxq3jv;fe50o{SsZl(jB)u~qvz9YDs2g&4FqZaEOc;>W6HY~HF<012pf6!lPyuvu${
zpWp}{qkX*eg&aRSMF>u`+Ch{T=&qC;JSTww%mIabG5FuM;W8$*DCOVE9x>7-&%F|Z
zG^^w?yrY+hH&vkAa|gNRnC)-v<f_(GK57{0;IO0{B4WtbdXb*NT1^qoMX|~g!*Xx0
zU{R2p9<82P!g}p<hHAHzm+-9DOOpYJ!FUD4n9m!diJvQW-F%ngu(sP&E0J6^Pi)rG
zVHGS0R}$_%W4oG}PCZDc5o22BH}3p*05#fV<=iY@W^GXy5xIc;effcui)p$~g&ATP
z>QRBchLrw9<OZqcAR#k5>>8BtZj4k^OyQgkgz(m~*0(<U^o?q_jJRH$^{SRpfNg$|
z2>DK@X;~L9E(x-wB9_u2VZzUXZ`=`_RV^k7@_aT)Q}SnDNAoyivMA2NXb)tO5(84N
zL6oCNskx~YBe>)A1q(H0QTgmVz#kQ$a(EJ#N{@*e+|BZ^r4@N<1GG7WQYef8t|J&>
za@_&5hkNVZ4Z<*ub_qtlxReq}8BPE_P$8*G7B<n*FGD(6JVhixEva~6(+$?=MK8K5
zXdskRaAMt}UMFo;qL9c7y6<AYP*4a+ww}I%u=JYdD~Vnxy)Z+;T$=mg%bkI04~Lb_
z)c-fHeWTQ{ZrQABh%o<eTK%qjS~I&AFtmvGxP-E+#itn^u)5=|(3qg2>)HKAsl^;m
z(3Y*S@_bUNZm(nKH&vJ`SU>CLiLgrPq5VpE?v(#yos;1%$YPif&5zvs(6f)_K=;>^
z(n(z2yj~gP{Vzmm_^<Kux~dL3GRlfiA7PMqHi``;Jgn#;hh|!cYAP48Mbx@h7cgr*
zD8d>V`t?>Hw#*nGKTq40cGR8Y`B;I|UwbT5WsbWZO-((t@plj^U@PXKL{;Z%dIymy
z<k|H^q0loz3pY|+>H|wpa`)*wK-Ifrh$K(GKPJERQd_*UJK7%DWaQSoWi=}_pqkKH
z27EjdMn2q1^l@5wxoKtO&tUSefiGk=5%*rtEjzYjpAX+&kC@t%|0nNLIq1zN@awn#
z=M5j^*6WQ^pU<u*FL%)*=*{OH6hhlA<koBUssE>MpU>^*8Sra1uKn({(|-X3_PYpe
zw{Z=BA-7&ZZ$4+7`g{<0emyUyfnU3CIsfPXPyRPy=P^USL~#ak|3^_?NjgJV>r3in
z+7M|Ei579cn)@7*mT<#WICL2W$P{bGOZ=OF(5fN{ShaQ<$>;qh<uKV`a(AE|Y?VDZ
z1<J^iJQUOhG-^w2z;K0&x(KFFZBNjcnhLCO1f!NHz<MT~u)&y&M<n9FP=i765@1?s
zpm2|ujJyZZ+MavDUQvUovq`hXdi(|>*eF@CFQdgSGA;G$Sb$mdc!+n7{>M>jLwFwg
zhqTGW)N^6<5`@_S1hMwAVMo6vQvkeLS*9VdkzbKK7SRBF{~M*U0*cwlq=d$CZfH_7
zfe=}U8_1h=yq#$!0f4BfwGWA7w~E)|%aH^|PlXHbyW|%GNwQwD)jr7P-2~I&3~8`1
z?qcUc9|SJvbc{DFkl05NxNW&(inVA7e4QiyI?#=f<0jT)AURLk3Fp2M7OiIA(wYf;
zrKm4Z_&vQxv)NT)v^?*!%7I^6yRFhygJsRYp9=1p9(5gfbZEPR?qL+sD*TK`^Z=yd
zygfxdgKpeUv=5`0P8LogH2<B4TB-jvQdRc|1qILC-(e{%dZ`)}EXdbGC?y`l1oLv6
z^R-Ga=3QvFDiEn@QDq_n+ZqmzBGoNMX!-Q-h`fIj4Pxx`4ut3Xz;s6iZ^qHp>*RW~
zDSlEzZZR=`lE?DowXTfDy+y)M5jIm;_2EzcttSVKu9U_^1Ld66m!uP0m3rZtt%%aC
z2TXMtX*a2lv}+b#0n7UFh*p`&S{+5h%N4aIsuN&advevWd?zAJg|zZ!4Ys2AqXLOt
z_z&o6(;(H6qE(!U(&o`&5BTtdl~V-RvAx^E6|vp4f>K@}S^V#g0g*MPI{hVvobRg`
z51Fv)QJfs%pt6iSVSw~9#t8sDq@|%ic13ew<dyMd$6Keg-o8Q7!{=MAn*EQ|ux7m>
zV?O}WtQ>EU)Y-ZS2Q}mB;OW|@cWa_RqY>jOwbWJS!h6tD1EvND(NcHpD)i_i&IR$I
z<oY8CNE%6^6cg8gJi$<AGBJwOv`_8nPZ&<qt$*l=TiJswP?q?k2=V@$$_{hwi<IlS
z)EkykwOGGHLJQg8G}0|*x2V0~U`>MXsU43<5wj4IIf1amIMr|p`Z0liSU!=wF`#<#
z=4Ua&%e-_4ADkCe`b4~D3rlvQ4;1LE+`{Zb@#I9x-W<uHMNC3!vPurU-{{YCn5*nI
zbG6^$A68$gx@82vWCI{#Ii@TF=HwgrO@#$Jqeh~=*G4D=(aRhpIF^fl48h~~jfaq&
zvmEP^sm@q7^>wVL*R>zRqnhtQy+NPcO#2IS`W~<;Kzn$Y>5Z@!$rxBRoBU&V+lZRu
zqDRb6h#YRynbiWlDS_?yhDa6LYz}+j$ALWA|9l>#!c{S+Q_X!Yg{gBgA+gdzSn(NK
z*vH!NEg4(eO7Ey`z#3XaWQ@1v_(>Nui`8U2Hz3J!7`ENZYb;M*dA{AJ5;8UiZzZ<J
zf~Q}-zykP=3yB>Ab9qJ{%EdK34qP+Od%x60>!w>Kb|oupJeKqYt&miVI$js=G`}*c
z&uD`{=ym6)H1SlV97CLlA4|xjw;m)TSy5Qqi_suyfNSXwYvp*edc!assuE$NRHnah
zOr$=(HQec?q#1}nwX9F`ULlPOvXk(KJIZmesrrY*e5N8r?>EEZ5h%HmI~Du{&?b~A
zd-j5~yH!}%ZFgh?h&jkRS+NF%Zk;j+sMUJ+A;n_qqtQBpP#H7F4>GPPaOH!3?M<D`
z{UF_F+w=yxhld1Ju_m8cOC$mHtIj)NH|r@p-Fgj8sQM!Oiivdu{9VI229w|kXnKzG
z13e3YDo`~|rY^(Gs|oOZNK7>OEci*l6_{&}h5wvR;D~VJ8K3R@x2R9xK0q?u;Hr#n
zM;O0l=j`Z&rz^BJI>Y<?XU7(IZzT(8)9@GOsAlnu3X&36dn!i%U9e(!Ka9VC@oYDJ
z1IyiZ<vQJ-ro29Gd}_S+s+H<x-?SjXRY#$Fb5821INH34Mjb(gb+h##-a3|%wpSei
zmZ?|DUS$kkW!HVtPDK7)0kIP~n$hdEXmb#shC@hJ!7Tgnd+H(!Ghj6>be!`u<iEPk
z{9FOs?8TsVr7j1jA8>!(>M{oLLpNOLHS^A+HZG^;(;>ySu5wV&r8Y{dN>^x*h4H{`
zD=N$E<VZ0;Z?KbXSn||*7>#AV8{Mk=;=aM4OzWS<pO;yP*xko(&nt~EbdhZI6hOHL
zPveK-&1<U7t4{vwYQI@48lKs)h23<8AigI*sy20Zbu)bmEMIXgJ^9LQH-LX_)poka
zE)bd>Tl6urTjj8LXvut=S$Z|>S-{(`poC!eu%xzwul?g!lkD-uobTA`WyMgZ*X`Fl
z`Q^_wBj!WAaL`}~`@`t?s4Zkm;2Yrm`NMj(^Bf6N9-f+uwq&M=IPnLYb?&YUsXfT<
zFcK=2vDmzM{=s4#tkS$%WnA*I{lll?wDF(uyP=gl8(&FBGcTSscne{2m%A5u6t85y
zhN_7xxQg*=i07XTJLB`%USGfWE$`!JG~eRoOqEv492JI%obr4@ThmuRY*h!<jNrgX
zlZFMdTwaKH<pA^d*|Eoxh0)5j_<$dckK@@{z576!F(=jKx1<%OUIUzPH-KzSe98v@
z3?YblN(G;dyb=#@j_k9bjDzH2hy3C$E<w_1Ej?6qs?R@$!B%V0&tm>n#f4ox{i!sz
zXGy^@?Qn3SIlRg@L(nrchN=LetY%|~gDZzyTH9M3>@)mko1^{H>US_z{OWQ&T?isI
zO<E1S@ZVC8RJ%1yasclayLC|W%&<RTi8t=hgy*LBiQs2~=M(LV{3Oul^#ITLfyLe+
z#xSacq0~gwe4MXN5}0WZ9^*Zjh3A(_J0qdZcHv~FsCFCeEF5Rk5>u|*h*LvgcMk{s
zab?Z<7?tFCXhZ;-H*>BnF%p?81;t8Jb~;;ql64lMr&wJz1SYX#5|-enDz0XbFd(5L
z2rexq;zF2BPwy-o&9Z!}4r*>e0P%|&3S_Xm8r9zk|1{LkixQD2b6zdThsyIFN`4jO
zdw@$yi#+(09j|IcJe3RyVu4tEzLep5Wibqq9vKHeNHRsr9&P}#RP)rZ;6ww+=RS`M
zkL0AcYlx>z7IOJKj|&g1U%+KU&4nqaBw<2ng^Gl1)>}OaJAF#1Ob*vD7Ok^m{}}R)
zl62}2Ty2dQM0ZP}VuN=me;>|i0N(TBMN4|RsdrCvr*2whuP1y9&F4`ZTji?<Y6tCe
z2W3A;$LJ;;j1!{=hj-O$Kj1bv*d=lo+-nDPe>-*?*x{WZ^?T5fkLq!B!ppf7!3|~o
zh6hH4>nz5NvL!ys&o2TwJ=1s6qrd!u`)QN&@?!0`3wG5%dFS0x6MImP=3hf%2ryH<
z2{Bvl@d2_Sy{o_n0*vwT8X*qGFMl6=l|b+dwXVfLJ&0ktPOqG65RRmx_bdI&qAm5g
z_6}3JT8^4D{KZ{D@OQ8i?qug-00}(b=otJmjPMvxSSPsZtHQ#nAU7{*7lN3{Y~Ah3
zJzZPHe)Mjg%<RW&k5?K{kF88AA1tN+{2Ws-OX~x~c<ZfR9L&@}D_v#*CKb~44O3U4
zb!1@joyTb1C~NeoyI^el-ZN_4Pm^It5ohH`4YrSQTr1zI#f1B@fJ<1-+zYoE1A)s6
z_1mp-oO2}cHI_gAr>5QtXC)=Q=N}Efzr)G6*MIHg#yLqKU%vKfFJUuf$A=H9tLWz$
z+g5Y-!LgGjPX}~XYG~>*VZths8bIWq$wOK^Y;$r2Y8ft)`(oR^$V~ic+wu97h74<7
zZ;cAoS#{WW%uGLhL)JBLs^R<Xp0uV2OBJQhn`*sju6YAi8aCS<LIY3@1lcCh%<Yx|
zfEW7i#7ccumUo8Xq8ym?`YqEyPZ_nm(oC%ZpPS?(p4wSadLQ{}7Dol)rACK|^}Bz0
zAzGUNhSWjF`S&IfI(DpS9YuU>1A16`pfHt4tae?A;g(N@`gKQ9^eTup6rSl1_kx_o
z-N~gClmnH(az4D2>7$MfFtQ{x4&qZoBTu3ic(hC@qADz7EGgg&p#pBBrC}J+dbQe+
zKj-=899Wt(JGHCH-GD2b`Nsx3mD!!M;v$d+Lvhg*N*}>=bR)Nc4Fq@IChc;M;Yj!d
zneE76=~R2!TkG>%zysY#@HifJ+rLvB6iG#7?mt9=(W~97&S~aU4J9~CwV2&RO)F04
z+=4*<W}YT68jsP>MYzQg>rRkB%Bdj{Ht+ph{{;UTZtmw<epIun;cHIpC@-eZ6)iK#
zK=Sd{rcPtaQ%=>Jdoj&O%T>fyxZqNNdi|V)Af%lH$!hF%V!hXy%_}x(TXgE48v@HB
zdv6l1x72G5C)3#46e6>8RpQ$#ur(tM^%Vz^G<zejM@Et^^^A+ozO43!Vky(uF)fyE
zK1|fw0K>yf2z1DA=QC+;w0lj8E{QHZ9WoD?S&PQ{UVooc@N6_BdWu8%!I-Mu0aTg@
z#duS&Jj!?Bj}u%EAtF5Eg&$ov$uv0&RCF=D#$O|a*&}_9Hds<pPD*<O^M#2tlw1l$
z3VMi2IIGW>xGT-h%rgL@)=HMLV$}a;eNE&!N|$^ht+wGbQ{lG{;_T`~J+E94zNOqo
z68;+dw`5aiKlQU&4@Sz?x)ajx>h}I#9(P8yt}0kCh;#iVRV?afAcvQXXk)=7;Uf9(
zsRt(&L1MwcvjI$*KnD*YaVr_&u%PeG$V15}i4CXtHJgMiy+tMgrNzCXX4ADjLIK==
zpb*cY8@Y+l^cRg;LUg2fT?t?34+l=ytEI*3SAHIcD8z<OXS3Z`W3WA9K>XZeuU?n?
z`^(3{^6=y<LLyWATt}H#V|2o1!g-TocUAhziAudg_udB<Gf<*=$u>AA66YFw%epT8
zJZ9I(80=6M0BSz0TXbscwM+W1u~DSiYzlIIdX=vyhE(v8IO&o$JyOBT!+C+0Fc(!c
zr+Y0Gr}|u|9Q#`Mvf~Q-_UQB|L>AA;QcfS+g;rE;4ePLrhL~gGf>v8Q?u^~q$-k(U
zu(gOs4Ea838};lKEVp|y*hB1T5v2i7F%G86MPA~}sq1wx`U@7BzZs$D-}>eHFIbo6
zG9);1xQ(-8|0JbI8fVL<7KX}gOmIn#Q`gDS!l7~*Wxx-y>I*%=Z_*+x3HEaC9nad(
zgu|PUKgN${tN55hYFDdD<de%028urA!t<ra;%?IXyYhPYcz+hz>3=_VM@RiW8AC=l
zZ-bJ>P^14KT}2TZ&osG<=R@l;crJOQj*BkcsRYS!Ye}f+X?OUgGWE7e7hL-E)FL~7
zVv)~jLD!Eau<SaQYp+LE*L#gnPXh_;<=qUbMA6d%QK(swZJTz8waS5tw*E$=O2Trl
z{YwQ>1e^X!xZIR(A^Eq;`zI|hOHVgmOM6``{RXqVNqlEGSB7o9<45f^Rbd&uC6GB%
zu?@&x2Ui=SfRcK3HKbfK0p;tMhB`CZ$d<R;)JnsK>?OBKyS|wXyrd!(O$X!;K@VX{
z-6v1t4V+_|@6-wr*`I`V$@i9t?|hS_&4hjB_UqElb(=9HXQ9zgeL~FSW#yDH6Gi`g
z3fpD@B<s!vUgBYe8N2pG3G4JVxj(rMI>#Nm68PS=3#Ol~IO>kl^$e$U4)5!u$QyEP
z%&ji$JTc8fqoae(AN#GjCA4JA;|R=e`|PE9*}e_GZ`bGN<KwTpUGE<s568Q2=cTtI
zjXnK-K3wlP-CtUN6BZY1UFT~)a=f08hRH+e7kxTTkGs2ZH22SJ8^!dW8PybkW{d5>
z_y%Qy_kY70)?}Chaw7od4}T2yoO5#*r+WRs(|umbz#3=!JrI3<2D2fvse*^v@pvF#
zePkrTcZ`H4m>h5%X<kQwt1E6_^Uq^a;l#39gF;mGsW28T7XRG6#H0*c4|k4vC?L|w
z>w_5JaFk<SoV8r-v!TK{SIcwb^$<$LMHK`88S0z_%Wt>uUWF*<>aKS6;VM^T3POKe
z8yjg}XIu=MUwtB*vneygn#>qmgYyb*vEtn2M__QU@@hGO53SX>n`(1&HRn@(Q*F$L
z)^u0UZu^(*P>~WeSDzBKg1|N9V*%qIB`ll*$j<D29(J|+f{aWk(wWOO<8uDw8A!==
z-HvUuT&!J3`gwN`(34`h)|Ba0OsehmsqJwDLT=!$4w!(;VOFrhX=k!$Bt=PImnlsD
z)C9}4Du#bw*Nzw+3+1Qv?y_&YXaxV0*zff-ND^caUf=O#=5$8D4~s|fGH5oI5Haiv
zG{}{z;}&@gLB4vOc1WT^%cv1r^`>}h)NiX{pbXJa5=aM}?BhONWR*imy^8D0?T6kZ
zq16NIS7oeFClGBQ2;)0A2CIth*vO_~&)HsKQ7t!zRvA`ks<0EMD)Dl?B3pkH-GxGE
zTc>Cr7!r^qi?>(j{*q)B53~>aAgx7MLB`6q_^dx|f=0*C6nA;x6sP=PaPomB?-=48
zRP%6#-d1ud5#{$sM6SZ7V)cQv-`1jqSZ1zfFHl)JMUi5~#`IV;h%Fi00J~_*yjb};
zg{?{OZ_A`j+6(pEYz8{`B(z?wMh$$Wp;3p+;*e`FAoM!M!Qi63d<<4qpi$YV#|2Jk
zbA{z^595t-hcF7jq#@9<O;b=d^j*ozaIZo<o~noz)hZ19nj~el%9HdMe*CC|#@{cX
zdl0rB;j-1{9WPh<IdeH<wVuEisUuBEh2SN@q`uO<ausDVtB9XD$+TnzZANISnQJ5p
zmvR&n_sHoh$EM0+j9*D}F0x*jc>MB2WxwNC3}WXT4%Hg+lJ6%y@4h{mm6MZ~n|Isc
zj->rgqICVGSu9&9tg2zHFDtIzKqRlY_SZZ@nRTGXzuYJTkyJuwJ}VOk&lgtyNhK(d
zIpSmdzVr~<z{OSarii1)fYa;<yK-=QlC6O#u-H@lc_kHm)?LS%KNe|SpB|NVqW(`<
z*VmX;5>k?|3f&mW9!auAFqPt+mTQY)Q<)kj9EPH_pJ9r$&ZcO(T`Ab#zdwY(Sm*F@
z<!PI_(()nAO`lxBBH?lv14kbp4_2yn5oj{wrda+OlNBLVAlZ`lSj2j&iXvhi+?wT<
zS4L5-9sVsc4JgvG=%B?@<HN_%Un*>Kr-3t3F_l&-Rb*lxE@Jmt-pu(ObiV`UGgRPW
ziSy=0QcS5fU2f4BQ!y3CfT}6PPErQb+C@VrfSL7<&#)v9AoK>5paM^Kc-;+q)%0fw
z8B}167Dj0hT$W<(qUbX^Y9vwNUSi?YufH8DlMYjN-B<L~k0fQP2mw9(-;VjBkPQhw
z;KG;1=cw?&$%urHq>H4O_2mG6fhGtUiRYm2C|u`d&#^q&AZe6${9N`hDO<FZ>sh%@
zMVRH1vvOnUw89pHNycbB0=Y*daYe-xoDOZ0<;Jr@>@IBg_h)i<);>KI8SUuc>-v4S
zmX{|CxiDF$+btBC1e#nTtOfz8=L8fnV{<b-zC6QN)9P%6+M>l*-&YomN{Pw;zW#Fu
zY+v5&IAzLK^umr_U88=AWzgF<0<~%4>t)*|a}!I4pn`s3b>-|k$^py#`6D!?xpEA!
zcy$u1%9(!9bmF9Yr;dl#&-EE8a8MqP4@8s0d|D;UJs(XZ5RlAHCfJkL1(b{6>cNV1
zSLNJ;usiq?MO{C7TSee2pDVKzv!S$i-bmTb{cA9=4dpUL%nS7zaGHkbB|$(<?W!`#
z9~O<5OXX|OSIA`sTVAZtA=T`Xkk}Q_C<(sgp^l>QQ8Od%`6od4c71}28BFN{E~``~
zLKJGOvBVJNpHoYyhRlMZ`Ezo5AAKE{P+T%Ocu3WDqBW<^pfh!aD%>8`nwTy%i8tlr
z;i0QXldzsDi&2p=+U>B=qu53`SDIVk)OsSUNh`QQyTfna<z&jB3p7FCYj%ZsQeDpY
z%TT6EdUQIwHho?0+-~<VSnu-B4HKBfhm^1^HZbvwh5&o|OVeH;`WLxs`J&iM;pKI3
zZwOiv8qSuXeLfQmyvZ$+6BozM=INe0AIA<t>}$~B_kY-$^B>9KUG?Ad-rWZs{(Hj3
zy}fzQ@@9q{?fk{Xy@ee8?7zRsnN@2ez`gw)h<!a1t9t!Vq`tFge@@$DJ<4!!o)jTx
z#~Gj2#NF(NZVIVqBVKQ7)PnT1vvuQeaKHUQEuPYvEk11!UNjYFD1z!ruYK76N-jTO
zpXYnW>={q+9Va;^TPHvN#8JB0PUmx+T*X{PP4r2~$z_ye9Y$DxW*kvtxe3~Op)V<u
zAo?}xuw$GDXF6DsYNSdUYKZvMsii7WZGg(DpLzEj1lMD?ny!J-eBJ6GG~CQY3|3G_
zfjEsO8*qZ)*Gk5qVP~bF_JsXs1)wp4<H}ceA{2d^%)rSP+V{cUpbSn25jmcuFQ~*;
zGD}s-pcDG<(<LciSsiI&xSB>EoWfUJZ^Xd0lMRoUBBK%DInmO7k7f`!laG*Da#qtl
zc_vGXS)Cb~Kw3>8Tvl2J(2^0V^qe%;8<-#pEK!*&fUK4acuZ-83Q!g$8lMuB4pYM)
z-MgR}n@{Q2XLrl0z1MVq0VD9xm}@aYs5;Z*uluK0e|6Fg4VOhx+kcR_T4~BVdGsO8
z%=NR|75~`Cs=`{?bYggP!m_B`rarUsZt;cuDWDIpvH3DYt+aI5c$`<FrQ+S{0l6zA
zXNL~zE0sJ%$>pr<CyTrQ-JdfG{Zy25jJoOWY)>wcCW&zM2AqQ0Oix;t<ZTuQbrOwm
z)aN_;obesV5wS681ZMYwuoVrvaTRgY;#X%{6l5eEf07Tv5*Ip=-XvNMoPpGzzQivr
ziFjfF$}ldKUBE#4emwGiB>H|R3aKeh;uK@eo(KK0FIwhs<jdRU^}f3RLTwa8g~<>h
z>t)S<+_)H;*GWsOTNh|sqfRD*pZuW3z#EH!=DVy8*d`f4gWqLb0X0V!ug00zmP7pN
zQz&s&A&v;oK{x;-L9o3sG(B0Hev9fNc2r;%kZr5`bhs!lsYW20Dhe%rX3yoV5BAl7
z1Zty6_QdRsBy!~&jU;L?kF0S5$D=#XNhzh(UQ@!1JM^V;G;Ek?MduTLJl#$&nzK@i
zam-&yk30GBP=}9ex5J;_l7tfCnxyu{i-QsP!Kq}2&L8>Ze?B=?0_%basHFzfPj=f9
zd9jGwYOS}XB^WvPtK+9c+Z01AQPThl*5XT&3$%=a$`9`n?gH$O|Lnb8VChtLB&Q7F
z{1u;nQhR1N6i`u+UJ7=Fp+nWXAe~44cM@{n!0;6SbR1H}#7oa+ECL(0E;TMw*4pBG
z_sr}#EbZjkH2_PQx`u?WH^Q4rv*_Fys4$;=?{M*HNt`(m>vXaeV^hnkD~(L_90a%4
zlBfLP>0?&EH~>wsqfWDx{csm&gJRCK+eRDArYKP0?{sAx5N}AemKbPh5KQtw(gO;r
z{TK4+Fdd&}QZ|2+cGOnZGmI7`8%lzNgq$^SH8WjGvl;+6dXUYU5fx?*Bq3^Z*zVNW
zt{YLW24Cf!g3#r@6{SE|2I5gUMd<D9tr%RDW_u1=7hn5slJS^(8vG*4tcL3;4K=QH
z{IRp65V32HCwHv-cCcz`!Rsd+y&c}H?Cs_KeVkkk7&&CodSCMnl#iz*q*i@OMUuqs
z|6NZ%TZkycf;u5N#1UnsHwWT?aVF?7Xn-s-^vCWhG#EF?21&CI`rtWpjGuWs*q)>o
zZ=|87m>!}5edF#jm=R<eYx)aFaH{X8-&Z(@MAcq~qcb_=Yyz$+BxioxwXcgj@hDc2
zR^wQ?DeU%?hdzEB(1Pl>9P7p``V>7e1>a)=$)()cs;DuaPURuCQl-VBw8*X=1K5g_
zRaQ`fRseFas?Vdl645j^ooeDzRoQDkf}*a0U;U0GS*5f8`8<r$`x49r5rF&m#-v^9
zJZ+Y3x(t6WLsAmbNQ<2Z)7^~|eqGmz0@<`C?f_^{*2HTo5!=JT)8NPfpBwAAB?xls
zBiH0d(C;Yk;y+-bQv?H=Ql5GLmUjk20mLh(+&&Y}tz*Na?#digL%}{(8pSC%jkX9N
zDK&aeeK_HqPZ&{S5Uzn&5n7l;5ja)Lm%ZXDy{ut{QQTWSR@I~u!G@<-7A6AAw1?D*
zQezl>SM_LdU~B|A?FR}&Gc!6gp=v&p>Tz5mj$UG3P{74gX71gW0ms$q3w{yuxNYAu
z8x4;FAfx9fi6Y#n)9~iLA>}@gF*5QI)=CHCl++rN(xUn&)5{+;7p0dFZ*Vs0ZV^>x
zY!{mtX(%#qh)uOQqehh3HLt6)^u*g1Nv63A_~lM~aC!@`Vr9DzxE9wCh!1vargtDx
zI6F%=jt@}|bygd<7-g8#@1Q4%o6*!_?0JAI3QIJtNv+hvR8vaEgtSDf>w#Gof+Fl0
zem-LW0n;=>#z~m;qfp5^(c)LU1-@>{|B&|%_dmOT8gIe-gv&I2%Rca*+v54ZhC8!A
z87D*qzYWl+VbYJ=r|}lPV=TKKe=<%2PW9xvIgJ6Y|Nei`zGE!^H_?k1rES^TD!1wC
z;_%c_hmDo^_Ih>eIO-vwGTC_Lv$Vumk>+hdTi$G~(DdSj>G`8`i=3X6ngXG-pmV<d
z^v+}K*!IvU9&#^~t-e10P65Mx=6W^$4vZQ8i52qHYbX*W+L`m542pI_g+sHF{LYa0
z3}EKkIU6Ntde0`L18ue&b-MtnUYiM+fklswA`J%Ss{Gy2qn=_i7IZ2@jb>0#!|AR{
zW9nU?-h6i^AxXH|lzY6q?V#D*T9s8_j^XJKngK8Je5s3RMxisQX(lswPFZ3fw!yqW
z!SD=c&%>SDaA3)AO~&wKPl9OIDL`zcN{lIP%HtR0*GG-Dnd;}`MPRZ>HfqF$_CKk4
zx5t9-2lGvGaLE{ZgnqflymSw?(O&2<O>r0fIXw#7^#$bkx;Q?3C!PC!U$>I;P3?v4
zX8F2&jQ<?AmX?x}@A^HSTwYG5`5l(#_FznZK>R+RA9=kz*hL7-%JqJ@*sH(R8Fi{%
zTdmR3XO++10er#mLTgNjEv0!va5x>Au593m*7c5hNXsE7htd(eKj;Ta$@I*^lww-C
z=}R>&{=77JL8=MYcvREc+o*eCNUV(=yO7TgX3>h5max8fILAzFeC5^^8%$d*CMVTS
zf_#t+U}bEe64tTdFU`HJ&lo-tN1DhCUrswwTD~~UrEMIiRo<jU^Hxd!!TO0ALr(G*
zsv)F5_9e~y8}{`s>OTqDCR&gEO_ew1kKgqCAh5B55-6MN$M%(qF1>_bELGR)WB4lK
zUR&N_;g%-T41Rv%Zkh(+JIuTC%4EHV-B$HROTU)bt&BzMpSeK$@(2u5N1Z~GtjhWf
z4J~DIiAIctW-QU(2bfzxRz34v3~Me**#W*3g<SymGNLmva6FEZ;igj(B0Aay@BHla
zP5K)ZNZ0R$Uc_Y<58J$rRPcNSPb)c9U3g5JKa96swo-epVpM5%bWVB4rZO~-kQuL+
zm58Qt^!|RlTl?er{Q8JtN4JyM+F(lY(1lKu(KvzzOWxeK);ADu2_Xujb`%?>y;H8Q
z4nZ2RgNROnG-)o8-zj~>wkyH;&<nM|F+2MpnaZJm8DtA?q-eeRtX>bDSN9rqGntBp
zhM0<wX}<l<LThE3a1HfIqk*>*3kmfx@2w3y<&o3a)ySJ*cbjznx|O)wWU_knu)RF|
z`|o6Wh~aopBljFy55O!|ed(oy>Z-o}sg~Q8N&1iPz=ybF4wDwXA(b;TVX{bF{WVi}
zn5i0bUJrvcOm;V?2Ps0EpH{7OXcI#hR<jJ45~XOP9q}cV$%095H`}f$B)$vp28YB<
za7EN<$u8*ORninpCU$INy{aYFnr-{IdhB$9?yT6y>L~DNT~bN)`)@C+;8P~Gs1xPi
zVN=p-we+)wl8eyeH&~Q1M_H}A+jSz{(b(MQ*}#n;3+}z=<rURESxJT1n^D?%WHUf7
z%J4~d@-wwsS^5;`ZoX*8F$*MX1ju#y4m^kQ{_$gnU#~eQsr{C33wShMYX#Ej#ib-$
zKaROr|HsEc$O%eyK%fB0g(WEIIQN<mqZk*}#O?)3gA3V)J*kHfdoa3W$yw1zX|GKr
z)~DRB2i>Jg!@d|?`~cl_1O}=daB3T-NCyO@r$&ABv9z%Q-dw$~Iu`CM9RkiPc#9`>
z2ygm$w2J}gkLyQIUvPMMy}KY37g!?f9=<hdB|~R{CFacv`*aqXC%A{g8h$bjKyP5x
zc^s-5FKi`|As;Ydjan-~r=hhejrRU>AQFFs;#e^14$}o*O>GsC5w+Q}GmscJ(A;N0
z)F9Z;OeBcBY)sv|S|S6*xL#c^nyz(9cW(_YVe923npM44zf0Eb)PgUn>07DJDyi=K
z**CDDcFq##R*b-O30P(+b$Khw^LP2DAZG2hgo=mQn1B6eAv$UuSOJ@H(8%y54Wl@+
z`{e%vK|sF0qWOq9g5%sES1;kKB(p07J4?&5;D~R~&HD^4)kTL_CIjj$$QO!90W2b?
zD=Koi-WjA;gjolDaMlq-DXe!;03Oc?RIpnX!Bg6XVAS8xqp({IBuGK$tS}iYz>>*%
z-^s}W>8S#;7*`DSUKR|~0_~(UiO*_I@WC;2(q>|JPGCfTPIGD^ckj-e^kv<h6Wo}e
z&zzE+RElMpT$h)X)TZXBJHULk4WME9-pEujkeyvZwDNL+X^leFCItVlM4bjC!S-ch
z-_VJ<X{zQA;h`pq&utMIcH=yt_>>tf0MIeMnPhuIx4+!xNMqy-ewUI@NKj*@;JUC5
zLm_kKg-$Wa>l$-y_2;4#ZF;x9&1}>%?@+I$L0vNSTTzk}7J!MIizRrvCZu8oCXSmE
zd4o3HF)*`vX_T(zX1i!MjnRw@{61C-UZnZ2xgtle?FK~v{2o(`AA!_vIRkx=H(cZ<
zpW2^zbXE>A7`4V3`2fJ5o)maSeh|b>oJ<q;bc<DEtQe(;tok06Q0sx4hFz{vqIQtm
zC*oTHe5S`e)i!qbb5XM1TK=pkFcBV3x`&J$+{YIA4!>#@<xC%~nv13K?GYLYxchGT
zK7+(^rNgw|RoWwR-mjMl8w^86K{W2Wk16}J-*|=Al^){0Tdoy-Ug>GnoEBGQ7}$~Q
z0F%ABI`4iR%o&rl%;4{Y=4-B0EU!X8cWl0r@`juQLB*$vFV&f0_Nksh98!>r!euRi
zDJyE1XbpqR+$>-t5Pdf;EjErqcNq|IS8w%$-88#f^)?}WJ+fVIjRm@e4i=qw@0y|V
z`f!j)s7Yl^je|t`OZz>NGpxO0kVr&#lF(A_1MAi%$50w=NFVzikWRrw{Dv*c6`i7)
zt;H0`HLKICq>!dQM{5F7XjYAzKU%(EP!RUg$a8Ngp0@#P6Hkm1T@-W)C6=}8Du8pm
z<Mj%_G*_$>oJ><!DyATQBnYc2S(zLv>jpQKESEBe1g$7ZskikK0PnpReG7#Rd5W5|
z*<!&mt(iti`V55E!AXmbYErT_vm2=GHUF40N}sBqO<+(%`~Q48Bjh43IBkOUM02@M
z$!4q7dWk(m_cUX{_cm*FzG@Orcg#~yd~f||F$P|H^F_@@R(a|5;-_rQKz`tMW?9#p
zpJKsvz5OwdehS4t-|0PEr{r<nr=-t?`m=dv;tA1+MKS_O{L1@=XT-UP=%vgdL7~M`
z3FM0yoFe{{RcBjuSx8J+_W^?pB6Uu*r8F!UjpJxt7Ft>AjHE4QZ}A4y#11@QS6H-j
z18X!P{{ZpevU4rM%cUcW&WXTfm{H-t`)X-@RV3#Ns06Id5KCIowZ6m^F-tsWOAZ;L
zgQVS+aIA={>7C#;!)vnU%M~i|gaTp!u~Fkf(&1Hr6D%uoN2|5gBxtsRur(DVZz@0`
zt{KfYQ&rPi8#@eB{)hP;w1(_}`@Y|3$N~5LfcqX@(F5-L(5DW#?+4uX1Ma*39B|*e
z&jI&+>-p@EP7k>6!y`Q4z8`Skcb)_8`vLd8@1qCYcXGgex6c9h{eb&^z<od9zCX%}
z9B|(cxbHj90rx%d{OhSV2i*6*=Yacuz<od9z8`Sk54i6K-1h_Sd(UTrnMyeyg!@ZD
zO)+H>ZSgOeH;YApN3=kMx9+4Lw18;a5gArb0GMTX?;-VnfUK!b23Wl|NA%^pSB_JL
zEq@E=5?tR<Rw9h)ofr<Z4J>kB35!|ltdJ^<UV#gdt*8*p8ehDI1hP3}g2<AY@DwGA
zi)FzGt!tXChDF79P)dLc+~$6o->AA`bZxV6*OcQc2+b;~hBs~96g4m1%ZXx;&X0Gb
zTR6xqX%j^!_?OU@ndwO%uM5n?2|&EA%X)*kZUz;!QZ>m6&H_oDI6{OKg!fOZsv^vc
zm6@{0K@%@)MS@5S?EvuAB<IRlM`}W7ZG|6fyj^$L`r%9xyr^(A_)-5g9*|_4a_0`)
z@X;#h(jA0JC)d5zy$lvS&6Rf)2T1~>2zIM^n`KO^1+;r2-3#|Vc-|fPhABmt>@whK
zA2MFS+1_pjuuFjjjrKQ#vuyLKj#Wq3UE_G1zIIpfx@NG!09h8;VJ@}{l8?JtTjY%;
z-V)V!gvbL_(RDMgI9refhlDFgVVWS43`O^YQmlgU8?(aBBOo-)1na618Le9_5(@qJ
zf-E65$|%^sd-7j@AoGpBT?Z*@rLmSZE!-j&Of2;tfvC~<ke>u^R~R7g!wc~Ai<@~@
zbvVn}?U}c4(?Tw1Jxxo7F7v3F-@~G^;MpdLNiA#=S;;$uzU$$zcr9fq%celD@hi>Q
zuwsp3yA@5n=P9(Jmh_hNG1+l;h|*-28*ibOVZ)-x+Ow}{QOs#}b1h%XrFth`R+X%}
zV=t(d>Z?ZF5IGE7(+;bUORYVYO>L8p`xX?-ugxVAl*8RgvyZ$rM@@kWnn3=0hlQ|V
zV7;tgJo()p@t6=<kv~3x3{y2hfdn#DUzlrJ6xzy)I$3K88{fy+d-HXj#=^-e<@NPn
zwca=^6>G(c#RO{}oTYXQm(a11Zct>hi_^FF{c<adX3bu(Tb|lAsq+o%WhuA<K&W{k
zvm26|Kh{CWo3`su0x(4+onml=okWT?ElVzzm;qnWI~;D%z5^PX-=WGo0dOMC7mb8N
zS9#C8+ArB<FX3lQwH^h>McSGSH%Gi<^cukl4ZB7XoxkxEk<JW7pnVV}C94!yT9ki)
z9fpQLk!iLryZcWk?xCG}dldLkFqtE{a%VUx0}lY8r>33hOPQN5!J$RO*&Zb=EwesZ
z1dln?AKE!}&$RxHJJk58z*ax}QHBAGJjrl|%}}~GY)47Ijm?ID-_IgE7_ECoFwm&?
zzz`<K&yFADJmX|5S<+>+#lqH{x4-HaA8X|g{toW%$b?HngXJw$0)Tg5V9qY2QC?)U
zZ37{9bVFz*8<Ee@L*U#sZ?*>gRtn~Nh()M&+r)t*mJ9N9_VmdwAzEQHTcY)?6Rmh|
z9%Nh=)_BC&-XP<8sKwmkp2DxR5y;vWHIa2c0hLH=m0mUJX&;z)!gS-Mx~iGq^Yr5}
zM`mshzbADg6E@%P5d{8}kB-O*e)1U0ry^<PiQ8?a|MFuQ!8Y3}e=DiB<xztPtwmIg
z>E2JnYw>5cqPGkRym&#YXmwOA$ra9x%$u4pamy<y)=bpomR20F1iZeCzdreJ{vKk)
zu}Us1RyFf)lr8D^XW_jpF~NikY_Xk#-XD;Oc20T}>!xmKs00@u_Ax6O#cv-%KBVYS
z?neCuRVY)X_<|2|^;XqnyLmeWj^Lc^)?^G1z0YNStX%zu9~?EtGFI#kQp9W~i)Xf@
za6k?I!<o&Y{T<x3;C>D76yPBC=w_+?^nz3Af`G!C+I2Kh^qN(IS}f3#a;!ACUQr>{
z`=;pEEzjLvR;(;|M$Pwstl@iquk;uHZvOUT3t@(l9|~P*NN=8{r3CJoHumijZ1Q7;
z))bVww!D;AQrmnz6b-k~f>m{oJ2S9v1sG}othT%K-L-8$={mA9vxo#1!w@4<kV49G
zPP3c71El0Gp!uAOoX{oZLbV747d^SVq1(QY%U2l9jLbwXP1qB{gB~BWS%vl-LR+^T
za!fQm4IrlEXt(rgs)w~$@1B<_`G@Mso(eE~A(yZFadCI1hp0S1$Lw-8Z+1`R6vEs+
zzrLf@?wqISp&YXoYcAe1nhz&P_a>c+oyfmlB9zXQ2zFO&NQU*(1Fi_K>7RbR!w{lk
zqsj8xcP(ZWRV&Crl@Jl_%?#;gvAVv-U8V2|IVolCBthR7`UH(4N=krz!uog^^XX7S
zZcyghqyzGF_C;St0LJ*9&c67aS-Jiu-d8oP*`g_~SpBBESv@qv#kb)cg-~XKkU6_z
z1>EmH#|88PN-@p4yp=Y&=~CvHFs8B<%bNni#iQgj{_?7p6<xCDaDpQ||8Dmi?a^0;
zAW`^teS@H+=)DRHxIrx*Y7gaCykHokF612~jph)r<+9>+4}w70Wpl#@tkRwGuN$^$
zD}u9%nX*W|;lR$;$1)$ri3h|k`|TSx0Cx~kr-qIEt<)nglhzm|^=PCNdCRI>&hE~P
z20PV4Xo?%E&Y=7M*{|R~15>_!_u?Hi&NJvdjnW6zv>BZdTJjI9QUJtt!$m$J4bQ*o
zk2^-zMcUAId~L2k>E755o+v|bS3r6y*le5R7s4M7djy6x->H7Xm_xahN4%z`>4#2h
zx#n5?2*2vZW{w?Wh@5t7pTRsgd^KoK*|Xkh<qMu-<4%J}4=tovLZkxp)1LSDDRo1`
zjKgLHIH;t0M3Du8k<*Tzle4mr8*l+|WvBoc6*Xus?4v$OefN;m-!52x9~)c!*od4}
z#Rk0Dc<RO}s-?`|7%;WS<SyG!TD?M9D@RM)b8QV$oYa!l%5%E*-D4OhsC}KilzGqS
z!}6K7Z|y(WV>+cr-4R<YfV~-`3ey;z9?)pDj6id0O-tbT!8{C;tZjQ(qfxS^4w8Gm
zX-&sk%EDx0X<0p-HBhm-;_Q|YTFrS~(Q4yx^B@4f0X0CIJpXK1wE^!G)D?wrJQ3|2
z%58H@MPJLDFFFjkeTnqnA&p|yblLEnoq3xW677T1WXP%~kGubGXbJi|d|q!i9t7BP
zlNi>;WE*&`td>;ppK$dvTC=6B^gmBjCQGv?phui~OH4QDl^>v~jHU@0EXFfXd+n(U
zi<D{5OH@KiaME7lUhK7vqcj(L`!<6Av+?5Xplp;hV>5EmHqjqCcbb90%F;XNTF6fb
zEwnAQToEPL%xlWO27Jjv-VN$-Ca1BME&j)fktGubybgjVg3waSwTjc)gsW*&%QdZe
zMvGz)=gNW$mla>riWeJ~;f8g}FcT>V&)K?^wZ7$$sr+kp&^ft)LRu;MTzjL>GzTE#
z1!t8)1#l0gEx<3Otm=N4(;grry=rg-T}>w#K_Vwht-wN|j)OKDz*zLrQtsG%l<r_`
zkLLwdDrL~-^CZ(>AXF*76m0`5ZNZIuy<BTOwgHtyz5JLJP0sRHm0Z6R3t9DLXm=0X
zWt0M$x_qAY!+pM9{e9bU)sR7Bp8+8omCvF7g*(ee!uK7E?__nOh>ZXu6_&rX-vkAv
z1Gh`w&>Kdenc+b5K0QcB08@+2Z%hrB*R-poydp1{)++Tmd8YZSha}rwGSmqT_|5L&
z7)*57VikX9%*GfC8^Nm~@Qhw&XL9$RM7JGXnz#uzHqNVdQ|vzSr5IFg?p9j!ZufR;
zM`0b&Rg4{ewaSw9?sF`&!fsJg?B#uDho>%K$gP2<wy%=VVV}K+gFipan8FbjJKo?Q
zVK@&LhXIW<$#-PjSX+i-4=4v15<nMD6%|>3I<;3~V=Q;9LHs}Zt1m?k7}qT>JK9}_
z$F=Y%`{bGt%|F8XXE@j&$@AA2gjUN2gR<|mjB-9w8*+hR-#(c=eL8#6Yv1H##h0tT
zz|g^Sb?{vMr+Kda**T>V*|Bw`ak|O|3N<OtD#F?`U&+4YP?KOIjdZb>6vzU5@~2b$
zBh(B5Z?=w&-NP_=xhJT@ed5#@c(L_(>!Cw=eitV$^<>at^^k!NXFWwm_ug4qcBAls
z8=r__xiyq!KrJQI@AWLAR*+o+g)QR-r<*a!)EQJ2v{f>FtpdW*H7h6|N<{4<heFD+
z0`<7X4mD=Evp3tuU_<tN$+DUK0+O7VevTFM^5Q!!4#^K91R1{@cI!v4)q{Sq5p>Nn
zyGQ4RZ6G&5yIbpR#?huW^7Xo@A-33$5E@ML?d2L+6F<933e&X0HhIu1*!lEewN*+M
zZ!DK`7oKe(Nxd`9Qs%Rstq#1$wcEIqx$6_<FSY6IRl7_Hs8>YlLAtG~V#)=QGN6-^
zx?(9^!DOvys#Yvft8?Gza|xHu4ciQCcVINTr10fy+J}&VQs@4D${;pR8YWK?7Eej*
znpNT%`Ja;?e*0;9`qjzF_fMw(^|#-i{4j$beslWO=_mV--=3bHoP7Vyo3F1gU;d4s
ze)?WC>l^&nr<3p5%fBTOIX(UA*8>CE3oECqJibQB-_`@@v$LijAt{4m8G~FvyN{;!
zTz^Abfz69XtDhZv=4?#`U9zcr*|e?XJlo5aYA?D2ul<s|W)Qu1xXq*h?Qq+mw6uzm
zm7Ad5IO<#xx#o3k9Gsq*9!eVJb;qA+&ID9{QV3MG4Iz9~@K`#1Eww_y*JS}}8rBY5
z)ds>MpVv7F{IOy+6aD2XX62rdFMhY{J?t9S(0<iAE&Q;sT2VlZfJz$(sV-y{LgnC!
z9Dnh<)iGwaY^f3zTQ&u)^sZHiBtd>Oe7{zo)Ti~Q)u;T^-KWjzk3FPM*1RaV%|f&P
zU31aYP-oLrisW>o$Q@%hifkCIR8Jv*cYvRKvght})1JZ8JMZV*`+4R4y!L)p{_oZ4
zSEsv2H6U0j+0^W^VhjE;Vt8EZCDflLC49WIQx#is1>KSWXm~|MUi8D7FQn~TXz;&{
zk@f9`ag>^<sT70~)y$_Q?MrzKP04r04d;^WsGc2nEjo6LtN?#L0&v_ilXmWRneFpN
zh+@<B0Bl{A)X&1jwKIub0K_m{0u|P_fy-Yy#!fN0w!ea~RyICSn1}$bUdOB)(rT|)
zTjr;>xz69d7)p6hw_eTz!@*&@zi81ssCB!93=BR`2qiacgTjIe(>lu#!G_}IF6wjE
z*ryF<-^WlI^h5S6#|_)K@^Dxe{R>xi?3MyMD91no?`fkDw`$45cgtKcNRj|n(Q`Of
zri;52YQ@VKE*pgylU&%<cRk3FJo4X#n2@)!*8h3=k*i3tkKW4{lBu_{hELynad2qK
zOJkBEjLSirW?t%qo#sWnRjylNuE>QTva)O7iWih2?_=-*Xhpab>B3~JdGv8v^*j8P
z^IsKS^3E`D2<Co(zd#Z+bcD%mzdNc|gw|}i<M-@7YgR2G(=G&DmDEsTRBy--rhnX|
z9~L!Jx9pE&^23Gj`WHzO@?MSde2qy%|F0I$z(oHamI2Mk`LIV*KmIpNk&RDW)76Um
zKO25a3zLFE1!1U*4-l1$o!fFk?p9J^RLD7zj&9iIXwo?$!%oGc3vuL7!n%jj-BX}N
z9Kqj?W;++`kS!X%cK6lw$3-Bt5|*fY?cDBdTn%FiTZt78NTFZ5#7H^F3GmZqvdXzw
z9yF?hMm4w`2aO7zgGM#@95gC&(5S|a@1Ri~G^z*Fs8qNAeMG6+>XuJdvd9$y)M=<R
zw$uo%>x$38iP>Kyk;(PC3zf@itzIc3RJIx<x+47D*8XEvu!Z`%l1-VCK5&i>cv=wE
zl-99ckfr{<NdUmR8@O{2?B9b1g*5q6<}-37*A6~K?~n0Z!eqZ`=B!`?g~C8_1${Dr
zf$ub7eGN+!La;=^<Ea1a!{`smfgc2UikvI&ASe6lix)0MLx1<x6)YS10zai#z2rHW
z^8kRPzV=T9yF(N*S5e)Cj<N4>12r!if@S#<-(Rw7&C%UH=SGKp0BJy$zxV#wfL&I1
z)9P+IolZ@sRY0U43dr~?ju^qRHkCD7E3Ab;`(iZ=@kzzT%x|V|bY`_ammARb$=8bn
zr4W#MAk{1oedmhYagobAHITXy2iA|p49)3y4h$9ohV4e%dcNi|iEIyB2)5}D3}4Pe
zOKtNk49}Q;WOJq&m3=G&@YE)K;!+<uFAWCv8Kky8!5e*8I%hG2Wu#?+tZKVdWKI>!
z+o7LqamgtpfWQk^^mb@#g(PgT(AKFGgq16{W)&^EgEFwl&rGi8#3bgf`_p2H(UU<{
z%Xww>Zg+z*a`aBTm$H7t6<nJ~@cE;2fG#;2QpI+_aojiBjF$k<4^SOC2|my7mB3jw
z;yhX6YssPoUoG|b5H?2C)dq4DcOW}mca?!TeXE#qF#7fabNw-(j0~`2&D^=zzF%j0
zwFAPH8x-U1YgupO?nUXT`a?ABp7xAor-auO^w2t<nY51x^f&&IWF4@^TM1_%fjKPp
zwQ6nnmKDG-(mX@8TCA<KN)9r6qgaLZA%N!XTtJY~Z859?@rlsda?;Q(CJ7S?!H%|2
zb<D87y?8;MkP`qJ0~T3OUSKgR9qdxIg+8^gglFzr)fS~e=@$}Zlo|hUhT=|1b@FNG
zO&7&y@6*uo{V?U&X$a}?!=Qw~f!``N;FQ^sP2WD4Z1PcMG&^?BKJuKcST-`teqe~?
zh#ef-tH3puxPv`!9pdZ+dG<&b*(1p_#a?sKe8fHyDXwMBQdckGONhGvu{LG{+BLbc
zYdi}kpcVMJ3j@7mOj8^Ov0hP;_on^pXM1F>?$6tw!zFsZOEm8CF8ZOy?9+uD11A7i
zZtKu1fX?qNdpYEuOF@`V%XOB0z$(3Ce=o7e0(FDeU;YKh4j)My`}L;W8oU1TFF5vQ
z@JibmyT1LpV~6YLml}J-H>+5d$#r>I$we<_&(8GFR{~!$wPg0n-RY&E&@(dVP64;k
zo>E{?54)dikQpsjQq{rr*jbb9ueDtm3Ds|f--YVq@Bv>MeAeLcK!2YWnGa3TYwY6(
zpEJ>m08K5KTU<n+ZY=>Rw(SZ{VNy)w;aEdS>(#`>%MdpW0+p!lA1fb*(ejBIZh)vQ
z05YQiM~1xs7kK!&B1f<7LJu1A4=ss~@ZD}dG1Pv;MQ+d*6DR0kR8bFUV}^KwXvLn9
z9|Um|B-564f<Zi6>XpJe?@?=swd;c<`(Aa&+WeOPwq6jR_^klG&|{ryvuc-uU73DI
zAW15g4+goga$qkZ={d{6^OB;Ap1YI=aIY(01#KJV8LLLG@UX4cRT3w#+a@GNdU|9a
zpv#7QeeojXBDU_n6TWD5yi<$}VMJif)^qd$s(4Xh53I9;NNIRJY|ssBvmFIoNG}fP
z*0f><k{H5in=x8vXpTd(3Cuk-M}+#QwG2R~D8FSB!fu%$d}#8u530q5!EG=%D)83N
zYRv_M)hYdN<HbGUD6!h8tR9LGcY}KPNeJe7nME$UJh!wQj!$4)K}i9eQwYQ~!g$L)
zDks~DkCm50As+xtciyUkHX>UkYeE4l?O`^vXDwamgOVFo2|ydK=$h3Ie0kW5^*Hsf
z*pLZHZ!i@u-j_ZlXC`?VA1t`}1CQfg<*d`7C4bL64Z~97+%ezbm+TFbxw!blxMZvX
zwcA(eSS9++y8Yh6{=6Y4N<e_b{dv2-SC9pRG)H?(3T=k&YZEQkiaxIxAh6Nms$^NB
z>iqSatMl#`K`xo9at41VG&f<zknYUpD=BZtiLLQl@_N<GXPI1k<$hDem+H*$=v0q7
z)Ch%(!l6QR`g7WWWp3oKoN(xJG7t4CvES`Z8pIWB)xB(%-E9Z~R7JPKg8%v80e1X>
zDQ>R{TK@N%n6aC+nv^)3zqH@*n|Sd>r>k-hd6b|k<l<Y$nkF$sk9~)17it3VEigAI
zKv@fkHXuJ|WF-OdiOe@poht>f8=PbWR)e)SqSBk5YwHq9WwhuRi-Im^<O;>BFCi?J
zKPdg)hhyey+vOeF7$_7jHWp^EJRlL_T+eke2<Su*N99=gz9H~ktmrLk>;If?>~C>^
zCW_V*>;a&Kpedl&YzdSpS@Vy2WIoGeDT}JNP)ITD|KjP4kc-v`n`quk8?x8+UBFk~
zvieR|H@F<W<KIFIM$T5aL70ojjSv<Pmos0{n{RLM-Z))gs>24~i>+L^ZoDq+Aqz+H
z`obqE8FuZn-~As+jNV5FcqEr^;Ex8i^gPRCBT@iSuXeuBccpYc)iYw_KKA&_fNEjk
z?`1ENcVHC^9(-)@1~uN^W6GeNt>m3Ul*h{YLHAZzdCIxcq8*wGUWJ<Ubu-U={7=)|
zjx?P{_l7WBCwb79hi<_JB!0yTMipddaAovnOEQydMj9cQKA*JO%*cz~!4JH{)~8ES
zv9;7fS8TQh&V|kU!X}%+#HV3_28myT9nre0_|kk98%tgpBy{QUvyI8_HFF7A9iGhr
zU*>{9VF1D}+ssHnSGs2FvH+N>H*&C(XgXqrVZ<}j9QW*3Hu<f81>@TMn&rH&3sV0o
z;-~$3nLDsPHYLOQ5IiRMv4H%uUS68rAp3c}>8`zGXs*c7k?ktSs0iJpR%#e$_p#Tc
z4#(p~HU#ocypZC=kT@l>B5&9lMmQ2>WNXhNTSn5fWW|4CfUGjSbwO~QRCt|4fSqkd
zal^A0KrL%pc%U>8BC`w=*Z}MOFs@^+h&{<J{}>{W{3nJ8Sg4h&P$(4~4H>A}n(7+1
z)iKGn2ib(;N(%Ft08Mi;+~DqP7{kZp!E1lc>O02pV!N{I6gn(UO#oBb7HX(w4fP;6
zdV@Kr1yIL#5(_VuGT%9Jf*1aoYqJ51$Vj<@mLcFY9}nuDem*`sIHx@Uog)4>mnEHa
z!PyVr|AupI)38ajF?I#H`6Kj7dpdz*gAK555r$SxFv)UQLV&j%DLnnJ3E}ks7Ub7V
zu!?6}(;130bbuiDl*?|Jr|wo=;vl9wf7<t&?a>HQ1J2)h?nnSyhbj}OJ)|O^(n1PG
zE<ZdEr;h+qDO4J?Wd<g9K*HwQM$cNp_OVj<*t7MVLD<c&sDX+Bhamak`GoKpo7sQC
zN5k$I=uiZ+ULxYK>m&+d3x@Ao7HL#}{F9!t{@#C2|77$~_}7od8TsSZZ}AEX5QQ<g
z-tRwJJWyOd^`j}K10xw?NAdh&()wHg<*2qB<!oqe5eO(ZvR+*wYa|@<4FQCkUZ)et
zHvCA}Wua{VDM=y4@)Y1y&jn#0xdNXKu4$n6vGG8|C@jL89?EuM7S884Le{^r>>L@W
z{bDT%y_MWHr-oKYSQMYTf|(6jbER$OkS%{@L{z(+3LP)=LS{ECH!UBr^_6|Y<%j2C
z-bXXXgbJX7MVswYTMecckSn-KYfm1Bc+{=g#If~?Vp<h;Offy3ggIgkm^Q2)+gWP?
z=>7p4t!Ct{tk$$B49u@l(1+v31kaMQ5GT--oV&(S2Cy8PI8gy@y#ZCiG_eY+-IUBL
zdBX(BibmBQ*l_E4ZF}>hYtEDmh7=wvo7OZ3j`^l-0cyLSe0WaiqGr&=R4@6Q4F*^V
zy1%i3%?|<)6Sbx~LD!v$!3bUiGFVb#p~N}2!lmKeMzC%1u4!*#uqE22VsKU?(vsM|
zttEP?yk+WkH{y_dV8H4Tr9MIyGBu2Q*7?Vw-RwUQLC)0Jx1uto+k3FbIx))hh;;<p
z!bB?D?hvpBTJcde6ZMDoZVwL;FDxc%Ub!F>0ZeUJ-bNq`cNaQB5i?g<-BzEPdq|5m
z=X<!e9`&@XF=f2HQ#2c=q-o2bZ_Mzt)0iAyoM~zDM&|L4ZmYlESKF#}tgBXFKjH_X
zR0&zTZnoxbF|u$)Z}-<ROShC(ll&D9XbP{JJ{>l8?2~{Fflnevg#Y0XQiOf91VUAC
z?B2BBY(vz(Mr%B+2~%TS3z%o*HystlsHuXMYNZtq1cp3O<`*-w3A39&!VYym9tsNE
z=QleV(Mj*wI8A{>!N=+2&_ozKQnm+U+e8l*%H$WNZ2ZcPDL^;`p=>9vyS_6X1iMS1
zXtgUW02aN`@$MTFh~k(`D^^Y6Tx@U=UwDk-S#}9Dxv?Vk_3N>l8*AH8yyT&7iT=~l
zdCwM@2HE-54)p|@?*0BK;VSKro{2zLq@KBV>Xj`pj|ZR16$!$wZa?+Th+5zPe-*vY
z4EXT<C;cKI;HBe%s^;ydn`(P`fvK#<`G}dF_U2CNPtZPCgzr>rTwebT-D2@Xs@;?G
z4Y#<<bJk{?R!qMKM<3HH?DGnQ$;N16^@>;dw4{)WwkesK_#;mw>2Sf5K0oUAA&@!0
z#}31SS=X|OKDcHsuw%)Sv-|oOvy0_1w$E-x<5uMKvzuKkFR^{5u*(S_3nVgb4>GFg
z<1+>+X#45Nzx{O{Ej+tT%#DIF&=6|-aSftMSvG|&ns?wb^$G?$!E`5wo|b;O0~V1&
z;D0c&jRg-<q#bE6na4iv^{wC{CjwxQDm!lor41Mt39mpRPJ8fO0$y0wDlR-$z2sKe
zrDv%o%NTR6HY;7a0y~lY43-&F*y<O0VHHK|wlZ5PK?lsS3(`2{aToN(fYf1jS0gek
zkl;xyVdlA`u!HZw;Ir@rX2K+ylEhg0jxi=!$Iz4PWm-7A8qB`;pE=EL?r4=O$e*J%
zpL0FM3F=b5;v<fa>!e&F`*5+X`FYbNC*IoZXoM-Ygx3|!dY#(ocN;b9rIsQ^Pr-d#
zqbFV;KN}=OH2{<p3#$kxC-Lsu)gF76r~PM=vWgqhKYLFLO2B}`=NhA;kVITDM)+Er
zOH|Y(=L^@c%LZLX4R&XPwdMI8be;9s0G*JK^^&4m-^n)j9bu2;!nR(YY$@HzRJE|y
zTkOf%i9WG+tSIz<?<Z~5tZ&}fwiFsXSVvw0%qBi3c_quzxZ>BR+w+F>lIj*Q<19#S
z;)a=S=m5-ziK=)tZVxj}0rsq_@YZ8SL;8~TZ?*j^IN<c2x&|95N8#kptfr^rTeX$&
z>mscK)^-AE-yXLuw$b38k(2YHTzT*HEYB3mFhsf7T93|{pH~u_n*-5@9sa>?J=m=W
zyS4lLJKL?EX0zuMomSL!vU!u;^N4ySpP<LmQG%49FVM4sD9F1zx|s>AD&S&iz2NWd
zTfeSoFm2y|+MY`;FVCEM+bVnXh_TuaaAB$U?PFzP+xqWW#>zU;u}*yUnUO1oCPsI<
zB$rv^y2vF`)p9szHRXkB@4V~&TQ-qo_+A_91Shzh-re>e>GcV;gx-F-J{!LkqDyf0
z^EYGtIy(a%2p~dlMQDhI+x_xmNrkrMUr}B(gDK+vW7(n&dO*dD>crGX#nt-zV7m^`
znCe%rsL-1EEtgHo3YcuyrbZ0`;ST1EtoU+e$z`;p8Lu~{;Yg~14q8Y}>qfQeBj_Fw
zgnz&wt=sX3))GT4zPF$8Ex!|mg@<nuZvmcqrwuj=-)#w=Nb=zthi^akY$U$@B!}q9
z_(tQ2RLS^;<lE0UM#d*yVZ<l3f%yoMB&pf?SekWm^Yf8py+-MKH$&f{I!+HJqwaHj
z60d82JjuTDG1(~ijBU2Q{fwB+xMu9zPpCQj_A{ot$<BAfH9y@awF0RBTcg<QGpyL?
zK6}+~Y(Jx$!Ka#CJuTyZvF7mG&&Wd_ZXUn=9L~bO$5}{fR)3$<Fx0$0mF7T;`~GJ3
zsm_?>miK81X#|)$xdnbA#m`=5jQFq`Y@NCNblB5%D#Xr{fXw^PhE*G)?Q~<tCmH=x
z^Nv>GDqtm(e-PK<#_8N?O*Vs5PH4KB$Upt9IeVLMCQ=Oa4BLM8x40s$Jd?HVt(Kpm
z)}HA!BP~D^T77Om`xteRR-oHYdTY>8rqXsB(MYS%?Pre*I<1xH_LJILbkyXx+K>*k
z8XadPhue~lYCXFB?6uhO)}-4{a;wr&3)5|DI@r2&wEG~^=5!eDc9>*B+tY^`=1v>b
zQDnm{Q&Zcb?ob^g^UeJB;mh&vh<)5Cp^nbmpN;hL+<qR}{Ss}{y8Yb8m>a!=W81nW
z8*iQFuaP#di9{pKV0+uXCX!BT4(r;$j_}Cu$c+AGv56GN_H5sN9?PP*UkbU2EIltM
zhIz+EB)7lc1E-d-I#(W*HgIo2svkOJmg(1|6f}-F(n$M_%*U=^`$Y#?-9fCn4WWzp
z4<B4Phx`1B7ffwb4SBdJB-e;{j48`opzc5%qjC?wkbAIV`$fxx#<p#PRcTI)zS?O>
z=XN=ZSxP1Kh*>9{_V~p;h20qZb0U`Z;0KZsVz#W<%MZ^TWMKg62TRYX;!F+VUek>Q
zQKPOeE10wnQM#L+-j*Q@Ss(y1q7NLq1(*t|q&NizvhUe4!f7GJ5<*}WG-80VL)X}1
zrM+AI(2{>ZETdE~yz|Qo^9?6k;7-Kfv7D%E#nu$%bWkEVBM~7607cLhx?HhJleAeR
znH0CIsv%)wDfmypz&wt?!CQb6p#~o}R2st-jg_ryy0KU@jYy(x&8423W65iqW|qnI
zx)HqIoIzPLpEug{Jj>ZFE6x;OPHB~`c+Il9sn{7U`4lE7!04T=^OOvX1W6E1*X-`A
z&C#TWq)B9Pn`Dy@-oL!M4sNQ6?jpV>X3n+lfOcc`(sQxEwAUc8vqczUBFCnfcnxu_
zBdTT&;U*hjA+?;5=b_dg1i?KFq|8hkxzFjE70;>a2ReAjZH27fsos|RZEPGHrL(y&
z4Nlb?ix=#aR)-*5v4Y(qR!?BzsBpAwmc{UumF9f&z*)kV^FDS|@@=^#<2=9^^sqDr
zzy}(7X}coSV8TAyz|ktBLoV`92X&x9iq-n=vPcNADM?u<Z0{=#E@H*%inCirXf@|`
zMFG|k_Z4oym|1Jv>wxng5;8Q^wkMUXOEF3t_Rx=OU9O5|EF_}G5@CHh(V{65to5If
zyWXG`Zp7>j+bGYo?R1YgvVsK?k=2swYYV7kv}Q|L>3^Q6OqOOZLDM*OTN0uChHgw!
zl2uVmrX3)N!foBcbtv-&fVYm59?1*1cMrk_@ocT`KD7y2`o0kSpABmpthkiz*n}@U
z6RL|I)g~?yTGT7qELT`Co0@RDrlt&wP<tN&{xn>LSW1IcVXb;aOD&Zv9#5?XW4ojI
z&RnGfwpQcC29zq1n-DV2ESiSMbG9yJ4aO6&tRH4YrIKS8#OGE8kDUa2nUCcz4sARZ
zoK@;qu%juA7CG<<+!%)A>T)4;jPW&X3+<GxXhpM{Rb16Pi=_BD)5dTIno9tLt2cQi
ztA})kw7<gNVA^j0*)~m6NX5x|42-PL5g#ilBrwup5Oag4;$b}o7S=C-gEbZd%Lgfl
zsYfaJSKZ3P2*oJ&RUfidgk~7`Dhbsp@`g^4Y9gXlbkMs<O%XJ!2*n*Ftp`G~8jE5D
z7*z>u@L&j5BVY`ZD}W!T`uE{0e;=djcTC0ah+5te&hWGv-jVgYV`^7Nj5V#mVq`V$
zql`5z1fEbGn2?;G9LU=@h&KWQ>M`)29tHbpEbdb>;YY!IdIY?u$H00TkMq<)af(n+
z#(3IAaEj?15qzgU^rqNSgs`0kk(;6?A&BcVfZCKY`530t7GhJ($cW=P?VvTq)QJd|
z(}0E))3*XRP6H@SF}X5;;gp8Z6d}Hg-;{>V6q7C<fX^6Yrr4Gt#m7KpdJIISM?hm5
ziNxgT{ZTtKj>2@WO&dmF+QnB&60R}yr7<uM>Bvj2Fn*Mc^l+$4dm}C#?5u;Gb+EHi
z$C`*^^f(wsBk+qxLy)Iq7o}%7C*c-#5s4D0Mlg$d(1;R<hVY7dk%$s#4qz2MD!Sgk
zwO=6-Y3Pwqh8_uFXe7E&s=P=>7HV;WQtZq$RG}_rP?Fa63nL1pYeA_<LXUzXGzvk8
z%u~urlF@@YxIhVn(~yI@m_P|+?}ZwaT+8$rXhHWv3L0BbItC#q6&)xM9UGqnWFU+7
zlT0&?3e-jVNhbUdh(IGtrpA=6CFADoQI?Zdes&+^pTyDckNA^{_Oow6Tr#rBcvO?o
zh$f#kn#sM9OdbQ#=d(rg8HKT#isEzN@qaBIe<-A$Q7AnYe<#J(OhV}Kuy;~4!zen>
zFz!wQ`5k1Q&-Y}fc2P~j+1UeQCmvuMkFS%isgB3h8H=gomLXjs3*hOb7D(@BWke8i
zJmi}sg*1kavx9n*MD>2iIAe{N5r{bHXgK4RkwD;MEE3LW_=K?tIH~A29YmYt2@fLQ
z?4sEu(|j1zo6!q94(%ox>1HGx6p5kSc<>JCY&nc@v;D4Qngi%I{fITmRQr%^deLf<
zDc%d!W+bA`9%we>kX^>P0@4s{Mxoa{lG|VuV$HsW%c$KMi&A6oXA*{yh)}bOJ(DuU
zC_2qH?o3*6E`&_ei#d}(wjY(|Uh33CYt#Fur;fvy8I3K|L5@j_@BG5JGKq&T6;Eal
zESdP_HVQ|^qQpdK-U~x!)S``Kvoze8grNAnF=HOAWD#PB$wiCUrDQAAn>7_A9q5Bm
zt<l1d#wO*0P|_X@%WsB#-ZPp{wT%1ED_^8p-O$32#rnkb(0R*74652zv>(&t-?WO6
zV&Jnyv3LY@fFxJ$I5+Mn7w%{4zP*?0wsSakx6z7Q!<(rgNK@8-zDuvJXm(@7m(8zm
zuZ=OSw%;#5JU4Mss52>OwX_Kv-YK@UQ!YGL%gt<xi_shPPh7Pn-YIRR?Lz&tku{wd
zUkwZq6H>4kW@lZZyr09wI{|0q#fcZ=Y1+(ER!{n9(?SYn-vDk>m{QEIN{g&P*9?wo
zcWu428d%r(Fd@AMIuZ8rC#dA+Go}V7nx2I9D1AE)DcfZwm)Z(}g*RnA$XOA(_BOS1
zM4N~fL{@&5QoZt!1ENccv}P#@EG|7ILNu7#Ws_G@G@+<jVuydY5dH-(1n;bNG*2UC
zQ*#WB9oUGRRmBGUjKFvg!(dV%?~G9c+b`K0&MMQ-?O*h$TU9La+@ltKvGC`*t88<X
z)W^1BivPsGUx6Z{9ots_|Ks=Y(W{zPHOr5~>zbq>c2=vm!l)e#s?iBJ#U|UB(79}C
zFoD2SEpKB8xMLzL1y%KBCFks#r{#)urrP<os~ylk-vJoKJhhoHR9To6O7XOz3HOZT
zv}RNN!iRPe>X}_vTF~nu?Y%f%5}g%F?aAQQMQekGnAS10YNVA8(~}eYgAhLdEY@$$
zl%mV=i)OxOS8CO)shC!b=8%|Y{+hIIT;u>3CYD<#N$-odmMP0MvRyA#Aw<)Gnd8^c
z35|GP6ZEq<D7>U;Q~mj>o{%-oR$Q2SMAcN_5}MEz1VWemHZjzMDi{n9u(m8u9;=<@
zOzo|}0hv=)wIW9yfqZ1}2^lrMhW2(yB0PM9*gN9Ew>;*b+LJ7Ncq|`<ub=BpnRt9O
zAKpT|_tttz!=z`4v_~vKYEW#NR%L(+Ym&1kInoew_LM8C#yD@`^FzK%{NvD0Jc!4+
zvPUt>&|A{0{ThOUDtj|weFOiAwPs`N0KWIBwWc?jZ*1Nf^tc9xgtJQHrg0|MWx+5z
zu0!7_h7g~&5^}yVAB$O>Ep(Qwh_)pP#Qwf-{e-KXcrf$xzK;0d2LgYrWnujVyDZgV
zql?8B+!QHgeyn^7yAvH$(L1ECkr>{o*Nz_SQC-t)g(X(zO;AAJf39naFwnGi2qd7?
zRlF=1`I8I%PS|3>viiSC<0{4B^Fv$U!mod_KmB*#rpB~;eCyEB?IJV7N3Eu0=K<40
zDtbX+%ro*bh?;?yH5QA|qUaD&1~S9j*hHiRS~2ogUg@oA3N|5^5Wi}F1E=Y&eEE@O
z&2ZsRl=lM}X59kmHlqyZ*U2brS=8o=4IeaV)^lLpZrG;niDmNG5DR9Iq+=eN3WP~K
z|J#;!t>;|e;EY}++qVu9wPAme!{A_8`z~@UxvjI(?-G;QVqr{^1>Bdm=H;Nh{AWXp
z8F}GlG~=%Z>6$O^^bfk@MV`?LJ-`O(UrAGur=`yz#f%CkdRk6UCICsRnrBTxD~qta
z*?S*aHoan6jUT+^yTWt(TiY5+$to_ff-_`IZXJ{p1lzJaD;HMoxI^uwga?RrN&x|o
zB|r5fxjV5l@@J<(Ob8#=?|gT^8KXHiW{X-Ou#gpW+BnH22?77JTb|XYGxGniN&?#n
zwxl(`b=fu6OI4dT8&r`e<OIGpJkIr+<($^6*qqwj2Fzm^Vi0Tjb5Z}{cR?l!Ie}rw
zNu2Y+qRq4`hW5l3E10V^C^LKVC-EeDxrrWfd`x7zT7!RR{-dN~OE_bAdiFeF2|7}r
z$xzEu7IL|{Dl10w=TfM;0tv9U!i4mQ0)mjjZz%4qKn)DhL)u%(J1kR&cLuecQs#=#
zwKSU1lHW4nM!k>T14-Ujks^uCgkJmKaKXD;k_CXkn9;*XXXH}m0p@hdAPS@H4m%Yi
znQTOD;7?i2sx=p3AE0Q~b8S;BaH%kjkXIy=RmD^(F{8)rb1v7E4;oe}F5xki7>`qf
z@etJ)3I6)Wskj(jYhmjsqIAbqS)_aalPW77r>0^|HN^;jQF;Z%W7STKsG3OcZM%29
z#F#F1i8T_BQ5}(97m?m5HKih=t#nABm{1F`RpXFy4hE|r_N{J6u4@?YiB4GjWWb<E
z{X$~pLZYuWW%P-43gc5R64&`LsuCWj9$|bXLM%UfbPa;LXM<!PqWU0#!xBC+zSf}K
zo^Jy98Xcy2)A@?kU23C2wih<`?}EEJXs3hP35CLF0i#y0g_G+?VDi@x&Kfp6?98(Y
zb|K|WQ`#+cJ@&ZB<l3m*rf-(!3K_8dZ`fvvb{~Ge-BrZu?pOuw#DkhQf>X*x+j?Wn
zQVf!{XqWyhX9V^NRH$5v;~L*-52^j=AkB86+(?Z7V@A%2XbQ-s!?*@0<mkrGCnGEg
z30>;*Rd*L~=%hq0odgjW7tuq|Fu_Cg@#==%C7qt*H~8T#42GO7D+c8fxbwgX>%ct%
z-MZK<)3PV$3i~wb?EoM6k9R93z7>krTrD`A7wrFfA>Yc{dbEEWRtI@)Rd0)aQfe!*
z)<$KE>Fhw8p{xi@$YBS_qHE+@uB&Oagn*baEv*Dz7IIDt3rjI9HLrI*>qc(=+1j?9
z0SwPw;FZIdd|ohP>uS#aiB;03oVG-_J{X{@NWqlCG}AX+yui;RYC8K!*JZ&b@OJX$
z^d~78$%;nRtQy`X%SLTf@hRS6u)-jd9A0_nYz<O0-W00H7iV9bJ$<HiWAy4%#U?#F
zqu>2>Mm`Nv)H8WXKEZ##F#r9Md?KF+xg?jw|F8ZJ`9!9Ak<HXXtNC=&72=sTdi7D5
zGiZ#fc^qy4d?nykW-{O~)>HoCf7|bBvb-iz7z$5MU<#+?4t#!VdV_w&bI7>VgFX3j
z`g9nlQ;IH`TP~sFgPG~c)6-dJ>UxS_Owz=%X)@K$8b(dU23|QV53DFS7n?h}i3$XJ
zr7roc17s{Kma*K`dEq(c78ng*HY~w-JtG(O@v#DzsHvL+J<i2QS`6{0z}ruZ!+iMi
zH&9DM#W<c<`pYl&_DZka2~HCEN9~FCVxY7~N?Cz2IKSKq4%domSQ?=a2s%fJ=MhGg
zts|-0c}~cs%$;YJplf!RWW{K$$PY(ddGW&$#2TEcZBVb<;)D>QxjhyotMn#<;vr14
z$vvfVXMMKT0qO$)n_vlHl4@r~!eJt0+!a+&(15`vDLnZyBj?EY3SvZep^jIPeIDF1
zD-(ug{vGIo_H$${0rF6jF@oq)-zE_K)RvZGzd-JtJF<co6Ps~sUHEghqR?yrP@Md8
zVU|3=ruwe=&?btZ3T}?6>Tc5$b3nrVi%swi#`)d0d~}YMj@|^2rJ;JG;AP%(X@4>C
zRv|P}^ZDN=-SO>R9=`CNnM*nGlE(iA^|6*sd%5%XC+%!cA!cob#ITv*gojq{yqM+8
zDJY894G544^#9YhqF$WfdFolT%r;_eFVl(E8)&1L1w0!TdP;AsHIBYK`I1b@lT*#*
z0*?`FqOY0&aQ`A`A!1Jzy(6mab-1NGbWwD*UQQ#p44u*>y%z1BT!>4VcLQ)~Ei5|7
z;N-;q&?eHI4kG40%$+P`&dwLmRd;hK3!bIr+8n*z`JQ)2ujC!MW4P?VdV}-7glMQg
zh%@~U$6MGG*<N)<YqeKSOeI&a&F@MqjiD8LMyBL1QpoBVYP|vqr`=UHIE<jv#D^Ey
zx|o$#PcOjWf3`1m=PrOwjk%NGp_l$Jd?$jJ-CeZ)bpv+{N7r6AZASkUmMx%AYYv!g
zou_HRZdu_Df=vzem^^fdHHTg3X(}!SvRLStEeg6EJS$NThhEuh2)~a#1pc=|M*v<i
zEC(>1D9G-;Y#m}AkKK`Tv~-tEZQeG4ve>1$5cRKEjvoyA$V>yiZGWKF*{GK>GU@Q?
zus5Q6K<q*!u>LT~AH=?FK74FoEPL_!uqz7lfqqs#x4iUCVov3C`+4gmx?ynt!fv5&
za|UxzVT3~HerHiGjSj|@3!P)L^^6w2mTG}51B-|ksO@E-l@phwLcVJ$5Js~VCja6K
z{(Jb~=xsfkH`xuVZG5BJK*!0ZCUaU)=<BkR{}F)cgqI^l7!_jW5NbVT@JcU>5Sk?l
z=shz$OmCv+g_093ZY<$lXB@l&e;&4Kz*sStB4f3y>~=93v+r9MKMiyj*%qub!e&bd
z_HMD(Q5Q{QB~>lxnjH-rjIgSj^YA2EucJY^^;SpZ&<@mlVaQ@Qa^LKZNUM`a6MXAW
z22Q|xYd{(8jOL>5^W5xvo_G9HY0mUrv#on`K^7D>=X4k*LCbx<0JvevOn*f5UYWLC
zTe)po9qQPHgOpFK`b%n76b81#n&n`A*0Qy~IZ*C;=7#s9hoDc)#MW%HJKF?f5^TS+
z<hS}FOmgs{Gjzp@l2j~j0{9~^NVx6KeQy9Z12K}39CbGG2+^R24|(U(<_nN-pbYZ`
zVYjT>kWwlIq60)cRf;dgIuvzY*o-N#AYpda*g7)S))9DdWJf$dq(8uO;)nfKF~gsH
zdG_?|>5hRvNYpp{FX4Z!SKj{jV$tI#3B=sZoH{2Z(QzM)DSQEb^e<0azdrf$?2EIf
zCwk6boa)(op7}4PPftmpY^y`j%#5jyZ~j7<7JGNH%1suq*~CGzdS<SJ5ntQ;7LK2H
zV(%n~8we@zn*3%hEB2dVrgwA(edj~2?}!KvWz<ZqJFxd}b?`cx?uz!FPwkt{T+xh+
z<#T{jk7O`k`=2Eif!%-~LBL0l>lGDJ`9*a-V`U#pR&fA}ce*loXV!E>vK19eW@T<u
z8dk4Z!KlLD_mG@di~>^G9qq|U4rf{pW>@Z1r5S}6Qz)|v52wjfSX6R7Bjk;7dJbKc
zSg32heZvOILn5p;+%Bklxxe+$Ds3;n(fDohmQ}Z$-JO{}gHtU%r=}6?8Fa=v`xX3W
zV9M9;Uc7ro&hy-efJU)JQ<(nJGeS%LfmI4F)*G%hw1($j^&i5>y2uhUz7p2v$~0)Z
zTQSr6laVXj6>SmLXpdMIcBq{Jj%hAs!FsrTSSs}A)&<Y;nCzs^$$rKA^ufUC?)Ky_
zX}z+1WDk3%14GZkEO=pKrx5uB4+C^-g4?(Ax=Ht+dbE8a4q8UF8rAO639!d4vRGsh
z3?u5fq9ij`WzNb%Zu&e8p;scxVeFNrw}WZ0+*wvADsy>^t_?)*dP7cLQ)|ogs;0F*
zVppt2&NX-s_El{YUF&V9WywU|%iy&%$JRBWuwCnH2kRV7N({v5Asb*^eZ*Wx?j6c$
zr7Q-{w3F_wWlio7BLvp#*~*T7ZC_6juqM&jsBae6BE-53O4)0C#j^D2oqAbNRrBo6
zh0JdB+!IZ&zHfGBD#-bFSL6j(H*tVM)6b<-Ax&+OyH<0w8SS7(T>O}QETsxNRqWdA
zi~H%oKJOI6>CW|Z0eWCa)k-OiSg7j=>PC0D@$=SqwP<mKEktpPdm5l=R(c~Fa!1iy
z2u*)x<eHby$V;J`inWy%?Q6m`&B#<!ma?i__+!{LgT^41wqlUHM58E@(0s%`*1tQN
zkfV<arT-)9g*uv%i?wU$!^MJC6>`g*nJ)xs@&#!`+mHS+m?HRoR3=vcKYMTg97k^4
zjemcB{tA@*RFSl~D=A;cc2p_5c%pP+e3BSacUSD$({d$@0$}0Twr!gocWm3XZQHi(
z?5Jbg>DW#>Hg+%<r>5o+=H~xuy~U~qpqpAY>1DAGY=emHQf2;p(Yk@-%=8%r?NCyl
zL>b<+=3NZhdY0}9J`|*(*=jcPQ*n@;0|z>d+~W<f%C#oCtj%Xbw*z@7nq69@iw}*)
zmhr<C_9A@$_8+!e--W`!KPHF{*sT{~yGByD+mKT&^3A3P(#W{9yBTs5@T`ZSgjxPP
z^_Y3it4kXeh+;D!-An|-jZ0&CzdUTD={@FXw$^7<9&~=WD#y5Pd?W;s-j1@nFzB8q
z|54Y7+tq$VV#}eF*e&?I_^P^HM=`k~)AXkHE~2(L(x7f<<~Lk^(w_fJH*2oTqWKO>
z6g`(<qO*0m>Dg}M3+?TfII%xjb$ErR($Aw<Nc{>0u_NNo<l=mT<EP|WbNr8sPnoE)
zpp-&Tu=XNQT4dMH-M-uXA)1PD%6m-3mnuM^G$KK&0OG5$!CZn_TE*>ixppf4JwH!X
zUU?i82?N0H9c=YC6SwSph(0)_B~nlsWUC){SODjyZJ%<y<!AKij`JJodDSraRi(-6
zV;{4Wl9l=u<L4EaVT*MlAx$=6ch4#pG8nWC@4!+FS<FFiPSn&w!^A+x>#AOg%o^j^
z$kYOLf4vfpANp>{Yj`Q>#yUrXy!<66-nOQ?*Kl6dOVgoIVRd_vlaO1bFHzn1ZvBDd
zbJFJ;FfGo}=Ij+SyKI!sz=01TX~0}%Tvm2NH=7%k8Pmz=$b~bq{*iLg8WaN-mdEZ^
zm)@w?zITokcHNb{&L7mn!01UC6{I~xMO^6>=RkB|2#DJ3IrOo93QfHL;ZhsqxSEY`
zQ73A=55o*RZB>aQ$n6*C=eB!*xEGLkCJG`qRL<It)lDxEc+PazzT$Cs3U+K{dP!Ny
zy$)PoHE;9wDXohT(gVCCVA~xJk&J@JUhZ(KzLz^tnS4QMqxA-kPKqI$ocQ4w3&fol
zIb&-*67d3hV61XE6T(#~T444$ypLQRI}b?3!V0C2jVL{=KS5s6d%jTD#`Te%2XjV$
zF=~$e`grlNV)dWRf%Nvh=Dhm0lDLLhun&J(As43;v`o%1mQJ@V+t+Eoz_d-+#<y^9
z+}26*9BfR(XsOX+wZTks&4W>N8D5!{z^}TvCf<LrXtbVp1}!k`<>e22wb04z*O>rD
zXQV1L!>+MTW+|PLHs1-$IEO|26HoXf%{+q<;1t0AP%r8#xISn{TBadG*x%dw_hW$p
zYNDr>F3)y{%>z#-r^IU;xm5fqB6Uzn(k*835>M$@D-KB_fY!B4Ud~gi@bWwVz|Igk
zfVf*=XzVYVUz3u#Ig>7cd+Wf!q$^0;YnOIa;eNSr`ZxiW@B9igmaNw<XOo_5j|1>x
znTU^L$x{`)sKCs!ip9{VLAcJdqQ!8wJa2C^TX&6$wq^197?pm$1zJk=kwIxKQTu!a
zHDfbp^HIUA2#%*gQ=(IO+18qtq`fl~GhVLNly9x=dcWZm>P)y?&A@+|sF${7=|5Tq
zJCB4Z1<Z9H@*;L+*xs^6R^efOT7d4ox2snO>{S!eK>z$GqXoYI_z{eYmFjH^j}Xn!
zoc(gvuK3eDN7jsydAoZlK_mhMGTeSiySOG^$SvP{tcm&bZA(q8wYXzSs<R$z%-w)2
z&a{?uF4tY#nq#QI=<a-r4Ue={jN1RDe<&mNyZ;y@LNe^IX9=G<EqDqx@d^?=vHlzh
z&_!VKlg#CiP4V>+$G#IXO~$J`+?jx?sj<%olN*W)*DTM|pB{e9YaNso%TUiXw9xa7
zK=*`Zi%;*dyEmhiGOnc!QbKlluJk8(i;}NdU|L+nhVZ>V9EE3CeFX0P6ij3&skDTw
z)gnv4l7|QSy}QVKe_icxqkOMhiCd^JUun*QgAXOAFjRb9K1aU#Z-gG?I@vxg^9ET(
zc|Lmfe_f~LJz}LecFxLqpk}KvGnCa+VaN;w<zV!0F|lAviACc~h*iDMif$b%0etBV
ztl~r^R%s>Cs-j~*O0jH5Yl2z!RaNeFB~JfcYIw*SLZS~FmvY!2&|dxS$HrVv#EImv
zDJ00F^zsoWZ_Q5f4<3(r$oSnN8y$ZVw18a4&xcV5Nk3^jZ=sjuvOLv4j1|S765i&}
zIUUm?(;;hvs0Yb(vQ9&4I;wU}k5y&Xn-e&izLBp4v>GRRb>6Tzqu-Xz*D8(U)HsCV
zI9|i5+tdI@KI|iP-OIRbp0B9OGE5UuDlq8+OhXuFRm{uL*7;(UYcId7Zlf|v7Np3s
zI~95aQ}*62bgL~>x~<v7mHG?hC?wjQipr){)C)YGzKX4u2TJ0Hs~5$i!Mm?gQaE3R
zn_6(d;=CpQ8{8t=?Dbw)I)0AQ+FfWa-IO^&=9e+I!#4v!=2mOb#EAvx3cnPQ;ckJ$
zSlIC%zMBv+g5k_uCQWXD6Vs_Btbv*Yf{hYH{~|h#yB=`C-AY)()vbve%LqLYJUtlZ
z`d!oNAV|<>UTv(f=I1)JqQgyzL2{ctk=6r{!$ro<r`2}Hi>|bb@DwZ9we@eX;$^Y@
z!Ew5WXz>r=W;<ccaE#2HI!Dsv-;3iM<n&AGdN-v?oL}2^c2bpGk{M5x=AOy+9i$XM
zaFO+O$6A&x1&2~+rhMffP}p92C26~bA6;gEjY&OP6FiuMMA3(t-Q;Clm$ouCnhja0
zi^t$_8%$z4vlkJ!o{qw-gOnHwSgPZ+z5n<KNn`9cttT5dY?g8>lmET<?_H5iaUgRE
zJpI6VJV)H=_`~6d#yQGVQ_ayhJLe1PB5MFHv&FW4etM-H+Nnl#Sh7^DnvAiVRWpf;
zhApxj{{?AzhmoVp^N(GkL_z}W3NfI>v&XFqadr3Ad<d_mjuTbyL}oHXQW;zhJ_E5)
ztB4TMXru?9jgwOe3`+IydjZFqXvS4buDTv$10eo8*I;a)KG2+)K2M^j!#MQXkX5+6
zU+lufjoLxY3wD}?OQ;rF;^l4eM)4N-9mrj97;V)?3Dn>?;4dpuKZ()x!jT<+IpXUg
zh1JxG`~?v%U!IE!vm;zTbVO{<udJpNpamxhBJ8*0`Drsso!&k}6tv#%>(cIbKbNsn
zS_Ond#R$j~Rv6S$kLu$UIfhuhIq>534zt`m^z(ySSFROsvHF}Cqw)xe-Or-bs`?t#
zw~Xsm0r>#=_QIgnnJNht6&OgI&3V3uJ8E)<)#WA?0sHt<tD`&R>#Vr-aOGnAy{<%g
zS%{pj^2*NIzl@uvFiH>+HEg@X|3ceql#5`egQwAcIvL{-9dFQ(^`20LO4}Z)ipXfL
zT%)MaMqRm?d7#!UT&WW^%D>OO`j5|~eEL~8?==r;WoxCiQ5c<g*{n>U^@|RwtCzkM
zx3OBW<rj&t?J*d@ct+A64i?Mr_nFatu-$Q#HZnd9e~?E|`l_M;T!GVuQjs=StI=s|
zdDdpWkvt1?r6L9>f?;Jr#joC8ij3Mc9o4tJ4vSr;afU4aqZk}>1$G9Dp-mlBULnGf
z6M=4DUKdYKMtIB>hpcIeEne;Xkm=y+ZM%%VD??E_zdavl1_Il>4QL#PoZy@wA5KMs
z(UDk~_MHaubq{CqgmdEJgk-lK-`9icjuE7tNbnW16O06U;#xQfxD^UavnmUUBzb3I
zsJTImGvyE<%K}469)R{{Sh!!x1YH_$LU>w=1SsB(3|{PQEf9U#FcKyWbG^kfuSGCa
z1JvmDocnz#Eyr7XJ>c)<#*t5Cye}DOeE#J306p}ZwA2aJ9|+@bmk!ld!z~^@x4ikx
zJ<S;Xg}(=ei?Fvs>(gDT^0!vB?=YFLi8&>!4xJY+My=-*3x1D<sG^l@{OzdKstcpQ
zxUfN+aqFa-+SGt}p-s^)GVuyONZQSQI;<fBxytoD8(-GqcFRfG#}hY8F_dhjZ(T=4
z3kFs%`;H0S^Ejd1#&3keaF*_!P?OEN8z;K+GpR`%7He|O$Yt0wg}=Y~cT;V!t!*ut
zB~d6LK9{Z;KnS0n?{?bDnqUpDhSPSG{(*Qr@O^eZHC2d^_~*{#K{4=a_TI4KPN-k-
zeR*>JhPa=XmsjxnVE(r6+w1+b@$>kM__yZXVSj+&cX02!Em?AEs?gV7*$pCxAk)+D
zcJ#atO{H3<;Hcap{W)3YvR~+rIv?P6&jgshtzMT+(8vwOm1B*+4BVz@NS(6tA4f1G
zUY}T;MF3sNjP{vjtrgAY5?`@JAY;4YKShC*j<1s@b=s5Ne5FZHzli511Td=GMjiF#
zAO*2J4@=~IC1Q1ZDBmygLUu8ZHw1kxzV?GGgign=G4PVY7_ze+C1HRZEI%dioCkF;
zcdRXxx5DyXcPHeN;vjE<&5m&i=<X8n(vxl*Sq!L}Xy1C=`eiX0PV=oNW~V`Ms+4Kd
z<YJ6aT=V#z8u{c4cBGHuf4>J9bgDZCbGhV4;Xzb`bLkiWdtAie6yFNj@=W3WR5B|C
zIC~-^fb0Vz_l4zQATUe8>Dsb|8&X7~y4#=zi3#5WqUuM2c8a(2wYRI<PyDHEn8qtT
z08by(wjU<HDcH((-170_0>hS?n~?c&Zq~B;_^N6%PL>n<Uj`K01u^kdTM>mD3Sx&l
z4}h|mDQFtte@6O!UeBSii#a`%VRs;He%OrPsZIiJc4+Jg>=w*!=9Q?i6Jm<M(yOy4
zlAENf&<@hvB_VT~w(+*~I5C8H*C>v3?>4mfj#)?*(Wz<yX^KnF!a)ZKY|B@wH1jw#
z0q;PE;^}Ee62=?w`^&~Ys5DTK&Z!*2WkU*TQdWe>*qKn2+SUpph3~W~@~R;1Y;u${
zY>t2WaxPBaoqHXF|Llm3sqWyxz0|g5Dn3<Sbi~_@qg2`1>Og!BU3|Q>rY9k}d>QkQ
zLqI<^f!|Sn&%EX=fIFLX%_23E!49ZCJk2b?PvqUQKk;V=$LIGx>{uBSa@<2=gfQY&
z0;Q6{g>cK$H>kS9b0l59gI^rfRM`#-Z~s8IISvB3>f<-?XcdJG%HNZDcz%XVIpKyE
z_+z=hByPO>h_@!)hnL;;l}4MyvWfS$fPn1f=>`k=Xh(8P(r$JvVeffdK?pMZ>(R(c
zA{N57Q(Fgf*i?_0oMikNbLeZH1|C)IuO3Ld{<<p0Yj?nppP9R=az4?>{S|OPkEm0B
zHoKxEZ(+)=d-~QOF&ySCl`m@WV;!7`&(5&4*gRi31V3nnT_Xc@1Yuq21`@11Cr~fo
z^&{<$Hn%HKT$+zf0l~^Ubnsbl4V>$j==p2JDUCe4V#3Yd_Xfgt&-?hK5Ht&P;Ad_!
zPrWw@DE>$vDwG@e5%<r>Ryji>zJ?ql!u;Nygk09bwUl+etTvew4iV<L>-6`{5EVl}
z=}8FWid>uoT{njoY1=3Tc&k)aswoRP-?lg-<z0R%O-`q^Wk^$DX9yY%Pe&66M(Ip%
zh>4)J#}Lg8ce4#h-0Pa?KSN;sZ3#3gX6^$2r0f!CSfnv17{fEUs*$F5I|Zj^&Tb3s
zA1*ja96%5~Eeyt)CFMof>3tLVW5ti4oLE(v-c0mAIC6~K4Ea1hj`nwMRyAG5s$?#|
z9Y1Rk*0Ne!N$5nch9RQK6%q%WZVd58xWS<WwH9w=Jf*hQ15qogCM3c^xC#vWOqe~Z
z!EYy)M<&7YqK6eVH{l+0n4nF}CY7`q9q;L|d1;oVeN#DD3MK*&&9U$X(V2+Ww@`m1
zPkGsO^1v7FAXfGWT|_=^Jg&7S2KLe<FU>W>FlLLGo0B)~Hr0vR`jAL79vYhpYiZ6|
zxXA!X0kaH5_h49fQKO|4&M$dkE`kT?5LmGpUv^2Q-_nYczS-v{qf&NC>7Y`Gv8nHk
zqyRHYTK<JGUkkod1UarrylW;~385F<A8}#>c-Lm>HG)?iybw971gDFl0T4kJIX7x2
zQ{+m&Z8CeW7sTb7#Hruj7C5CV26dBAVT26BH0n0>7`e<)ol!D6f6U5m*Y{ohTwx$y
z6*8<7dN60&zfS}&!2muO>uq<z6oF#)#ScI}xCvJ5CkIb-*T!CjUn2-^)?kIXJ#zQq
z6k%vx85bt9(rWIrcU6~WfeSK|#6Jz@&s;{skr0&oDu2d0jYS$K8lmA5)FZy)iP)VJ
zb}$2NutzZC@dOJFtEuRTA!h9!8CNV2%DqwZPaQe#vFt9GG?(noH8e17QGIb8f2_BR
zl=>iwG#1X>|IG@0*N|}yku-8w7Al9EQ|JqWW%cUulmIPq#+z<4!>Kqq=0?z{AAhZL
zSlvmN_?SkRH~b2jqa$Akojn8cr}<jD(t*op+Bq<C9w>@^NUQm7@E0Wxc?$deBiBlW
z(VZ2f!LWW@{}5hZP)Nt>E?V=!%oy0<NeNR**fv6fDGnEIYOU1lT--Q;?76xL=e|Rx
zzE15OZkWXZGwD{5W?4MoZZUmqLY%)V1Z^7j+1A@^OqRCH+-j0q#gD_d`vP@U-*ofZ
z%}9-C_lf4pQQZTY4H@^D9m;MDl9=L%8spb-%jLVKYyZ?B%LJ{+5?S_7A#+Zp9m}mj
zl_Icm=Z&7Q6Po)pL8V>qC%23pgqHq!G`2)9<$H<EqY^XtlelZ9b&Ue~%NqiM8Fn>{
zX84M`@iOFV(C<3!?iy>eNtvuHYn{RWwx`*r1D;SK7Yx%nCtrQDsDtz!FbzLlmKcsP
z@p8ApF^b4&jnB+2HD*i9l>AG52<ka2&u2v3`WQ4yoW-oFfkx|4xy51_1?&$tsE3bD
zO)RA9@5!=j1sH6Z<(hvYUDr@aMb0{gDpgSx&37c%yE?+TF*@igJ?M~QJTAR6(Q~@p
zG(qZO#pwz2i>V8`*h^Y9TT({Zx+NI;JQLcTG+S&Tj^;WvM{!skudR%jYFtG*<Z4^A
zHul9KlnDt-30D0xdUgM@4~i0j{pEzq>V(fDmwhqbcZ~sPOHm#=t7?y63_*TGUTZeU
ziU%PyO9?bpWJL@cqb-&$fcBiuTTN=Vb^T6`L4vaSltSvdV5?`=t%F1yez1b43`(N8
zO}&3K`+IZxtT4B1h<rWmN!B_;jgznYV#qYb-fcC<y<{H-KDF33f!5QU9otg*4SLWF
z`lSXr<qTsWBLd<io;GtI0=0CHdpP4ntp1V`^NtV|&#otOsa&<Eop$ESWppwYjfHgy
zL_@-x{1qf{6Xw7XC)^>AVF=r5sPRh1oyoJX26uNS43B~+C;Xz+4MuCKN~DY(6%f~w
z4bYoADkf~TFh0^fohwgfLqE|METC`>S{N5ZD{|4<SPo3Z@mrk@)?g+&WbB!|prtzx
zy>WjkO`k)#$}QoBy#)$)m>PH}{^_#(=LJ=twU;9Iz5I2i6FRcj`kdJF=Eg!N4ua1a
zxZJL+JvgQ?pn_r^N@mr;8pG>MKwklJxg90_5mxWdZNSb_^1mZvz*@`xK5xUmjQRC~
zEu(VT%RS!RcXA6V*y(MOP2T9p=ZwN6r>ha~K~bcL(PS&)I8$~-k4i7YSEqIWHTrB)
zIPWsv#IRwH`?Tf2iEhQm$P&pLZ`{Z$G6jDf*B^c6)8iP-hlI9H(B03!O2wTRj<f+N
zAlKiGDgvSowNDD916BBA)Mh@U0%9H0`dhF~;{6En_&A%bR|(Th_C$8yqLs?SN}IbY
z*q>u!U0q7%Fum5(Pg^Vz7^*wf#>wemV0cL9hcC82D0tLQT=yF*Uh<uybTpUf6SYbj
zl+^cVny~9LbsM~@l3+qEn~o6*l+%tO!Df2Tv=o9Na4wDz#Sy(0S+vn@VBS;+mILA|
z`K9l-Q!ih2Y?_0=PKj9#`x*sHV%OX&XNzN@WWyQBw}a~%?$kS>M7-t6#Jkc+a3E~3
zRw1L2&Z%}SCXsUSbrb$Y+v|fueuK7~^e+NvN|Gg;0+{f$6}au5{Ay6HDP-{{YoWI&
zF*``?uq}!@n4I=pEqo-sA+@daXbet~3ZW!fE?4Xb^UQ1z*HhF(nly10N_);p?7%Iv
z4_fwFyUnMMuM0VAp687-ZF4+~$HMylHk@RV687X9=m%eE83$i!m<Rhccn1u71cgAE
z$;W>|)t2lhvfCQFZB%C|=LVqWh4NP|GthLKtW4Wo+bI2c^_GY1HAYwTSfb97K>Zxf
zm<7?}&8&R9pB5n2Y*1U6f*q7K_&EI7etJe{qiMbA%QW3h=3LA96NekfM)J2=u5J;J
zYZ`q3JCT;{iaK$PU_E8P%6Fa|*1uL>b^@*rKWsS|AmF?Pa~XQ`{+n%sIi%1`Ai>>a
z2@V^PtIl^Z!?B!QBbk_gl_|RCG3p|k3U+{>D~9}(cXJ{EL!U+S5}NaCR#ASsiQ-Tp
zb4#6U7_OZKbCQ2b(bQ^ZU?e2Cmz)z~xE1hvc2V;s=sCdNeUl57Ts$%S<c&7~=NA+F
zdX=KvF4uvBl3Qkae@v)7qkwN@WRXPB2o$vI)|XCYK^ksHyhT}q0-0V~I39}NA@Gnc
znu*HhdWU&sKU}j*w7#1bq``5X&LB7cS;Nl|OcQ1FI%3&9$lKZx?kmNd-w;25S!D4c
zRhaaxo(<d;ZZ|&d<G9vidp5A~`ccM$jqD#s+t5O>wF!+gq8U%yNbF-4yxC<I)I1hN
z+1T9JIe=MLFnP_R?@G*@;w-FtooDK_gQoXtYWVP~PHtUzj&K`TgIbIb3`apRthV5W
z75Ou)0eFFuiNcb`iT0mPQ(pJjUhBp&^<bxqFQz~$^vFGRWfKb~dqSib6`WgfkL1)}
z+in`Ja{t@Ps(02O?*a;a9>~U2)1$8HB7uR;jR|kfgROM;$E>A7@|5h!bo|z8l;t%a
z4jF;&%=W{QuS1x^sT9qN{SKhp?&r}pm6<{-*o`v(LAD4^bnMO(73d2UC|l>OXs2;o
z1D991DR|s#z2^pbx$LX2?ACh*4A-Q!6IPYWsk{tQAl5RjWvJt2NR_&|_#5^hXARq}
zjR1O)7!3WV9kc}wuA>{xFqAF@mQqFUNZ0b6-${C!*E=^N2}kL;ZE?XqnT3?|pron`
z&A&pJNT3p#y`0~E|69GoRbL{~ld3`onQH|p=r1Voj!v06+610IS-+GrB2^P#GBjEr
z=f{MfZFU6dsugPwNAC$BBY6#;4x%;$Z`i7NYtyoZlMxH&MkM+G0&`h1hJnIMHWm`Q
z@1yiCy+o1?0`E`yd!=4GyRv2?!&S{rfq(-o5s)bUc}I&BT^LT+zaKgcU<XnG70x0Y
zIs~|v?<R!K(EGcaHZ_{p#;9-`w}D;a_MYcPHen?}FcIEET~6_eAZj1S1=jpX2Z=z1
zBT$x)+2Ww1?TQV3^D?sAW?st_^TMuoP=jva?TeD$(HLEEjkp|vgsLxKy4aE*89qNH
zQU2?pDJ@j_DuGsdBE1xb6+CH(Bh&sM1cwlg%A_Pa{bz1!Ou-5>-cND3cI4vc8~A#`
zV<P#*zoqeL(5~(+gq0g4A~PPbAZ<qhi@n5<wEUKS`CX8Sn+lqUOg(r~kRwfEfd#{y
zy>RN(;jI6IQ<a~@O%OW=YA;MwZK?N!i2#Je0qAGDp3I=fSTn>znj@AOpp0HNEUB?<
zRNLV0C?x)YIT~s+5jqf&LT~xLFK!ASp)lx##E-x92mlCHw))*rHZsGH2bhF2QZK3P
zAnxgWUMLsu`u_c=AoBI^O$CbN78nz?v#{1L$GLwbaqO<r5)qvoqpp(F@g+D4yWxAo
z_<N;Nl2p*eNE<vFb!39kOr35hV2Lq4peM=Q9z$EvQK2dd&`?%8T$~pC0Ivb1#%1)A
z3}^fS)W-SD^B8uc-O^tFGR45JNn_@Momnqn;AA*KF*=cyM)KvJ&?G#(Xf!#MtWG$%
zs6`Cg;>q!{yp}2rzbhPg?zeOLij?3g6qDZM_)P%3iV+|Fwo0!XP-))DX&wzRp07)<
zXwb?92G!GJA2?hSdRE7jU5BmrSxML6uBfpJSR~;8v;5+Z@C~yZ`G!4smlc)Nil}dp
zp$crZDZo+6o?caq6I+UYG{nY$*yD2DZZRqAb6mRV5cqi6ihbO+X1nDPNBIuqQHL$i
z5XLwV@;Jamh*<|tHn+aupPbWn(P}xe37q}oLNvCyZaY}~_;|)Q36$^oW7m$JfD6}=
zn(i<EB(Rv^0Jq9dEz{ueDpJ3>^VI2M=(G+e@Fwln&uA`rV-IWZtN1>Vt9cx+q(AM`
zlbb#tcYQFT3-2Ae@^^*aQz#m3j>EVihqkm8xfj2LShgjzVe|L611_>Dv%OXAL05Vo
z?-zXnCX`T=zvtQL_9$-QCfG31#H0X5zZsCuS^_Sd|E^w=h;&}o<5e&H>4esel#<w;
zN1<i{kU3v*oU_(bVjoV~=(ofCs<%zSq`QaeG}`YakzfulKvzYA=~@n8h}1r;H#(ks
z(XvY<*#6u})2^9D6(o-OyU^q2y~|%K(Lia~AHYtzw^<v9IX$s5^EO)$K~3aplA3Ts
zgcXto^wWc?+kRg2M=CTKI(!Mc&xO6I%6F%0Xw(95N|}hK4n=BS_3PylmmLNzNpluY
z$i+02u=b<s1Xdn@&YrB~u2~ZA<@J*pZZY2}c^9N4ws2!hGW`-%9u&2B>&quYr&4=D
z30BfAgmWS7d;ytr-f65VYbsuksA<#KbMlYLAqp7z^u9}nQJ!$;tT8QA=t`VAT@+Ym
zh9xpsN#7MYQ~lwODN`0}PTExvGmCX{!V>rA6UY&zxLACepf$nl7-Ez8J5|xgPAa<S
zbR-Y^zVG62h=*So8O;~US1G`E6u}&KkJY5>4rl^k-JD14ZP<kSZj}IUD43m{cy>7N
z{^foFgDY7}v9U&`UW$|4<GtwN4gb>Dhn1cY0OO7G00~TAJf7ltx$mpw-9v^uNA%ok
zKY-b^*hr><HmEmsESeU`WR-@)WK8RM|H}V&F@a4qR8tZzsPhE+!BHNKoxMi^Fikaf
z;l-VE$7jmZ5*iN{>^)9nzdzxE(Wu-^EWCbf;|-3tt)7PDrG(fTXD`KF5RR#d--6SJ
zRyJ@R9cOTe7=#CwV?iuyjO}MxO}vX3$8M!`IVU4?_x;nQ0!P|wv$sG`B{zx=q%xCd
z1@v@ZpORp?7<0Y+(s>(k{#JUlcy!-tJXH``X1jX)^6S=V2zw|`dvT)lY@)MOXY{S&
zw<Rp*j`Cm9QIuYO;5TT_%_4Og9F<q1rmGV)r*A<-e7~LP|G3(&4?FPd`ME<avK}<-
zc@-abqiCUo$(ExsQsMjVUd*2U7v?vA^-5`U-QKfs96&07LKA22Cw@>xR+8-x{8Mc7
zq==CS&bK`w6qX=%dvEaZj6|@hz16FMb2VWNhm&;lm{w)3@9exa{4`U}2tE<@9=g@f
zSbA@_tA5e6hP0jwykwwf$4Q&z1!9j=*)>UeWe2_>NN|@l2OcI<>s`O@|Ix#Ysbtmj
zavQLR{L>lW@6Y-adxayEk0MOiOXBz#YlmLJk~4f>GaABWnQxHi3TY0tjG5NP9ZG;O
zGSs#UGc@~KlG{e{=(#^nA8j*xW7)42O;@Kg=JJBm!ooapp|4~7jUYS{XUBN>3_73=
zb((*L|E>9u!+yTyOUwCZg*@!=mezXz_mAVfzVjewrB1tcK<J?EZrBnnqwOzaqp{=C
zjrQBYEKgQL>h(32NPd)=_i&bul;)+8;kPqYvi06;bkEz=z;+Aq0YKIF8y#*@H}sKf
zR>i7@niQ!PD-?WgJB3gMK;XMnt2ymZ>8HLFQ(+G%mh~R7T)5jkXxmWw#n$uslA;j*
z+gI6GvO<?GO}nGG|9FCrH*unwDW@v%cAu9;om$i#68Mgqd4yjGj()imoFCLwyUeKb
z;@vN3{KI_Uc#Pjb!eNQvOh|M(1y&ex>S4{4-}A1hlW|R-Ht1R_-KP8%?^Q<#Q|e}L
zW!h`UkTXBNmMJWrEcAH;Y31_sBlLMA?siYieM_;G@>I1u+Pjkdxqc{u(2R?2rM-q@
zVCz*aaNP7Rfg`#h8}BA?P0RHHpBV3cVLy?T!fo(|R_5Et&O7ro@RLYf&+v_P*F>{2
zeAf}G_w=5))y2m;<Z!t+B)z+$gu?GN42~U9v))Q|2XC6P@D9BE`8>U<<=z|UF?N$3
zA*;sLpx>jsVg35+z;9SOO{J3WVKS;uJpt@k16SP1k#y*WG+$BexLuK+>6jY;-{22z
z$qJRN$;Jp0vaLk6&W%OL@+0$1!{wbD%Q~akL*;DHx+2ue<S0Fgk<CpF_70op&mYYr
zHWREj{)xC}FIS-(tGnq^>;k;7y(wJrc$h!VQVoo7Aa&fUf9}~vx-LETPc*mS+F23r
z#_gXUT3He9i`(z*MTSyd1P&RZNSiTVHWw#h6aF*QmKWS*(>KLVd9J2V<E^$GUK?UK
ziQJ#@o#*ss>AT)|c`em0S(M)Jy5*nAcg(YV69BMVYDqDUB4u;t8W8YZGap2+WvOb6
zGSC#jj4}IaqLEzaWYdJZ(jn^0_~tDds_1-?%6|ZfRw`zs%-E5;dHZ=f@G7Q%t9qm+
zhv`eKdTxfwK0O@zorTis`ZI6kkr57SYLHo7?P;V+b?iw9HUc~mEgd119ky`eY)8JA
za=amq0#I%}b$LSy*A}<*WfIiP?@ZYFa`J1~uKa%n7z+nox8YZljIkQdcrfBL2DN>x
zm=1ja?9|rf?^`d52-#7-c=4}M`O4}R>SZvCymrRn*9R{!49d$;!E@5Ix1$2~(=Y@s
zDmmZ|Bh4*Y!@ncH31f#GnYJj&*&9%`5st3hyw(!BWq#kLaoCMCApp|{n5d!{IO++!
z$W2})FZ#Uh!R!;61Ac&e=mU(j+Jl$sWDtcP<C)Br$9wa;qoN<tkYVat&2YXD@Mvfn
zmB)sSLOr*GAlHVaVfJ5o0Lf1`g-LIe0PM|=DucK~QJ8Aj{CQ_+z7er$T)jcm0Du$9
zmPMkvU)eWfmg)l2mCdeE7Ny^~EE>)bZS@-?xhv%U=Di-8rg*3MRMjUWW`*WkaeyZ+
z7Ne+}mZce(&E<la88RT$s40ttDT%;)aKc#1=>f6N`=a`gZ5@nF;HWqqgS*Lw{2LV)
z3cq>D@}4OdHBp{#36ibZlLK@t0EhHs7vA<7g)cSV0~O)zRk=m$2UO;MA0fUkIr1o3
zxh??50p!rQsxS{tA{O$G`7~@(1VxQj&bBtg+^i8aNh|2T*ULC<a;6vWrVf&OW+`CF
z6kSL)MlsnRm^u!uOi0n@+0mizxFY#zHRjcpr5S0na?*xX$z-XO#5Uwx)?e!}M+y*o
z6WNMY{xHTGF&hwG|D5zfgi9cq$L1PutH4S!O15AFniW;SZ$B!sZt$*{!h*9G*~(!e
zpR28Xr}aQNbjll+%CmnN!lMOi+^|%v+%>VlvJuXGTJZ^pE_RYSvqei_ZI0~2^q0nq
z`XQ8hf<GjLK^XKlh43fSk#ZET8n1f{;!XX=+l*j08@E<eMQRyWKp}KD`Fe@p5d;%3
zQNo$C#lq#7<RZk*Piwc4C7O`dn|zM3!<wZi=Z-DWOp;97XDCq)=T(XUL_xtljS^%{
zj{QDi$T{d8mqr~>CbC)5<^Zqv{SBBS!(SfK<hW+&LaqOWIiF-!bzwWa2^;G+^W3)?
z!Tm<U{TH4#H=%Va#R`^%S>Q1*#ZzP7+=0l(&4{vA0m!kEPf5*%lLekTXak;L#w-tr
zv==w&LTPV2g^$vss30Jys8aN9Ge2TJDP}GwUps^RpiH<)9tLebfr6w;k%uK5$@oK@
zFWNKA_eWFTnywIzW8oMbnnu^ei$gCUugiYWi9JHV0*gp6zw`c8MA-#u0WcjaXDfPl
zisdVMH-c@e+$kI@3Zvk=i+tHl@J#(K(GNVauD5lJueuUYn=~QUQ(~;w{)64;4|--6
z!!!ntGYf7o5%eu3{9&Uji3)uo*#O#uS<iaWJ4U4s<Ma+UxK)LMCepe>dpKngG>1xG
zFMNq$V!1gWmQ~Jw6HzM*_MQ|=$(v;+J3O00hgDax;gezQI6I}M^Zd|vqQhQSG_k3J
z$~zwpN(tV02<Xnlb@E;JfSS$gF23Sy%M?iw+GIG0(LXT=kV0ubVYG_a*gM!1SZX~k
z4Z$N^Ry1!f$%A~6ei>tNvloh;fs%~_G?>+^%%Hjc`&+O*tv-WxR7da4fxI7}SDJmC
zFhj;`5gpt%Rl?&C4O>sIT}GafWmb5~H%mcm*)C4!5KSr`5<u8)m_bRU<e2xDK+F6A
zk<b_`fqnMreG#@fvUZlwwMSW^J(Mg;QgZo1dG6oa2iwc$>c#spa#*xzM(2in|JIBG
z9%XL_Xc!iwQR?n$YM_aeA20Z}bZb{tc84$hOmEH=J;2Q9tm|}ILfijO;=gLIS^Hqh
zVTJ6eCw2nzVCzM<%8d0^i#EH=%7UVI(+Z<YU(@RRAVGuw4f4dgY~Z`Bcnac{lZgMb
zc59M1A%kvU9?<6CUn}=`mSJ`$xo2zq*t(+)Km8hI|B;LYdjJ<FT?TPW0@UEIiF_R3
z-8CW9pO&OG4RPV_?kl%tYx>%j%%v7SP4daYIn_YJDJtt5P3EKGip%<99e_p;*^l#Q
z=HBNo-uLDEdt_#+pQp7wf**6ZpU2Boq5RLQ@B7@;)T1Nf@6Vgd#7xKUDaC+q5w~Z?
z@5{3z;`Q8qDl}f+_vN42tMh$>f$)L}j}Y09m~$>(B*@&{o3A-{<_{p6jyE<0SSG~q
z4e`bPjmH<hxWdM2zoH9p+Oxxti75@?5GN<s+O)mOHg|UVC6RK)*-m6@Wq!8hlh$OV
zX-0x<rBb+!nMdh*a|jWt7V_Sb*IzzLW%v#7yQEs#X8%xO_d`+H=IEMM=6^9po~ov8
z{@-+Dd}CC6V^sKs)9?&7xkhRzk>*yFuE1BmxkszDv(5k|N%;%JCycT%!rIN0b;?0(
zLACAS7`k9u#H*76b};zYG7b&*{8y~6Hd;ZNX?0J5QrjjOxmN6(w7leu^j^d9pFt_Y
zcl<Yeks#SV(JL|PuCXc9qFQI)Dt63~zHYcHq!&sX1YsW2-wt1k)d<AnKdk4oBsMS=
z>&T>yrL70;g6m>;v@fc|y6abKbx9@LqfTuSrJC6Tgc)`wwEPs{8@;WElxwoYs20XM
zv;~bl;k>F}Ip~`l^<|?W)kSAVQi1*ea|u5%mz5o-;7qV0yVemKX`Sk7g<X+LF$B+a
zVA;DAnYh}9TXz_m&XNap7Bmq-nA>tnos4F{J2LakS4UIj&IAq(Of_Zo(h*dgTTWyz
zp5GyHfGk#v?aI@y`N}d%Z&=3?>B*f&&T1U>oE|?B8z#QeE(%nH28Mp1{TQoUe_ffO
zYP*3F-tV%O4vb^I>Ij~7$0)51v`%Aj&2J4<9YK(BnYDX#&KI+A%KJfQ^?<a6#QZ!)
zcO70z;8jz?QvU|=noN(w^(!Baso{b9v@C7clstX6m2$|S*1ol;m<LgKi4mOHxi_*l
z)1jbD5qsBfWQ{N@)i06`vO<&_M>o+iwa<(lr*eRi{(bntshZw4375f+dJcDbVg5Nu
z0|6^NrPwVDqTDS;ZJ_bSb;JYDqri*5ktjKat}TSKnC`#I{v>z#6<9uF7)FV*q<TZ^
zV-wlh0IZPpOn>f5i;$SATQ{u>0wU@M1D-mZ5g_4>Oo|cPM+{bnTw2s6QmQHwWWBw!
zOJdOM6y_#*a*I{Y7#Uwf18$8va89j~E#@O9a{Mh(bUASP7A~VC7B2^gbjYM*;AoHI
zz#FOx`nd!2FNWf&N6?Ml8`pcTN{?sLB?6=4gWSbQoLhx1xpGsRYX`L2m`YyP5j-@}
z>&S@r)tEWU&f(Hr7lOTY=BGynC;Nht0u4b#SLY62ub5#&>MFQ#w@`^*C7^k7-_V_^
z#e(IK6}B3&9s){E%2e%!N}C;}!TZc*VIbs)TKtWjUYF70dhWWFxf=TTel+4Y;=$TJ
zc$Y^XLpWp4GCpo*&IguNWe3~r*ikli@M$37wbk2ma`RHx>a@L5HYOmTiGGes6ggEY
zz>f*CD<j9@0tQtv?eaXZ7(YI6mfvWN*pU$Xo~@SMyigiTL1Q$tKsdq<TFQ>rR)XA<
zV|jP!WHivc$2T)F<xuAfKjd*JX}z9t0KhPcmr?R)^BwHO{UIKsq`PUn&@%H`$%j%Q
zc&zLoaEqs!`apM4_ci=%I;&A8L5iKJE5LB<M%x!_Rk4r@;zq>Lon^mwRMLru<RE&)
z@SOz4l@9}Bf8#=5an8=NTef{6a&orDUDh^JG}8UmLx^8|*~@r}Rk_6Tquy#-<?uv9
zUng8wDqohYVx*QRsMLMlp4;iJ&24I7liyE{%+pEQ?H=?iN7M8lj8LL44s&mj^EWA|
zk}M^HydV(<_$n2Y!mCGcrTQ3Mi~eM8J)Rqq`b=L1?^dGgRHCQROA#4$M~HlNXT?h=
zF`(weR?IF6)Q^{ei}|-~Lt{Uvq73yIski-M_esBCDMt3tw<RX7J{FJI9nwJwhnSI#
zlF*zWD_)&~{|6!z{w&UW=l<xm`Tnou`geH<AxeB_wq4mxOAoC~-iXkBLh9x`6Ayb!
z*l&sS6v#?bP|+srfvJ_)X0(y@?^1AcYJa0DN&BQBhv#c_jyXQC>gn*@++OHVARYXC
zW1u<V{Ji%7+vjhlwHc;%Rer{OoBr*i<YUm&!qGr4C&yHEf{yPU_^WHhkskD;%t9;C
zD=OFN7*oPPzzyX-W4v7#9adO7RDEaU4`_dXBEAjw-@H;5R!dh8O_h^c#0@>#bzbEh
z+VF;UN-J^LMvQj8-_12;hiXXt)U0>MqqhOTE#<O&b&h=Jc9w)z0BNqxHga}QYig=M
zn`!%B<6;kqUU+=A1?CdmbEXbIGr`n{Id<3P4vXBxv*huM2;NiZS)%y~Tx7stDTgZC
z=$h+*WTvfdz?;;mXWkDYU<f%>riC6$nhET$mxQNDg@=!dq>9E%u}d@iki+srLn@%2
zolaT8wXWk>o;pdOie>BtgbY_V!D!6xEX|v+7L#|zS)nM4JXU0vYT;MY@3D4GELVdY
z7X>t79WY@R4;Ka2Su2GHp8{vFQN-+t(v4AAvtCjX`bwVc#qtxZI7>uoGa>?pY!b$0
z4)*@md4hOb?)N)r-mxbJu`%VJIf=)(T71qLgLSW&zOt^22x!5(>#VZtWoLY_0Cfj-
zPOgm$LA^#E<*#}ELnonk1@de7!Tuld5U1OtQPt4RoH-om8SuXxys{z_AUBuudmAT^
zv^r4P!>uZ+EyV@#`8PD`wTyiE2{yC;B*r}_Q_*i@Jr4;-NSn@W=%`L1Lh+fCY8G*|
zFv(O+=ILTInm$Ej@Q2naF{Dd-)dY(gA<nN^gsKSZ@;*elqyeUowQb~Ye_Wt{DG7-l
z&EcF0iv!VGxP9S<ZPdM#OVufFSFE_jL>yLk;^r$-=W(jNx29HoT!)N*TZ<k?|DkTd
zYLuvtSM0RdbU<AX&_SbPS+ttb*as6cew)+$WeV>zZoWol&N#^qthAKSU^4IN=>W)i
zCT;Iqs@iL@_v53*&6K-E{DB2V)AvfuF=x_e{tVz9<=e#7eKF;jaQy;1z!#gnzrp)%
zt=+Y%B`|`jl%;yd=rYxFBmgXYmpn_{0vo-WdwAv(aR*-Wo|FX*20j(~N^HUq`$|K0
zi;@rCJ|1d4sVyplp3e{cR=^2ubl-wsft8#Mav~W|`o52#6$c>Mxe5XCBC7UDd6~74
z^ej9BD`UzD;bl_u-CaF9jwDASp#F`XrcKSvaz>0?pQJLbx$;)ivNEbW^>-7+eBX0-
zB^kzqnYe%P=&o%QWPdt~L~CjrOc-fv6fU0YTIe-PjbwIZ<vVF=8Xy8O&>K)tC@R`o
zh*mlI#08wh+7JF!3V{r#F>c2;iT)k)9Y$P>b>Lz&Bh(`;*xG0B^%JZ;zVeozWtj;V
z?eJT*-l#dF>^5C-9d)E?WyI10h<Y;mD&Py!mUXh{s=;yAPaEP!@D`Wk?f*t}1m7}8
z?=9_N^LfH#XUKIxF$f)fr{S!RI{$}jOG-E1tB9vf*P~@>4r;hnaXM5ty0mJ-x6#^f
z<vZNN5mM9~kRrRP=3>n=&X*aL+i!Y$6M^^aYSyaR%XCneECE>-ev>a0=T>574{086
zv+t72Q``#^g2!!ox)IS<0hEAlw}^?cK8^MrZwR!Te&gCg+1y!Gm1142tN#O13=!Ma
z#fLA^;oUpYY{0Us!yv7qs;}kB3&Jt+a-2lJ8ST&QDs22XG3@M+6&|@!t*@HXw(cw!
zsjq~R0Pl0=z%><x7TE#wIy4;b2Pn&_1JtGWA59v(H}8C2MF;>sMx0*8DYtz(s99Kl
zEH8Cw4!~wGYxTnW-PjW?A7egWe?AL;ZmR{_DqsE<=&XMmf`EYh{0IQn+(8oXLH_ff
W|NQ6wxBn9W0RR7%aAvUp>K*{wyiE)M

literal 0
HcmV?d00001

diff --git a/charts/rancher-monitoring-crd/103.0.3+up45.31.1/Chart.yaml b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/Chart.yaml
new file mode 100644
index 000000000..256a9e824
--- /dev/null
+++ b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/Chart.yaml
@@ -0,0 +1,10 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/namespace: cattle-monitoring-system
+  catalog.cattle.io/release-name: rancher-monitoring-crd
+apiVersion: v1
+description: Installs the CRDs for rancher-monitoring.
+name: rancher-monitoring-crd
+type: application
+version: 103.0.3+up45.31.1
diff --git a/charts/rancher-monitoring-crd/103.0.3+up45.31.1/README.md b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/README.md
new file mode 100644
index 000000000..e0b63e026
--- /dev/null
+++ b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/README.md
@@ -0,0 +1,24 @@
+# rancher-monitoring-crd
+A Rancher chart that installs the CRDs used by rancher-monitoring.
+
+## How does this chart work?
+
+This chart marshalls all of the CRD files placed in the `crd-manifest` directory into a ConfigMap that is installed onto a cluster alongside relevant RBAC (ServiceAccount, ClusterRoleBinding, ClusterRole, and PodSecurityPolicy).
+
+Once the relevant dependent resourcees are installed / upgraded / rolled back, this chart executes a post-install / post-upgrade / post-rollback Job that:
+- Patches any existing versions of the CRDs contained within the `crd-manifest` on the cluster to set `spec.preserveUnknownFields=false`; this step is required since, based on [Kubernetes docs](https://kubernetes.io/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions/#field-pruning) and a [known workaround](https://github.com/kubernetes-sigs/controller-tools/issues/476#issuecomment-691519936), such CRDs cannot be upgraded normally from `apiextensions.k8s.io/v1beta1` to `apiextensions.k8s.io/v1`.
+- Runs a `kubectl apply` on the CRDs that are contained within the crd-manifest ConfigMap to upgrade CRDs in the cluster
+
+On an uninstall, this chart executes a separate post-delete Job that:
+- Patches any existing versions of the CRDs contained within `crd-manifest` on the cluster to set `metadata.finalizers=[]`
+- Runs a `kubectl delete` on the CRDs that are contained within the crd-manifest ConfigMap to clean up the CRDs from the cluster
+
+Note: If the relevant CRDs already existed in the cluster at the time of install, this chart will absorb ownership of the lifecycle of those CRDs; therefore, on a `helm uninstall`, those CRDs will also be removed from the cluster alongside this chart.
+
+## Why can't we just place the CRDs in the templates/ directory of the main chart?
+
+In Helm today, you cannot declare a CRD and declare a resource of that CRD's kind in templates/ without encountering a failure on render.
+
+## [Helm 3] Why can't we just place the CRDs in the crds/ directory of the main chart?
+
+The Helm 3 `crds/` directory only supports the installation of CRDs, but does not support the upgrade and removal of CRDs, unlike what this chart facilitiates.
\ No newline at end of file
diff --git a/charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-alertmanagerconfigs.yaml b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-alertmanagerconfigs.yaml
new file mode 100644
index 000000000..fa0f9b189
--- /dev/null
+++ b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-alertmanagerconfigs.yaml
@@ -0,0 +1,4481 @@
+# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.11.1
+  creationTimestamp: null
+  name: alertmanagerconfigs.monitoring.coreos.com
+spec:
+  group: monitoring.coreos.com
+  names:
+    categories:
+    - prometheus-operator
+    kind: AlertmanagerConfig
+    listKind: AlertmanagerConfigList
+    plural: alertmanagerconfigs
+    shortNames:
+    - amcfg
+    singular: alertmanagerconfig
+  scope: Namespaced
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: AlertmanagerConfig defines a namespaced AlertmanagerConfig to
+          be aggregated across multiple namespaces configuring one Alertmanager cluster.
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: AlertmanagerConfigSpec is a specification of the desired
+              behavior of the Alertmanager configuration. By definition, the Alertmanager
+              configuration only applies to alerts for which the `namespace` label
+              is equal to the namespace of the AlertmanagerConfig resource.
+            properties:
+              inhibitRules:
+                description: List of inhibition rules. The rules will only apply to
+                  alerts matching the resource's namespace.
+                items:
+                  description: InhibitRule defines an inhibition rule that allows
+                    to mute alerts when other alerts are already firing. See https://prometheus.io/docs/alerting/latest/configuration/#inhibit_rule
+                  properties:
+                    equal:
+                      description: Labels that must have an equal value in the source
+                        and target alert for the inhibition to take effect.
+                      items:
+                        type: string
+                      type: array
+                    sourceMatch:
+                      description: Matchers for which one or more alerts have to exist
+                        for the inhibition to take effect. The operator enforces that
+                        the alert matches the resource's namespace.
+                      items:
+                        description: Matcher defines how to match on alert's labels.
+                        properties:
+                          matchType:
+                            description: Match operation available with AlertManager
+                              >= v0.22.0 and takes precedence over Regex (deprecated)
+                              if non-empty.
+                            enum:
+                            - '!='
+                            - =
+                            - =~
+                            - '!~'
+                            type: string
+                          name:
+                            description: Label to match.
+                            minLength: 1
+                            type: string
+                          regex:
+                            description: Whether to match on equality (false) or regular-expression
+                              (true). Deprecated as of AlertManager >= v0.22.0 where
+                              a user should use MatchType instead.
+                            type: boolean
+                          value:
+                            description: Label value to match.
+                            type: string
+                        required:
+                        - name
+                        type: object
+                      type: array
+                    targetMatch:
+                      description: Matchers that have to be fulfilled in the alerts
+                        to be muted. The operator enforces that the alert matches
+                        the resource's namespace.
+                      items:
+                        description: Matcher defines how to match on alert's labels.
+                        properties:
+                          matchType:
+                            description: Match operation available with AlertManager
+                              >= v0.22.0 and takes precedence over Regex (deprecated)
+                              if non-empty.
+                            enum:
+                            - '!='
+                            - =
+                            - =~
+                            - '!~'
+                            type: string
+                          name:
+                            description: Label to match.
+                            minLength: 1
+                            type: string
+                          regex:
+                            description: Whether to match on equality (false) or regular-expression
+                              (true). Deprecated as of AlertManager >= v0.22.0 where
+                              a user should use MatchType instead.
+                            type: boolean
+                          value:
+                            description: Label value to match.
+                            type: string
+                        required:
+                        - name
+                        type: object
+                      type: array
+                  type: object
+                type: array
+              muteTimeIntervals:
+                description: List of MuteTimeInterval specifying when the routes should
+                  be muted.
+                items:
+                  description: MuteTimeInterval specifies the periods in time when
+                    notifications will be muted
+                  properties:
+                    name:
+                      description: Name of the time interval
+                      type: string
+                    timeIntervals:
+                      description: TimeIntervals is a list of TimeInterval
+                      items:
+                        description: TimeInterval describes intervals of time
+                        properties:
+                          daysOfMonth:
+                            description: DaysOfMonth is a list of DayOfMonthRange
+                            items:
+                              description: DayOfMonthRange is an inclusive range of
+                                days of the month beginning at 1
+                              properties:
+                                end:
+                                  description: End of the inclusive range
+                                  maximum: 31
+                                  minimum: -31
+                                  type: integer
+                                start:
+                                  description: Start of the inclusive range
+                                  maximum: 31
+                                  minimum: -31
+                                  type: integer
+                              type: object
+                            type: array
+                          months:
+                            description: Months is a list of MonthRange
+                            items:
+                              description: MonthRange is an inclusive range of months
+                                of the year beginning in January Months can be specified
+                                by name (e.g 'January') by numerical month (e.g '1')
+                                or as an inclusive range (e.g 'January:March', '1:3',
+                                '1:March')
+                              pattern: ^((?i)january|february|march|april|may|june|july|august|september|october|november|december|[1-12])(?:((:((?i)january|february|march|april|may|june|july|august|september|october|november|december|[1-12]))$)|$)
+                              type: string
+                            type: array
+                          times:
+                            description: Times is a list of TimeRange
+                            items:
+                              description: TimeRange defines a start and end time
+                                in 24hr format
+                              properties:
+                                endTime:
+                                  description: EndTime is the end time in 24hr format.
+                                  pattern: ^((([01][0-9])|(2[0-3])):[0-5][0-9])$|(^24:00$)
+                                  type: string
+                                startTime:
+                                  description: StartTime is the start time in 24hr
+                                    format.
+                                  pattern: ^((([01][0-9])|(2[0-3])):[0-5][0-9])$|(^24:00$)
+                                  type: string
+                              type: object
+                            type: array
+                          weekdays:
+                            description: Weekdays is a list of WeekdayRange
+                            items:
+                              description: WeekdayRange is an inclusive range of days
+                                of the week beginning on Sunday Days can be specified
+                                by name (e.g 'Sunday') or as an inclusive range (e.g
+                                'Monday:Friday')
+                              pattern: ^((?i)sun|mon|tues|wednes|thurs|fri|satur)day(?:((:(sun|mon|tues|wednes|thurs|fri|satur)day)$)|$)
+                              type: string
+                            type: array
+                          years:
+                            description: Years is a list of YearRange
+                            items:
+                              description: YearRange is an inclusive range of years
+                              pattern: ^2\d{3}(?::2\d{3}|$)
+                              type: string
+                            type: array
+                        type: object
+                      type: array
+                  type: object
+                type: array
+              receivers:
+                description: List of receivers.
+                items:
+                  description: Receiver defines one or more notification integrations.
+                  properties:
+                    emailConfigs:
+                      description: List of Email configurations.
+                      items:
+                        description: EmailConfig configures notifications via Email.
+                        properties:
+                          authIdentity:
+                            description: The identity to use for authentication.
+                            type: string
+                          authPassword:
+                            description: The secret's key that contains the password
+                              to use for authentication. The secret needs to be in
+                              the same namespace as the AlertmanagerConfig object
+                              and accessible by the Prometheus Operator.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                          authSecret:
+                            description: The secret's key that contains the CRAM-MD5
+                              secret. The secret needs to be in the same namespace
+                              as the AlertmanagerConfig object and accessible by the
+                              Prometheus Operator.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                          authUsername:
+                            description: The username to use for authentication.
+                            type: string
+                          from:
+                            description: The sender address.
+                            type: string
+                          headers:
+                            description: Further headers email header key/value pairs.
+                              Overrides any headers previously set by the notification
+                              implementation.
+                            items:
+                              description: KeyValue defines a (key, value) tuple.
+                              properties:
+                                key:
+                                  description: Key of the tuple.
+                                  minLength: 1
+                                  type: string
+                                value:
+                                  description: Value of the tuple.
+                                  type: string
+                              required:
+                              - key
+                              - value
+                              type: object
+                            type: array
+                          hello:
+                            description: The hostname to identify to the SMTP server.
+                            type: string
+                          html:
+                            description: The HTML body of the email notification.
+                            type: string
+                          requireTLS:
+                            description: The SMTP TLS requirement. Note that Go does
+                              not support unencrypted connections to remote SMTP endpoints.
+                            type: boolean
+                          sendResolved:
+                            description: Whether or not to notify about resolved alerts.
+                            type: boolean
+                          smarthost:
+                            description: The SMTP host and port through which emails
+                              are sent. E.g. example.com:25
+                            type: string
+                          text:
+                            description: The text body of the email notification.
+                            type: string
+                          tlsConfig:
+                            description: TLS configuration
+                            properties:
+                              ca:
+                                description: Certificate authority used when verifying
+                                  server certificates.
+                                properties:
+                                  configMap:
+                                    description: ConfigMap containing data to use
+                                      for the targets.
+                                    properties:
+                                      key:
+                                        description: The key to select.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the ConfigMap
+                                          or its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secret:
+                                    description: Secret containing data to use for
+                                      the targets.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              cert:
+                                description: Client certificate to present when doing
+                                  client-authentication.
+                                properties:
+                                  configMap:
+                                    description: ConfigMap containing data to use
+                                      for the targets.
+                                    properties:
+                                      key:
+                                        description: The key to select.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the ConfigMap
+                                          or its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secret:
+                                    description: Secret containing data to use for
+                                      the targets.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              insecureSkipVerify:
+                                description: Disable target certificate validation.
+                                type: boolean
+                              keySecret:
+                                description: Secret containing the client key file
+                                  for the targets.
+                                properties:
+                                  key:
+                                    description: The key of the secret to select from.  Must
+                                      be a valid secret key.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the Secret or its
+                                      key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              serverName:
+                                description: Used to verify the hostname for the targets.
+                                type: string
+                            type: object
+                          to:
+                            description: The email address to send notifications to.
+                            type: string
+                        type: object
+                      type: array
+                    name:
+                      description: Name of the receiver. Must be unique across all
+                        items from the list.
+                      minLength: 1
+                      type: string
+                    opsgenieConfigs:
+                      description: List of OpsGenie configurations.
+                      items:
+                        description: OpsGenieConfig configures notifications via OpsGenie.
+                          See https://prometheus.io/docs/alerting/latest/configuration/#opsgenie_config
+                        properties:
+                          actions:
+                            description: Comma separated list of actions that will
+                              be available for the alert.
+                            type: string
+                          apiKey:
+                            description: The secret's key that contains the OpsGenie
+                              API key. The secret needs to be in the same namespace
+                              as the AlertmanagerConfig object and accessible by the
+                              Prometheus Operator.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                          apiURL:
+                            description: The URL to send OpsGenie API requests to.
+                            type: string
+                          description:
+                            description: Description of the incident.
+                            type: string
+                          details:
+                            description: A set of arbitrary key/value pairs that provide
+                              further detail about the incident.
+                            items:
+                              description: KeyValue defines a (key, value) tuple.
+                              properties:
+                                key:
+                                  description: Key of the tuple.
+                                  minLength: 1
+                                  type: string
+                                value:
+                                  description: Value of the tuple.
+                                  type: string
+                              required:
+                              - key
+                              - value
+                              type: object
+                            type: array
+                          entity:
+                            description: Optional field that can be used to specify
+                              which domain alert is related to.
+                            type: string
+                          httpConfig:
+                            description: HTTP client configuration.
+                            properties:
+                              authorization:
+                                description: Authorization header configuration for
+                                  the client. This is mutually exclusive with BasicAuth
+                                  and is only available starting from Alertmanager
+                                  v0.22+.
+                                properties:
+                                  credentials:
+                                    description: The secret's key that contains the
+                                      credentials of the request
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  type:
+                                    description: Set the authentication type. Defaults
+                                      to Bearer, Basic will cause an error
+                                    type: string
+                                type: object
+                              basicAuth:
+                                description: BasicAuth for the client. This is mutually
+                                  exclusive with Authorization. If both are defined,
+                                  BasicAuth takes precedence.
+                                properties:
+                                  password:
+                                    description: The secret in the service monitor
+                                      namespace that contains the password for authentication.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  username:
+                                    description: The secret in the service monitor
+                                      namespace that contains the username for authentication.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              bearerTokenSecret:
+                                description: The secret's key that contains the bearer
+                                  token to be used by the client for authentication.
+                                  The secret needs to be in the same namespace as
+                                  the AlertmanagerConfig object and accessible by
+                                  the Prometheus Operator.
+                                properties:
+                                  key:
+                                    description: The key of the secret to select from.  Must
+                                      be a valid secret key.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the Secret or its
+                                      key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                              followRedirects:
+                                description: FollowRedirects specifies whether the
+                                  client should follow HTTP 3xx redirects.
+                                type: boolean
+                              oauth2:
+                                description: OAuth2 client credentials used to fetch
+                                  a token for the targets.
+                                properties:
+                                  clientId:
+                                    description: The secret or configmap containing
+                                      the OAuth2 client id
+                                    properties:
+                                      configMap:
+                                        description: ConfigMap containing data to
+                                          use for the targets.
+                                        properties:
+                                          key:
+                                            description: The key to select.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the ConfigMap
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secret:
+                                        description: Secret containing data to use
+                                          for the targets.
+                                        properties:
+                                          key:
+                                            description: The key of the secret to
+                                              select from.  Must be a valid secret
+                                              key.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the Secret
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  clientSecret:
+                                    description: The secret containing the OAuth2
+                                      client secret
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  endpointParams:
+                                    additionalProperties:
+                                      type: string
+                                    description: Parameters to append to the token
+                                      URL
+                                    type: object
+                                  scopes:
+                                    description: OAuth2 scopes used for the token
+                                      request
+                                    items:
+                                      type: string
+                                    type: array
+                                  tokenUrl:
+                                    description: The URL to fetch the token from
+                                    minLength: 1
+                                    type: string
+                                required:
+                                - clientId
+                                - clientSecret
+                                - tokenUrl
+                                type: object
+                              proxyURL:
+                                description: Optional proxy URL.
+                                type: string
+                              tlsConfig:
+                                description: TLS configuration for the client.
+                                properties:
+                                  ca:
+                                    description: Certificate authority used when verifying
+                                      server certificates.
+                                    properties:
+                                      configMap:
+                                        description: ConfigMap containing data to
+                                          use for the targets.
+                                        properties:
+                                          key:
+                                            description: The key to select.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the ConfigMap
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secret:
+                                        description: Secret containing data to use
+                                          for the targets.
+                                        properties:
+                                          key:
+                                            description: The key of the secret to
+                                              select from.  Must be a valid secret
+                                              key.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the Secret
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  cert:
+                                    description: Client certificate to present when
+                                      doing client-authentication.
+                                    properties:
+                                      configMap:
+                                        description: ConfigMap containing data to
+                                          use for the targets.
+                                        properties:
+                                          key:
+                                            description: The key to select.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the ConfigMap
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secret:
+                                        description: Secret containing data to use
+                                          for the targets.
+                                        properties:
+                                          key:
+                                            description: The key of the secret to
+                                              select from.  Must be a valid secret
+                                              key.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the Secret
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  insecureSkipVerify:
+                                    description: Disable target certificate validation.
+                                    type: boolean
+                                  keySecret:
+                                    description: Secret containing the client key
+                                      file for the targets.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  serverName:
+                                    description: Used to verify the hostname for the
+                                      targets.
+                                    type: string
+                                type: object
+                            type: object
+                          message:
+                            description: Alert text limited to 130 characters.
+                            type: string
+                          note:
+                            description: Additional alert note.
+                            type: string
+                          priority:
+                            description: Priority level of alert. Possible values
+                              are P1, P2, P3, P4, and P5.
+                            type: string
+                          responders:
+                            description: List of responders responsible for notifications.
+                            items:
+                              description: OpsGenieConfigResponder defines a responder
+                                to an incident. One of `id`, `name` or `username`
+                                has to be defined.
+                              properties:
+                                id:
+                                  description: ID of the responder.
+                                  type: string
+                                name:
+                                  description: Name of the responder.
+                                  type: string
+                                type:
+                                  description: Type of responder.
+                                  enum:
+                                  - team
+                                  - teams
+                                  - user
+                                  - escalation
+                                  - schedule
+                                  minLength: 1
+                                  type: string
+                                username:
+                                  description: Username of the responder.
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            type: array
+                          sendResolved:
+                            description: Whether or not to notify about resolved alerts.
+                            type: boolean
+                          source:
+                            description: Backlink to the sender of the notification.
+                            type: string
+                          tags:
+                            description: Comma separated list of tags attached to
+                              the notifications.
+                            type: string
+                          updateAlerts:
+                            description: Whether to update message and description
+                              of the alert in OpsGenie if it already exists By default,
+                              the alert is never updated in OpsGenie, the new message
+                              only appears in activity log.
+                            type: boolean
+                        type: object
+                      type: array
+                    pagerdutyConfigs:
+                      description: List of PagerDuty configurations.
+                      items:
+                        description: PagerDutyConfig configures notifications via
+                          PagerDuty. See https://prometheus.io/docs/alerting/latest/configuration/#pagerduty_config
+                        properties:
+                          class:
+                            description: The class/type of the event.
+                            type: string
+                          client:
+                            description: Client identification.
+                            type: string
+                          clientURL:
+                            description: Backlink to the sender of notification.
+                            type: string
+                          component:
+                            description: The part or component of the affected system
+                              that is broken.
+                            type: string
+                          description:
+                            description: Description of the incident.
+                            type: string
+                          details:
+                            description: Arbitrary key/value pairs that provide further
+                              detail about the incident.
+                            items:
+                              description: KeyValue defines a (key, value) tuple.
+                              properties:
+                                key:
+                                  description: Key of the tuple.
+                                  minLength: 1
+                                  type: string
+                                value:
+                                  description: Value of the tuple.
+                                  type: string
+                              required:
+                              - key
+                              - value
+                              type: object
+                            type: array
+                          group:
+                            description: A cluster or grouping of sources.
+                            type: string
+                          httpConfig:
+                            description: HTTP client configuration.
+                            properties:
+                              authorization:
+                                description: Authorization header configuration for
+                                  the client. This is mutually exclusive with BasicAuth
+                                  and is only available starting from Alertmanager
+                                  v0.22+.
+                                properties:
+                                  credentials:
+                                    description: The secret's key that contains the
+                                      credentials of the request
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  type:
+                                    description: Set the authentication type. Defaults
+                                      to Bearer, Basic will cause an error
+                                    type: string
+                                type: object
+                              basicAuth:
+                                description: BasicAuth for the client. This is mutually
+                                  exclusive with Authorization. If both are defined,
+                                  BasicAuth takes precedence.
+                                properties:
+                                  password:
+                                    description: The secret in the service monitor
+                                      namespace that contains the password for authentication.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  username:
+                                    description: The secret in the service monitor
+                                      namespace that contains the username for authentication.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              bearerTokenSecret:
+                                description: The secret's key that contains the bearer
+                                  token to be used by the client for authentication.
+                                  The secret needs to be in the same namespace as
+                                  the AlertmanagerConfig object and accessible by
+                                  the Prometheus Operator.
+                                properties:
+                                  key:
+                                    description: The key of the secret to select from.  Must
+                                      be a valid secret key.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the Secret or its
+                                      key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                              followRedirects:
+                                description: FollowRedirects specifies whether the
+                                  client should follow HTTP 3xx redirects.
+                                type: boolean
+                              oauth2:
+                                description: OAuth2 client credentials used to fetch
+                                  a token for the targets.
+                                properties:
+                                  clientId:
+                                    description: The secret or configmap containing
+                                      the OAuth2 client id
+                                    properties:
+                                      configMap:
+                                        description: ConfigMap containing data to
+                                          use for the targets.
+                                        properties:
+                                          key:
+                                            description: The key to select.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the ConfigMap
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secret:
+                                        description: Secret containing data to use
+                                          for the targets.
+                                        properties:
+                                          key:
+                                            description: The key of the secret to
+                                              select from.  Must be a valid secret
+                                              key.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the Secret
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  clientSecret:
+                                    description: The secret containing the OAuth2
+                                      client secret
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  endpointParams:
+                                    additionalProperties:
+                                      type: string
+                                    description: Parameters to append to the token
+                                      URL
+                                    type: object
+                                  scopes:
+                                    description: OAuth2 scopes used for the token
+                                      request
+                                    items:
+                                      type: string
+                                    type: array
+                                  tokenUrl:
+                                    description: The URL to fetch the token from
+                                    minLength: 1
+                                    type: string
+                                required:
+                                - clientId
+                                - clientSecret
+                                - tokenUrl
+                                type: object
+                              proxyURL:
+                                description: Optional proxy URL.
+                                type: string
+                              tlsConfig:
+                                description: TLS configuration for the client.
+                                properties:
+                                  ca:
+                                    description: Certificate authority used when verifying
+                                      server certificates.
+                                    properties:
+                                      configMap:
+                                        description: ConfigMap containing data to
+                                          use for the targets.
+                                        properties:
+                                          key:
+                                            description: The key to select.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the ConfigMap
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secret:
+                                        description: Secret containing data to use
+                                          for the targets.
+                                        properties:
+                                          key:
+                                            description: The key of the secret to
+                                              select from.  Must be a valid secret
+                                              key.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the Secret
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  cert:
+                                    description: Client certificate to present when
+                                      doing client-authentication.
+                                    properties:
+                                      configMap:
+                                        description: ConfigMap containing data to
+                                          use for the targets.
+                                        properties:
+                                          key:
+                                            description: The key to select.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the ConfigMap
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secret:
+                                        description: Secret containing data to use
+                                          for the targets.
+                                        properties:
+                                          key:
+                                            description: The key of the secret to
+                                              select from.  Must be a valid secret
+                                              key.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the Secret
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  insecureSkipVerify:
+                                    description: Disable target certificate validation.
+                                    type: boolean
+                                  keySecret:
+                                    description: Secret containing the client key
+                                      file for the targets.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  serverName:
+                                    description: Used to verify the hostname for the
+                                      targets.
+                                    type: string
+                                type: object
+                            type: object
+                          pagerDutyImageConfigs:
+                            description: A list of image details to attach that provide
+                              further detail about an incident.
+                            items:
+                              description: PagerDutyImageConfig attaches images to
+                                an incident
+                              properties:
+                                alt:
+                                  description: Alt is the optional alternative text
+                                    for the image.
+                                  type: string
+                                href:
+                                  description: Optional URL; makes the image a clickable
+                                    link.
+                                  type: string
+                                src:
+                                  description: Src of the image being attached to
+                                    the incident
+                                  type: string
+                              type: object
+                            type: array
+                          pagerDutyLinkConfigs:
+                            description: A list of link details to attach that provide
+                              further detail about an incident.
+                            items:
+                              description: PagerDutyLinkConfig attaches text links
+                                to an incident
+                              properties:
+                                alt:
+                                  description: Text that describes the purpose of
+                                    the link, and can be used as the link's text.
+                                  type: string
+                                href:
+                                  description: Href is the URL of the link to be attached
+                                  type: string
+                              type: object
+                            type: array
+                          routingKey:
+                            description: The secret's key that contains the PagerDuty
+                              integration key (when using Events API v2). Either this
+                              field or `serviceKey` needs to be defined. The secret
+                              needs to be in the same namespace as the AlertmanagerConfig
+                              object and accessible by the Prometheus Operator.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                          sendResolved:
+                            description: Whether or not to notify about resolved alerts.
+                            type: boolean
+                          serviceKey:
+                            description: The secret's key that contains the PagerDuty
+                              service key (when using integration type "Prometheus").
+                              Either this field or `routingKey` needs to be defined.
+                              The secret needs to be in the same namespace as the
+                              AlertmanagerConfig object and accessible by the Prometheus
+                              Operator.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                          severity:
+                            description: Severity of the incident.
+                            type: string
+                          url:
+                            description: The URL to send requests to.
+                            type: string
+                        type: object
+                      type: array
+                    pushoverConfigs:
+                      description: List of Pushover configurations.
+                      items:
+                        description: PushoverConfig configures notifications via Pushover.
+                          See https://prometheus.io/docs/alerting/latest/configuration/#pushover_config
+                        properties:
+                          expire:
+                            description: How long your notification will continue
+                              to be retried for, unless the user acknowledges the
+                              notification.
+                            pattern: ^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$
+                            type: string
+                          html:
+                            description: Whether notification message is HTML or plain
+                              text.
+                            type: boolean
+                          httpConfig:
+                            description: HTTP client configuration.
+                            properties:
+                              authorization:
+                                description: Authorization header configuration for
+                                  the client. This is mutually exclusive with BasicAuth
+                                  and is only available starting from Alertmanager
+                                  v0.22+.
+                                properties:
+                                  credentials:
+                                    description: The secret's key that contains the
+                                      credentials of the request
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  type:
+                                    description: Set the authentication type. Defaults
+                                      to Bearer, Basic will cause an error
+                                    type: string
+                                type: object
+                              basicAuth:
+                                description: BasicAuth for the client. This is mutually
+                                  exclusive with Authorization. If both are defined,
+                                  BasicAuth takes precedence.
+                                properties:
+                                  password:
+                                    description: The secret in the service monitor
+                                      namespace that contains the password for authentication.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  username:
+                                    description: The secret in the service monitor
+                                      namespace that contains the username for authentication.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              bearerTokenSecret:
+                                description: The secret's key that contains the bearer
+                                  token to be used by the client for authentication.
+                                  The secret needs to be in the same namespace as
+                                  the AlertmanagerConfig object and accessible by
+                                  the Prometheus Operator.
+                                properties:
+                                  key:
+                                    description: The key of the secret to select from.  Must
+                                      be a valid secret key.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the Secret or its
+                                      key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                              followRedirects:
+                                description: FollowRedirects specifies whether the
+                                  client should follow HTTP 3xx redirects.
+                                type: boolean
+                              oauth2:
+                                description: OAuth2 client credentials used to fetch
+                                  a token for the targets.
+                                properties:
+                                  clientId:
+                                    description: The secret or configmap containing
+                                      the OAuth2 client id
+                                    properties:
+                                      configMap:
+                                        description: ConfigMap containing data to
+                                          use for the targets.
+                                        properties:
+                                          key:
+                                            description: The key to select.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the ConfigMap
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secret:
+                                        description: Secret containing data to use
+                                          for the targets.
+                                        properties:
+                                          key:
+                                            description: The key of the secret to
+                                              select from.  Must be a valid secret
+                                              key.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the Secret
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  clientSecret:
+                                    description: The secret containing the OAuth2
+                                      client secret
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  endpointParams:
+                                    additionalProperties:
+                                      type: string
+                                    description: Parameters to append to the token
+                                      URL
+                                    type: object
+                                  scopes:
+                                    description: OAuth2 scopes used for the token
+                                      request
+                                    items:
+                                      type: string
+                                    type: array
+                                  tokenUrl:
+                                    description: The URL to fetch the token from
+                                    minLength: 1
+                                    type: string
+                                required:
+                                - clientId
+                                - clientSecret
+                                - tokenUrl
+                                type: object
+                              proxyURL:
+                                description: Optional proxy URL.
+                                type: string
+                              tlsConfig:
+                                description: TLS configuration for the client.
+                                properties:
+                                  ca:
+                                    description: Certificate authority used when verifying
+                                      server certificates.
+                                    properties:
+                                      configMap:
+                                        description: ConfigMap containing data to
+                                          use for the targets.
+                                        properties:
+                                          key:
+                                            description: The key to select.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the ConfigMap
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secret:
+                                        description: Secret containing data to use
+                                          for the targets.
+                                        properties:
+                                          key:
+                                            description: The key of the secret to
+                                              select from.  Must be a valid secret
+                                              key.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the Secret
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  cert:
+                                    description: Client certificate to present when
+                                      doing client-authentication.
+                                    properties:
+                                      configMap:
+                                        description: ConfigMap containing data to
+                                          use for the targets.
+                                        properties:
+                                          key:
+                                            description: The key to select.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the ConfigMap
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secret:
+                                        description: Secret containing data to use
+                                          for the targets.
+                                        properties:
+                                          key:
+                                            description: The key of the secret to
+                                              select from.  Must be a valid secret
+                                              key.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the Secret
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  insecureSkipVerify:
+                                    description: Disable target certificate validation.
+                                    type: boolean
+                                  keySecret:
+                                    description: Secret containing the client key
+                                      file for the targets.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  serverName:
+                                    description: Used to verify the hostname for the
+                                      targets.
+                                    type: string
+                                type: object
+                            type: object
+                          message:
+                            description: Notification message.
+                            type: string
+                          priority:
+                            description: Priority, see https://pushover.net/api#priority
+                            type: string
+                          retry:
+                            description: How often the Pushover servers will send
+                              the same notification to the user. Must be at least
+                              30 seconds.
+                            pattern: ^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$
+                            type: string
+                          sendResolved:
+                            description: Whether or not to notify about resolved alerts.
+                            type: boolean
+                          sound:
+                            description: The name of one of the sounds supported by
+                              device clients to override the user's default sound
+                              choice
+                            type: string
+                          title:
+                            description: Notification title.
+                            type: string
+                          token:
+                            description: The secret's key that contains the registered
+                              application's API token, see https://pushover.net/apps.
+                              The secret needs to be in the same namespace as the
+                              AlertmanagerConfig object and accessible by the Prometheus
+                              Operator.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                          url:
+                            description: A supplementary URL shown alongside the message.
+                            type: string
+                          urlTitle:
+                            description: A title for supplementary URL, otherwise
+                              just the URL is shown
+                            type: string
+                          userKey:
+                            description: The secret's key that contains the recipient
+                              user's user key. The secret needs to be in the same
+                              namespace as the AlertmanagerConfig object and accessible
+                              by the Prometheus Operator.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                        type: object
+                      type: array
+                    slackConfigs:
+                      description: List of Slack configurations.
+                      items:
+                        description: SlackConfig configures notifications via Slack.
+                          See https://prometheus.io/docs/alerting/latest/configuration/#slack_config
+                        properties:
+                          actions:
+                            description: A list of Slack actions that are sent with
+                              each notification.
+                            items:
+                              description: SlackAction configures a single Slack action
+                                that is sent with each notification. See https://api.slack.com/docs/message-attachments#action_fields
+                                and https://api.slack.com/docs/message-buttons for
+                                more information.
+                              properties:
+                                confirm:
+                                  description: SlackConfirmationField protect users
+                                    from destructive actions or particularly distinguished
+                                    decisions by asking them to confirm their button
+                                    click one more time. See https://api.slack.com/docs/interactive-message-field-guide#confirmation_fields
+                                    for more information.
+                                  properties:
+                                    dismissText:
+                                      type: string
+                                    okText:
+                                      type: string
+                                    text:
+                                      minLength: 1
+                                      type: string
+                                    title:
+                                      type: string
+                                  required:
+                                  - text
+                                  type: object
+                                name:
+                                  type: string
+                                style:
+                                  type: string
+                                text:
+                                  minLength: 1
+                                  type: string
+                                type:
+                                  minLength: 1
+                                  type: string
+                                url:
+                                  type: string
+                                value:
+                                  type: string
+                              required:
+                              - text
+                              - type
+                              type: object
+                            type: array
+                          apiURL:
+                            description: The secret's key that contains the Slack
+                              webhook URL. The secret needs to be in the same namespace
+                              as the AlertmanagerConfig object and accessible by the
+                              Prometheus Operator.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                          callbackId:
+                            type: string
+                          channel:
+                            description: The channel or user to send notifications
+                              to.
+                            type: string
+                          color:
+                            type: string
+                          fallback:
+                            type: string
+                          fields:
+                            description: A list of Slack fields that are sent with
+                              each notification.
+                            items:
+                              description: SlackField configures a single Slack field
+                                that is sent with each notification. Each field must
+                                contain a title, value, and optionally, a boolean
+                                value to indicate if the field is short enough to
+                                be displayed next to other fields designated as short.
+                                See https://api.slack.com/docs/message-attachments#fields
+                                for more information.
+                              properties:
+                                short:
+                                  type: boolean
+                                title:
+                                  minLength: 1
+                                  type: string
+                                value:
+                                  minLength: 1
+                                  type: string
+                              required:
+                              - title
+                              - value
+                              type: object
+                            type: array
+                          footer:
+                            type: string
+                          httpConfig:
+                            description: HTTP client configuration.
+                            properties:
+                              authorization:
+                                description: Authorization header configuration for
+                                  the client. This is mutually exclusive with BasicAuth
+                                  and is only available starting from Alertmanager
+                                  v0.22+.
+                                properties:
+                                  credentials:
+                                    description: The secret's key that contains the
+                                      credentials of the request
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  type:
+                                    description: Set the authentication type. Defaults
+                                      to Bearer, Basic will cause an error
+                                    type: string
+                                type: object
+                              basicAuth:
+                                description: BasicAuth for the client. This is mutually
+                                  exclusive with Authorization. If both are defined,
+                                  BasicAuth takes precedence.
+                                properties:
+                                  password:
+                                    description: The secret in the service monitor
+                                      namespace that contains the password for authentication.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  username:
+                                    description: The secret in the service monitor
+                                      namespace that contains the username for authentication.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              bearerTokenSecret:
+                                description: The secret's key that contains the bearer
+                                  token to be used by the client for authentication.
+                                  The secret needs to be in the same namespace as
+                                  the AlertmanagerConfig object and accessible by
+                                  the Prometheus Operator.
+                                properties:
+                                  key:
+                                    description: The key of the secret to select from.  Must
+                                      be a valid secret key.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the Secret or its
+                                      key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                              followRedirects:
+                                description: FollowRedirects specifies whether the
+                                  client should follow HTTP 3xx redirects.
+                                type: boolean
+                              oauth2:
+                                description: OAuth2 client credentials used to fetch
+                                  a token for the targets.
+                                properties:
+                                  clientId:
+                                    description: The secret or configmap containing
+                                      the OAuth2 client id
+                                    properties:
+                                      configMap:
+                                        description: ConfigMap containing data to
+                                          use for the targets.
+                                        properties:
+                                          key:
+                                            description: The key to select.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the ConfigMap
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secret:
+                                        description: Secret containing data to use
+                                          for the targets.
+                                        properties:
+                                          key:
+                                            description: The key of the secret to
+                                              select from.  Must be a valid secret
+                                              key.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the Secret
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  clientSecret:
+                                    description: The secret containing the OAuth2
+                                      client secret
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  endpointParams:
+                                    additionalProperties:
+                                      type: string
+                                    description: Parameters to append to the token
+                                      URL
+                                    type: object
+                                  scopes:
+                                    description: OAuth2 scopes used for the token
+                                      request
+                                    items:
+                                      type: string
+                                    type: array
+                                  tokenUrl:
+                                    description: The URL to fetch the token from
+                                    minLength: 1
+                                    type: string
+                                required:
+                                - clientId
+                                - clientSecret
+                                - tokenUrl
+                                type: object
+                              proxyURL:
+                                description: Optional proxy URL.
+                                type: string
+                              tlsConfig:
+                                description: TLS configuration for the client.
+                                properties:
+                                  ca:
+                                    description: Certificate authority used when verifying
+                                      server certificates.
+                                    properties:
+                                      configMap:
+                                        description: ConfigMap containing data to
+                                          use for the targets.
+                                        properties:
+                                          key:
+                                            description: The key to select.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the ConfigMap
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secret:
+                                        description: Secret containing data to use
+                                          for the targets.
+                                        properties:
+                                          key:
+                                            description: The key of the secret to
+                                              select from.  Must be a valid secret
+                                              key.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the Secret
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  cert:
+                                    description: Client certificate to present when
+                                      doing client-authentication.
+                                    properties:
+                                      configMap:
+                                        description: ConfigMap containing data to
+                                          use for the targets.
+                                        properties:
+                                          key:
+                                            description: The key to select.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the ConfigMap
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secret:
+                                        description: Secret containing data to use
+                                          for the targets.
+                                        properties:
+                                          key:
+                                            description: The key of the secret to
+                                              select from.  Must be a valid secret
+                                              key.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the Secret
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  insecureSkipVerify:
+                                    description: Disable target certificate validation.
+                                    type: boolean
+                                  keySecret:
+                                    description: Secret containing the client key
+                                      file for the targets.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  serverName:
+                                    description: Used to verify the hostname for the
+                                      targets.
+                                    type: string
+                                type: object
+                            type: object
+                          iconEmoji:
+                            type: string
+                          iconURL:
+                            type: string
+                          imageURL:
+                            type: string
+                          linkNames:
+                            type: boolean
+                          mrkdwnIn:
+                            items:
+                              type: string
+                            type: array
+                          pretext:
+                            type: string
+                          sendResolved:
+                            description: Whether or not to notify about resolved alerts.
+                            type: boolean
+                          shortFields:
+                            type: boolean
+                          text:
+                            type: string
+                          thumbURL:
+                            type: string
+                          title:
+                            type: string
+                          titleLink:
+                            type: string
+                          username:
+                            type: string
+                        type: object
+                      type: array
+                    snsConfigs:
+                      description: List of SNS configurations
+                      items:
+                        description: SNSConfig configures notifications via AWS SNS.
+                          See https://prometheus.io/docs/alerting/latest/configuration/#sns_configs
+                        properties:
+                          apiURL:
+                            description: The SNS API URL i.e. https://sns.us-east-2.amazonaws.com.
+                              If not specified, the SNS API URL from the SNS SDK will
+                              be used.
+                            type: string
+                          attributes:
+                            additionalProperties:
+                              type: string
+                            description: SNS message attributes.
+                            type: object
+                          httpConfig:
+                            description: HTTP client configuration.
+                            properties:
+                              authorization:
+                                description: Authorization header configuration for
+                                  the client. This is mutually exclusive with BasicAuth
+                                  and is only available starting from Alertmanager
+                                  v0.22+.
+                                properties:
+                                  credentials:
+                                    description: The secret's key that contains the
+                                      credentials of the request
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  type:
+                                    description: Set the authentication type. Defaults
+                                      to Bearer, Basic will cause an error
+                                    type: string
+                                type: object
+                              basicAuth:
+                                description: BasicAuth for the client. This is mutually
+                                  exclusive with Authorization. If both are defined,
+                                  BasicAuth takes precedence.
+                                properties:
+                                  password:
+                                    description: The secret in the service monitor
+                                      namespace that contains the password for authentication.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  username:
+                                    description: The secret in the service monitor
+                                      namespace that contains the username for authentication.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              bearerTokenSecret:
+                                description: The secret's key that contains the bearer
+                                  token to be used by the client for authentication.
+                                  The secret needs to be in the same namespace as
+                                  the AlertmanagerConfig object and accessible by
+                                  the Prometheus Operator.
+                                properties:
+                                  key:
+                                    description: The key of the secret to select from.  Must
+                                      be a valid secret key.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the Secret or its
+                                      key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                              followRedirects:
+                                description: FollowRedirects specifies whether the
+                                  client should follow HTTP 3xx redirects.
+                                type: boolean
+                              oauth2:
+                                description: OAuth2 client credentials used to fetch
+                                  a token for the targets.
+                                properties:
+                                  clientId:
+                                    description: The secret or configmap containing
+                                      the OAuth2 client id
+                                    properties:
+                                      configMap:
+                                        description: ConfigMap containing data to
+                                          use for the targets.
+                                        properties:
+                                          key:
+                                            description: The key to select.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the ConfigMap
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secret:
+                                        description: Secret containing data to use
+                                          for the targets.
+                                        properties:
+                                          key:
+                                            description: The key of the secret to
+                                              select from.  Must be a valid secret
+                                              key.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the Secret
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  clientSecret:
+                                    description: The secret containing the OAuth2
+                                      client secret
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  endpointParams:
+                                    additionalProperties:
+                                      type: string
+                                    description: Parameters to append to the token
+                                      URL
+                                    type: object
+                                  scopes:
+                                    description: OAuth2 scopes used for the token
+                                      request
+                                    items:
+                                      type: string
+                                    type: array
+                                  tokenUrl:
+                                    description: The URL to fetch the token from
+                                    minLength: 1
+                                    type: string
+                                required:
+                                - clientId
+                                - clientSecret
+                                - tokenUrl
+                                type: object
+                              proxyURL:
+                                description: Optional proxy URL.
+                                type: string
+                              tlsConfig:
+                                description: TLS configuration for the client.
+                                properties:
+                                  ca:
+                                    description: Certificate authority used when verifying
+                                      server certificates.
+                                    properties:
+                                      configMap:
+                                        description: ConfigMap containing data to
+                                          use for the targets.
+                                        properties:
+                                          key:
+                                            description: The key to select.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the ConfigMap
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secret:
+                                        description: Secret containing data to use
+                                          for the targets.
+                                        properties:
+                                          key:
+                                            description: The key of the secret to
+                                              select from.  Must be a valid secret
+                                              key.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the Secret
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  cert:
+                                    description: Client certificate to present when
+                                      doing client-authentication.
+                                    properties:
+                                      configMap:
+                                        description: ConfigMap containing data to
+                                          use for the targets.
+                                        properties:
+                                          key:
+                                            description: The key to select.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the ConfigMap
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secret:
+                                        description: Secret containing data to use
+                                          for the targets.
+                                        properties:
+                                          key:
+                                            description: The key of the secret to
+                                              select from.  Must be a valid secret
+                                              key.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the Secret
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  insecureSkipVerify:
+                                    description: Disable target certificate validation.
+                                    type: boolean
+                                  keySecret:
+                                    description: Secret containing the client key
+                                      file for the targets.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  serverName:
+                                    description: Used to verify the hostname for the
+                                      targets.
+                                    type: string
+                                type: object
+                            type: object
+                          message:
+                            description: The message content of the SNS notification.
+                            type: string
+                          phoneNumber:
+                            description: Phone number if message is delivered via
+                              SMS in E.164 format. If you don't specify this value,
+                              you must specify a value for the TopicARN or TargetARN.
+                            type: string
+                          sendResolved:
+                            description: Whether or not to notify about resolved alerts.
+                            type: boolean
+                          sigv4:
+                            description: Configures AWS's Signature Verification 4
+                              signing process to sign requests.
+                            properties:
+                              accessKey:
+                                description: AccessKey is the AWS API key. If blank,
+                                  the environment variable `AWS_ACCESS_KEY_ID` is
+                                  used.
+                                properties:
+                                  key:
+                                    description: The key of the secret to select from.  Must
+                                      be a valid secret key.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the Secret or its
+                                      key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              profile:
+                                description: Profile is the named AWS profile used
+                                  to authenticate.
+                                type: string
+                              region:
+                                description: Region is the AWS region. If blank, the
+                                  region from the default credentials chain used.
+                                type: string
+                              roleArn:
+                                description: RoleArn is the named AWS profile used
+                                  to authenticate.
+                                type: string
+                              secretKey:
+                                description: SecretKey is the AWS API secret. If blank,
+                                  the environment variable `AWS_SECRET_ACCESS_KEY`
+                                  is used.
+                                properties:
+                                  key:
+                                    description: The key of the secret to select from.  Must
+                                      be a valid secret key.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the Secret or its
+                                      key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          subject:
+                            description: Subject line when the message is delivered
+                              to email endpoints.
+                            type: string
+                          targetARN:
+                            description: The  mobile platform endpoint ARN if message
+                              is delivered via mobile notifications. If you don't
+                              specify this value, you must specify a value for the
+                              topic_arn or PhoneNumber.
+                            type: string
+                          topicARN:
+                            description: SNS topic ARN, i.e. arn:aws:sns:us-east-2:698519295917:My-Topic
+                              If you don't specify this value, you must specify a
+                              value for the PhoneNumber or TargetARN.
+                            type: string
+                        type: object
+                      type: array
+                    telegramConfigs:
+                      description: List of Telegram configurations.
+                      items:
+                        description: TelegramConfig configures notifications via Telegram.
+                          See https://prometheus.io/docs/alerting/latest/configuration/#telegram_config
+                        properties:
+                          apiURL:
+                            description: The Telegram API URL i.e. https://api.telegram.org.
+                              If not specified, default API URL will be used.
+                            type: string
+                          botToken:
+                            description: Telegram bot token The secret needs to be
+                              in the same namespace as the AlertmanagerConfig object
+                              and accessible by the Prometheus Operator.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                          chatID:
+                            description: The Telegram chat ID.
+                            format: int64
+                            type: integer
+                          disableNotifications:
+                            description: Disable telegram notifications
+                            type: boolean
+                          httpConfig:
+                            description: HTTP client configuration.
+                            properties:
+                              authorization:
+                                description: Authorization header configuration for
+                                  the client. This is mutually exclusive with BasicAuth
+                                  and is only available starting from Alertmanager
+                                  v0.22+.
+                                properties:
+                                  credentials:
+                                    description: The secret's key that contains the
+                                      credentials of the request
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  type:
+                                    description: Set the authentication type. Defaults
+                                      to Bearer, Basic will cause an error
+                                    type: string
+                                type: object
+                              basicAuth:
+                                description: BasicAuth for the client. This is mutually
+                                  exclusive with Authorization. If both are defined,
+                                  BasicAuth takes precedence.
+                                properties:
+                                  password:
+                                    description: The secret in the service monitor
+                                      namespace that contains the password for authentication.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  username:
+                                    description: The secret in the service monitor
+                                      namespace that contains the username for authentication.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              bearerTokenSecret:
+                                description: The secret's key that contains the bearer
+                                  token to be used by the client for authentication.
+                                  The secret needs to be in the same namespace as
+                                  the AlertmanagerConfig object and accessible by
+                                  the Prometheus Operator.
+                                properties:
+                                  key:
+                                    description: The key of the secret to select from.  Must
+                                      be a valid secret key.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the Secret or its
+                                      key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                              followRedirects:
+                                description: FollowRedirects specifies whether the
+                                  client should follow HTTP 3xx redirects.
+                                type: boolean
+                              oauth2:
+                                description: OAuth2 client credentials used to fetch
+                                  a token for the targets.
+                                properties:
+                                  clientId:
+                                    description: The secret or configmap containing
+                                      the OAuth2 client id
+                                    properties:
+                                      configMap:
+                                        description: ConfigMap containing data to
+                                          use for the targets.
+                                        properties:
+                                          key:
+                                            description: The key to select.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the ConfigMap
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secret:
+                                        description: Secret containing data to use
+                                          for the targets.
+                                        properties:
+                                          key:
+                                            description: The key of the secret to
+                                              select from.  Must be a valid secret
+                                              key.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the Secret
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  clientSecret:
+                                    description: The secret containing the OAuth2
+                                      client secret
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  endpointParams:
+                                    additionalProperties:
+                                      type: string
+                                    description: Parameters to append to the token
+                                      URL
+                                    type: object
+                                  scopes:
+                                    description: OAuth2 scopes used for the token
+                                      request
+                                    items:
+                                      type: string
+                                    type: array
+                                  tokenUrl:
+                                    description: The URL to fetch the token from
+                                    minLength: 1
+                                    type: string
+                                required:
+                                - clientId
+                                - clientSecret
+                                - tokenUrl
+                                type: object
+                              proxyURL:
+                                description: Optional proxy URL.
+                                type: string
+                              tlsConfig:
+                                description: TLS configuration for the client.
+                                properties:
+                                  ca:
+                                    description: Certificate authority used when verifying
+                                      server certificates.
+                                    properties:
+                                      configMap:
+                                        description: ConfigMap containing data to
+                                          use for the targets.
+                                        properties:
+                                          key:
+                                            description: The key to select.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the ConfigMap
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secret:
+                                        description: Secret containing data to use
+                                          for the targets.
+                                        properties:
+                                          key:
+                                            description: The key of the secret to
+                                              select from.  Must be a valid secret
+                                              key.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the Secret
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  cert:
+                                    description: Client certificate to present when
+                                      doing client-authentication.
+                                    properties:
+                                      configMap:
+                                        description: ConfigMap containing data to
+                                          use for the targets.
+                                        properties:
+                                          key:
+                                            description: The key to select.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the ConfigMap
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secret:
+                                        description: Secret containing data to use
+                                          for the targets.
+                                        properties:
+                                          key:
+                                            description: The key of the secret to
+                                              select from.  Must be a valid secret
+                                              key.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the Secret
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  insecureSkipVerify:
+                                    description: Disable target certificate validation.
+                                    type: boolean
+                                  keySecret:
+                                    description: Secret containing the client key
+                                      file for the targets.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  serverName:
+                                    description: Used to verify the hostname for the
+                                      targets.
+                                    type: string
+                                type: object
+                            type: object
+                          message:
+                            description: Message template
+                            type: string
+                          parseMode:
+                            description: Parse mode for telegram message
+                            enum:
+                            - MarkdownV2
+                            - Markdown
+                            - HTML
+                            type: string
+                          sendResolved:
+                            description: Whether to notify about resolved alerts.
+                            type: boolean
+                        type: object
+                      type: array
+                    victoropsConfigs:
+                      description: List of VictorOps configurations.
+                      items:
+                        description: VictorOpsConfig configures notifications via
+                          VictorOps. See https://prometheus.io/docs/alerting/latest/configuration/#victorops_config
+                        properties:
+                          apiKey:
+                            description: The secret's key that contains the API key
+                              to use when talking to the VictorOps API. The secret
+                              needs to be in the same namespace as the AlertmanagerConfig
+                              object and accessible by the Prometheus Operator.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                          apiUrl:
+                            description: The VictorOps API URL.
+                            type: string
+                          customFields:
+                            description: Additional custom fields for notification.
+                            items:
+                              description: KeyValue defines a (key, value) tuple.
+                              properties:
+                                key:
+                                  description: Key of the tuple.
+                                  minLength: 1
+                                  type: string
+                                value:
+                                  description: Value of the tuple.
+                                  type: string
+                              required:
+                              - key
+                              - value
+                              type: object
+                            type: array
+                          entityDisplayName:
+                            description: Contains summary of the alerted problem.
+                            type: string
+                          httpConfig:
+                            description: The HTTP client's configuration.
+                            properties:
+                              authorization:
+                                description: Authorization header configuration for
+                                  the client. This is mutually exclusive with BasicAuth
+                                  and is only available starting from Alertmanager
+                                  v0.22+.
+                                properties:
+                                  credentials:
+                                    description: The secret's key that contains the
+                                      credentials of the request
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  type:
+                                    description: Set the authentication type. Defaults
+                                      to Bearer, Basic will cause an error
+                                    type: string
+                                type: object
+                              basicAuth:
+                                description: BasicAuth for the client. This is mutually
+                                  exclusive with Authorization. If both are defined,
+                                  BasicAuth takes precedence.
+                                properties:
+                                  password:
+                                    description: The secret in the service monitor
+                                      namespace that contains the password for authentication.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  username:
+                                    description: The secret in the service monitor
+                                      namespace that contains the username for authentication.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              bearerTokenSecret:
+                                description: The secret's key that contains the bearer
+                                  token to be used by the client for authentication.
+                                  The secret needs to be in the same namespace as
+                                  the AlertmanagerConfig object and accessible by
+                                  the Prometheus Operator.
+                                properties:
+                                  key:
+                                    description: The key of the secret to select from.  Must
+                                      be a valid secret key.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the Secret or its
+                                      key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                              followRedirects:
+                                description: FollowRedirects specifies whether the
+                                  client should follow HTTP 3xx redirects.
+                                type: boolean
+                              oauth2:
+                                description: OAuth2 client credentials used to fetch
+                                  a token for the targets.
+                                properties:
+                                  clientId:
+                                    description: The secret or configmap containing
+                                      the OAuth2 client id
+                                    properties:
+                                      configMap:
+                                        description: ConfigMap containing data to
+                                          use for the targets.
+                                        properties:
+                                          key:
+                                            description: The key to select.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the ConfigMap
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secret:
+                                        description: Secret containing data to use
+                                          for the targets.
+                                        properties:
+                                          key:
+                                            description: The key of the secret to
+                                              select from.  Must be a valid secret
+                                              key.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the Secret
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  clientSecret:
+                                    description: The secret containing the OAuth2
+                                      client secret
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  endpointParams:
+                                    additionalProperties:
+                                      type: string
+                                    description: Parameters to append to the token
+                                      URL
+                                    type: object
+                                  scopes:
+                                    description: OAuth2 scopes used for the token
+                                      request
+                                    items:
+                                      type: string
+                                    type: array
+                                  tokenUrl:
+                                    description: The URL to fetch the token from
+                                    minLength: 1
+                                    type: string
+                                required:
+                                - clientId
+                                - clientSecret
+                                - tokenUrl
+                                type: object
+                              proxyURL:
+                                description: Optional proxy URL.
+                                type: string
+                              tlsConfig:
+                                description: TLS configuration for the client.
+                                properties:
+                                  ca:
+                                    description: Certificate authority used when verifying
+                                      server certificates.
+                                    properties:
+                                      configMap:
+                                        description: ConfigMap containing data to
+                                          use for the targets.
+                                        properties:
+                                          key:
+                                            description: The key to select.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the ConfigMap
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secret:
+                                        description: Secret containing data to use
+                                          for the targets.
+                                        properties:
+                                          key:
+                                            description: The key of the secret to
+                                              select from.  Must be a valid secret
+                                              key.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the Secret
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  cert:
+                                    description: Client certificate to present when
+                                      doing client-authentication.
+                                    properties:
+                                      configMap:
+                                        description: ConfigMap containing data to
+                                          use for the targets.
+                                        properties:
+                                          key:
+                                            description: The key to select.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the ConfigMap
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secret:
+                                        description: Secret containing data to use
+                                          for the targets.
+                                        properties:
+                                          key:
+                                            description: The key of the secret to
+                                              select from.  Must be a valid secret
+                                              key.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the Secret
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  insecureSkipVerify:
+                                    description: Disable target certificate validation.
+                                    type: boolean
+                                  keySecret:
+                                    description: Secret containing the client key
+                                      file for the targets.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  serverName:
+                                    description: Used to verify the hostname for the
+                                      targets.
+                                    type: string
+                                type: object
+                            type: object
+                          messageType:
+                            description: Describes the behavior of the alert (CRITICAL,
+                              WARNING, INFO).
+                            type: string
+                          monitoringTool:
+                            description: The monitoring tool the state message is
+                              from.
+                            type: string
+                          routingKey:
+                            description: A key used to map the alert to a team.
+                            type: string
+                          sendResolved:
+                            description: Whether or not to notify about resolved alerts.
+                            type: boolean
+                          stateMessage:
+                            description: Contains long explanation of the alerted
+                              problem.
+                            type: string
+                        type: object
+                      type: array
+                    webhookConfigs:
+                      description: List of webhook configurations.
+                      items:
+                        description: WebhookConfig configures notifications via a
+                          generic receiver supporting the webhook payload. See https://prometheus.io/docs/alerting/latest/configuration/#webhook_config
+                        properties:
+                          httpConfig:
+                            description: HTTP client configuration.
+                            properties:
+                              authorization:
+                                description: Authorization header configuration for
+                                  the client. This is mutually exclusive with BasicAuth
+                                  and is only available starting from Alertmanager
+                                  v0.22+.
+                                properties:
+                                  credentials:
+                                    description: The secret's key that contains the
+                                      credentials of the request
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  type:
+                                    description: Set the authentication type. Defaults
+                                      to Bearer, Basic will cause an error
+                                    type: string
+                                type: object
+                              basicAuth:
+                                description: BasicAuth for the client. This is mutually
+                                  exclusive with Authorization. If both are defined,
+                                  BasicAuth takes precedence.
+                                properties:
+                                  password:
+                                    description: The secret in the service monitor
+                                      namespace that contains the password for authentication.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  username:
+                                    description: The secret in the service monitor
+                                      namespace that contains the username for authentication.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              bearerTokenSecret:
+                                description: The secret's key that contains the bearer
+                                  token to be used by the client for authentication.
+                                  The secret needs to be in the same namespace as
+                                  the AlertmanagerConfig object and accessible by
+                                  the Prometheus Operator.
+                                properties:
+                                  key:
+                                    description: The key of the secret to select from.  Must
+                                      be a valid secret key.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the Secret or its
+                                      key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                              followRedirects:
+                                description: FollowRedirects specifies whether the
+                                  client should follow HTTP 3xx redirects.
+                                type: boolean
+                              oauth2:
+                                description: OAuth2 client credentials used to fetch
+                                  a token for the targets.
+                                properties:
+                                  clientId:
+                                    description: The secret or configmap containing
+                                      the OAuth2 client id
+                                    properties:
+                                      configMap:
+                                        description: ConfigMap containing data to
+                                          use for the targets.
+                                        properties:
+                                          key:
+                                            description: The key to select.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the ConfigMap
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secret:
+                                        description: Secret containing data to use
+                                          for the targets.
+                                        properties:
+                                          key:
+                                            description: The key of the secret to
+                                              select from.  Must be a valid secret
+                                              key.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the Secret
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  clientSecret:
+                                    description: The secret containing the OAuth2
+                                      client secret
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  endpointParams:
+                                    additionalProperties:
+                                      type: string
+                                    description: Parameters to append to the token
+                                      URL
+                                    type: object
+                                  scopes:
+                                    description: OAuth2 scopes used for the token
+                                      request
+                                    items:
+                                      type: string
+                                    type: array
+                                  tokenUrl:
+                                    description: The URL to fetch the token from
+                                    minLength: 1
+                                    type: string
+                                required:
+                                - clientId
+                                - clientSecret
+                                - tokenUrl
+                                type: object
+                              proxyURL:
+                                description: Optional proxy URL.
+                                type: string
+                              tlsConfig:
+                                description: TLS configuration for the client.
+                                properties:
+                                  ca:
+                                    description: Certificate authority used when verifying
+                                      server certificates.
+                                    properties:
+                                      configMap:
+                                        description: ConfigMap containing data to
+                                          use for the targets.
+                                        properties:
+                                          key:
+                                            description: The key to select.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the ConfigMap
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secret:
+                                        description: Secret containing data to use
+                                          for the targets.
+                                        properties:
+                                          key:
+                                            description: The key of the secret to
+                                              select from.  Must be a valid secret
+                                              key.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the Secret
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  cert:
+                                    description: Client certificate to present when
+                                      doing client-authentication.
+                                    properties:
+                                      configMap:
+                                        description: ConfigMap containing data to
+                                          use for the targets.
+                                        properties:
+                                          key:
+                                            description: The key to select.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the ConfigMap
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secret:
+                                        description: Secret containing data to use
+                                          for the targets.
+                                        properties:
+                                          key:
+                                            description: The key of the secret to
+                                              select from.  Must be a valid secret
+                                              key.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the Secret
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  insecureSkipVerify:
+                                    description: Disable target certificate validation.
+                                    type: boolean
+                                  keySecret:
+                                    description: Secret containing the client key
+                                      file for the targets.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  serverName:
+                                    description: Used to verify the hostname for the
+                                      targets.
+                                    type: string
+                                type: object
+                            type: object
+                          maxAlerts:
+                            description: Maximum number of alerts to be sent per webhook
+                              message. When 0, all alerts are included.
+                            format: int32
+                            minimum: 0
+                            type: integer
+                          sendResolved:
+                            description: Whether or not to notify about resolved alerts.
+                            type: boolean
+                          url:
+                            description: The URL to send HTTP POST requests to. `urlSecret`
+                              takes precedence over `url`. One of `urlSecret` and
+                              `url` should be defined.
+                            type: string
+                          urlSecret:
+                            description: The secret's key that contains the webhook
+                              URL to send HTTP requests to. `urlSecret` takes precedence
+                              over `url`. One of `urlSecret` and `url` should be defined.
+                              The secret needs to be in the same namespace as the
+                              AlertmanagerConfig object and accessible by the Prometheus
+                              Operator.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                        type: object
+                      type: array
+                    wechatConfigs:
+                      description: List of WeChat configurations.
+                      items:
+                        description: WeChatConfig configures notifications via WeChat.
+                          See https://prometheus.io/docs/alerting/latest/configuration/#wechat_config
+                        properties:
+                          agentID:
+                            type: string
+                          apiSecret:
+                            description: The secret's key that contains the WeChat
+                              API key. The secret needs to be in the same namespace
+                              as the AlertmanagerConfig object and accessible by the
+                              Prometheus Operator.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                          apiURL:
+                            description: The WeChat API URL.
+                            type: string
+                          corpID:
+                            description: The corp id for authentication.
+                            type: string
+                          httpConfig:
+                            description: HTTP client configuration.
+                            properties:
+                              authorization:
+                                description: Authorization header configuration for
+                                  the client. This is mutually exclusive with BasicAuth
+                                  and is only available starting from Alertmanager
+                                  v0.22+.
+                                properties:
+                                  credentials:
+                                    description: The secret's key that contains the
+                                      credentials of the request
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  type:
+                                    description: Set the authentication type. Defaults
+                                      to Bearer, Basic will cause an error
+                                    type: string
+                                type: object
+                              basicAuth:
+                                description: BasicAuth for the client. This is mutually
+                                  exclusive with Authorization. If both are defined,
+                                  BasicAuth takes precedence.
+                                properties:
+                                  password:
+                                    description: The secret in the service monitor
+                                      namespace that contains the password for authentication.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  username:
+                                    description: The secret in the service monitor
+                                      namespace that contains the username for authentication.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              bearerTokenSecret:
+                                description: The secret's key that contains the bearer
+                                  token to be used by the client for authentication.
+                                  The secret needs to be in the same namespace as
+                                  the AlertmanagerConfig object and accessible by
+                                  the Prometheus Operator.
+                                properties:
+                                  key:
+                                    description: The key of the secret to select from.  Must
+                                      be a valid secret key.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the Secret or its
+                                      key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                              followRedirects:
+                                description: FollowRedirects specifies whether the
+                                  client should follow HTTP 3xx redirects.
+                                type: boolean
+                              oauth2:
+                                description: OAuth2 client credentials used to fetch
+                                  a token for the targets.
+                                properties:
+                                  clientId:
+                                    description: The secret or configmap containing
+                                      the OAuth2 client id
+                                    properties:
+                                      configMap:
+                                        description: ConfigMap containing data to
+                                          use for the targets.
+                                        properties:
+                                          key:
+                                            description: The key to select.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the ConfigMap
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secret:
+                                        description: Secret containing data to use
+                                          for the targets.
+                                        properties:
+                                          key:
+                                            description: The key of the secret to
+                                              select from.  Must be a valid secret
+                                              key.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the Secret
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  clientSecret:
+                                    description: The secret containing the OAuth2
+                                      client secret
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  endpointParams:
+                                    additionalProperties:
+                                      type: string
+                                    description: Parameters to append to the token
+                                      URL
+                                    type: object
+                                  scopes:
+                                    description: OAuth2 scopes used for the token
+                                      request
+                                    items:
+                                      type: string
+                                    type: array
+                                  tokenUrl:
+                                    description: The URL to fetch the token from
+                                    minLength: 1
+                                    type: string
+                                required:
+                                - clientId
+                                - clientSecret
+                                - tokenUrl
+                                type: object
+                              proxyURL:
+                                description: Optional proxy URL.
+                                type: string
+                              tlsConfig:
+                                description: TLS configuration for the client.
+                                properties:
+                                  ca:
+                                    description: Certificate authority used when verifying
+                                      server certificates.
+                                    properties:
+                                      configMap:
+                                        description: ConfigMap containing data to
+                                          use for the targets.
+                                        properties:
+                                          key:
+                                            description: The key to select.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the ConfigMap
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secret:
+                                        description: Secret containing data to use
+                                          for the targets.
+                                        properties:
+                                          key:
+                                            description: The key of the secret to
+                                              select from.  Must be a valid secret
+                                              key.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the Secret
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  cert:
+                                    description: Client certificate to present when
+                                      doing client-authentication.
+                                    properties:
+                                      configMap:
+                                        description: ConfigMap containing data to
+                                          use for the targets.
+                                        properties:
+                                          key:
+                                            description: The key to select.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the ConfigMap
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secret:
+                                        description: Secret containing data to use
+                                          for the targets.
+                                        properties:
+                                          key:
+                                            description: The key of the secret to
+                                              select from.  Must be a valid secret
+                                              key.
+                                            type: string
+                                          name:
+                                            description: 'Name of the referent. More
+                                              info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                              TODO: Add other useful fields. apiVersion,
+                                              kind, uid?'
+                                            type: string
+                                          optional:
+                                            description: Specify whether the Secret
+                                              or its key must be defined
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  insecureSkipVerify:
+                                    description: Disable target certificate validation.
+                                    type: boolean
+                                  keySecret:
+                                    description: Secret containing the client key
+                                      file for the targets.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  serverName:
+                                    description: Used to verify the hostname for the
+                                      targets.
+                                    type: string
+                                type: object
+                            type: object
+                          message:
+                            description: API request data as defined by the WeChat
+                              API.
+                            type: string
+                          messageType:
+                            type: string
+                          sendResolved:
+                            description: Whether or not to notify about resolved alerts.
+                            type: boolean
+                          toParty:
+                            type: string
+                          toTag:
+                            type: string
+                          toUser:
+                            type: string
+                        type: object
+                      type: array
+                  required:
+                  - name
+                  type: object
+                type: array
+              route:
+                description: The Alertmanager route definition for alerts matching
+                  the resource's namespace. If present, it will be added to the generated
+                  Alertmanager configuration as a first-level route.
+                properties:
+                  activeTimeIntervals:
+                    description: ActiveTimeIntervals is a list of MuteTimeInterval
+                      names when this route should be active.
+                    items:
+                      type: string
+                    type: array
+                  continue:
+                    description: Boolean indicating whether an alert should continue
+                      matching subsequent sibling nodes. It will always be overridden
+                      to true for the first-level route by the Prometheus operator.
+                    type: boolean
+                  groupBy:
+                    description: List of labels to group by. Labels must not be repeated
+                      (unique list). Special label "..." (aggregate by all possible
+                      labels), if provided, must be the only element in the list.
+                    items:
+                      type: string
+                    type: array
+                  groupInterval:
+                    description: 'How long to wait before sending an updated notification.
+                      Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$`
+                      Example: "5m"'
+                    type: string
+                  groupWait:
+                    description: 'How long to wait before sending the initial notification.
+                      Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$`
+                      Example: "30s"'
+                    type: string
+                  matchers:
+                    description: 'List of matchers that the alert''s labels should
+                      match. For the first level route, the operator removes any existing
+                      equality and regexp matcher on the `namespace` label and adds
+                      a `namespace: <object namespace>` matcher.'
+                    items:
+                      description: Matcher defines how to match on alert's labels.
+                      properties:
+                        matchType:
+                          description: Match operation available with AlertManager
+                            >= v0.22.0 and takes precedence over Regex (deprecated)
+                            if non-empty.
+                          enum:
+                          - '!='
+                          - =
+                          - =~
+                          - '!~'
+                          type: string
+                        name:
+                          description: Label to match.
+                          minLength: 1
+                          type: string
+                        regex:
+                          description: Whether to match on equality (false) or regular-expression
+                            (true). Deprecated as of AlertManager >= v0.22.0 where
+                            a user should use MatchType instead.
+                          type: boolean
+                        value:
+                          description: Label value to match.
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    type: array
+                  muteTimeIntervals:
+                    description: 'Note: this comment applies to the field definition
+                      above but appears below otherwise it gets included in the generated
+                      manifest. CRD schema doesn''t support self-referential types
+                      for now (see https://github.com/kubernetes/kubernetes/issues/62872).
+                      We have to use an alternative type to circumvent the limitation.
+                      The downside is that the Kube API can''t validate the data beyond
+                      the fact that it is a valid JSON representation. MuteTimeIntervals
+                      is a list of MuteTimeInterval names that will mute this route
+                      when matched,'
+                    items:
+                      type: string
+                    type: array
+                  receiver:
+                    description: Name of the receiver for this route. If not empty,
+                      it should be listed in the `receivers` field.
+                    type: string
+                  repeatInterval:
+                    description: 'How long to wait before repeating the last notification.
+                      Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$`
+                      Example: "4h"'
+                    type: string
+                  routes:
+                    description: Child routes.
+                    items:
+                      x-kubernetes-preserve-unknown-fields: true
+                    type: array
+                type: object
+            type: object
+        required:
+        - spec
+        type: object
+    served: true
+    storage: true
diff --git a/charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-alertmanagers.yaml b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-alertmanagers.yaml
new file mode 100644
index 000000000..0701ccccf
--- /dev/null
+++ b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-alertmanagers.yaml
@@ -0,0 +1,7112 @@
+# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.11.1
+  creationTimestamp: null
+  name: alertmanagers.monitoring.coreos.com
+spec:
+  group: monitoring.coreos.com
+  names:
+    categories:
+    - prometheus-operator
+    kind: Alertmanager
+    listKind: AlertmanagerList
+    plural: alertmanagers
+    shortNames:
+    - am
+    singular: alertmanager
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - description: The version of Alertmanager
+      jsonPath: .spec.version
+      name: Version
+      type: string
+    - description: The number of desired replicas
+      jsonPath: .spec.replicas
+      name: Replicas
+      type: integer
+    - description: The number of ready replicas
+      jsonPath: .status.availableReplicas
+      name: Ready
+      type: integer
+    - jsonPath: .status.conditions[?(@.type == 'Reconciled')].status
+      name: Reconciled
+      type: string
+    - jsonPath: .status.conditions[?(@.type == 'Available')].status
+      name: Available
+      type: string
+    - jsonPath: .metadata.creationTimestamp
+      name: Age
+      type: date
+    - description: Whether the resource reconciliation is paused or not
+      jsonPath: .status.paused
+      name: Paused
+      priority: 1
+      type: boolean
+    name: v1
+    schema:
+      openAPIV3Schema:
+        description: Alertmanager describes an Alertmanager cluster.
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: 'Specification of the desired behavior of the Alertmanager
+              cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
+            properties:
+              additionalPeers:
+                description: AdditionalPeers allows injecting a set of additional
+                  Alertmanagers to peer with to form a highly available cluster.
+                items:
+                  type: string
+                type: array
+              affinity:
+                description: If specified, the pod's scheduling constraints.
+                properties:
+                  nodeAffinity:
+                    description: Describes node affinity scheduling rules for the
+                      pod.
+                    properties:
+                      preferredDuringSchedulingIgnoredDuringExecution:
+                        description: The scheduler will prefer to schedule pods to
+                          nodes that satisfy the affinity expressions specified by
+                          this field, but it may choose a node that violates one or
+                          more of the expressions. The node that is most preferred
+                          is the one with the greatest sum of weights, i.e. for each
+                          node that meets all of the scheduling requirements (resource
+                          request, requiredDuringScheduling affinity expressions,
+                          etc.), compute a sum by iterating through the elements of
+                          this field and adding "weight" to the sum if the node matches
+                          the corresponding matchExpressions; the node(s) with the
+                          highest sum are the most preferred.
+                        items:
+                          description: An empty preferred scheduling term matches
+                            all objects with implicit weight 0 (i.e. it's a no-op).
+                            A null preferred scheduling term matches no objects (i.e.
+                            is also a no-op).
+                          properties:
+                            preference:
+                              description: A node selector term, associated with the
+                                corresponding weight.
+                              properties:
+                                matchExpressions:
+                                  description: A list of node selector requirements
+                                    by node's labels.
+                                  items:
+                                    description: A node selector requirement is a
+                                      selector that contains values, a key, and an
+                                      operator that relates the key and values.
+                                    properties:
+                                      key:
+                                        description: The label key that the selector
+                                          applies to.
+                                        type: string
+                                      operator:
+                                        description: Represents a key's relationship
+                                          to a set of values. Valid operators are
+                                          In, NotIn, Exists, DoesNotExist. Gt, and
+                                          Lt.
+                                        type: string
+                                      values:
+                                        description: An array of string values. If
+                                          the operator is In or NotIn, the values
+                                          array must be non-empty. If the operator
+                                          is Exists or DoesNotExist, the values array
+                                          must be empty. If the operator is Gt or
+                                          Lt, the values array must have a single
+                                          element, which will be interpreted as an
+                                          integer. This array is replaced during a
+                                          strategic merge patch.
+                                        items:
+                                          type: string
+                                        type: array
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                matchFields:
+                                  description: A list of node selector requirements
+                                    by node's fields.
+                                  items:
+                                    description: A node selector requirement is a
+                                      selector that contains values, a key, and an
+                                      operator that relates the key and values.
+                                    properties:
+                                      key:
+                                        description: The label key that the selector
+                                          applies to.
+                                        type: string
+                                      operator:
+                                        description: Represents a key's relationship
+                                          to a set of values. Valid operators are
+                                          In, NotIn, Exists, DoesNotExist. Gt, and
+                                          Lt.
+                                        type: string
+                                      values:
+                                        description: An array of string values. If
+                                          the operator is In or NotIn, the values
+                                          array must be non-empty. If the operator
+                                          is Exists or DoesNotExist, the values array
+                                          must be empty. If the operator is Gt or
+                                          Lt, the values array must have a single
+                                          element, which will be interpreted as an
+                                          integer. This array is replaced during a
+                                          strategic merge patch.
+                                        items:
+                                          type: string
+                                        type: array
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            weight:
+                              description: Weight associated with matching the corresponding
+                                nodeSelectorTerm, in the range 1-100.
+                              format: int32
+                              type: integer
+                          required:
+                          - preference
+                          - weight
+                          type: object
+                        type: array
+                      requiredDuringSchedulingIgnoredDuringExecution:
+                        description: If the affinity requirements specified by this
+                          field are not met at scheduling time, the pod will not be
+                          scheduled onto the node. If the affinity requirements specified
+                          by this field cease to be met at some point during pod execution
+                          (e.g. due to an update), the system may or may not try to
+                          eventually evict the pod from its node.
+                        properties:
+                          nodeSelectorTerms:
+                            description: Required. A list of node selector terms.
+                              The terms are ORed.
+                            items:
+                              description: A null or empty node selector term matches
+                                no objects. The requirements of them are ANDed. The
+                                TopologySelectorTerm type implements a subset of the
+                                NodeSelectorTerm.
+                              properties:
+                                matchExpressions:
+                                  description: A list of node selector requirements
+                                    by node's labels.
+                                  items:
+                                    description: A node selector requirement is a
+                                      selector that contains values, a key, and an
+                                      operator that relates the key and values.
+                                    properties:
+                                      key:
+                                        description: The label key that the selector
+                                          applies to.
+                                        type: string
+                                      operator:
+                                        description: Represents a key's relationship
+                                          to a set of values. Valid operators are
+                                          In, NotIn, Exists, DoesNotExist. Gt, and
+                                          Lt.
+                                        type: string
+                                      values:
+                                        description: An array of string values. If
+                                          the operator is In or NotIn, the values
+                                          array must be non-empty. If the operator
+                                          is Exists or DoesNotExist, the values array
+                                          must be empty. If the operator is Gt or
+                                          Lt, the values array must have a single
+                                          element, which will be interpreted as an
+                                          integer. This array is replaced during a
+                                          strategic merge patch.
+                                        items:
+                                          type: string
+                                        type: array
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                matchFields:
+                                  description: A list of node selector requirements
+                                    by node's fields.
+                                  items:
+                                    description: A node selector requirement is a
+                                      selector that contains values, a key, and an
+                                      operator that relates the key and values.
+                                    properties:
+                                      key:
+                                        description: The label key that the selector
+                                          applies to.
+                                        type: string
+                                      operator:
+                                        description: Represents a key's relationship
+                                          to a set of values. Valid operators are
+                                          In, NotIn, Exists, DoesNotExist. Gt, and
+                                          Lt.
+                                        type: string
+                                      values:
+                                        description: An array of string values. If
+                                          the operator is In or NotIn, the values
+                                          array must be non-empty. If the operator
+                                          is Exists or DoesNotExist, the values array
+                                          must be empty. If the operator is Gt or
+                                          Lt, the values array must have a single
+                                          element, which will be interpreted as an
+                                          integer. This array is replaced during a
+                                          strategic merge patch.
+                                        items:
+                                          type: string
+                                        type: array
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            type: array
+                        required:
+                        - nodeSelectorTerms
+                        type: object
+                        x-kubernetes-map-type: atomic
+                    type: object
+                  podAffinity:
+                    description: Describes pod affinity scheduling rules (e.g. co-locate
+                      this pod in the same node, zone, etc. as some other pod(s)).
+                    properties:
+                      preferredDuringSchedulingIgnoredDuringExecution:
+                        description: The scheduler will prefer to schedule pods to
+                          nodes that satisfy the affinity expressions specified by
+                          this field, but it may choose a node that violates one or
+                          more of the expressions. The node that is most preferred
+                          is the one with the greatest sum of weights, i.e. for each
+                          node that meets all of the scheduling requirements (resource
+                          request, requiredDuringScheduling affinity expressions,
+                          etc.), compute a sum by iterating through the elements of
+                          this field and adding "weight" to the sum if the node has
+                          pods which matches the corresponding podAffinityTerm; the
+                          node(s) with the highest sum are the most preferred.
+                        items:
+                          description: The weights of all of the matched WeightedPodAffinityTerm
+                            fields are added per-node to find the most preferred node(s)
+                          properties:
+                            podAffinityTerm:
+                              description: Required. A pod affinity term, associated
+                                with the corresponding weight.
+                              properties:
+                                labelSelector:
+                                  description: A label query over a set of resources,
+                                    in this case pods.
+                                  properties:
+                                    matchExpressions:
+                                      description: matchExpressions is a list of label
+                                        selector requirements. The requirements are
+                                        ANDed.
+                                      items:
+                                        description: A label selector requirement
+                                          is a selector that contains values, a key,
+                                          and an operator that relates the key and
+                                          values.
+                                        properties:
+                                          key:
+                                            description: key is the label key that
+                                              the selector applies to.
+                                            type: string
+                                          operator:
+                                            description: operator represents a key's
+                                              relationship to a set of values. Valid
+                                              operators are In, NotIn, Exists and
+                                              DoesNotExist.
+                                            type: string
+                                          values:
+                                            description: values is an array of string
+                                              values. If the operator is In or NotIn,
+                                              the values array must be non-empty.
+                                              If the operator is Exists or DoesNotExist,
+                                              the values array must be empty. This
+                                              array is replaced during a strategic
+                                              merge patch.
+                                            items:
+                                              type: string
+                                            type: array
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      description: matchLabels is a map of {key,value}
+                                        pairs. A single {key,value} in the matchLabels
+                                        map is equivalent to an element of matchExpressions,
+                                        whose key field is "key", the operator is
+                                        "In", and the values array contains only "value".
+                                        The requirements are ANDed.
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                namespaceSelector:
+                                  description: A label query over the set of namespaces
+                                    that the term applies to. The term is applied
+                                    to the union of the namespaces selected by this
+                                    field and the ones listed in the namespaces field.
+                                    null selector and null or empty namespaces list
+                                    means "this pod's namespace". An empty selector
+                                    ({}) matches all namespaces.
+                                  properties:
+                                    matchExpressions:
+                                      description: matchExpressions is a list of label
+                                        selector requirements. The requirements are
+                                        ANDed.
+                                      items:
+                                        description: A label selector requirement
+                                          is a selector that contains values, a key,
+                                          and an operator that relates the key and
+                                          values.
+                                        properties:
+                                          key:
+                                            description: key is the label key that
+                                              the selector applies to.
+                                            type: string
+                                          operator:
+                                            description: operator represents a key's
+                                              relationship to a set of values. Valid
+                                              operators are In, NotIn, Exists and
+                                              DoesNotExist.
+                                            type: string
+                                          values:
+                                            description: values is an array of string
+                                              values. If the operator is In or NotIn,
+                                              the values array must be non-empty.
+                                              If the operator is Exists or DoesNotExist,
+                                              the values array must be empty. This
+                                              array is replaced during a strategic
+                                              merge patch.
+                                            items:
+                                              type: string
+                                            type: array
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      description: matchLabels is a map of {key,value}
+                                        pairs. A single {key,value} in the matchLabels
+                                        map is equivalent to an element of matchExpressions,
+                                        whose key field is "key", the operator is
+                                        "In", and the values array contains only "value".
+                                        The requirements are ANDed.
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                namespaces:
+                                  description: namespaces specifies a static list
+                                    of namespace names that the term applies to. The
+                                    term is applied to the union of the namespaces
+                                    listed in this field and the ones selected by
+                                    namespaceSelector. null or empty namespaces list
+                                    and null namespaceSelector means "this pod's namespace".
+                                  items:
+                                    type: string
+                                  type: array
+                                topologyKey:
+                                  description: This pod should be co-located (affinity)
+                                    or not co-located (anti-affinity) with the pods
+                                    matching the labelSelector in the specified namespaces,
+                                    where co-located is defined as running on a node
+                                    whose value of the label with key topologyKey
+                                    matches that of any node on which any of the selected
+                                    pods is running. Empty topologyKey is not allowed.
+                                  type: string
+                              required:
+                              - topologyKey
+                              type: object
+                            weight:
+                              description: weight associated with matching the corresponding
+                                podAffinityTerm, in the range 1-100.
+                              format: int32
+                              type: integer
+                          required:
+                          - podAffinityTerm
+                          - weight
+                          type: object
+                        type: array
+                      requiredDuringSchedulingIgnoredDuringExecution:
+                        description: If the affinity requirements specified by this
+                          field are not met at scheduling time, the pod will not be
+                          scheduled onto the node. If the affinity requirements specified
+                          by this field cease to be met at some point during pod execution
+                          (e.g. due to a pod label update), the system may or may
+                          not try to eventually evict the pod from its node. When
+                          there are multiple elements, the lists of nodes corresponding
+                          to each podAffinityTerm are intersected, i.e. all terms
+                          must be satisfied.
+                        items:
+                          description: Defines a set of pods (namely those matching
+                            the labelSelector relative to the given namespace(s))
+                            that this pod should be co-located (affinity) or not co-located
+                            (anti-affinity) with, where co-located is defined as running
+                            on a node whose value of the label with key <topologyKey>
+                            matches that of any node on which a pod of the set of
+                            pods is running
+                          properties:
+                            labelSelector:
+                              description: A label query over a set of resources,
+                                in this case pods.
+                              properties:
+                                matchExpressions:
+                                  description: matchExpressions is a list of label
+                                    selector requirements. The requirements are ANDed.
+                                  items:
+                                    description: A label selector requirement is a
+                                      selector that contains values, a key, and an
+                                      operator that relates the key and values.
+                                    properties:
+                                      key:
+                                        description: key is the label key that the
+                                          selector applies to.
+                                        type: string
+                                      operator:
+                                        description: operator represents a key's relationship
+                                          to a set of values. Valid operators are
+                                          In, NotIn, Exists and DoesNotExist.
+                                        type: string
+                                      values:
+                                        description: values is an array of string
+                                          values. If the operator is In or NotIn,
+                                          the values array must be non-empty. If the
+                                          operator is Exists or DoesNotExist, the
+                                          values array must be empty. This array is
+                                          replaced during a strategic merge patch.
+                                        items:
+                                          type: string
+                                        type: array
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                matchLabels:
+                                  additionalProperties:
+                                    type: string
+                                  description: matchLabels is a map of {key,value}
+                                    pairs. A single {key,value} in the matchLabels
+                                    map is equivalent to an element of matchExpressions,
+                                    whose key field is "key", the operator is "In",
+                                    and the values array contains only "value". The
+                                    requirements are ANDed.
+                                  type: object
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            namespaceSelector:
+                              description: A label query over the set of namespaces
+                                that the term applies to. The term is applied to the
+                                union of the namespaces selected by this field and
+                                the ones listed in the namespaces field. null selector
+                                and null or empty namespaces list means "this pod's
+                                namespace". An empty selector ({}) matches all namespaces.
+                              properties:
+                                matchExpressions:
+                                  description: matchExpressions is a list of label
+                                    selector requirements. The requirements are ANDed.
+                                  items:
+                                    description: A label selector requirement is a
+                                      selector that contains values, a key, and an
+                                      operator that relates the key and values.
+                                    properties:
+                                      key:
+                                        description: key is the label key that the
+                                          selector applies to.
+                                        type: string
+                                      operator:
+                                        description: operator represents a key's relationship
+                                          to a set of values. Valid operators are
+                                          In, NotIn, Exists and DoesNotExist.
+                                        type: string
+                                      values:
+                                        description: values is an array of string
+                                          values. If the operator is In or NotIn,
+                                          the values array must be non-empty. If the
+                                          operator is Exists or DoesNotExist, the
+                                          values array must be empty. This array is
+                                          replaced during a strategic merge patch.
+                                        items:
+                                          type: string
+                                        type: array
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                matchLabels:
+                                  additionalProperties:
+                                    type: string
+                                  description: matchLabels is a map of {key,value}
+                                    pairs. A single {key,value} in the matchLabels
+                                    map is equivalent to an element of matchExpressions,
+                                    whose key field is "key", the operator is "In",
+                                    and the values array contains only "value". The
+                                    requirements are ANDed.
+                                  type: object
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            namespaces:
+                              description: namespaces specifies a static list of namespace
+                                names that the term applies to. The term is applied
+                                to the union of the namespaces listed in this field
+                                and the ones selected by namespaceSelector. null or
+                                empty namespaces list and null namespaceSelector means
+                                "this pod's namespace".
+                              items:
+                                type: string
+                              type: array
+                            topologyKey:
+                              description: This pod should be co-located (affinity)
+                                or not co-located (anti-affinity) with the pods matching
+                                the labelSelector in the specified namespaces, where
+                                co-located is defined as running on a node whose value
+                                of the label with key topologyKey matches that of
+                                any node on which any of the selected pods is running.
+                                Empty topologyKey is not allowed.
+                              type: string
+                          required:
+                          - topologyKey
+                          type: object
+                        type: array
+                    type: object
+                  podAntiAffinity:
+                    description: Describes pod anti-affinity scheduling rules (e.g.
+                      avoid putting this pod in the same node, zone, etc. as some
+                      other pod(s)).
+                    properties:
+                      preferredDuringSchedulingIgnoredDuringExecution:
+                        description: The scheduler will prefer to schedule pods to
+                          nodes that satisfy the anti-affinity expressions specified
+                          by this field, but it may choose a node that violates one
+                          or more of the expressions. The node that is most preferred
+                          is the one with the greatest sum of weights, i.e. for each
+                          node that meets all of the scheduling requirements (resource
+                          request, requiredDuringScheduling anti-affinity expressions,
+                          etc.), compute a sum by iterating through the elements of
+                          this field and adding "weight" to the sum if the node has
+                          pods which matches the corresponding podAffinityTerm; the
+                          node(s) with the highest sum are the most preferred.
+                        items:
+                          description: The weights of all of the matched WeightedPodAffinityTerm
+                            fields are added per-node to find the most preferred node(s)
+                          properties:
+                            podAffinityTerm:
+                              description: Required. A pod affinity term, associated
+                                with the corresponding weight.
+                              properties:
+                                labelSelector:
+                                  description: A label query over a set of resources,
+                                    in this case pods.
+                                  properties:
+                                    matchExpressions:
+                                      description: matchExpressions is a list of label
+                                        selector requirements. The requirements are
+                                        ANDed.
+                                      items:
+                                        description: A label selector requirement
+                                          is a selector that contains values, a key,
+                                          and an operator that relates the key and
+                                          values.
+                                        properties:
+                                          key:
+                                            description: key is the label key that
+                                              the selector applies to.
+                                            type: string
+                                          operator:
+                                            description: operator represents a key's
+                                              relationship to a set of values. Valid
+                                              operators are In, NotIn, Exists and
+                                              DoesNotExist.
+                                            type: string
+                                          values:
+                                            description: values is an array of string
+                                              values. If the operator is In or NotIn,
+                                              the values array must be non-empty.
+                                              If the operator is Exists or DoesNotExist,
+                                              the values array must be empty. This
+                                              array is replaced during a strategic
+                                              merge patch.
+                                            items:
+                                              type: string
+                                            type: array
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      description: matchLabels is a map of {key,value}
+                                        pairs. A single {key,value} in the matchLabels
+                                        map is equivalent to an element of matchExpressions,
+                                        whose key field is "key", the operator is
+                                        "In", and the values array contains only "value".
+                                        The requirements are ANDed.
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                namespaceSelector:
+                                  description: A label query over the set of namespaces
+                                    that the term applies to. The term is applied
+                                    to the union of the namespaces selected by this
+                                    field and the ones listed in the namespaces field.
+                                    null selector and null or empty namespaces list
+                                    means "this pod's namespace". An empty selector
+                                    ({}) matches all namespaces.
+                                  properties:
+                                    matchExpressions:
+                                      description: matchExpressions is a list of label
+                                        selector requirements. The requirements are
+                                        ANDed.
+                                      items:
+                                        description: A label selector requirement
+                                          is a selector that contains values, a key,
+                                          and an operator that relates the key and
+                                          values.
+                                        properties:
+                                          key:
+                                            description: key is the label key that
+                                              the selector applies to.
+                                            type: string
+                                          operator:
+                                            description: operator represents a key's
+                                              relationship to a set of values. Valid
+                                              operators are In, NotIn, Exists and
+                                              DoesNotExist.
+                                            type: string
+                                          values:
+                                            description: values is an array of string
+                                              values. If the operator is In or NotIn,
+                                              the values array must be non-empty.
+                                              If the operator is Exists or DoesNotExist,
+                                              the values array must be empty. This
+                                              array is replaced during a strategic
+                                              merge patch.
+                                            items:
+                                              type: string
+                                            type: array
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      description: matchLabels is a map of {key,value}
+                                        pairs. A single {key,value} in the matchLabels
+                                        map is equivalent to an element of matchExpressions,
+                                        whose key field is "key", the operator is
+                                        "In", and the values array contains only "value".
+                                        The requirements are ANDed.
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                namespaces:
+                                  description: namespaces specifies a static list
+                                    of namespace names that the term applies to. The
+                                    term is applied to the union of the namespaces
+                                    listed in this field and the ones selected by
+                                    namespaceSelector. null or empty namespaces list
+                                    and null namespaceSelector means "this pod's namespace".
+                                  items:
+                                    type: string
+                                  type: array
+                                topologyKey:
+                                  description: This pod should be co-located (affinity)
+                                    or not co-located (anti-affinity) with the pods
+                                    matching the labelSelector in the specified namespaces,
+                                    where co-located is defined as running on a node
+                                    whose value of the label with key topologyKey
+                                    matches that of any node on which any of the selected
+                                    pods is running. Empty topologyKey is not allowed.
+                                  type: string
+                              required:
+                              - topologyKey
+                              type: object
+                            weight:
+                              description: weight associated with matching the corresponding
+                                podAffinityTerm, in the range 1-100.
+                              format: int32
+                              type: integer
+                          required:
+                          - podAffinityTerm
+                          - weight
+                          type: object
+                        type: array
+                      requiredDuringSchedulingIgnoredDuringExecution:
+                        description: If the anti-affinity requirements specified by
+                          this field are not met at scheduling time, the pod will
+                          not be scheduled onto the node. If the anti-affinity requirements
+                          specified by this field cease to be met at some point during
+                          pod execution (e.g. due to a pod label update), the system
+                          may or may not try to eventually evict the pod from its
+                          node. When there are multiple elements, the lists of nodes
+                          corresponding to each podAffinityTerm are intersected, i.e.
+                          all terms must be satisfied.
+                        items:
+                          description: Defines a set of pods (namely those matching
+                            the labelSelector relative to the given namespace(s))
+                            that this pod should be co-located (affinity) or not co-located
+                            (anti-affinity) with, where co-located is defined as running
+                            on a node whose value of the label with key <topologyKey>
+                            matches that of any node on which a pod of the set of
+                            pods is running
+                          properties:
+                            labelSelector:
+                              description: A label query over a set of resources,
+                                in this case pods.
+                              properties:
+                                matchExpressions:
+                                  description: matchExpressions is a list of label
+                                    selector requirements. The requirements are ANDed.
+                                  items:
+                                    description: A label selector requirement is a
+                                      selector that contains values, a key, and an
+                                      operator that relates the key and values.
+                                    properties:
+                                      key:
+                                        description: key is the label key that the
+                                          selector applies to.
+                                        type: string
+                                      operator:
+                                        description: operator represents a key's relationship
+                                          to a set of values. Valid operators are
+                                          In, NotIn, Exists and DoesNotExist.
+                                        type: string
+                                      values:
+                                        description: values is an array of string
+                                          values. If the operator is In or NotIn,
+                                          the values array must be non-empty. If the
+                                          operator is Exists or DoesNotExist, the
+                                          values array must be empty. This array is
+                                          replaced during a strategic merge patch.
+                                        items:
+                                          type: string
+                                        type: array
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                matchLabels:
+                                  additionalProperties:
+                                    type: string
+                                  description: matchLabels is a map of {key,value}
+                                    pairs. A single {key,value} in the matchLabels
+                                    map is equivalent to an element of matchExpressions,
+                                    whose key field is "key", the operator is "In",
+                                    and the values array contains only "value". The
+                                    requirements are ANDed.
+                                  type: object
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            namespaceSelector:
+                              description: A label query over the set of namespaces
+                                that the term applies to. The term is applied to the
+                                union of the namespaces selected by this field and
+                                the ones listed in the namespaces field. null selector
+                                and null or empty namespaces list means "this pod's
+                                namespace". An empty selector ({}) matches all namespaces.
+                              properties:
+                                matchExpressions:
+                                  description: matchExpressions is a list of label
+                                    selector requirements. The requirements are ANDed.
+                                  items:
+                                    description: A label selector requirement is a
+                                      selector that contains values, a key, and an
+                                      operator that relates the key and values.
+                                    properties:
+                                      key:
+                                        description: key is the label key that the
+                                          selector applies to.
+                                        type: string
+                                      operator:
+                                        description: operator represents a key's relationship
+                                          to a set of values. Valid operators are
+                                          In, NotIn, Exists and DoesNotExist.
+                                        type: string
+                                      values:
+                                        description: values is an array of string
+                                          values. If the operator is In or NotIn,
+                                          the values array must be non-empty. If the
+                                          operator is Exists or DoesNotExist, the
+                                          values array must be empty. This array is
+                                          replaced during a strategic merge patch.
+                                        items:
+                                          type: string
+                                        type: array
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                matchLabels:
+                                  additionalProperties:
+                                    type: string
+                                  description: matchLabels is a map of {key,value}
+                                    pairs. A single {key,value} in the matchLabels
+                                    map is equivalent to an element of matchExpressions,
+                                    whose key field is "key", the operator is "In",
+                                    and the values array contains only "value". The
+                                    requirements are ANDed.
+                                  type: object
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            namespaces:
+                              description: namespaces specifies a static list of namespace
+                                names that the term applies to. The term is applied
+                                to the union of the namespaces listed in this field
+                                and the ones selected by namespaceSelector. null or
+                                empty namespaces list and null namespaceSelector means
+                                "this pod's namespace".
+                              items:
+                                type: string
+                              type: array
+                            topologyKey:
+                              description: This pod should be co-located (affinity)
+                                or not co-located (anti-affinity) with the pods matching
+                                the labelSelector in the specified namespaces, where
+                                co-located is defined as running on a node whose value
+                                of the label with key topologyKey matches that of
+                                any node on which any of the selected pods is running.
+                                Empty topologyKey is not allowed.
+                              type: string
+                          required:
+                          - topologyKey
+                          type: object
+                        type: array
+                    type: object
+                type: object
+              alertmanagerConfigMatcherStrategy:
+                description: The AlertmanagerConfigMatcherStrategy defines how AlertmanagerConfig
+                  objects match the alerts. In the future more options may be added.
+                properties:
+                  type:
+                    default: OnNamespace
+                    description: If set to `OnNamespace`, the operator injects a label
+                      matcher matching the namespace of the AlertmanagerConfig object
+                      for all its routes and inhibition rules. `None` will not add
+                      any additional matchers other than the ones specified in the
+                      AlertmanagerConfig. Default is `OnNamespace`.
+                    enum:
+                    - OnNamespace
+                    - None
+                    type: string
+                type: object
+              alertmanagerConfigNamespaceSelector:
+                description: Namespaces to be selected for AlertmanagerConfig discovery.
+                  If nil, only check own namespace.
+                properties:
+                  matchExpressions:
+                    description: matchExpressions is a list of label selector requirements.
+                      The requirements are ANDed.
+                    items:
+                      description: A label selector requirement is a selector that
+                        contains values, a key, and an operator that relates the key
+                        and values.
+                      properties:
+                        key:
+                          description: key is the label key that the selector applies
+                            to.
+                          type: string
+                        operator:
+                          description: operator represents a key's relationship to
+                            a set of values. Valid operators are In, NotIn, Exists
+                            and DoesNotExist.
+                          type: string
+                        values:
+                          description: values is an array of string values. If the
+                            operator is In or NotIn, the values array must be non-empty.
+                            If the operator is Exists or DoesNotExist, the values
+                            array must be empty. This array is replaced during a strategic
+                            merge patch.
+                          items:
+                            type: string
+                          type: array
+                      required:
+                      - key
+                      - operator
+                      type: object
+                    type: array
+                  matchLabels:
+                    additionalProperties:
+                      type: string
+                    description: matchLabels is a map of {key,value} pairs. A single
+                      {key,value} in the matchLabels map is equivalent to an element
+                      of matchExpressions, whose key field is "key", the operator
+                      is "In", and the values array contains only "value". The requirements
+                      are ANDed.
+                    type: object
+                type: object
+                x-kubernetes-map-type: atomic
+              alertmanagerConfigSelector:
+                description: AlertmanagerConfigs to be selected for to merge and configure
+                  Alertmanager with.
+                properties:
+                  matchExpressions:
+                    description: matchExpressions is a list of label selector requirements.
+                      The requirements are ANDed.
+                    items:
+                      description: A label selector requirement is a selector that
+                        contains values, a key, and an operator that relates the key
+                        and values.
+                      properties:
+                        key:
+                          description: key is the label key that the selector applies
+                            to.
+                          type: string
+                        operator:
+                          description: operator represents a key's relationship to
+                            a set of values. Valid operators are In, NotIn, Exists
+                            and DoesNotExist.
+                          type: string
+                        values:
+                          description: values is an array of string values. If the
+                            operator is In or NotIn, the values array must be non-empty.
+                            If the operator is Exists or DoesNotExist, the values
+                            array must be empty. This array is replaced during a strategic
+                            merge patch.
+                          items:
+                            type: string
+                          type: array
+                      required:
+                      - key
+                      - operator
+                      type: object
+                    type: array
+                  matchLabels:
+                    additionalProperties:
+                      type: string
+                    description: matchLabels is a map of {key,value} pairs. A single
+                      {key,value} in the matchLabels map is equivalent to an element
+                      of matchExpressions, whose key field is "key", the operator
+                      is "In", and the values array contains only "value". The requirements
+                      are ANDed.
+                    type: object
+                type: object
+                x-kubernetes-map-type: atomic
+              alertmanagerConfiguration:
+                description: 'EXPERIMENTAL: alertmanagerConfiguration specifies the
+                  configuration of Alertmanager. If defined, it takes precedence over
+                  the `configSecret` field. This field may change in future releases.'
+                properties:
+                  global:
+                    description: Defines the global parameters of the Alertmanager
+                      configuration.
+                    properties:
+                      httpConfig:
+                        description: HTTP client configuration.
+                        properties:
+                          authorization:
+                            description: Authorization header configuration for the
+                              client. This is mutually exclusive with BasicAuth and
+                              is only available starting from Alertmanager v0.22+.
+                            properties:
+                              credentials:
+                                description: The secret's key that contains the credentials
+                                  of the request
+                                properties:
+                                  key:
+                                    description: The key of the secret to select from.  Must
+                                      be a valid secret key.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the Secret or its
+                                      key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              type:
+                                description: Set the authentication type. Defaults
+                                  to Bearer, Basic will cause an error
+                                type: string
+                            type: object
+                          basicAuth:
+                            description: BasicAuth for the client. This is mutually
+                              exclusive with Authorization. If both are defined, BasicAuth
+                              takes precedence.
+                            properties:
+                              password:
+                                description: The secret in the service monitor namespace
+                                  that contains the password for authentication.
+                                properties:
+                                  key:
+                                    description: The key of the secret to select from.  Must
+                                      be a valid secret key.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the Secret or its
+                                      key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              username:
+                                description: The secret in the service monitor namespace
+                                  that contains the username for authentication.
+                                properties:
+                                  key:
+                                    description: The key of the secret to select from.  Must
+                                      be a valid secret key.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the Secret or its
+                                      key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          bearerTokenSecret:
+                            description: The secret's key that contains the bearer
+                              token to be used by the client for authentication. The
+                              secret needs to be in the same namespace as the Alertmanager
+                              object and accessible by the Prometheus Operator.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          followRedirects:
+                            description: FollowRedirects specifies whether the client
+                              should follow HTTP 3xx redirects.
+                            type: boolean
+                          oauth2:
+                            description: OAuth2 client credentials used to fetch a
+                              token for the targets.
+                            properties:
+                              clientId:
+                                description: The secret or configmap containing the
+                                  OAuth2 client id
+                                properties:
+                                  configMap:
+                                    description: ConfigMap containing data to use
+                                      for the targets.
+                                    properties:
+                                      key:
+                                        description: The key to select.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the ConfigMap
+                                          or its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secret:
+                                    description: Secret containing data to use for
+                                      the targets.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              clientSecret:
+                                description: The secret containing the OAuth2 client
+                                  secret
+                                properties:
+                                  key:
+                                    description: The key of the secret to select from.  Must
+                                      be a valid secret key.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the Secret or its
+                                      key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              endpointParams:
+                                additionalProperties:
+                                  type: string
+                                description: Parameters to append to the token URL
+                                type: object
+                              scopes:
+                                description: OAuth2 scopes used for the token request
+                                items:
+                                  type: string
+                                type: array
+                              tokenUrl:
+                                description: The URL to fetch the token from
+                                minLength: 1
+                                type: string
+                            required:
+                            - clientId
+                            - clientSecret
+                            - tokenUrl
+                            type: object
+                          proxyURL:
+                            description: Optional proxy URL.
+                            type: string
+                          tlsConfig:
+                            description: TLS configuration for the client.
+                            properties:
+                              ca:
+                                description: Certificate authority used when verifying
+                                  server certificates.
+                                properties:
+                                  configMap:
+                                    description: ConfigMap containing data to use
+                                      for the targets.
+                                    properties:
+                                      key:
+                                        description: The key to select.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the ConfigMap
+                                          or its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secret:
+                                    description: Secret containing data to use for
+                                      the targets.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              cert:
+                                description: Client certificate to present when doing
+                                  client-authentication.
+                                properties:
+                                  configMap:
+                                    description: ConfigMap containing data to use
+                                      for the targets.
+                                    properties:
+                                      key:
+                                        description: The key to select.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the ConfigMap
+                                          or its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secret:
+                                    description: Secret containing data to use for
+                                      the targets.
+                                    properties:
+                                      key:
+                                        description: The key of the secret to select
+                                          from.  Must be a valid secret key.
+                                        type: string
+                                      name:
+                                        description: 'Name of the referent. More info:
+                                          https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                          TODO: Add other useful fields. apiVersion,
+                                          kind, uid?'
+                                        type: string
+                                      optional:
+                                        description: Specify whether the Secret or
+                                          its key must be defined
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              insecureSkipVerify:
+                                description: Disable target certificate validation.
+                                type: boolean
+                              keySecret:
+                                description: Secret containing the client key file
+                                  for the targets.
+                                properties:
+                                  key:
+                                    description: The key of the secret to select from.  Must
+                                      be a valid secret key.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the Secret or its
+                                      key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              serverName:
+                                description: Used to verify the hostname for the targets.
+                                type: string
+                            type: object
+                        type: object
+                      resolveTimeout:
+                        description: ResolveTimeout is the default value used by alertmanager
+                          if the alert does not include EndsAt, after this time passes
+                          it can declare the alert as resolved if it has not been
+                          updated. This has no impact on alerts from Prometheus, as
+                          they always include EndsAt.
+                        pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                        type: string
+                    type: object
+                  name:
+                    description: The name of the AlertmanagerConfig resource which
+                      is used to generate the Alertmanager configuration. It must
+                      be defined in the same namespace as the Alertmanager object.
+                      The operator will not enforce a `namespace` label for routes
+                      and inhibition rules.
+                    minLength: 1
+                    type: string
+                  templates:
+                    description: Custom notification templates.
+                    items:
+                      description: SecretOrConfigMap allows to specify data as a Secret
+                        or ConfigMap. Fields are mutually exclusive.
+                      properties:
+                        configMap:
+                          description: ConfigMap containing data to use for the targets.
+                          properties:
+                            key:
+                              description: The key to select.
+                              type: string
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                            optional:
+                              description: Specify whether the ConfigMap or its key
+                                must be defined
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        secret:
+                          description: Secret containing data to use for the targets.
+                          properties:
+                            key:
+                              description: The key of the secret to select from.  Must
+                                be a valid secret key.
+                              type: string
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                            optional:
+                              description: Specify whether the Secret or its key must
+                                be defined
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                      type: object
+                    type: array
+                type: object
+              baseImage:
+                description: 'Base image that is used to deploy pods, without tag.
+                  Deprecated: use ''image'' instead'
+                type: string
+              clusterAdvertiseAddress:
+                description: 'ClusterAdvertiseAddress is the explicit address to advertise
+                  in cluster. Needs to be provided for non RFC1918 [1] (public) addresses.
+                  [1] RFC1918: https://tools.ietf.org/html/rfc1918'
+                type: string
+              clusterGossipInterval:
+                description: Interval between gossip attempts.
+                pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                type: string
+              clusterPeerTimeout:
+                description: Timeout for cluster peering.
+                pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                type: string
+              clusterPushpullInterval:
+                description: Interval between pushpull attempts.
+                pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                type: string
+              configMaps:
+                description: ConfigMaps is a list of ConfigMaps in the same namespace
+                  as the Alertmanager object, which shall be mounted into the Alertmanager
+                  Pods. Each ConfigMap is added to the StatefulSet definition as a
+                  volume named `configmap-<configmap-name>`. The ConfigMaps are mounted
+                  into `/etc/alertmanager/configmaps/<configmap-name>` in the 'alertmanager'
+                  container.
+                items:
+                  type: string
+                type: array
+              configSecret:
+                description: "ConfigSecret is the name of a Kubernetes Secret in the
+                  same namespace as the Alertmanager object, which contains the configuration
+                  for this Alertmanager instance. If empty, it defaults to `alertmanager-<alertmanager-name>`.
+                  \n The Alertmanager configuration should be available under the
+                  `alertmanager.yaml` key. Additional keys from the original secret
+                  are copied to the generated secret and mounted into the `/etc/alertmanager/config`
+                  directory in the `alertmanager` container. \n If either the secret
+                  or the `alertmanager.yaml` key is missing, the operator provisions
+                  a minimal Alertmanager configuration with one empty receiver (effectively
+                  dropping alert notifications)."
+                type: string
+              containers:
+                description: 'Containers allows injecting additional containers. This
+                  is meant to allow adding an authentication proxy to an Alertmanager
+                  pod. Containers described here modify an operator generated container
+                  if they share the same name and modifications are done via a strategic
+                  merge patch. The current container names are: `alertmanager` and
+                  `config-reloader`. Overriding containers is entirely outside the
+                  scope of what the maintainers will support and by doing so, you
+                  accept that this behaviour may break at any time without notice.'
+                items:
+                  description: A single application container that you want to run
+                    within a pod.
+                  properties:
+                    args:
+                      description: 'Arguments to the entrypoint. The container image''s
+                        CMD is used if this is not provided. Variable references $(VAR_NAME)
+                        are expanded using the container''s environment. If a variable
+                        cannot be resolved, the reference in the input string will
+                        be unchanged. Double $$ are reduced to a single $, which allows
+                        for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
+                        produce the string literal "$(VAR_NAME)". Escaped references
+                        will never be expanded, regardless of whether the variable
+                        exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+                      items:
+                        type: string
+                      type: array
+                    command:
+                      description: 'Entrypoint array. Not executed within a shell.
+                        The container image''s ENTRYPOINT is used if this is not provided.
+                        Variable references $(VAR_NAME) are expanded using the container''s
+                        environment. If a variable cannot be resolved, the reference
+                        in the input string will be unchanged. Double $$ are reduced
+                        to a single $, which allows for escaping the $(VAR_NAME) syntax:
+                        i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
+                        Escaped references will never be expanded, regardless of whether
+                        the variable exists or not. Cannot be updated. More info:
+                        https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+                      items:
+                        type: string
+                      type: array
+                    env:
+                      description: List of environment variables to set in the container.
+                        Cannot be updated.
+                      items:
+                        description: EnvVar represents an environment variable present
+                          in a Container.
+                        properties:
+                          name:
+                            description: Name of the environment variable. Must be
+                              a C_IDENTIFIER.
+                            type: string
+                          value:
+                            description: 'Variable references $(VAR_NAME) are expanded
+                              using the previously defined environment variables in
+                              the container and any service environment variables.
+                              If a variable cannot be resolved, the reference in the
+                              input string will be unchanged. Double $$ are reduced
+                              to a single $, which allows for escaping the $(VAR_NAME)
+                              syntax: i.e. "$$(VAR_NAME)" will produce the string
+                              literal "$(VAR_NAME)". Escaped references will never
+                              be expanded, regardless of whether the variable exists
+                              or not. Defaults to "".'
+                            type: string
+                          valueFrom:
+                            description: Source for the environment variable's value.
+                              Cannot be used if value is not empty.
+                            properties:
+                              configMapKeyRef:
+                                description: Selects a key of a ConfigMap.
+                                properties:
+                                  key:
+                                    description: The key to select.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the ConfigMap or
+                                      its key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              fieldRef:
+                                description: 'Selects a field of the pod: supports
+                                  metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`,
+                                  `metadata.annotations[''<KEY>'']`, spec.nodeName,
+                                  spec.serviceAccountName, status.hostIP, status.podIP,
+                                  status.podIPs.'
+                                properties:
+                                  apiVersion:
+                                    description: Version of the schema the FieldPath
+                                      is written in terms of, defaults to "v1".
+                                    type: string
+                                  fieldPath:
+                                    description: Path of the field to select in the
+                                      specified API version.
+                                    type: string
+                                required:
+                                - fieldPath
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              resourceFieldRef:
+                                description: 'Selects a resource of the container:
+                                  only resources limits and requests (limits.cpu,
+                                  limits.memory, limits.ephemeral-storage, requests.cpu,
+                                  requests.memory and requests.ephemeral-storage)
+                                  are currently supported.'
+                                properties:
+                                  containerName:
+                                    description: 'Container name: required for volumes,
+                                      optional for env vars'
+                                    type: string
+                                  divisor:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    description: Specifies the output format of the
+                                      exposed resources, defaults to "1"
+                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                    x-kubernetes-int-or-string: true
+                                  resource:
+                                    description: 'Required: resource to select'
+                                    type: string
+                                required:
+                                - resource
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              secretKeyRef:
+                                description: Selects a key of a secret in the pod's
+                                  namespace
+                                properties:
+                                  key:
+                                    description: The key of the secret to select from.  Must
+                                      be a valid secret key.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the Secret or its
+                                      key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        required:
+                        - name
+                        type: object
+                      type: array
+                    envFrom:
+                      description: List of sources to populate environment variables
+                        in the container. The keys defined within a source must be
+                        a C_IDENTIFIER. All invalid keys will be reported as an event
+                        when the container is starting. When a key exists in multiple
+                        sources, the value associated with the last source will take
+                        precedence. Values defined by an Env with a duplicate key
+                        will take precedence. Cannot be updated.
+                      items:
+                        description: EnvFromSource represents the source of a set
+                          of ConfigMaps
+                        properties:
+                          configMapRef:
+                            description: The ConfigMap to select from
+                            properties:
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the ConfigMap must be
+                                  defined
+                                type: boolean
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          prefix:
+                            description: An optional identifier to prepend to each
+                              key in the ConfigMap. Must be a C_IDENTIFIER.
+                            type: string
+                          secretRef:
+                            description: The Secret to select from
+                            properties:
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret must be defined
+                                type: boolean
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      type: array
+                    image:
+                      description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images
+                        This field is optional to allow higher level config management
+                        to default or override container images in workload controllers
+                        like Deployments and StatefulSets.'
+                      type: string
+                    imagePullPolicy:
+                      description: 'Image pull policy. One of Always, Never, IfNotPresent.
+                        Defaults to Always if :latest tag is specified, or IfNotPresent
+                        otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
+                      type: string
+                    lifecycle:
+                      description: Actions that the management system should take
+                        in response to container lifecycle events. Cannot be updated.
+                      properties:
+                        postStart:
+                          description: 'PostStart is called immediately after a container
+                            is created. If the handler fails, the container is terminated
+                            and restarted according to its restart policy. Other management
+                            of the container blocks until the hook completes. More
+                            info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
+                          properties:
+                            exec:
+                              description: Exec specifies the action to take.
+                              properties:
+                                command:
+                                  description: Command is the command line to execute
+                                    inside the container, the working directory for
+                                    the command  is root ('/') in the container's
+                                    filesystem. The command is simply exec'd, it is
+                                    not run inside a shell, so traditional shell instructions
+                                    ('|', etc) won't work. To use a shell, you need
+                                    to explicitly call out to that shell. Exit status
+                                    of 0 is treated as live/healthy and non-zero is
+                                    unhealthy.
+                                  items:
+                                    type: string
+                                  type: array
+                              type: object
+                            httpGet:
+                              description: HTTPGet specifies the http request to perform.
+                              properties:
+                                host:
+                                  description: Host name to connect to, defaults to
+                                    the pod IP. You probably want to set "Host" in
+                                    httpHeaders instead.
+                                  type: string
+                                httpHeaders:
+                                  description: Custom headers to set in the request.
+                                    HTTP allows repeated headers.
+                                  items:
+                                    description: HTTPHeader describes a custom header
+                                      to be used in HTTP probes
+                                    properties:
+                                      name:
+                                        description: The header field name
+                                        type: string
+                                      value:
+                                        description: The header field value
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                path:
+                                  description: Path to access on the HTTP server.
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Name or number of the port to access
+                                    on the container. Number must be in the range
+                                    1 to 65535. Name must be an IANA_SVC_NAME.
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  description: Scheme to use for connecting to the
+                                    host. Defaults to HTTP.
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            tcpSocket:
+                              description: Deprecated. TCPSocket is NOT supported
+                                as a LifecycleHandler and kept for the backward compatibility.
+                                There are no validation of this field and lifecycle
+                                hooks will fail in runtime when tcp handler is specified.
+                              properties:
+                                host:
+                                  description: 'Optional: Host name to connect to,
+                                    defaults to the pod IP.'
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Number or name of the port to access
+                                    on the container. Number must be in the range
+                                    1 to 65535. Name must be an IANA_SVC_NAME.
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                          type: object
+                        preStop:
+                          description: 'PreStop is called immediately before a container
+                            is terminated due to an API request or management event
+                            such as liveness/startup probe failure, preemption, resource
+                            contention, etc. The handler is not called if the container
+                            crashes or exits. The Pod''s termination grace period
+                            countdown begins before the PreStop hook is executed.
+                            Regardless of the outcome of the handler, the container
+                            will eventually terminate within the Pod''s termination
+                            grace period (unless delayed by finalizers). Other management
+                            of the container blocks until the hook completes or until
+                            the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
+                          properties:
+                            exec:
+                              description: Exec specifies the action to take.
+                              properties:
+                                command:
+                                  description: Command is the command line to execute
+                                    inside the container, the working directory for
+                                    the command  is root ('/') in the container's
+                                    filesystem. The command is simply exec'd, it is
+                                    not run inside a shell, so traditional shell instructions
+                                    ('|', etc) won't work. To use a shell, you need
+                                    to explicitly call out to that shell. Exit status
+                                    of 0 is treated as live/healthy and non-zero is
+                                    unhealthy.
+                                  items:
+                                    type: string
+                                  type: array
+                              type: object
+                            httpGet:
+                              description: HTTPGet specifies the http request to perform.
+                              properties:
+                                host:
+                                  description: Host name to connect to, defaults to
+                                    the pod IP. You probably want to set "Host" in
+                                    httpHeaders instead.
+                                  type: string
+                                httpHeaders:
+                                  description: Custom headers to set in the request.
+                                    HTTP allows repeated headers.
+                                  items:
+                                    description: HTTPHeader describes a custom header
+                                      to be used in HTTP probes
+                                    properties:
+                                      name:
+                                        description: The header field name
+                                        type: string
+                                      value:
+                                        description: The header field value
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                path:
+                                  description: Path to access on the HTTP server.
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Name or number of the port to access
+                                    on the container. Number must be in the range
+                                    1 to 65535. Name must be an IANA_SVC_NAME.
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  description: Scheme to use for connecting to the
+                                    host. Defaults to HTTP.
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            tcpSocket:
+                              description: Deprecated. TCPSocket is NOT supported
+                                as a LifecycleHandler and kept for the backward compatibility.
+                                There are no validation of this field and lifecycle
+                                hooks will fail in runtime when tcp handler is specified.
+                              properties:
+                                host:
+                                  description: 'Optional: Host name to connect to,
+                                    defaults to the pod IP.'
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Number or name of the port to access
+                                    on the container. Number must be in the range
+                                    1 to 65535. Name must be an IANA_SVC_NAME.
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                          type: object
+                      type: object
+                    livenessProbe:
+                      description: 'Periodic probe of container liveness. Container
+                        will be restarted if the probe fails. Cannot be updated. More
+                        info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                      properties:
+                        exec:
+                          description: Exec specifies the action to take.
+                          properties:
+                            command:
+                              description: Command is the command line to execute
+                                inside the container, the working directory for the
+                                command  is root ('/') in the container's filesystem.
+                                The command is simply exec'd, it is not run inside
+                                a shell, so traditional shell instructions ('|', etc)
+                                won't work. To use a shell, you need to explicitly
+                                call out to that shell. Exit status of 0 is treated
+                                as live/healthy and non-zero is unhealthy.
+                              items:
+                                type: string
+                              type: array
+                          type: object
+                        failureThreshold:
+                          description: Minimum consecutive failures for the probe
+                            to be considered failed after having succeeded. Defaults
+                            to 3. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        grpc:
+                          description: GRPC specifies an action involving a GRPC port.
+                            This is a beta field and requires enabling GRPCContainerProbe
+                            feature gate.
+                          properties:
+                            port:
+                              description: Port number of the gRPC service. Number
+                                must be in the range 1 to 65535.
+                              format: int32
+                              type: integer
+                            service:
+                              description: "Service is the name of the service to
+                                place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+                                \n If this is not specified, the default behavior
+                                is defined by gRPC."
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          description: HTTPGet specifies the http request to perform.
+                          properties:
+                            host:
+                              description: Host name to connect to, defaults to the
+                                pod IP. You probably want to set "Host" in httpHeaders
+                                instead.
+                              type: string
+                            httpHeaders:
+                              description: Custom headers to set in the request. HTTP
+                                allows repeated headers.
+                              items:
+                                description: HTTPHeader describes a custom header
+                                  to be used in HTTP probes
+                                properties:
+                                  name:
+                                    description: The header field name
+                                    type: string
+                                  value:
+                                    description: The header field value
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                            path:
+                              description: Path to access on the HTTP server.
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Name or number of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              description: Scheme to use for connecting to the host.
+                                Defaults to HTTP.
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          description: 'Number of seconds after the container has
+                            started before liveness probes are initiated. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          description: How often (in seconds) to perform the probe.
+                            Default to 10 seconds. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          description: Minimum consecutive successes for the probe
+                            to be considered successful after having failed. Defaults
+                            to 1. Must be 1 for liveness and startup. Minimum value
+                            is 1.
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          description: TCPSocket specifies an action involving a TCP
+                            port.
+                          properties:
+                            host:
+                              description: 'Optional: Host name to connect to, defaults
+                                to the pod IP.'
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Number or name of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          description: Optional duration in seconds the pod needs
+                            to terminate gracefully upon probe failure. The grace
+                            period is the duration in seconds after the processes
+                            running in the pod are sent a termination signal and the
+                            time when the processes are forcibly halted with a kill
+                            signal. Set this value longer than the expected cleanup
+                            time for your process. If this value is nil, the pod's
+                            terminationGracePeriodSeconds will be used. Otherwise,
+                            this value overrides the value provided by the pod spec.
+                            Value must be non-negative integer. The value zero indicates
+                            stop immediately via the kill signal (no opportunity to
+                            shut down). This is a beta field and requires enabling
+                            ProbeTerminationGracePeriod feature gate. Minimum value
+                            is 1. spec.terminationGracePeriodSeconds is used if unset.
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          description: 'Number of seconds after which the probe times
+                            out. Defaults to 1 second. Minimum value is 1. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                      type: object
+                    name:
+                      description: Name of the container specified as a DNS_LABEL.
+                        Each container in a pod must have a unique name (DNS_LABEL).
+                        Cannot be updated.
+                      type: string
+                    ports:
+                      description: List of ports to expose from the container. Not
+                        specifying a port here DOES NOT prevent that port from being
+                        exposed. Any port which is listening on the default "0.0.0.0"
+                        address inside a container will be accessible from the network.
+                        Modifying this array with strategic merge patch may corrupt
+                        the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255.
+                        Cannot be updated.
+                      items:
+                        description: ContainerPort represents a network port in a
+                          single container.
+                        properties:
+                          containerPort:
+                            description: Number of port to expose on the pod's IP
+                              address. This must be a valid port number, 0 < x < 65536.
+                            format: int32
+                            type: integer
+                          hostIP:
+                            description: What host IP to bind the external port to.
+                            type: string
+                          hostPort:
+                            description: Number of port to expose on the host. If
+                              specified, this must be a valid port number, 0 < x <
+                              65536. If HostNetwork is specified, this must match
+                              ContainerPort. Most containers do not need this.
+                            format: int32
+                            type: integer
+                          name:
+                            description: If specified, this must be an IANA_SVC_NAME
+                              and unique within the pod. Each named port in a pod
+                              must have a unique name. Name for the port that can
+                              be referred to by services.
+                            type: string
+                          protocol:
+                            default: TCP
+                            description: Protocol for port. Must be UDP, TCP, or SCTP.
+                              Defaults to "TCP".
+                            type: string
+                        required:
+                        - containerPort
+                        type: object
+                      type: array
+                      x-kubernetes-list-map-keys:
+                      - containerPort
+                      - protocol
+                      x-kubernetes-list-type: map
+                    readinessProbe:
+                      description: 'Periodic probe of container service readiness.
+                        Container will be removed from service endpoints if the probe
+                        fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                      properties:
+                        exec:
+                          description: Exec specifies the action to take.
+                          properties:
+                            command:
+                              description: Command is the command line to execute
+                                inside the container, the working directory for the
+                                command  is root ('/') in the container's filesystem.
+                                The command is simply exec'd, it is not run inside
+                                a shell, so traditional shell instructions ('|', etc)
+                                won't work. To use a shell, you need to explicitly
+                                call out to that shell. Exit status of 0 is treated
+                                as live/healthy and non-zero is unhealthy.
+                              items:
+                                type: string
+                              type: array
+                          type: object
+                        failureThreshold:
+                          description: Minimum consecutive failures for the probe
+                            to be considered failed after having succeeded. Defaults
+                            to 3. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        grpc:
+                          description: GRPC specifies an action involving a GRPC port.
+                            This is a beta field and requires enabling GRPCContainerProbe
+                            feature gate.
+                          properties:
+                            port:
+                              description: Port number of the gRPC service. Number
+                                must be in the range 1 to 65535.
+                              format: int32
+                              type: integer
+                            service:
+                              description: "Service is the name of the service to
+                                place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+                                \n If this is not specified, the default behavior
+                                is defined by gRPC."
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          description: HTTPGet specifies the http request to perform.
+                          properties:
+                            host:
+                              description: Host name to connect to, defaults to the
+                                pod IP. You probably want to set "Host" in httpHeaders
+                                instead.
+                              type: string
+                            httpHeaders:
+                              description: Custom headers to set in the request. HTTP
+                                allows repeated headers.
+                              items:
+                                description: HTTPHeader describes a custom header
+                                  to be used in HTTP probes
+                                properties:
+                                  name:
+                                    description: The header field name
+                                    type: string
+                                  value:
+                                    description: The header field value
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                            path:
+                              description: Path to access on the HTTP server.
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Name or number of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              description: Scheme to use for connecting to the host.
+                                Defaults to HTTP.
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          description: 'Number of seconds after the container has
+                            started before liveness probes are initiated. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          description: How often (in seconds) to perform the probe.
+                            Default to 10 seconds. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          description: Minimum consecutive successes for the probe
+                            to be considered successful after having failed. Defaults
+                            to 1. Must be 1 for liveness and startup. Minimum value
+                            is 1.
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          description: TCPSocket specifies an action involving a TCP
+                            port.
+                          properties:
+                            host:
+                              description: 'Optional: Host name to connect to, defaults
+                                to the pod IP.'
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Number or name of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          description: Optional duration in seconds the pod needs
+                            to terminate gracefully upon probe failure. The grace
+                            period is the duration in seconds after the processes
+                            running in the pod are sent a termination signal and the
+                            time when the processes are forcibly halted with a kill
+                            signal. Set this value longer than the expected cleanup
+                            time for your process. If this value is nil, the pod's
+                            terminationGracePeriodSeconds will be used. Otherwise,
+                            this value overrides the value provided by the pod spec.
+                            Value must be non-negative integer. The value zero indicates
+                            stop immediately via the kill signal (no opportunity to
+                            shut down). This is a beta field and requires enabling
+                            ProbeTerminationGracePeriod feature gate. Minimum value
+                            is 1. spec.terminationGracePeriodSeconds is used if unset.
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          description: 'Number of seconds after which the probe times
+                            out. Defaults to 1 second. Minimum value is 1. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                      type: object
+                    resources:
+                      description: 'Compute Resources required by this container.
+                        Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                      properties:
+                        claims:
+                          description: "Claims lists the names of resources, defined
+                            in spec.resourceClaims, that are used by this container.
+                            \n This is an alpha field and requires enabling the DynamicResourceAllocation
+                            feature gate. \n This field is immutable."
+                          items:
+                            description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+                            properties:
+                              name:
+                                description: Name must match the name of one entry
+                                  in pod.spec.resourceClaims of the Pod where this
+                                  field is used. It makes that resource available
+                                  inside a container.
+                                type: string
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        limits:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          description: 'Limits describes the maximum amount of compute
+                            resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                          type: object
+                        requests:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          description: 'Requests describes the minimum amount of compute
+                            resources required. If Requests is omitted for a container,
+                            it defaults to Limits if that is explicitly specified,
+                            otherwise to an implementation-defined value. More info:
+                            https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                          type: object
+                      type: object
+                    securityContext:
+                      description: 'SecurityContext defines the security options the
+                        container should be run with. If set, the fields of SecurityContext
+                        override the equivalent fields of PodSecurityContext. More
+                        info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
+                      properties:
+                        allowPrivilegeEscalation:
+                          description: 'AllowPrivilegeEscalation controls whether
+                            a process can gain more privileges than its parent process.
+                            This bool directly controls if the no_new_privs flag will
+                            be set on the container process. AllowPrivilegeEscalation
+                            is true always when the container is: 1) run as Privileged
+                            2) has CAP_SYS_ADMIN Note that this field cannot be set
+                            when spec.os.name is windows.'
+                          type: boolean
+                        capabilities:
+                          description: The capabilities to add/drop when running containers.
+                            Defaults to the default set of capabilities granted by
+                            the container runtime. Note that this field cannot be
+                            set when spec.os.name is windows.
+                          properties:
+                            add:
+                              description: Added capabilities
+                              items:
+                                description: Capability represent POSIX capabilities
+                                  type
+                                type: string
+                              type: array
+                            drop:
+                              description: Removed capabilities
+                              items:
+                                description: Capability represent POSIX capabilities
+                                  type
+                                type: string
+                              type: array
+                          type: object
+                        privileged:
+                          description: Run container in privileged mode. Processes
+                            in privileged containers are essentially equivalent to
+                            root on the host. Defaults to false. Note that this field
+                            cannot be set when spec.os.name is windows.
+                          type: boolean
+                        procMount:
+                          description: procMount denotes the type of proc mount to
+                            use for the containers. The default is DefaultProcMount
+                            which uses the container runtime defaults for readonly
+                            paths and masked paths. This requires the ProcMountType
+                            feature flag to be enabled. Note that this field cannot
+                            be set when spec.os.name is windows.
+                          type: string
+                        readOnlyRootFilesystem:
+                          description: Whether this container has a read-only root
+                            filesystem. Default is false. Note that this field cannot
+                            be set when spec.os.name is windows.
+                          type: boolean
+                        runAsGroup:
+                          description: The GID to run the entrypoint of the container
+                            process. Uses runtime default if unset. May also be set
+                            in PodSecurityContext.  If set in both SecurityContext
+                            and PodSecurityContext, the value specified in SecurityContext
+                            takes precedence. Note that this field cannot be set when
+                            spec.os.name is windows.
+                          format: int64
+                          type: integer
+                        runAsNonRoot:
+                          description: Indicates that the container must run as a
+                            non-root user. If true, the Kubelet will validate the
+                            image at runtime to ensure that it does not run as UID
+                            0 (root) and fail to start the container if it does. If
+                            unset or false, no such validation will be performed.
+                            May also be set in PodSecurityContext.  If set in both
+                            SecurityContext and PodSecurityContext, the value specified
+                            in SecurityContext takes precedence.
+                          type: boolean
+                        runAsUser:
+                          description: The UID to run the entrypoint of the container
+                            process. Defaults to user specified in image metadata
+                            if unspecified. May also be set in PodSecurityContext.  If
+                            set in both SecurityContext and PodSecurityContext, the
+                            value specified in SecurityContext takes precedence. Note
+                            that this field cannot be set when spec.os.name is windows.
+                          format: int64
+                          type: integer
+                        seLinuxOptions:
+                          description: The SELinux context to be applied to the container.
+                            If unspecified, the container runtime will allocate a
+                            random SELinux context for each container.  May also be
+                            set in PodSecurityContext.  If set in both SecurityContext
+                            and PodSecurityContext, the value specified in SecurityContext
+                            takes precedence. Note that this field cannot be set when
+                            spec.os.name is windows.
+                          properties:
+                            level:
+                              description: Level is SELinux level label that applies
+                                to the container.
+                              type: string
+                            role:
+                              description: Role is a SELinux role label that applies
+                                to the container.
+                              type: string
+                            type:
+                              description: Type is a SELinux type label that applies
+                                to the container.
+                              type: string
+                            user:
+                              description: User is a SELinux user label that applies
+                                to the container.
+                              type: string
+                          type: object
+                        seccompProfile:
+                          description: The seccomp options to use by this container.
+                            If seccomp options are provided at both the pod & container
+                            level, the container options override the pod options.
+                            Note that this field cannot be set when spec.os.name is
+                            windows.
+                          properties:
+                            localhostProfile:
+                              description: localhostProfile indicates a profile defined
+                                in a file on the node should be used. The profile
+                                must be preconfigured on the node to work. Must be
+                                a descending path, relative to the kubelet's configured
+                                seccomp profile location. Must only be set if type
+                                is "Localhost".
+                              type: string
+                            type:
+                              description: "type indicates which kind of seccomp profile
+                                will be applied. Valid options are: \n Localhost -
+                                a profile defined in a file on the node should be
+                                used. RuntimeDefault - the container runtime default
+                                profile should be used. Unconfined - no profile should
+                                be applied."
+                              type: string
+                          required:
+                          - type
+                          type: object
+                        windowsOptions:
+                          description: The Windows specific settings applied to all
+                            containers. If unspecified, the options from the PodSecurityContext
+                            will be used. If set in both SecurityContext and PodSecurityContext,
+                            the value specified in SecurityContext takes precedence.
+                            Note that this field cannot be set when spec.os.name is
+                            linux.
+                          properties:
+                            gmsaCredentialSpec:
+                              description: GMSACredentialSpec is where the GMSA admission
+                                webhook (https://github.com/kubernetes-sigs/windows-gmsa)
+                                inlines the contents of the GMSA credential spec named
+                                by the GMSACredentialSpecName field.
+                              type: string
+                            gmsaCredentialSpecName:
+                              description: GMSACredentialSpecName is the name of the
+                                GMSA credential spec to use.
+                              type: string
+                            hostProcess:
+                              description: HostProcess determines if a container should
+                                be run as a 'Host Process' container. This field is
+                                alpha-level and will only be honored by components
+                                that enable the WindowsHostProcessContainers feature
+                                flag. Setting this field without the feature flag
+                                will result in errors when validating the Pod. All
+                                of a Pod's containers must have the same effective
+                                HostProcess value (it is not allowed to have a mix
+                                of HostProcess containers and non-HostProcess containers).  In
+                                addition, if HostProcess is true then HostNetwork
+                                must also be set to true.
+                              type: boolean
+                            runAsUserName:
+                              description: The UserName in Windows to run the entrypoint
+                                of the container process. Defaults to the user specified
+                                in image metadata if unspecified. May also be set
+                                in PodSecurityContext. If set in both SecurityContext
+                                and PodSecurityContext, the value specified in SecurityContext
+                                takes precedence.
+                              type: string
+                          type: object
+                      type: object
+                    startupProbe:
+                      description: 'StartupProbe indicates that the Pod has successfully
+                        initialized. If specified, no other probes are executed until
+                        this completes successfully. If this probe fails, the Pod
+                        will be restarted, just as if the livenessProbe failed. This
+                        can be used to provide different probe parameters at the beginning
+                        of a Pod''s lifecycle, when it might take a long time to load
+                        data or warm a cache, than during steady-state operation.
+                        This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                      properties:
+                        exec:
+                          description: Exec specifies the action to take.
+                          properties:
+                            command:
+                              description: Command is the command line to execute
+                                inside the container, the working directory for the
+                                command  is root ('/') in the container's filesystem.
+                                The command is simply exec'd, it is not run inside
+                                a shell, so traditional shell instructions ('|', etc)
+                                won't work. To use a shell, you need to explicitly
+                                call out to that shell. Exit status of 0 is treated
+                                as live/healthy and non-zero is unhealthy.
+                              items:
+                                type: string
+                              type: array
+                          type: object
+                        failureThreshold:
+                          description: Minimum consecutive failures for the probe
+                            to be considered failed after having succeeded. Defaults
+                            to 3. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        grpc:
+                          description: GRPC specifies an action involving a GRPC port.
+                            This is a beta field and requires enabling GRPCContainerProbe
+                            feature gate.
+                          properties:
+                            port:
+                              description: Port number of the gRPC service. Number
+                                must be in the range 1 to 65535.
+                              format: int32
+                              type: integer
+                            service:
+                              description: "Service is the name of the service to
+                                place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+                                \n If this is not specified, the default behavior
+                                is defined by gRPC."
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          description: HTTPGet specifies the http request to perform.
+                          properties:
+                            host:
+                              description: Host name to connect to, defaults to the
+                                pod IP. You probably want to set "Host" in httpHeaders
+                                instead.
+                              type: string
+                            httpHeaders:
+                              description: Custom headers to set in the request. HTTP
+                                allows repeated headers.
+                              items:
+                                description: HTTPHeader describes a custom header
+                                  to be used in HTTP probes
+                                properties:
+                                  name:
+                                    description: The header field name
+                                    type: string
+                                  value:
+                                    description: The header field value
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                            path:
+                              description: Path to access on the HTTP server.
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Name or number of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              description: Scheme to use for connecting to the host.
+                                Defaults to HTTP.
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          description: 'Number of seconds after the container has
+                            started before liveness probes are initiated. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          description: How often (in seconds) to perform the probe.
+                            Default to 10 seconds. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          description: Minimum consecutive successes for the probe
+                            to be considered successful after having failed. Defaults
+                            to 1. Must be 1 for liveness and startup. Minimum value
+                            is 1.
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          description: TCPSocket specifies an action involving a TCP
+                            port.
+                          properties:
+                            host:
+                              description: 'Optional: Host name to connect to, defaults
+                                to the pod IP.'
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Number or name of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          description: Optional duration in seconds the pod needs
+                            to terminate gracefully upon probe failure. The grace
+                            period is the duration in seconds after the processes
+                            running in the pod are sent a termination signal and the
+                            time when the processes are forcibly halted with a kill
+                            signal. Set this value longer than the expected cleanup
+                            time for your process. If this value is nil, the pod's
+                            terminationGracePeriodSeconds will be used. Otherwise,
+                            this value overrides the value provided by the pod spec.
+                            Value must be non-negative integer. The value zero indicates
+                            stop immediately via the kill signal (no opportunity to
+                            shut down). This is a beta field and requires enabling
+                            ProbeTerminationGracePeriod feature gate. Minimum value
+                            is 1. spec.terminationGracePeriodSeconds is used if unset.
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          description: 'Number of seconds after which the probe times
+                            out. Defaults to 1 second. Minimum value is 1. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                      type: object
+                    stdin:
+                      description: Whether this container should allocate a buffer
+                        for stdin in the container runtime. If this is not set, reads
+                        from stdin in the container will always result in EOF. Default
+                        is false.
+                      type: boolean
+                    stdinOnce:
+                      description: Whether the container runtime should close the
+                        stdin channel after it has been opened by a single attach.
+                        When stdin is true the stdin stream will remain open across
+                        multiple attach sessions. If stdinOnce is set to true, stdin
+                        is opened on container start, is empty until the first client
+                        attaches to stdin, and then remains open and accepts data
+                        until the client disconnects, at which time stdin is closed
+                        and remains closed until the container is restarted. If this
+                        flag is false, a container processes that reads from stdin
+                        will never receive an EOF. Default is false
+                      type: boolean
+                    terminationMessagePath:
+                      description: 'Optional: Path at which the file to which the
+                        container''s termination message will be written is mounted
+                        into the container''s filesystem. Message written is intended
+                        to be brief final status, such as an assertion failure message.
+                        Will be truncated by the node if greater than 4096 bytes.
+                        The total message length across all containers will be limited
+                        to 12kb. Defaults to /dev/termination-log. Cannot be updated.'
+                      type: string
+                    terminationMessagePolicy:
+                      description: Indicate how the termination message should be
+                        populated. File will use the contents of terminationMessagePath
+                        to populate the container status message on both success and
+                        failure. FallbackToLogsOnError will use the last chunk of
+                        container log output if the termination message file is empty
+                        and the container exited with an error. The log output is
+                        limited to 2048 bytes or 80 lines, whichever is smaller. Defaults
+                        to File. Cannot be updated.
+                      type: string
+                    tty:
+                      description: Whether this container should allocate a TTY for
+                        itself, also requires 'stdin' to be true. Default is false.
+                      type: boolean
+                    volumeDevices:
+                      description: volumeDevices is the list of block devices to be
+                        used by the container.
+                      items:
+                        description: volumeDevice describes a mapping of a raw block
+                          device within a container.
+                        properties:
+                          devicePath:
+                            description: devicePath is the path inside of the container
+                              that the device will be mapped to.
+                            type: string
+                          name:
+                            description: name must match the name of a persistentVolumeClaim
+                              in the pod
+                            type: string
+                        required:
+                        - devicePath
+                        - name
+                        type: object
+                      type: array
+                    volumeMounts:
+                      description: Pod volumes to mount into the container's filesystem.
+                        Cannot be updated.
+                      items:
+                        description: VolumeMount describes a mounting of a Volume
+                          within a container.
+                        properties:
+                          mountPath:
+                            description: Path within the container at which the volume
+                              should be mounted.  Must not contain ':'.
+                            type: string
+                          mountPropagation:
+                            description: mountPropagation determines how mounts are
+                              propagated from the host to container and the other
+                              way around. When not set, MountPropagationNone is used.
+                              This field is beta in 1.10.
+                            type: string
+                          name:
+                            description: This must match the Name of a Volume.
+                            type: string
+                          readOnly:
+                            description: Mounted read-only if true, read-write otherwise
+                              (false or unspecified). Defaults to false.
+                            type: boolean
+                          subPath:
+                            description: Path within the volume from which the container's
+                              volume should be mounted. Defaults to "" (volume's root).
+                            type: string
+                          subPathExpr:
+                            description: Expanded path within the volume from which
+                              the container's volume should be mounted. Behaves similarly
+                              to SubPath but environment variable references $(VAR_NAME)
+                              are expanded using the container's environment. Defaults
+                              to "" (volume's root). SubPathExpr and SubPath are mutually
+                              exclusive.
+                            type: string
+                        required:
+                        - mountPath
+                        - name
+                        type: object
+                      type: array
+                    workingDir:
+                      description: Container's working directory. If not specified,
+                        the container runtime's default will be used, which might
+                        be configured in the container image. Cannot be updated.
+                      type: string
+                  required:
+                  - name
+                  type: object
+                type: array
+              externalUrl:
+                description: The external URL the Alertmanager instances will be available
+                  under. This is necessary to generate correct URLs. This is necessary
+                  if Alertmanager is not served from root of a DNS name.
+                type: string
+              forceEnableClusterMode:
+                description: ForceEnableClusterMode ensures Alertmanager does not
+                  deactivate the cluster mode when running with a single replica.
+                  Use case is e.g. spanning an Alertmanager cluster across Kubernetes
+                  clusters with a single replica in each.
+                type: boolean
+              hostAliases:
+                description: Pods' hostAliases configuration
+                items:
+                  description: HostAlias holds the mapping between IP and hostnames
+                    that will be injected as an entry in the pod's hosts file.
+                  properties:
+                    hostnames:
+                      description: Hostnames for the above IP address.
+                      items:
+                        type: string
+                      type: array
+                    ip:
+                      description: IP address of the host file entry.
+                      type: string
+                  required:
+                  - hostnames
+                  - ip
+                  type: object
+                type: array
+                x-kubernetes-list-map-keys:
+                - ip
+                x-kubernetes-list-type: map
+              image:
+                description: Image if specified has precedence over baseImage, tag
+                  and sha combinations. Specifying the version is still necessary
+                  to ensure the Prometheus Operator knows what version of Alertmanager
+                  is being configured.
+                type: string
+              imagePullPolicy:
+                description: Image pull policy for the 'alertmanager', 'init-config-reloader'
+                  and 'config-reloader' containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy
+                  for more details.
+                enum:
+                - ""
+                - Always
+                - Never
+                - IfNotPresent
+                type: string
+              imagePullSecrets:
+                description: An optional list of references to secrets in the same
+                  namespace to use for pulling prometheus and alertmanager images
+                  from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
+                items:
+                  description: LocalObjectReference contains enough information to
+                    let you locate the referenced object inside the same namespace.
+                  properties:
+                    name:
+                      description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                        TODO: Add other useful fields. apiVersion, kind, uid?'
+                      type: string
+                  type: object
+                  x-kubernetes-map-type: atomic
+                type: array
+              initContainers:
+                description: 'InitContainers allows adding initContainers to the pod
+                  definition. Those can be used to e.g. fetch secrets for injection
+                  into the Alertmanager configuration from external sources. Any errors
+                  during the execution of an initContainer will lead to a restart
+                  of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
+                  Using initContainers for any use case other then secret fetching
+                  is entirely outside the scope of what the maintainers will support
+                  and by doing so, you accept that this behaviour may break at any
+                  time without notice.'
+                items:
+                  description: A single application container that you want to run
+                    within a pod.
+                  properties:
+                    args:
+                      description: 'Arguments to the entrypoint. The container image''s
+                        CMD is used if this is not provided. Variable references $(VAR_NAME)
+                        are expanded using the container''s environment. If a variable
+                        cannot be resolved, the reference in the input string will
+                        be unchanged. Double $$ are reduced to a single $, which allows
+                        for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
+                        produce the string literal "$(VAR_NAME)". Escaped references
+                        will never be expanded, regardless of whether the variable
+                        exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+                      items:
+                        type: string
+                      type: array
+                    command:
+                      description: 'Entrypoint array. Not executed within a shell.
+                        The container image''s ENTRYPOINT is used if this is not provided.
+                        Variable references $(VAR_NAME) are expanded using the container''s
+                        environment. If a variable cannot be resolved, the reference
+                        in the input string will be unchanged. Double $$ are reduced
+                        to a single $, which allows for escaping the $(VAR_NAME) syntax:
+                        i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
+                        Escaped references will never be expanded, regardless of whether
+                        the variable exists or not. Cannot be updated. More info:
+                        https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+                      items:
+                        type: string
+                      type: array
+                    env:
+                      description: List of environment variables to set in the container.
+                        Cannot be updated.
+                      items:
+                        description: EnvVar represents an environment variable present
+                          in a Container.
+                        properties:
+                          name:
+                            description: Name of the environment variable. Must be
+                              a C_IDENTIFIER.
+                            type: string
+                          value:
+                            description: 'Variable references $(VAR_NAME) are expanded
+                              using the previously defined environment variables in
+                              the container and any service environment variables.
+                              If a variable cannot be resolved, the reference in the
+                              input string will be unchanged. Double $$ are reduced
+                              to a single $, which allows for escaping the $(VAR_NAME)
+                              syntax: i.e. "$$(VAR_NAME)" will produce the string
+                              literal "$(VAR_NAME)". Escaped references will never
+                              be expanded, regardless of whether the variable exists
+                              or not. Defaults to "".'
+                            type: string
+                          valueFrom:
+                            description: Source for the environment variable's value.
+                              Cannot be used if value is not empty.
+                            properties:
+                              configMapKeyRef:
+                                description: Selects a key of a ConfigMap.
+                                properties:
+                                  key:
+                                    description: The key to select.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the ConfigMap or
+                                      its key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              fieldRef:
+                                description: 'Selects a field of the pod: supports
+                                  metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`,
+                                  `metadata.annotations[''<KEY>'']`, spec.nodeName,
+                                  spec.serviceAccountName, status.hostIP, status.podIP,
+                                  status.podIPs.'
+                                properties:
+                                  apiVersion:
+                                    description: Version of the schema the FieldPath
+                                      is written in terms of, defaults to "v1".
+                                    type: string
+                                  fieldPath:
+                                    description: Path of the field to select in the
+                                      specified API version.
+                                    type: string
+                                required:
+                                - fieldPath
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              resourceFieldRef:
+                                description: 'Selects a resource of the container:
+                                  only resources limits and requests (limits.cpu,
+                                  limits.memory, limits.ephemeral-storage, requests.cpu,
+                                  requests.memory and requests.ephemeral-storage)
+                                  are currently supported.'
+                                properties:
+                                  containerName:
+                                    description: 'Container name: required for volumes,
+                                      optional for env vars'
+                                    type: string
+                                  divisor:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    description: Specifies the output format of the
+                                      exposed resources, defaults to "1"
+                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                    x-kubernetes-int-or-string: true
+                                  resource:
+                                    description: 'Required: resource to select'
+                                    type: string
+                                required:
+                                - resource
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              secretKeyRef:
+                                description: Selects a key of a secret in the pod's
+                                  namespace
+                                properties:
+                                  key:
+                                    description: The key of the secret to select from.  Must
+                                      be a valid secret key.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the Secret or its
+                                      key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        required:
+                        - name
+                        type: object
+                      type: array
+                    envFrom:
+                      description: List of sources to populate environment variables
+                        in the container. The keys defined within a source must be
+                        a C_IDENTIFIER. All invalid keys will be reported as an event
+                        when the container is starting. When a key exists in multiple
+                        sources, the value associated with the last source will take
+                        precedence. Values defined by an Env with a duplicate key
+                        will take precedence. Cannot be updated.
+                      items:
+                        description: EnvFromSource represents the source of a set
+                          of ConfigMaps
+                        properties:
+                          configMapRef:
+                            description: The ConfigMap to select from
+                            properties:
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the ConfigMap must be
+                                  defined
+                                type: boolean
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          prefix:
+                            description: An optional identifier to prepend to each
+                              key in the ConfigMap. Must be a C_IDENTIFIER.
+                            type: string
+                          secretRef:
+                            description: The Secret to select from
+                            properties:
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret must be defined
+                                type: boolean
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      type: array
+                    image:
+                      description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images
+                        This field is optional to allow higher level config management
+                        to default or override container images in workload controllers
+                        like Deployments and StatefulSets.'
+                      type: string
+                    imagePullPolicy:
+                      description: 'Image pull policy. One of Always, Never, IfNotPresent.
+                        Defaults to Always if :latest tag is specified, or IfNotPresent
+                        otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
+                      type: string
+                    lifecycle:
+                      description: Actions that the management system should take
+                        in response to container lifecycle events. Cannot be updated.
+                      properties:
+                        postStart:
+                          description: 'PostStart is called immediately after a container
+                            is created. If the handler fails, the container is terminated
+                            and restarted according to its restart policy. Other management
+                            of the container blocks until the hook completes. More
+                            info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
+                          properties:
+                            exec:
+                              description: Exec specifies the action to take.
+                              properties:
+                                command:
+                                  description: Command is the command line to execute
+                                    inside the container, the working directory for
+                                    the command  is root ('/') in the container's
+                                    filesystem. The command is simply exec'd, it is
+                                    not run inside a shell, so traditional shell instructions
+                                    ('|', etc) won't work. To use a shell, you need
+                                    to explicitly call out to that shell. Exit status
+                                    of 0 is treated as live/healthy and non-zero is
+                                    unhealthy.
+                                  items:
+                                    type: string
+                                  type: array
+                              type: object
+                            httpGet:
+                              description: HTTPGet specifies the http request to perform.
+                              properties:
+                                host:
+                                  description: Host name to connect to, defaults to
+                                    the pod IP. You probably want to set "Host" in
+                                    httpHeaders instead.
+                                  type: string
+                                httpHeaders:
+                                  description: Custom headers to set in the request.
+                                    HTTP allows repeated headers.
+                                  items:
+                                    description: HTTPHeader describes a custom header
+                                      to be used in HTTP probes
+                                    properties:
+                                      name:
+                                        description: The header field name
+                                        type: string
+                                      value:
+                                        description: The header field value
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                path:
+                                  description: Path to access on the HTTP server.
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Name or number of the port to access
+                                    on the container. Number must be in the range
+                                    1 to 65535. Name must be an IANA_SVC_NAME.
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  description: Scheme to use for connecting to the
+                                    host. Defaults to HTTP.
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            tcpSocket:
+                              description: Deprecated. TCPSocket is NOT supported
+                                as a LifecycleHandler and kept for the backward compatibility.
+                                There are no validation of this field and lifecycle
+                                hooks will fail in runtime when tcp handler is specified.
+                              properties:
+                                host:
+                                  description: 'Optional: Host name to connect to,
+                                    defaults to the pod IP.'
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Number or name of the port to access
+                                    on the container. Number must be in the range
+                                    1 to 65535. Name must be an IANA_SVC_NAME.
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                          type: object
+                        preStop:
+                          description: 'PreStop is called immediately before a container
+                            is terminated due to an API request or management event
+                            such as liveness/startup probe failure, preemption, resource
+                            contention, etc. The handler is not called if the container
+                            crashes or exits. The Pod''s termination grace period
+                            countdown begins before the PreStop hook is executed.
+                            Regardless of the outcome of the handler, the container
+                            will eventually terminate within the Pod''s termination
+                            grace period (unless delayed by finalizers). Other management
+                            of the container blocks until the hook completes or until
+                            the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
+                          properties:
+                            exec:
+                              description: Exec specifies the action to take.
+                              properties:
+                                command:
+                                  description: Command is the command line to execute
+                                    inside the container, the working directory for
+                                    the command  is root ('/') in the container's
+                                    filesystem. The command is simply exec'd, it is
+                                    not run inside a shell, so traditional shell instructions
+                                    ('|', etc) won't work. To use a shell, you need
+                                    to explicitly call out to that shell. Exit status
+                                    of 0 is treated as live/healthy and non-zero is
+                                    unhealthy.
+                                  items:
+                                    type: string
+                                  type: array
+                              type: object
+                            httpGet:
+                              description: HTTPGet specifies the http request to perform.
+                              properties:
+                                host:
+                                  description: Host name to connect to, defaults to
+                                    the pod IP. You probably want to set "Host" in
+                                    httpHeaders instead.
+                                  type: string
+                                httpHeaders:
+                                  description: Custom headers to set in the request.
+                                    HTTP allows repeated headers.
+                                  items:
+                                    description: HTTPHeader describes a custom header
+                                      to be used in HTTP probes
+                                    properties:
+                                      name:
+                                        description: The header field name
+                                        type: string
+                                      value:
+                                        description: The header field value
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                path:
+                                  description: Path to access on the HTTP server.
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Name or number of the port to access
+                                    on the container. Number must be in the range
+                                    1 to 65535. Name must be an IANA_SVC_NAME.
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  description: Scheme to use for connecting to the
+                                    host. Defaults to HTTP.
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            tcpSocket:
+                              description: Deprecated. TCPSocket is NOT supported
+                                as a LifecycleHandler and kept for the backward compatibility.
+                                There are no validation of this field and lifecycle
+                                hooks will fail in runtime when tcp handler is specified.
+                              properties:
+                                host:
+                                  description: 'Optional: Host name to connect to,
+                                    defaults to the pod IP.'
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Number or name of the port to access
+                                    on the container. Number must be in the range
+                                    1 to 65535. Name must be an IANA_SVC_NAME.
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                          type: object
+                      type: object
+                    livenessProbe:
+                      description: 'Periodic probe of container liveness. Container
+                        will be restarted if the probe fails. Cannot be updated. More
+                        info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                      properties:
+                        exec:
+                          description: Exec specifies the action to take.
+                          properties:
+                            command:
+                              description: Command is the command line to execute
+                                inside the container, the working directory for the
+                                command  is root ('/') in the container's filesystem.
+                                The command is simply exec'd, it is not run inside
+                                a shell, so traditional shell instructions ('|', etc)
+                                won't work. To use a shell, you need to explicitly
+                                call out to that shell. Exit status of 0 is treated
+                                as live/healthy and non-zero is unhealthy.
+                              items:
+                                type: string
+                              type: array
+                          type: object
+                        failureThreshold:
+                          description: Minimum consecutive failures for the probe
+                            to be considered failed after having succeeded. Defaults
+                            to 3. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        grpc:
+                          description: GRPC specifies an action involving a GRPC port.
+                            This is a beta field and requires enabling GRPCContainerProbe
+                            feature gate.
+                          properties:
+                            port:
+                              description: Port number of the gRPC service. Number
+                                must be in the range 1 to 65535.
+                              format: int32
+                              type: integer
+                            service:
+                              description: "Service is the name of the service to
+                                place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+                                \n If this is not specified, the default behavior
+                                is defined by gRPC."
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          description: HTTPGet specifies the http request to perform.
+                          properties:
+                            host:
+                              description: Host name to connect to, defaults to the
+                                pod IP. You probably want to set "Host" in httpHeaders
+                                instead.
+                              type: string
+                            httpHeaders:
+                              description: Custom headers to set in the request. HTTP
+                                allows repeated headers.
+                              items:
+                                description: HTTPHeader describes a custom header
+                                  to be used in HTTP probes
+                                properties:
+                                  name:
+                                    description: The header field name
+                                    type: string
+                                  value:
+                                    description: The header field value
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                            path:
+                              description: Path to access on the HTTP server.
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Name or number of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              description: Scheme to use for connecting to the host.
+                                Defaults to HTTP.
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          description: 'Number of seconds after the container has
+                            started before liveness probes are initiated. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          description: How often (in seconds) to perform the probe.
+                            Default to 10 seconds. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          description: Minimum consecutive successes for the probe
+                            to be considered successful after having failed. Defaults
+                            to 1. Must be 1 for liveness and startup. Minimum value
+                            is 1.
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          description: TCPSocket specifies an action involving a TCP
+                            port.
+                          properties:
+                            host:
+                              description: 'Optional: Host name to connect to, defaults
+                                to the pod IP.'
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Number or name of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          description: Optional duration in seconds the pod needs
+                            to terminate gracefully upon probe failure. The grace
+                            period is the duration in seconds after the processes
+                            running in the pod are sent a termination signal and the
+                            time when the processes are forcibly halted with a kill
+                            signal. Set this value longer than the expected cleanup
+                            time for your process. If this value is nil, the pod's
+                            terminationGracePeriodSeconds will be used. Otherwise,
+                            this value overrides the value provided by the pod spec.
+                            Value must be non-negative integer. The value zero indicates
+                            stop immediately via the kill signal (no opportunity to
+                            shut down). This is a beta field and requires enabling
+                            ProbeTerminationGracePeriod feature gate. Minimum value
+                            is 1. spec.terminationGracePeriodSeconds is used if unset.
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          description: 'Number of seconds after which the probe times
+                            out. Defaults to 1 second. Minimum value is 1. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                      type: object
+                    name:
+                      description: Name of the container specified as a DNS_LABEL.
+                        Each container in a pod must have a unique name (DNS_LABEL).
+                        Cannot be updated.
+                      type: string
+                    ports:
+                      description: List of ports to expose from the container. Not
+                        specifying a port here DOES NOT prevent that port from being
+                        exposed. Any port which is listening on the default "0.0.0.0"
+                        address inside a container will be accessible from the network.
+                        Modifying this array with strategic merge patch may corrupt
+                        the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255.
+                        Cannot be updated.
+                      items:
+                        description: ContainerPort represents a network port in a
+                          single container.
+                        properties:
+                          containerPort:
+                            description: Number of port to expose on the pod's IP
+                              address. This must be a valid port number, 0 < x < 65536.
+                            format: int32
+                            type: integer
+                          hostIP:
+                            description: What host IP to bind the external port to.
+                            type: string
+                          hostPort:
+                            description: Number of port to expose on the host. If
+                              specified, this must be a valid port number, 0 < x <
+                              65536. If HostNetwork is specified, this must match
+                              ContainerPort. Most containers do not need this.
+                            format: int32
+                            type: integer
+                          name:
+                            description: If specified, this must be an IANA_SVC_NAME
+                              and unique within the pod. Each named port in a pod
+                              must have a unique name. Name for the port that can
+                              be referred to by services.
+                            type: string
+                          protocol:
+                            default: TCP
+                            description: Protocol for port. Must be UDP, TCP, or SCTP.
+                              Defaults to "TCP".
+                            type: string
+                        required:
+                        - containerPort
+                        type: object
+                      type: array
+                      x-kubernetes-list-map-keys:
+                      - containerPort
+                      - protocol
+                      x-kubernetes-list-type: map
+                    readinessProbe:
+                      description: 'Periodic probe of container service readiness.
+                        Container will be removed from service endpoints if the probe
+                        fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                      properties:
+                        exec:
+                          description: Exec specifies the action to take.
+                          properties:
+                            command:
+                              description: Command is the command line to execute
+                                inside the container, the working directory for the
+                                command  is root ('/') in the container's filesystem.
+                                The command is simply exec'd, it is not run inside
+                                a shell, so traditional shell instructions ('|', etc)
+                                won't work. To use a shell, you need to explicitly
+                                call out to that shell. Exit status of 0 is treated
+                                as live/healthy and non-zero is unhealthy.
+                              items:
+                                type: string
+                              type: array
+                          type: object
+                        failureThreshold:
+                          description: Minimum consecutive failures for the probe
+                            to be considered failed after having succeeded. Defaults
+                            to 3. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        grpc:
+                          description: GRPC specifies an action involving a GRPC port.
+                            This is a beta field and requires enabling GRPCContainerProbe
+                            feature gate.
+                          properties:
+                            port:
+                              description: Port number of the gRPC service. Number
+                                must be in the range 1 to 65535.
+                              format: int32
+                              type: integer
+                            service:
+                              description: "Service is the name of the service to
+                                place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+                                \n If this is not specified, the default behavior
+                                is defined by gRPC."
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          description: HTTPGet specifies the http request to perform.
+                          properties:
+                            host:
+                              description: Host name to connect to, defaults to the
+                                pod IP. You probably want to set "Host" in httpHeaders
+                                instead.
+                              type: string
+                            httpHeaders:
+                              description: Custom headers to set in the request. HTTP
+                                allows repeated headers.
+                              items:
+                                description: HTTPHeader describes a custom header
+                                  to be used in HTTP probes
+                                properties:
+                                  name:
+                                    description: The header field name
+                                    type: string
+                                  value:
+                                    description: The header field value
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                            path:
+                              description: Path to access on the HTTP server.
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Name or number of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              description: Scheme to use for connecting to the host.
+                                Defaults to HTTP.
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          description: 'Number of seconds after the container has
+                            started before liveness probes are initiated. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          description: How often (in seconds) to perform the probe.
+                            Default to 10 seconds. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          description: Minimum consecutive successes for the probe
+                            to be considered successful after having failed. Defaults
+                            to 1. Must be 1 for liveness and startup. Minimum value
+                            is 1.
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          description: TCPSocket specifies an action involving a TCP
+                            port.
+                          properties:
+                            host:
+                              description: 'Optional: Host name to connect to, defaults
+                                to the pod IP.'
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Number or name of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          description: Optional duration in seconds the pod needs
+                            to terminate gracefully upon probe failure. The grace
+                            period is the duration in seconds after the processes
+                            running in the pod are sent a termination signal and the
+                            time when the processes are forcibly halted with a kill
+                            signal. Set this value longer than the expected cleanup
+                            time for your process. If this value is nil, the pod's
+                            terminationGracePeriodSeconds will be used. Otherwise,
+                            this value overrides the value provided by the pod spec.
+                            Value must be non-negative integer. The value zero indicates
+                            stop immediately via the kill signal (no opportunity to
+                            shut down). This is a beta field and requires enabling
+                            ProbeTerminationGracePeriod feature gate. Minimum value
+                            is 1. spec.terminationGracePeriodSeconds is used if unset.
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          description: 'Number of seconds after which the probe times
+                            out. Defaults to 1 second. Minimum value is 1. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                      type: object
+                    resources:
+                      description: 'Compute Resources required by this container.
+                        Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                      properties:
+                        claims:
+                          description: "Claims lists the names of resources, defined
+                            in spec.resourceClaims, that are used by this container.
+                            \n This is an alpha field and requires enabling the DynamicResourceAllocation
+                            feature gate. \n This field is immutable."
+                          items:
+                            description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+                            properties:
+                              name:
+                                description: Name must match the name of one entry
+                                  in pod.spec.resourceClaims of the Pod where this
+                                  field is used. It makes that resource available
+                                  inside a container.
+                                type: string
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        limits:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          description: 'Limits describes the maximum amount of compute
+                            resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                          type: object
+                        requests:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          description: 'Requests describes the minimum amount of compute
+                            resources required. If Requests is omitted for a container,
+                            it defaults to Limits if that is explicitly specified,
+                            otherwise to an implementation-defined value. More info:
+                            https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                          type: object
+                      type: object
+                    securityContext:
+                      description: 'SecurityContext defines the security options the
+                        container should be run with. If set, the fields of SecurityContext
+                        override the equivalent fields of PodSecurityContext. More
+                        info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
+                      properties:
+                        allowPrivilegeEscalation:
+                          description: 'AllowPrivilegeEscalation controls whether
+                            a process can gain more privileges than its parent process.
+                            This bool directly controls if the no_new_privs flag will
+                            be set on the container process. AllowPrivilegeEscalation
+                            is true always when the container is: 1) run as Privileged
+                            2) has CAP_SYS_ADMIN Note that this field cannot be set
+                            when spec.os.name is windows.'
+                          type: boolean
+                        capabilities:
+                          description: The capabilities to add/drop when running containers.
+                            Defaults to the default set of capabilities granted by
+                            the container runtime. Note that this field cannot be
+                            set when spec.os.name is windows.
+                          properties:
+                            add:
+                              description: Added capabilities
+                              items:
+                                description: Capability represent POSIX capabilities
+                                  type
+                                type: string
+                              type: array
+                            drop:
+                              description: Removed capabilities
+                              items:
+                                description: Capability represent POSIX capabilities
+                                  type
+                                type: string
+                              type: array
+                          type: object
+                        privileged:
+                          description: Run container in privileged mode. Processes
+                            in privileged containers are essentially equivalent to
+                            root on the host. Defaults to false. Note that this field
+                            cannot be set when spec.os.name is windows.
+                          type: boolean
+                        procMount:
+                          description: procMount denotes the type of proc mount to
+                            use for the containers. The default is DefaultProcMount
+                            which uses the container runtime defaults for readonly
+                            paths and masked paths. This requires the ProcMountType
+                            feature flag to be enabled. Note that this field cannot
+                            be set when spec.os.name is windows.
+                          type: string
+                        readOnlyRootFilesystem:
+                          description: Whether this container has a read-only root
+                            filesystem. Default is false. Note that this field cannot
+                            be set when spec.os.name is windows.
+                          type: boolean
+                        runAsGroup:
+                          description: The GID to run the entrypoint of the container
+                            process. Uses runtime default if unset. May also be set
+                            in PodSecurityContext.  If set in both SecurityContext
+                            and PodSecurityContext, the value specified in SecurityContext
+                            takes precedence. Note that this field cannot be set when
+                            spec.os.name is windows.
+                          format: int64
+                          type: integer
+                        runAsNonRoot:
+                          description: Indicates that the container must run as a
+                            non-root user. If true, the Kubelet will validate the
+                            image at runtime to ensure that it does not run as UID
+                            0 (root) and fail to start the container if it does. If
+                            unset or false, no such validation will be performed.
+                            May also be set in PodSecurityContext.  If set in both
+                            SecurityContext and PodSecurityContext, the value specified
+                            in SecurityContext takes precedence.
+                          type: boolean
+                        runAsUser:
+                          description: The UID to run the entrypoint of the container
+                            process. Defaults to user specified in image metadata
+                            if unspecified. May also be set in PodSecurityContext.  If
+                            set in both SecurityContext and PodSecurityContext, the
+                            value specified in SecurityContext takes precedence. Note
+                            that this field cannot be set when spec.os.name is windows.
+                          format: int64
+                          type: integer
+                        seLinuxOptions:
+                          description: The SELinux context to be applied to the container.
+                            If unspecified, the container runtime will allocate a
+                            random SELinux context for each container.  May also be
+                            set in PodSecurityContext.  If set in both SecurityContext
+                            and PodSecurityContext, the value specified in SecurityContext
+                            takes precedence. Note that this field cannot be set when
+                            spec.os.name is windows.
+                          properties:
+                            level:
+                              description: Level is SELinux level label that applies
+                                to the container.
+                              type: string
+                            role:
+                              description: Role is a SELinux role label that applies
+                                to the container.
+                              type: string
+                            type:
+                              description: Type is a SELinux type label that applies
+                                to the container.
+                              type: string
+                            user:
+                              description: User is a SELinux user label that applies
+                                to the container.
+                              type: string
+                          type: object
+                        seccompProfile:
+                          description: The seccomp options to use by this container.
+                            If seccomp options are provided at both the pod & container
+                            level, the container options override the pod options.
+                            Note that this field cannot be set when spec.os.name is
+                            windows.
+                          properties:
+                            localhostProfile:
+                              description: localhostProfile indicates a profile defined
+                                in a file on the node should be used. The profile
+                                must be preconfigured on the node to work. Must be
+                                a descending path, relative to the kubelet's configured
+                                seccomp profile location. Must only be set if type
+                                is "Localhost".
+                              type: string
+                            type:
+                              description: "type indicates which kind of seccomp profile
+                                will be applied. Valid options are: \n Localhost -
+                                a profile defined in a file on the node should be
+                                used. RuntimeDefault - the container runtime default
+                                profile should be used. Unconfined - no profile should
+                                be applied."
+                              type: string
+                          required:
+                          - type
+                          type: object
+                        windowsOptions:
+                          description: The Windows specific settings applied to all
+                            containers. If unspecified, the options from the PodSecurityContext
+                            will be used. If set in both SecurityContext and PodSecurityContext,
+                            the value specified in SecurityContext takes precedence.
+                            Note that this field cannot be set when spec.os.name is
+                            linux.
+                          properties:
+                            gmsaCredentialSpec:
+                              description: GMSACredentialSpec is where the GMSA admission
+                                webhook (https://github.com/kubernetes-sigs/windows-gmsa)
+                                inlines the contents of the GMSA credential spec named
+                                by the GMSACredentialSpecName field.
+                              type: string
+                            gmsaCredentialSpecName:
+                              description: GMSACredentialSpecName is the name of the
+                                GMSA credential spec to use.
+                              type: string
+                            hostProcess:
+                              description: HostProcess determines if a container should
+                                be run as a 'Host Process' container. This field is
+                                alpha-level and will only be honored by components
+                                that enable the WindowsHostProcessContainers feature
+                                flag. Setting this field without the feature flag
+                                will result in errors when validating the Pod. All
+                                of a Pod's containers must have the same effective
+                                HostProcess value (it is not allowed to have a mix
+                                of HostProcess containers and non-HostProcess containers).  In
+                                addition, if HostProcess is true then HostNetwork
+                                must also be set to true.
+                              type: boolean
+                            runAsUserName:
+                              description: The UserName in Windows to run the entrypoint
+                                of the container process. Defaults to the user specified
+                                in image metadata if unspecified. May also be set
+                                in PodSecurityContext. If set in both SecurityContext
+                                and PodSecurityContext, the value specified in SecurityContext
+                                takes precedence.
+                              type: string
+                          type: object
+                      type: object
+                    startupProbe:
+                      description: 'StartupProbe indicates that the Pod has successfully
+                        initialized. If specified, no other probes are executed until
+                        this completes successfully. If this probe fails, the Pod
+                        will be restarted, just as if the livenessProbe failed. This
+                        can be used to provide different probe parameters at the beginning
+                        of a Pod''s lifecycle, when it might take a long time to load
+                        data or warm a cache, than during steady-state operation.
+                        This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                      properties:
+                        exec:
+                          description: Exec specifies the action to take.
+                          properties:
+                            command:
+                              description: Command is the command line to execute
+                                inside the container, the working directory for the
+                                command  is root ('/') in the container's filesystem.
+                                The command is simply exec'd, it is not run inside
+                                a shell, so traditional shell instructions ('|', etc)
+                                won't work. To use a shell, you need to explicitly
+                                call out to that shell. Exit status of 0 is treated
+                                as live/healthy and non-zero is unhealthy.
+                              items:
+                                type: string
+                              type: array
+                          type: object
+                        failureThreshold:
+                          description: Minimum consecutive failures for the probe
+                            to be considered failed after having succeeded. Defaults
+                            to 3. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        grpc:
+                          description: GRPC specifies an action involving a GRPC port.
+                            This is a beta field and requires enabling GRPCContainerProbe
+                            feature gate.
+                          properties:
+                            port:
+                              description: Port number of the gRPC service. Number
+                                must be in the range 1 to 65535.
+                              format: int32
+                              type: integer
+                            service:
+                              description: "Service is the name of the service to
+                                place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+                                \n If this is not specified, the default behavior
+                                is defined by gRPC."
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          description: HTTPGet specifies the http request to perform.
+                          properties:
+                            host:
+                              description: Host name to connect to, defaults to the
+                                pod IP. You probably want to set "Host" in httpHeaders
+                                instead.
+                              type: string
+                            httpHeaders:
+                              description: Custom headers to set in the request. HTTP
+                                allows repeated headers.
+                              items:
+                                description: HTTPHeader describes a custom header
+                                  to be used in HTTP probes
+                                properties:
+                                  name:
+                                    description: The header field name
+                                    type: string
+                                  value:
+                                    description: The header field value
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                            path:
+                              description: Path to access on the HTTP server.
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Name or number of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              description: Scheme to use for connecting to the host.
+                                Defaults to HTTP.
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          description: 'Number of seconds after the container has
+                            started before liveness probes are initiated. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          description: How often (in seconds) to perform the probe.
+                            Default to 10 seconds. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          description: Minimum consecutive successes for the probe
+                            to be considered successful after having failed. Defaults
+                            to 1. Must be 1 for liveness and startup. Minimum value
+                            is 1.
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          description: TCPSocket specifies an action involving a TCP
+                            port.
+                          properties:
+                            host:
+                              description: 'Optional: Host name to connect to, defaults
+                                to the pod IP.'
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Number or name of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          description: Optional duration in seconds the pod needs
+                            to terminate gracefully upon probe failure. The grace
+                            period is the duration in seconds after the processes
+                            running in the pod are sent a termination signal and the
+                            time when the processes are forcibly halted with a kill
+                            signal. Set this value longer than the expected cleanup
+                            time for your process. If this value is nil, the pod's
+                            terminationGracePeriodSeconds will be used. Otherwise,
+                            this value overrides the value provided by the pod spec.
+                            Value must be non-negative integer. The value zero indicates
+                            stop immediately via the kill signal (no opportunity to
+                            shut down). This is a beta field and requires enabling
+                            ProbeTerminationGracePeriod feature gate. Minimum value
+                            is 1. spec.terminationGracePeriodSeconds is used if unset.
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          description: 'Number of seconds after which the probe times
+                            out. Defaults to 1 second. Minimum value is 1. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                      type: object
+                    stdin:
+                      description: Whether this container should allocate a buffer
+                        for stdin in the container runtime. If this is not set, reads
+                        from stdin in the container will always result in EOF. Default
+                        is false.
+                      type: boolean
+                    stdinOnce:
+                      description: Whether the container runtime should close the
+                        stdin channel after it has been opened by a single attach.
+                        When stdin is true the stdin stream will remain open across
+                        multiple attach sessions. If stdinOnce is set to true, stdin
+                        is opened on container start, is empty until the first client
+                        attaches to stdin, and then remains open and accepts data
+                        until the client disconnects, at which time stdin is closed
+                        and remains closed until the container is restarted. If this
+                        flag is false, a container processes that reads from stdin
+                        will never receive an EOF. Default is false
+                      type: boolean
+                    terminationMessagePath:
+                      description: 'Optional: Path at which the file to which the
+                        container''s termination message will be written is mounted
+                        into the container''s filesystem. Message written is intended
+                        to be brief final status, such as an assertion failure message.
+                        Will be truncated by the node if greater than 4096 bytes.
+                        The total message length across all containers will be limited
+                        to 12kb. Defaults to /dev/termination-log. Cannot be updated.'
+                      type: string
+                    terminationMessagePolicy:
+                      description: Indicate how the termination message should be
+                        populated. File will use the contents of terminationMessagePath
+                        to populate the container status message on both success and
+                        failure. FallbackToLogsOnError will use the last chunk of
+                        container log output if the termination message file is empty
+                        and the container exited with an error. The log output is
+                        limited to 2048 bytes or 80 lines, whichever is smaller. Defaults
+                        to File. Cannot be updated.
+                      type: string
+                    tty:
+                      description: Whether this container should allocate a TTY for
+                        itself, also requires 'stdin' to be true. Default is false.
+                      type: boolean
+                    volumeDevices:
+                      description: volumeDevices is the list of block devices to be
+                        used by the container.
+                      items:
+                        description: volumeDevice describes a mapping of a raw block
+                          device within a container.
+                        properties:
+                          devicePath:
+                            description: devicePath is the path inside of the container
+                              that the device will be mapped to.
+                            type: string
+                          name:
+                            description: name must match the name of a persistentVolumeClaim
+                              in the pod
+                            type: string
+                        required:
+                        - devicePath
+                        - name
+                        type: object
+                      type: array
+                    volumeMounts:
+                      description: Pod volumes to mount into the container's filesystem.
+                        Cannot be updated.
+                      items:
+                        description: VolumeMount describes a mounting of a Volume
+                          within a container.
+                        properties:
+                          mountPath:
+                            description: Path within the container at which the volume
+                              should be mounted.  Must not contain ':'.
+                            type: string
+                          mountPropagation:
+                            description: mountPropagation determines how mounts are
+                              propagated from the host to container and the other
+                              way around. When not set, MountPropagationNone is used.
+                              This field is beta in 1.10.
+                            type: string
+                          name:
+                            description: This must match the Name of a Volume.
+                            type: string
+                          readOnly:
+                            description: Mounted read-only if true, read-write otherwise
+                              (false or unspecified). Defaults to false.
+                            type: boolean
+                          subPath:
+                            description: Path within the volume from which the container's
+                              volume should be mounted. Defaults to "" (volume's root).
+                            type: string
+                          subPathExpr:
+                            description: Expanded path within the volume from which
+                              the container's volume should be mounted. Behaves similarly
+                              to SubPath but environment variable references $(VAR_NAME)
+                              are expanded using the container's environment. Defaults
+                              to "" (volume's root). SubPathExpr and SubPath are mutually
+                              exclusive.
+                            type: string
+                        required:
+                        - mountPath
+                        - name
+                        type: object
+                      type: array
+                    workingDir:
+                      description: Container's working directory. If not specified,
+                        the container runtime's default will be used, which might
+                        be configured in the container image. Cannot be updated.
+                      type: string
+                  required:
+                  - name
+                  type: object
+                type: array
+              listenLocal:
+                description: ListenLocal makes the Alertmanager server listen on loopback,
+                  so that it does not bind against the Pod IP. Note this is only for
+                  the Alertmanager UI, not the gossip communication.
+                type: boolean
+              logFormat:
+                description: Log format for Alertmanager to be configured with.
+                enum:
+                - ""
+                - logfmt
+                - json
+                type: string
+              logLevel:
+                description: Log level for Alertmanager to be configured with.
+                enum:
+                - ""
+                - debug
+                - info
+                - warn
+                - error
+                type: string
+              minReadySeconds:
+                description: Minimum number of seconds for which a newly created pod
+                  should be ready without any of its container crashing for it to
+                  be considered available. Defaults to 0 (pod will be considered available
+                  as soon as it is ready) This is an alpha field from kubernetes 1.22
+                  until 1.24 which requires enabling the StatefulSetMinReadySeconds
+                  feature gate.
+                format: int32
+                type: integer
+              nodeSelector:
+                additionalProperties:
+                  type: string
+                description: Define which Nodes the Pods are scheduled on.
+                type: object
+              paused:
+                description: If set to true all actions on the underlying managed
+                  objects are not goint to be performed, except for delete actions.
+                type: boolean
+              podMetadata:
+                description: PodMetadata configures Labels and Annotations which are
+                  propagated to the alertmanager pods.
+                properties:
+                  annotations:
+                    additionalProperties:
+                      type: string
+                    description: 'Annotations is an unstructured key value map stored
+                      with a resource that may be set by external tools to store and
+                      retrieve arbitrary metadata. They are not queryable and should
+                      be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations'
+                    type: object
+                  labels:
+                    additionalProperties:
+                      type: string
+                    description: 'Map of string keys and values that can be used to
+                      organize and categorize (scope and select) objects. May match
+                      selectors of replication controllers and services. More info:
+                      http://kubernetes.io/docs/user-guide/labels'
+                    type: object
+                  name:
+                    description: 'Name must be unique within a namespace. Is required
+                      when creating resources, although some resources may allow a
+                      client to request the generation of an appropriate name automatically.
+                      Name is primarily intended for creation idempotence and configuration
+                      definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
+                    type: string
+                type: object
+              portName:
+                description: Port name used for the pods and governing service. This
+                  defaults to web
+                type: string
+              priorityClassName:
+                description: Priority class assigned to the Pods
+                type: string
+              replicas:
+                description: Size is the expected size of the alertmanager cluster.
+                  The controller will eventually make the size of the running cluster
+                  equal to the expected size.
+                format: int32
+                type: integer
+              resources:
+                description: Define resources requests and limits for single Pods.
+                properties:
+                  claims:
+                    description: "Claims lists the names of resources, defined in
+                      spec.resourceClaims, that are used by this container. \n This
+                      is an alpha field and requires enabling the DynamicResourceAllocation
+                      feature gate. \n This field is immutable."
+                    items:
+                      description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+                      properties:
+                        name:
+                          description: Name must match the name of one entry in pod.spec.resourceClaims
+                            of the Pod where this field is used. It makes that resource
+                            available inside a container.
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    type: array
+                    x-kubernetes-list-map-keys:
+                    - name
+                    x-kubernetes-list-type: map
+                  limits:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    description: 'Limits describes the maximum amount of compute resources
+                      allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                    type: object
+                  requests:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    description: 'Requests describes the minimum amount of compute
+                      resources required. If Requests is omitted for a container,
+                      it defaults to Limits if that is explicitly specified, otherwise
+                      to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                    type: object
+                type: object
+              retention:
+                default: 120h
+                description: Time duration Alertmanager shall retain data for. Default
+                  is '120h', and must match the regular expression `[0-9]+(ms|s|m|h)`
+                  (milliseconds seconds minutes hours).
+                pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                type: string
+              routePrefix:
+                description: The route prefix Alertmanager registers HTTP handlers
+                  for. This is useful, if using ExternalURL and a proxy is rewriting
+                  HTTP routes of a request, and the actual ExternalURL is still true,
+                  but the server serves requests under a different route prefix. For
+                  example for use with `kubectl proxy`.
+                type: string
+              secrets:
+                description: Secrets is a list of Secrets in the same namespace as
+                  the Alertmanager object, which shall be mounted into the Alertmanager
+                  Pods. Each Secret is added to the StatefulSet definition as a volume
+                  named `secret-<secret-name>`. The Secrets are mounted into `/etc/alertmanager/secrets/<secret-name>`
+                  in the 'alertmanager' container.
+                items:
+                  type: string
+                type: array
+              securityContext:
+                description: SecurityContext holds pod-level security attributes and
+                  common container settings. This defaults to the default PodSecurityContext.
+                properties:
+                  fsGroup:
+                    description: "A special supplemental group that applies to all
+                      containers in a pod. Some volume types allow the Kubelet to
+                      change the ownership of that volume to be owned by the pod:
+                      \n 1. The owning GID will be the FSGroup 2. The setgid bit is
+                      set (new files created in the volume will be owned by FSGroup)
+                      3. The permission bits are OR'd with rw-rw---- \n If unset,
+                      the Kubelet will not modify the ownership and permissions of
+                      any volume. Note that this field cannot be set when spec.os.name
+                      is windows."
+                    format: int64
+                    type: integer
+                  fsGroupChangePolicy:
+                    description: 'fsGroupChangePolicy defines behavior of changing
+                      ownership and permission of the volume before being exposed
+                      inside Pod. This field will only apply to volume types which
+                      support fsGroup based ownership(and permissions). It will have
+                      no effect on ephemeral volume types such as: secret, configmaps
+                      and emptydir. Valid values are "OnRootMismatch" and "Always".
+                      If not specified, "Always" is used. Note that this field cannot
+                      be set when spec.os.name is windows.'
+                    type: string
+                  runAsGroup:
+                    description: The GID to run the entrypoint of the container process.
+                      Uses runtime default if unset. May also be set in SecurityContext.  If
+                      set in both SecurityContext and PodSecurityContext, the value
+                      specified in SecurityContext takes precedence for that container.
+                      Note that this field cannot be set when spec.os.name is windows.
+                    format: int64
+                    type: integer
+                  runAsNonRoot:
+                    description: Indicates that the container must run as a non-root
+                      user. If true, the Kubelet will validate the image at runtime
+                      to ensure that it does not run as UID 0 (root) and fail to start
+                      the container if it does. If unset or false, no such validation
+                      will be performed. May also be set in SecurityContext.  If set
+                      in both SecurityContext and PodSecurityContext, the value specified
+                      in SecurityContext takes precedence.
+                    type: boolean
+                  runAsUser:
+                    description: The UID to run the entrypoint of the container process.
+                      Defaults to user specified in image metadata if unspecified.
+                      May also be set in SecurityContext.  If set in both SecurityContext
+                      and PodSecurityContext, the value specified in SecurityContext
+                      takes precedence for that container. Note that this field cannot
+                      be set when spec.os.name is windows.
+                    format: int64
+                    type: integer
+                  seLinuxOptions:
+                    description: The SELinux context to be applied to all containers.
+                      If unspecified, the container runtime will allocate a random
+                      SELinux context for each container.  May also be set in SecurityContext.  If
+                      set in both SecurityContext and PodSecurityContext, the value
+                      specified in SecurityContext takes precedence for that container.
+                      Note that this field cannot be set when spec.os.name is windows.
+                    properties:
+                      level:
+                        description: Level is SELinux level label that applies to
+                          the container.
+                        type: string
+                      role:
+                        description: Role is a SELinux role label that applies to
+                          the container.
+                        type: string
+                      type:
+                        description: Type is a SELinux type label that applies to
+                          the container.
+                        type: string
+                      user:
+                        description: User is a SELinux user label that applies to
+                          the container.
+                        type: string
+                    type: object
+                  seccompProfile:
+                    description: The seccomp options to use by the containers in this
+                      pod. Note that this field cannot be set when spec.os.name is
+                      windows.
+                    properties:
+                      localhostProfile:
+                        description: localhostProfile indicates a profile defined
+                          in a file on the node should be used. The profile must be
+                          preconfigured on the node to work. Must be a descending
+                          path, relative to the kubelet's configured seccomp profile
+                          location. Must only be set if type is "Localhost".
+                        type: string
+                      type:
+                        description: "type indicates which kind of seccomp profile
+                          will be applied. Valid options are: \n Localhost - a profile
+                          defined in a file on the node should be used. RuntimeDefault
+                          - the container runtime default profile should be used.
+                          Unconfined - no profile should be applied."
+                        type: string
+                    required:
+                    - type
+                    type: object
+                  supplementalGroups:
+                    description: A list of groups applied to the first process run
+                      in each container, in addition to the container's primary GID,
+                      the fsGroup (if specified), and group memberships defined in
+                      the container image for the uid of the container process. If
+                      unspecified, no additional groups are added to any container.
+                      Note that group memberships defined in the container image for
+                      the uid of the container process are still effective, even if
+                      they are not included in this list. Note that this field cannot
+                      be set when spec.os.name is windows.
+                    items:
+                      format: int64
+                      type: integer
+                    type: array
+                  sysctls:
+                    description: Sysctls hold a list of namespaced sysctls used for
+                      the pod. Pods with unsupported sysctls (by the container runtime)
+                      might fail to launch. Note that this field cannot be set when
+                      spec.os.name is windows.
+                    items:
+                      description: Sysctl defines a kernel parameter to be set
+                      properties:
+                        name:
+                          description: Name of a property to set
+                          type: string
+                        value:
+                          description: Value of a property to set
+                          type: string
+                      required:
+                      - name
+                      - value
+                      type: object
+                    type: array
+                  windowsOptions:
+                    description: The Windows specific settings applied to all containers.
+                      If unspecified, the options within a container's SecurityContext
+                      will be used. If set in both SecurityContext and PodSecurityContext,
+                      the value specified in SecurityContext takes precedence. Note
+                      that this field cannot be set when spec.os.name is linux.
+                    properties:
+                      gmsaCredentialSpec:
+                        description: GMSACredentialSpec is where the GMSA admission
+                          webhook (https://github.com/kubernetes-sigs/windows-gmsa)
+                          inlines the contents of the GMSA credential spec named by
+                          the GMSACredentialSpecName field.
+                        type: string
+                      gmsaCredentialSpecName:
+                        description: GMSACredentialSpecName is the name of the GMSA
+                          credential spec to use.
+                        type: string
+                      hostProcess:
+                        description: HostProcess determines if a container should
+                          be run as a 'Host Process' container. This field is alpha-level
+                          and will only be honored by components that enable the WindowsHostProcessContainers
+                          feature flag. Setting this field without the feature flag
+                          will result in errors when validating the Pod. All of a
+                          Pod's containers must have the same effective HostProcess
+                          value (it is not allowed to have a mix of HostProcess containers
+                          and non-HostProcess containers).  In addition, if HostProcess
+                          is true then HostNetwork must also be set to true.
+                        type: boolean
+                      runAsUserName:
+                        description: The UserName in Windows to run the entrypoint
+                          of the container process. Defaults to the user specified
+                          in image metadata if unspecified. May also be set in PodSecurityContext.
+                          If set in both SecurityContext and PodSecurityContext, the
+                          value specified in SecurityContext takes precedence.
+                        type: string
+                    type: object
+                type: object
+              serviceAccountName:
+                description: ServiceAccountName is the name of the ServiceAccount
+                  to use to run the Prometheus Pods.
+                type: string
+              sha:
+                description: 'SHA of Alertmanager container image to be deployed.
+                  Defaults to the value of `version`. Similar to a tag, but the SHA
+                  explicitly deploys an immutable container image. Version and Tag
+                  are ignored if SHA is set. Deprecated: use ''image'' instead.  The
+                  image digest can be specified as part of the image URL.'
+                type: string
+              storage:
+                description: Storage is the definition of how storage will be used
+                  by the Alertmanager instances.
+                properties:
+                  disableMountSubPath:
+                    description: 'Deprecated: subPath usage will be disabled by default
+                      in a future release, this option will become unnecessary. DisableMountSubPath
+                      allows to remove any subPath usage in volume mounts.'
+                    type: boolean
+                  emptyDir:
+                    description: 'EmptyDirVolumeSource to be used by the StatefulSet.
+                      If specified, used in place of any volumeClaimTemplate. More
+                      info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir'
+                    properties:
+                      medium:
+                        description: 'medium represents what type of storage medium
+                          should back this directory. The default is "" which means
+                          to use the node''s default medium. Must be an empty string
+                          (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+                        type: string
+                      sizeLimit:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        description: 'sizeLimit is the total amount of local storage
+                          required for this EmptyDir volume. The size limit is also
+                          applicable for memory medium. The maximum usage on memory
+                          medium EmptyDir would be the minimum value between the SizeLimit
+                          specified here and the sum of memory limits of all containers
+                          in a pod. The default is nil which means that the limit
+                          is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
+                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                        x-kubernetes-int-or-string: true
+                    type: object
+                  ephemeral:
+                    description: 'EphemeralVolumeSource to be used by the StatefulSet.
+                      This is a beta field in k8s 1.21, for lower versions, starting
+                      with k8s 1.19, it requires enabling the GenericEphemeralVolume
+                      feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes'
+                    properties:
+                      volumeClaimTemplate:
+                        description: "Will be used to create a stand-alone PVC to
+                          provision the volume. The pod in which this EphemeralVolumeSource
+                          is embedded will be the owner of the PVC, i.e. the PVC will
+                          be deleted together with the pod.  The name of the PVC will
+                          be `<pod name>-<volume name>` where `<volume name>` is the
+                          name from the `PodSpec.Volumes` array entry. Pod validation
+                          will reject the pod if the concatenated name is not valid
+                          for a PVC (for example, too long). \n An existing PVC with
+                          that name that is not owned by the pod will *not* be used
+                          for the pod to avoid using an unrelated volume by mistake.
+                          Starting the pod is then blocked until the unrelated PVC
+                          is removed. If such a pre-created PVC is meant to be used
+                          by the pod, the PVC has to updated with an owner reference
+                          to the pod once the pod exists. Normally this should not
+                          be necessary, but it may be useful when manually reconstructing
+                          a broken cluster. \n This field is read-only and no changes
+                          will be made by Kubernetes to the PVC after it has been
+                          created. \n Required, must not be nil."
+                        properties:
+                          metadata:
+                            description: May contain labels and annotations that will
+                              be copied into the PVC when creating it. No other fields
+                              are allowed and will be rejected during validation.
+                            type: object
+                          spec:
+                            description: The specification for the PersistentVolumeClaim.
+                              The entire content is copied unchanged into the PVC
+                              that gets created from this template. The same fields
+                              as in a PersistentVolumeClaim are also valid here.
+                            properties:
+                              accessModes:
+                                description: 'accessModes contains the desired access
+                                  modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
+                                items:
+                                  type: string
+                                type: array
+                              dataSource:
+                                description: 'dataSource field can be used to specify
+                                  either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
+                                  * An existing PVC (PersistentVolumeClaim) If the
+                                  provisioner or an external controller can support
+                                  the specified data source, it will create a new
+                                  volume based on the contents of the specified data
+                                  source. When the AnyVolumeDataSource feature gate
+                                  is enabled, dataSource contents will be copied to
+                                  dataSourceRef, and dataSourceRef contents will be
+                                  copied to dataSource when dataSourceRef.namespace
+                                  is not specified. If the namespace is specified,
+                                  then dataSourceRef will not be copied to dataSource.'
+                                properties:
+                                  apiGroup:
+                                    description: APIGroup is the group for the resource
+                                      being referenced. If APIGroup is not specified,
+                                      the specified Kind must be in the core API group.
+                                      For any other third-party types, APIGroup is
+                                      required.
+                                    type: string
+                                  kind:
+                                    description: Kind is the type of resource being
+                                      referenced
+                                    type: string
+                                  name:
+                                    description: Name is the name of resource being
+                                      referenced
+                                    type: string
+                                required:
+                                - kind
+                                - name
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              dataSourceRef:
+                                description: 'dataSourceRef specifies the object from
+                                  which to populate the volume with data, if a non-empty
+                                  volume is desired. This may be any object from a
+                                  non-empty API group (non core object) or a PersistentVolumeClaim
+                                  object. When this field is specified, volume binding
+                                  will only succeed if the type of the specified object
+                                  matches some installed volume populator or dynamic
+                                  provisioner. This field will replace the functionality
+                                  of the dataSource field and as such if both fields
+                                  are non-empty, they must have the same value. For
+                                  backwards compatibility, when namespace isn''t specified
+                                  in dataSourceRef, both fields (dataSource and dataSourceRef)
+                                  will be set to the same value automatically if one
+                                  of them is empty and the other is non-empty. When
+                                  namespace is specified in dataSourceRef, dataSource
+                                  isn''t set to the same value and must be empty.
+                                  There are three important differences between dataSource
+                                  and dataSourceRef: * While dataSource only allows
+                                  two specific types of objects, dataSourceRef allows
+                                  any non-core object, as well as PersistentVolumeClaim
+                                  objects. * While dataSource ignores disallowed values
+                                  (dropping them), dataSourceRef preserves all values,
+                                  and generates an error if a disallowed value is
+                                  specified. * While dataSource only allows local
+                                  objects, dataSourceRef allows objects in any namespaces.
+                                  (Beta) Using this field requires the AnyVolumeDataSource
+                                  feature gate to be enabled. (Alpha) Using the namespace
+                                  field of dataSourceRef requires the CrossNamespaceVolumeDataSource
+                                  feature gate to be enabled.'
+                                properties:
+                                  apiGroup:
+                                    description: APIGroup is the group for the resource
+                                      being referenced. If APIGroup is not specified,
+                                      the specified Kind must be in the core API group.
+                                      For any other third-party types, APIGroup is
+                                      required.
+                                    type: string
+                                  kind:
+                                    description: Kind is the type of resource being
+                                      referenced
+                                    type: string
+                                  name:
+                                    description: Name is the name of resource being
+                                      referenced
+                                    type: string
+                                  namespace:
+                                    description: Namespace is the namespace of resource
+                                      being referenced Note that when a namespace
+                                      is specified, a gateway.networking.k8s.io/ReferenceGrant
+                                      object is required in the referent namespace
+                                      to allow that namespace's owner to accept the
+                                      reference. See the ReferenceGrant documentation
+                                      for details. (Alpha) This field requires the
+                                      CrossNamespaceVolumeDataSource feature gate
+                                      to be enabled.
+                                    type: string
+                                required:
+                                - kind
+                                - name
+                                type: object
+                              resources:
+                                description: 'resources represents the minimum resources
+                                  the volume should have. If RecoverVolumeExpansionFailure
+                                  feature is enabled users are allowed to specify
+                                  resource requirements that are lower than previous
+                                  value but must still be higher than capacity recorded
+                                  in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
+                                properties:
+                                  claims:
+                                    description: "Claims lists the names of resources,
+                                      defined in spec.resourceClaims, that are used
+                                      by this container. \n This is an alpha field
+                                      and requires enabling the DynamicResourceAllocation
+                                      feature gate. \n This field is immutable."
+                                    items:
+                                      description: ResourceClaim references one entry
+                                        in PodSpec.ResourceClaims.
+                                      properties:
+                                        name:
+                                          description: Name must match the name of
+                                            one entry in pod.spec.resourceClaims of
+                                            the Pod where this field is used. It makes
+                                            that resource available inside a container.
+                                          type: string
+                                      required:
+                                      - name
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-map-keys:
+                                    - name
+                                    x-kubernetes-list-type: map
+                                  limits:
+                                    additionalProperties:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                      x-kubernetes-int-or-string: true
+                                    description: 'Limits describes the maximum amount
+                                      of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                                    type: object
+                                  requests:
+                                    additionalProperties:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                      x-kubernetes-int-or-string: true
+                                    description: 'Requests describes the minimum amount
+                                      of compute resources required. If Requests is
+                                      omitted for a container, it defaults to Limits
+                                      if that is explicitly specified, otherwise to
+                                      an implementation-defined value. More info:
+                                      https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                                    type: object
+                                type: object
+                              selector:
+                                description: selector is a label query over volumes
+                                  to consider for binding.
+                                properties:
+                                  matchExpressions:
+                                    description: matchExpressions is a list of label
+                                      selector requirements. The requirements are
+                                      ANDed.
+                                    items:
+                                      description: A label selector requirement is
+                                        a selector that contains values, a key, and
+                                        an operator that relates the key and values.
+                                      properties:
+                                        key:
+                                          description: key is the label key that the
+                                            selector applies to.
+                                          type: string
+                                        operator:
+                                          description: operator represents a key's
+                                            relationship to a set of values. Valid
+                                            operators are In, NotIn, Exists and DoesNotExist.
+                                          type: string
+                                        values:
+                                          description: values is an array of string
+                                            values. If the operator is In or NotIn,
+                                            the values array must be non-empty. If
+                                            the operator is Exists or DoesNotExist,
+                                            the values array must be empty. This array
+                                            is replaced during a strategic merge patch.
+                                          items:
+                                            type: string
+                                          type: array
+                                      required:
+                                      - key
+                                      - operator
+                                      type: object
+                                    type: array
+                                  matchLabels:
+                                    additionalProperties:
+                                      type: string
+                                    description: matchLabels is a map of {key,value}
+                                      pairs. A single {key,value} in the matchLabels
+                                      map is equivalent to an element of matchExpressions,
+                                      whose key field is "key", the operator is "In",
+                                      and the values array contains only "value".
+                                      The requirements are ANDed.
+                                    type: object
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              storageClassName:
+                                description: 'storageClassName is the name of the
+                                  StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+                                type: string
+                              volumeMode:
+                                description: volumeMode defines what type of volume
+                                  is required by the claim. Value of Filesystem is
+                                  implied when not included in claim spec.
+                                type: string
+                              volumeName:
+                                description: volumeName is the binding reference to
+                                  the PersistentVolume backing this claim.
+                                type: string
+                            type: object
+                        required:
+                        - spec
+                        type: object
+                    type: object
+                  volumeClaimTemplate:
+                    description: A PVC spec to be used by the StatefulSet. The easiest
+                      way to use a volume that cannot be automatically provisioned
+                      (for whatever reason) is to use a label selector alongside manually
+                      created PersistentVolumes.
+                    properties:
+                      apiVersion:
+                        description: 'APIVersion defines the versioned schema of this
+                          representation of an object. Servers should convert recognized
+                          schemas to the latest internal value, and may reject unrecognized
+                          values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+                        type: string
+                      kind:
+                        description: 'Kind is a string value representing the REST
+                          resource this object represents. Servers may infer this
+                          from the endpoint the client submits requests to. Cannot
+                          be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+                        type: string
+                      metadata:
+                        description: EmbeddedMetadata contains metadata relevant to
+                          an EmbeddedResource.
+                        properties:
+                          annotations:
+                            additionalProperties:
+                              type: string
+                            description: 'Annotations is an unstructured key value
+                              map stored with a resource that may be set by external
+                              tools to store and retrieve arbitrary metadata. They
+                              are not queryable and should be preserved when modifying
+                              objects. More info: http://kubernetes.io/docs/user-guide/annotations'
+                            type: object
+                          labels:
+                            additionalProperties:
+                              type: string
+                            description: 'Map of string keys and values that can be
+                              used to organize and categorize (scope and select) objects.
+                              May match selectors of replication controllers and services.
+                              More info: http://kubernetes.io/docs/user-guide/labels'
+                            type: object
+                          name:
+                            description: 'Name must be unique within a namespace.
+                              Is required when creating resources, although some resources
+                              may allow a client to request the generation of an appropriate
+                              name automatically. Name is primarily intended for creation
+                              idempotence and configuration definition. Cannot be
+                              updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
+                            type: string
+                        type: object
+                      spec:
+                        description: 'Spec defines the desired characteristics of
+                          a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+                        properties:
+                          accessModes:
+                            description: 'accessModes contains the desired access
+                              modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
+                            items:
+                              type: string
+                            type: array
+                          dataSource:
+                            description: 'dataSource field can be used to specify
+                              either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
+                              * An existing PVC (PersistentVolumeClaim) If the provisioner
+                              or an external controller can support the specified
+                              data source, it will create a new volume based on the
+                              contents of the specified data source. When the AnyVolumeDataSource
+                              feature gate is enabled, dataSource contents will be
+                              copied to dataSourceRef, and dataSourceRef contents
+                              will be copied to dataSource when dataSourceRef.namespace
+                              is not specified. If the namespace is specified, then
+                              dataSourceRef will not be copied to dataSource.'
+                            properties:
+                              apiGroup:
+                                description: APIGroup is the group for the resource
+                                  being referenced. If APIGroup is not specified,
+                                  the specified Kind must be in the core API group.
+                                  For any other third-party types, APIGroup is required.
+                                type: string
+                              kind:
+                                description: Kind is the type of resource being referenced
+                                type: string
+                              name:
+                                description: Name is the name of resource being referenced
+                                type: string
+                            required:
+                            - kind
+                            - name
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          dataSourceRef:
+                            description: 'dataSourceRef specifies the object from
+                              which to populate the volume with data, if a non-empty
+                              volume is desired. This may be any object from a non-empty
+                              API group (non core object) or a PersistentVolumeClaim
+                              object. When this field is specified, volume binding
+                              will only succeed if the type of the specified object
+                              matches some installed volume populator or dynamic provisioner.
+                              This field will replace the functionality of the dataSource
+                              field and as such if both fields are non-empty, they
+                              must have the same value. For backwards compatibility,
+                              when namespace isn''t specified in dataSourceRef, both
+                              fields (dataSource and dataSourceRef) will be set to
+                              the same value automatically if one of them is empty
+                              and the other is non-empty. When namespace is specified
+                              in dataSourceRef, dataSource isn''t set to the same
+                              value and must be empty. There are three important differences
+                              between dataSource and dataSourceRef: * While dataSource
+                              only allows two specific types of objects, dataSourceRef
+                              allows any non-core object, as well as PersistentVolumeClaim
+                              objects. * While dataSource ignores disallowed values
+                              (dropping them), dataSourceRef preserves all values,
+                              and generates an error if a disallowed value is specified.
+                              * While dataSource only allows local objects, dataSourceRef
+                              allows objects in any namespaces. (Beta) Using this
+                              field requires the AnyVolumeDataSource feature gate
+                              to be enabled. (Alpha) Using the namespace field of
+                              dataSourceRef requires the CrossNamespaceVolumeDataSource
+                              feature gate to be enabled.'
+                            properties:
+                              apiGroup:
+                                description: APIGroup is the group for the resource
+                                  being referenced. If APIGroup is not specified,
+                                  the specified Kind must be in the core API group.
+                                  For any other third-party types, APIGroup is required.
+                                type: string
+                              kind:
+                                description: Kind is the type of resource being referenced
+                                type: string
+                              name:
+                                description: Name is the name of resource being referenced
+                                type: string
+                              namespace:
+                                description: Namespace is the namespace of resource
+                                  being referenced Note that when a namespace is specified,
+                                  a gateway.networking.k8s.io/ReferenceGrant object
+                                  is required in the referent namespace to allow that
+                                  namespace's owner to accept the reference. See the
+                                  ReferenceGrant documentation for details. (Alpha)
+                                  This field requires the CrossNamespaceVolumeDataSource
+                                  feature gate to be enabled.
+                                type: string
+                            required:
+                            - kind
+                            - name
+                            type: object
+                          resources:
+                            description: 'resources represents the minimum resources
+                              the volume should have. If RecoverVolumeExpansionFailure
+                              feature is enabled users are allowed to specify resource
+                              requirements that are lower than previous value but
+                              must still be higher than capacity recorded in the status
+                              field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
+                            properties:
+                              claims:
+                                description: "Claims lists the names of resources,
+                                  defined in spec.resourceClaims, that are used by
+                                  this container. \n This is an alpha field and requires
+                                  enabling the DynamicResourceAllocation feature gate.
+                                  \n This field is immutable."
+                                items:
+                                  description: ResourceClaim references one entry
+                                    in PodSpec.ResourceClaims.
+                                  properties:
+                                    name:
+                                      description: Name must match the name of one
+                                        entry in pod.spec.resourceClaims of the Pod
+                                        where this field is used. It makes that resource
+                                        available inside a container.
+                                      type: string
+                                  required:
+                                  - name
+                                  type: object
+                                type: array
+                                x-kubernetes-list-map-keys:
+                                - name
+                                x-kubernetes-list-type: map
+                              limits:
+                                additionalProperties:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                description: 'Limits describes the maximum amount
+                                  of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                                type: object
+                              requests:
+                                additionalProperties:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                description: 'Requests describes the minimum amount
+                                  of compute resources required. If Requests is omitted
+                                  for a container, it defaults to Limits if that is
+                                  explicitly specified, otherwise to an implementation-defined
+                                  value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                                type: object
+                            type: object
+                          selector:
+                            description: selector is a label query over volumes to
+                              consider for binding.
+                            properties:
+                              matchExpressions:
+                                description: matchExpressions is a list of label selector
+                                  requirements. The requirements are ANDed.
+                                items:
+                                  description: A label selector requirement is a selector
+                                    that contains values, a key, and an operator that
+                                    relates the key and values.
+                                  properties:
+                                    key:
+                                      description: key is the label key that the selector
+                                        applies to.
+                                      type: string
+                                    operator:
+                                      description: operator represents a key's relationship
+                                        to a set of values. Valid operators are In,
+                                        NotIn, Exists and DoesNotExist.
+                                      type: string
+                                    values:
+                                      description: values is an array of string values.
+                                        If the operator is In or NotIn, the values
+                                        array must be non-empty. If the operator is
+                                        Exists or DoesNotExist, the values array must
+                                        be empty. This array is replaced during a
+                                        strategic merge patch.
+                                      items:
+                                        type: string
+                                      type: array
+                                  required:
+                                  - key
+                                  - operator
+                                  type: object
+                                type: array
+                              matchLabels:
+                                additionalProperties:
+                                  type: string
+                                description: matchLabels is a map of {key,value} pairs.
+                                  A single {key,value} in the matchLabels map is equivalent
+                                  to an element of matchExpressions, whose key field
+                                  is "key", the operator is "In", and the values array
+                                  contains only "value". The requirements are ANDed.
+                                type: object
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          storageClassName:
+                            description: 'storageClassName is the name of the StorageClass
+                              required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+                            type: string
+                          volumeMode:
+                            description: volumeMode defines what type of volume is
+                              required by the claim. Value of Filesystem is implied
+                              when not included in claim spec.
+                            type: string
+                          volumeName:
+                            description: volumeName is the binding reference to the
+                              PersistentVolume backing this claim.
+                            type: string
+                        type: object
+                      status:
+                        description: 'Status represents the current information/status
+                          of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+                        properties:
+                          accessModes:
+                            description: 'accessModes contains the actual access modes
+                              the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
+                            items:
+                              type: string
+                            type: array
+                          allocatedResources:
+                            additionalProperties:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                              x-kubernetes-int-or-string: true
+                            description: allocatedResources is the storage resource
+                              within AllocatedResources tracks the capacity allocated
+                              to a PVC. It may be larger than the actual capacity
+                              when a volume expansion operation is requested. For
+                              storage quota, the larger value from allocatedResources
+                              and PVC.spec.resources is used. If allocatedResources
+                              is not set, PVC.spec.resources alone is used for quota
+                              calculation. If a volume expansion capacity request
+                              is lowered, allocatedResources is only lowered if there
+                              are no expansion operations in progress and if the actual
+                              volume capacity is equal or lower than the requested
+                              capacity. This is an alpha field and requires enabling
+                              RecoverVolumeExpansionFailure feature.
+                            type: object
+                          capacity:
+                            additionalProperties:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                              x-kubernetes-int-or-string: true
+                            description: capacity represents the actual resources
+                              of the underlying volume.
+                            type: object
+                          conditions:
+                            description: conditions is the current Condition of persistent
+                              volume claim. If underlying persistent volume is being
+                              resized then the Condition will be set to 'ResizeStarted'.
+                            items:
+                              description: PersistentVolumeClaimCondition contails
+                                details about state of pvc
+                              properties:
+                                lastProbeTime:
+                                  description: lastProbeTime is the time we probed
+                                    the condition.
+                                  format: date-time
+                                  type: string
+                                lastTransitionTime:
+                                  description: lastTransitionTime is the time the
+                                    condition transitioned from one status to another.
+                                  format: date-time
+                                  type: string
+                                message:
+                                  description: message is the human-readable message
+                                    indicating details about last transition.
+                                  type: string
+                                reason:
+                                  description: reason is a unique, this should be
+                                    a short, machine understandable string that gives
+                                    the reason for condition's last transition. If
+                                    it reports "ResizeStarted" that means the underlying
+                                    persistent volume is being resized.
+                                  type: string
+                                status:
+                                  type: string
+                                type:
+                                  description: PersistentVolumeClaimConditionType
+                                    is a valid value of PersistentVolumeClaimCondition.Type
+                                  type: string
+                              required:
+                              - status
+                              - type
+                              type: object
+                            type: array
+                          phase:
+                            description: phase represents the current phase of PersistentVolumeClaim.
+                            type: string
+                          resizeStatus:
+                            description: resizeStatus stores status of resize operation.
+                              ResizeStatus is not set by default but when expansion
+                              is complete resizeStatus is set to empty string by resize
+                              controller or kubelet. This is an alpha field and requires
+                              enabling RecoverVolumeExpansionFailure feature.
+                            type: string
+                        type: object
+                    type: object
+                type: object
+              tag:
+                description: 'Tag of Alertmanager container image to be deployed.
+                  Defaults to the value of `version`. Version is ignored if Tag is
+                  set. Deprecated: use ''image'' instead.  The image tag can be specified
+                  as part of the image URL.'
+                type: string
+              tolerations:
+                description: If specified, the pod's tolerations.
+                items:
+                  description: The pod this Toleration is attached to tolerates any
+                    taint that matches the triple <key,value,effect> using the matching
+                    operator <operator>.
+                  properties:
+                    effect:
+                      description: Effect indicates the taint effect to match. Empty
+                        means match all taint effects. When specified, allowed values
+                        are NoSchedule, PreferNoSchedule and NoExecute.
+                      type: string
+                    key:
+                      description: Key is the taint key that the toleration applies
+                        to. Empty means match all taint keys. If the key is empty,
+                        operator must be Exists; this combination means to match all
+                        values and all keys.
+                      type: string
+                    operator:
+                      description: Operator represents a key's relationship to the
+                        value. Valid operators are Exists and Equal. Defaults to Equal.
+                        Exists is equivalent to wildcard for value, so that a pod
+                        can tolerate all taints of a particular category.
+                      type: string
+                    tolerationSeconds:
+                      description: TolerationSeconds represents the period of time
+                        the toleration (which must be of effect NoExecute, otherwise
+                        this field is ignored) tolerates the taint. By default, it
+                        is not set, which means tolerate the taint forever (do not
+                        evict). Zero and negative values will be treated as 0 (evict
+                        immediately) by the system.
+                      format: int64
+                      type: integer
+                    value:
+                      description: Value is the taint value the toleration matches
+                        to. If the operator is Exists, the value should be empty,
+                        otherwise just a regular string.
+                      type: string
+                  type: object
+                type: array
+              topologySpreadConstraints:
+                description: If specified, the pod's topology spread constraints.
+                items:
+                  description: TopologySpreadConstraint specifies how to spread matching
+                    pods among the given topology.
+                  properties:
+                    labelSelector:
+                      description: LabelSelector is used to find matching pods. Pods
+                        that match this label selector are counted to determine the
+                        number of pods in their corresponding topology domain.
+                      properties:
+                        matchExpressions:
+                          description: matchExpressions is a list of label selector
+                            requirements. The requirements are ANDed.
+                          items:
+                            description: A label selector requirement is a selector
+                              that contains values, a key, and an operator that relates
+                              the key and values.
+                            properties:
+                              key:
+                                description: key is the label key that the selector
+                                  applies to.
+                                type: string
+                              operator:
+                                description: operator represents a key's relationship
+                                  to a set of values. Valid operators are In, NotIn,
+                                  Exists and DoesNotExist.
+                                type: string
+                              values:
+                                description: values is an array of string values.
+                                  If the operator is In or NotIn, the values array
+                                  must be non-empty. If the operator is Exists or
+                                  DoesNotExist, the values array must be empty. This
+                                  array is replaced during a strategic merge patch.
+                                items:
+                                  type: string
+                                type: array
+                            required:
+                            - key
+                            - operator
+                            type: object
+                          type: array
+                        matchLabels:
+                          additionalProperties:
+                            type: string
+                          description: matchLabels is a map of {key,value} pairs.
+                            A single {key,value} in the matchLabels map is equivalent
+                            to an element of matchExpressions, whose key field is
+                            "key", the operator is "In", and the values array contains
+                            only "value". The requirements are ANDed.
+                          type: object
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    matchLabelKeys:
+                      description: MatchLabelKeys is a set of pod label keys to select
+                        the pods over which spreading will be calculated. The keys
+                        are used to lookup values from the incoming pod labels, those
+                        key-value labels are ANDed with labelSelector to select the
+                        group of existing pods over which spreading will be calculated
+                        for the incoming pod. Keys that don't exist in the incoming
+                        pod labels will be ignored. A null or empty list means only
+                        match against labelSelector.
+                      items:
+                        type: string
+                      type: array
+                      x-kubernetes-list-type: atomic
+                    maxSkew:
+                      description: 'MaxSkew describes the degree to which pods may
+                        be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`,
+                        it is the maximum permitted difference between the number
+                        of matching pods in the target topology and the global minimum.
+                        The global minimum is the minimum number of matching pods
+                        in an eligible domain or zero if the number of eligible domains
+                        is less than MinDomains. For example, in a 3-zone cluster,
+                        MaxSkew is set to 1, and pods with the same labelSelector
+                        spread as 2/2/1: In this case, the global minimum is 1. |
+                        zone1 | zone2 | zone3 | |  P P  |  P P  |   P   | - if MaxSkew
+                        is 1, incoming pod can only be scheduled to zone3 to become
+                        2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1)
+                        on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming
+                        pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`,
+                        it is used to give higher precedence to topologies that satisfy
+                        it. It''s a required field. Default value is 1 and 0 is not
+                        allowed.'
+                      format: int32
+                      type: integer
+                    minDomains:
+                      description: "MinDomains indicates a minimum number of eligible
+                        domains. When the number of eligible domains with matching
+                        topology keys is less than minDomains, Pod Topology Spread
+                        treats \"global minimum\" as 0, and then the calculation of
+                        Skew is performed. And when the number of eligible domains
+                        with matching topology keys equals or greater than minDomains,
+                        this value has no effect on scheduling. As a result, when
+                        the number of eligible domains is less than minDomains, scheduler
+                        won't schedule more than maxSkew Pods to those domains. If
+                        value is nil, the constraint behaves as if MinDomains is equal
+                        to 1. Valid values are integers greater than 0. When value
+                        is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For
+                        example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains
+                        is set to 5 and pods with the same labelSelector spread as
+                        2/2/2: | zone1 | zone2 | zone3 | |  P P  |  P P  |  P P  |
+                        The number of domains is less than 5(MinDomains), so \"global
+                        minimum\" is treated as 0. In this situation, new pod with
+                        the same labelSelector cannot be scheduled, because computed
+                        skew will be 3(3 - 0) if new Pod is scheduled to any of the
+                        three zones, it will violate MaxSkew. \n This is a beta field
+                        and requires the MinDomainsInPodTopologySpread feature gate
+                        to be enabled (enabled by default)."
+                      format: int32
+                      type: integer
+                    nodeAffinityPolicy:
+                      description: "NodeAffinityPolicy indicates how we will treat
+                        Pod's nodeAffinity/nodeSelector when calculating pod topology
+                        spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector
+                        are included in the calculations. - Ignore: nodeAffinity/nodeSelector
+                        are ignored. All nodes are included in the calculations. \n
+                        If this value is nil, the behavior is equivalent to the Honor
+                        policy. This is a beta-level feature default enabled by the
+                        NodeInclusionPolicyInPodTopologySpread feature flag."
+                      type: string
+                    nodeTaintsPolicy:
+                      description: "NodeTaintsPolicy indicates how we will treat node
+                        taints when calculating pod topology spread skew. Options
+                        are: - Honor: nodes without taints, along with tainted nodes
+                        for which the incoming pod has a toleration, are included.
+                        - Ignore: node taints are ignored. All nodes are included.
+                        \n If this value is nil, the behavior is equivalent to the
+                        Ignore policy. This is a beta-level feature default enabled
+                        by the NodeInclusionPolicyInPodTopologySpread feature flag."
+                      type: string
+                    topologyKey:
+                      description: TopologyKey is the key of node labels. Nodes that
+                        have a label with this key and identical values are considered
+                        to be in the same topology. We consider each <key, value>
+                        as a "bucket", and try to put balanced number of pods into
+                        each bucket. We define a domain as a particular instance of
+                        a topology. Also, we define an eligible domain as a domain
+                        whose nodes meet the requirements of nodeAffinityPolicy and
+                        nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname",
+                        each Node is a domain of that topology. And, if TopologyKey
+                        is "topology.kubernetes.io/zone", each zone is a domain of
+                        that topology. It's a required field.
+                      type: string
+                    whenUnsatisfiable:
+                      description: 'WhenUnsatisfiable indicates how to deal with a
+                        pod if it doesn''t satisfy the spread constraint. - DoNotSchedule
+                        (default) tells the scheduler not to schedule it. - ScheduleAnyway
+                        tells the scheduler to schedule the pod in any location, but
+                        giving higher precedence to topologies that would help reduce
+                        the skew. A constraint is considered "Unsatisfiable" for an
+                        incoming pod if and only if every possible node assignment
+                        for that pod would violate "MaxSkew" on some topology. For
+                        example, in a 3-zone cluster, MaxSkew is set to 1, and pods
+                        with the same labelSelector spread as 3/1/1: | zone1 | zone2
+                        | zone3 | | P P P |   P   |   P   | If WhenUnsatisfiable is
+                        set to DoNotSchedule, incoming pod can only be scheduled to
+                        zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on
+                        zone2(zone3) satisfies MaxSkew(1). In other words, the cluster
+                        can still be imbalanced, but scheduler won''t make it *more*
+                        imbalanced. It''s a required field.'
+                      type: string
+                  required:
+                  - maxSkew
+                  - topologyKey
+                  - whenUnsatisfiable
+                  type: object
+                type: array
+              version:
+                description: Version the cluster should be on.
+                type: string
+              volumeMounts:
+                description: VolumeMounts allows configuration of additional VolumeMounts
+                  on the output StatefulSet definition. VolumeMounts specified will
+                  be appended to other VolumeMounts in the alertmanager container,
+                  that are generated as a result of StorageSpec objects.
+                items:
+                  description: VolumeMount describes a mounting of a Volume within
+                    a container.
+                  properties:
+                    mountPath:
+                      description: Path within the container at which the volume should
+                        be mounted.  Must not contain ':'.
+                      type: string
+                    mountPropagation:
+                      description: mountPropagation determines how mounts are propagated
+                        from the host to container and the other way around. When
+                        not set, MountPropagationNone is used. This field is beta
+                        in 1.10.
+                      type: string
+                    name:
+                      description: This must match the Name of a Volume.
+                      type: string
+                    readOnly:
+                      description: Mounted read-only if true, read-write otherwise
+                        (false or unspecified). Defaults to false.
+                      type: boolean
+                    subPath:
+                      description: Path within the volume from which the container's
+                        volume should be mounted. Defaults to "" (volume's root).
+                      type: string
+                    subPathExpr:
+                      description: Expanded path within the volume from which the
+                        container's volume should be mounted. Behaves similarly to
+                        SubPath but environment variable references $(VAR_NAME) are
+                        expanded using the container's environment. Defaults to ""
+                        (volume's root). SubPathExpr and SubPath are mutually exclusive.
+                      type: string
+                  required:
+                  - mountPath
+                  - name
+                  type: object
+                type: array
+              volumes:
+                description: Volumes allows configuration of additional volumes on
+                  the output StatefulSet definition. Volumes specified will be appended
+                  to other volumes that are generated as a result of StorageSpec objects.
+                items:
+                  description: Volume represents a named volume in a pod that may
+                    be accessed by any container in the pod.
+                  properties:
+                    awsElasticBlockStore:
+                      description: 'awsElasticBlockStore represents an AWS Disk resource
+                        that is attached to a kubelet''s host machine and then exposed
+                        to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+                      properties:
+                        fsType:
+                          description: 'fsType is the filesystem type of the volume
+                            that you want to mount. Tip: Ensure that the filesystem
+                            type is supported by the host operating system. Examples:
+                            "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
+                            if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+                            TODO: how do we prevent errors in the filesystem from
+                            compromising the machine'
+                          type: string
+                        partition:
+                          description: 'partition is the partition in the volume that
+                            you want to mount. If omitted, the default is to mount
+                            by volume name. Examples: For volume /dev/sda1, you specify
+                            the partition as "1". Similarly, the volume partition
+                            for /dev/sda is "0" (or you can leave the property empty).'
+                          format: int32
+                          type: integer
+                        readOnly:
+                          description: 'readOnly value true will force the readOnly
+                            setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+                          type: boolean
+                        volumeID:
+                          description: 'volumeID is unique ID of the persistent disk
+                            resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+                          type: string
+                      required:
+                      - volumeID
+                      type: object
+                    azureDisk:
+                      description: azureDisk represents an Azure Data Disk mount on
+                        the host and bind mount to the pod.
+                      properties:
+                        cachingMode:
+                          description: 'cachingMode is the Host Caching mode: None,
+                            Read Only, Read Write.'
+                          type: string
+                        diskName:
+                          description: diskName is the Name of the data disk in the
+                            blob storage
+                          type: string
+                        diskURI:
+                          description: diskURI is the URI of data disk in the blob
+                            storage
+                          type: string
+                        fsType:
+                          description: fsType is Filesystem type to mount. Must be
+                            a filesystem type supported by the host operating system.
+                            Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
+                            if unspecified.
+                          type: string
+                        kind:
+                          description: 'kind expected values are Shared: multiple
+                            blob disks per storage account  Dedicated: single blob
+                            disk per storage account  Managed: azure managed data
+                            disk (only in managed availability set). defaults to shared'
+                          type: string
+                        readOnly:
+                          description: readOnly Defaults to false (read/write). ReadOnly
+                            here will force the ReadOnly setting in VolumeMounts.
+                          type: boolean
+                      required:
+                      - diskName
+                      - diskURI
+                      type: object
+                    azureFile:
+                      description: azureFile represents an Azure File Service mount
+                        on the host and bind mount to the pod.
+                      properties:
+                        readOnly:
+                          description: readOnly defaults to false (read/write). ReadOnly
+                            here will force the ReadOnly setting in VolumeMounts.
+                          type: boolean
+                        secretName:
+                          description: secretName is the  name of secret that contains
+                            Azure Storage Account Name and Key
+                          type: string
+                        shareName:
+                          description: shareName is the azure share Name
+                          type: string
+                      required:
+                      - secretName
+                      - shareName
+                      type: object
+                    cephfs:
+                      description: cephFS represents a Ceph FS mount on the host that
+                        shares a pod's lifetime
+                      properties:
+                        monitors:
+                          description: 'monitors is Required: Monitors is a collection
+                            of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                          items:
+                            type: string
+                          type: array
+                        path:
+                          description: 'path is Optional: Used as the mounted root,
+                            rather than the full Ceph tree, default is /'
+                          type: string
+                        readOnly:
+                          description: 'readOnly is Optional: Defaults to false (read/write).
+                            ReadOnly here will force the ReadOnly setting in VolumeMounts.
+                            More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                          type: boolean
+                        secretFile:
+                          description: 'secretFile is Optional: SecretFile is the
+                            path to key ring for User, default is /etc/ceph/user.secret
+                            More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                          type: string
+                        secretRef:
+                          description: 'secretRef is Optional: SecretRef is reference
+                            to the authentication secret for User, default is empty.
+                            More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                          properties:
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        user:
+                          description: 'user is optional: User is the rados user name,
+                            default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                          type: string
+                      required:
+                      - monitors
+                      type: object
+                    cinder:
+                      description: 'cinder represents a cinder volume attached and
+                        mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+                      properties:
+                        fsType:
+                          description: 'fsType is the filesystem type to mount. Must
+                            be a filesystem type supported by the host operating system.
+                            Examples: "ext4", "xfs", "ntfs". Implicitly inferred to
+                            be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+                          type: string
+                        readOnly:
+                          description: 'readOnly defaults to false (read/write). ReadOnly
+                            here will force the ReadOnly setting in VolumeMounts.
+                            More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+                          type: boolean
+                        secretRef:
+                          description: 'secretRef is optional: points to a secret
+                            object containing parameters used to connect to OpenStack.'
+                          properties:
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        volumeID:
+                          description: 'volumeID used to identify the volume in cinder.
+                            More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+                          type: string
+                      required:
+                      - volumeID
+                      type: object
+                    configMap:
+                      description: configMap represents a configMap that should populate
+                        this volume
+                      properties:
+                        defaultMode:
+                          description: 'defaultMode is optional: mode bits used to
+                            set permissions on created files by default. Must be an
+                            octal value between 0000 and 0777 or a decimal value between
+                            0 and 511. YAML accepts both octal and decimal values,
+                            JSON requires decimal values for mode bits. Defaults to
+                            0644. Directories within the path are not affected by
+                            this setting. This might be in conflict with other options
+                            that affect the file mode, like fsGroup, and the result
+                            can be other mode bits set.'
+                          format: int32
+                          type: integer
+                        items:
+                          description: items if unspecified, each key-value pair in
+                            the Data field of the referenced ConfigMap will be projected
+                            into the volume as a file whose name is the key and content
+                            is the value. If specified, the listed keys will be projected
+                            into the specified paths, and unlisted keys will not be
+                            present. If a key is specified which is not present in
+                            the ConfigMap, the volume setup will error unless it is
+                            marked optional. Paths must be relative and may not contain
+                            the '..' path or start with '..'.
+                          items:
+                            description: Maps a string key to a path within a volume.
+                            properties:
+                              key:
+                                description: key is the key to project.
+                                type: string
+                              mode:
+                                description: 'mode is Optional: mode bits used to
+                                  set permissions on this file. Must be an octal value
+                                  between 0000 and 0777 or a decimal value between
+                                  0 and 511. YAML accepts both octal and decimal values,
+                                  JSON requires decimal values for mode bits. If not
+                                  specified, the volume defaultMode will be used.
+                                  This might be in conflict with other options that
+                                  affect the file mode, like fsGroup, and the result
+                                  can be other mode bits set.'
+                                format: int32
+                                type: integer
+                              path:
+                                description: path is the relative path of the file
+                                  to map the key to. May not be an absolute path.
+                                  May not contain the path element '..'. May not start
+                                  with the string '..'.
+                                type: string
+                            required:
+                            - key
+                            - path
+                            type: object
+                          type: array
+                        name:
+                          description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                            TODO: Add other useful fields. apiVersion, kind, uid?'
+                          type: string
+                        optional:
+                          description: optional specify whether the ConfigMap or its
+                            keys must be defined
+                          type: boolean
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    csi:
+                      description: csi (Container Storage Interface) represents ephemeral
+                        storage that is handled by certain external CSI drivers (Beta
+                        feature).
+                      properties:
+                        driver:
+                          description: driver is the name of the CSI driver that handles
+                            this volume. Consult with your admin for the correct name
+                            as registered in the cluster.
+                          type: string
+                        fsType:
+                          description: fsType to mount. Ex. "ext4", "xfs", "ntfs".
+                            If not provided, the empty value is passed to the associated
+                            CSI driver which will determine the default filesystem
+                            to apply.
+                          type: string
+                        nodePublishSecretRef:
+                          description: nodePublishSecretRef is a reference to the
+                            secret object containing sensitive information to pass
+                            to the CSI driver to complete the CSI NodePublishVolume
+                            and NodeUnpublishVolume calls. This field is optional,
+                            and  may be empty if no secret is required. If the secret
+                            object contains more than one secret, all secret references
+                            are passed.
+                          properties:
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        readOnly:
+                          description: readOnly specifies a read-only configuration
+                            for the volume. Defaults to false (read/write).
+                          type: boolean
+                        volumeAttributes:
+                          additionalProperties:
+                            type: string
+                          description: volumeAttributes stores driver-specific properties
+                            that are passed to the CSI driver. Consult your driver's
+                            documentation for supported values.
+                          type: object
+                      required:
+                      - driver
+                      type: object
+                    downwardAPI:
+                      description: downwardAPI represents downward API about the pod
+                        that should populate this volume
+                      properties:
+                        defaultMode:
+                          description: 'Optional: mode bits to use on created files
+                            by default. Must be a Optional: mode bits used to set
+                            permissions on created files by default. Must be an octal
+                            value between 0000 and 0777 or a decimal value between
+                            0 and 511. YAML accepts both octal and decimal values,
+                            JSON requires decimal values for mode bits. Defaults to
+                            0644. Directories within the path are not affected by
+                            this setting. This might be in conflict with other options
+                            that affect the file mode, like fsGroup, and the result
+                            can be other mode bits set.'
+                          format: int32
+                          type: integer
+                        items:
+                          description: Items is a list of downward API volume file
+                          items:
+                            description: DownwardAPIVolumeFile represents information
+                              to create the file containing the pod field
+                            properties:
+                              fieldRef:
+                                description: 'Required: Selects a field of the pod:
+                                  only annotations, labels, name and namespace are
+                                  supported.'
+                                properties:
+                                  apiVersion:
+                                    description: Version of the schema the FieldPath
+                                      is written in terms of, defaults to "v1".
+                                    type: string
+                                  fieldPath:
+                                    description: Path of the field to select in the
+                                      specified API version.
+                                    type: string
+                                required:
+                                - fieldPath
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              mode:
+                                description: 'Optional: mode bits used to set permissions
+                                  on this file, must be an octal value between 0000
+                                  and 0777 or a decimal value between 0 and 511. YAML
+                                  accepts both octal and decimal values, JSON requires
+                                  decimal values for mode bits. If not specified,
+                                  the volume defaultMode will be used. This might
+                                  be in conflict with other options that affect the
+                                  file mode, like fsGroup, and the result can be other
+                                  mode bits set.'
+                                format: int32
+                                type: integer
+                              path:
+                                description: 'Required: Path is  the relative path
+                                  name of the file to be created. Must not be absolute
+                                  or contain the ''..'' path. Must be utf-8 encoded.
+                                  The first item of the relative path must not start
+                                  with ''..'''
+                                type: string
+                              resourceFieldRef:
+                                description: 'Selects a resource of the container:
+                                  only resources limits and requests (limits.cpu,
+                                  limits.memory, requests.cpu and requests.memory)
+                                  are currently supported.'
+                                properties:
+                                  containerName:
+                                    description: 'Container name: required for volumes,
+                                      optional for env vars'
+                                    type: string
+                                  divisor:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    description: Specifies the output format of the
+                                      exposed resources, defaults to "1"
+                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                    x-kubernetes-int-or-string: true
+                                  resource:
+                                    description: 'Required: resource to select'
+                                    type: string
+                                required:
+                                - resource
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            required:
+                            - path
+                            type: object
+                          type: array
+                      type: object
+                    emptyDir:
+                      description: 'emptyDir represents a temporary directory that
+                        shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+                      properties:
+                        medium:
+                          description: 'medium represents what type of storage medium
+                            should back this directory. The default is "" which means
+                            to use the node''s default medium. Must be an empty string
+                            (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+                          type: string
+                        sizeLimit:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          description: 'sizeLimit is the total amount of local storage
+                            required for this EmptyDir volume. The size limit is also
+                            applicable for memory medium. The maximum usage on memory
+                            medium EmptyDir would be the minimum value between the
+                            SizeLimit specified here and the sum of memory limits
+                            of all containers in a pod. The default is nil which means
+                            that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
+                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                          x-kubernetes-int-or-string: true
+                      type: object
+                    ephemeral:
+                      description: "ephemeral represents a volume that is handled
+                        by a cluster storage driver. The volume's lifecycle is tied
+                        to the pod that defines it - it will be created before the
+                        pod starts, and deleted when the pod is removed. \n Use this
+                        if: a) the volume is only needed while the pod runs, b) features
+                        of normal volumes like restoring from snapshot or capacity
+                        tracking are needed, c) the storage driver is specified through
+                        a storage class, and d) the storage driver supports dynamic
+                        volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource
+                        for more information on the connection between this volume
+                        type and PersistentVolumeClaim). \n Use PersistentVolumeClaim
+                        or one of the vendor-specific APIs for volumes that persist
+                        for longer than the lifecycle of an individual pod. \n Use
+                        CSI for light-weight local ephemeral volumes if the CSI driver
+                        is meant to be used that way - see the documentation of the
+                        driver for more information. \n A pod can use both types of
+                        ephemeral volumes and persistent volumes at the same time."
+                      properties:
+                        volumeClaimTemplate:
+                          description: "Will be used to create a stand-alone PVC to
+                            provision the volume. The pod in which this EphemeralVolumeSource
+                            is embedded will be the owner of the PVC, i.e. the PVC
+                            will be deleted together with the pod.  The name of the
+                            PVC will be `<pod name>-<volume name>` where `<volume
+                            name>` is the name from the `PodSpec.Volumes` array entry.
+                            Pod validation will reject the pod if the concatenated
+                            name is not valid for a PVC (for example, too long). \n
+                            An existing PVC with that name that is not owned by the
+                            pod will *not* be used for the pod to avoid using an unrelated
+                            volume by mistake. Starting the pod is then blocked until
+                            the unrelated PVC is removed. If such a pre-created PVC
+                            is meant to be used by the pod, the PVC has to updated
+                            with an owner reference to the pod once the pod exists.
+                            Normally this should not be necessary, but it may be useful
+                            when manually reconstructing a broken cluster. \n This
+                            field is read-only and no changes will be made by Kubernetes
+                            to the PVC after it has been created. \n Required, must
+                            not be nil."
+                          properties:
+                            metadata:
+                              description: May contain labels and annotations that
+                                will be copied into the PVC when creating it. No other
+                                fields are allowed and will be rejected during validation.
+                              type: object
+                            spec:
+                              description: The specification for the PersistentVolumeClaim.
+                                The entire content is copied unchanged into the PVC
+                                that gets created from this template. The same fields
+                                as in a PersistentVolumeClaim are also valid here.
+                              properties:
+                                accessModes:
+                                  description: 'accessModes contains the desired access
+                                    modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
+                                  items:
+                                    type: string
+                                  type: array
+                                dataSource:
+                                  description: 'dataSource field can be used to specify
+                                    either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
+                                    * An existing PVC (PersistentVolumeClaim) If the
+                                    provisioner or an external controller can support
+                                    the specified data source, it will create a new
+                                    volume based on the contents of the specified
+                                    data source. When the AnyVolumeDataSource feature
+                                    gate is enabled, dataSource contents will be copied
+                                    to dataSourceRef, and dataSourceRef contents will
+                                    be copied to dataSource when dataSourceRef.namespace
+                                    is not specified. If the namespace is specified,
+                                    then dataSourceRef will not be copied to dataSource.'
+                                  properties:
+                                    apiGroup:
+                                      description: APIGroup is the group for the resource
+                                        being referenced. If APIGroup is not specified,
+                                        the specified Kind must be in the core API
+                                        group. For any other third-party types, APIGroup
+                                        is required.
+                                      type: string
+                                    kind:
+                                      description: Kind is the type of resource being
+                                        referenced
+                                      type: string
+                                    name:
+                                      description: Name is the name of resource being
+                                        referenced
+                                      type: string
+                                  required:
+                                  - kind
+                                  - name
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                dataSourceRef:
+                                  description: 'dataSourceRef specifies the object
+                                    from which to populate the volume with data, if
+                                    a non-empty volume is desired. This may be any
+                                    object from a non-empty API group (non core object)
+                                    or a PersistentVolumeClaim object. When this field
+                                    is specified, volume binding will only succeed
+                                    if the type of the specified object matches some
+                                    installed volume populator or dynamic provisioner.
+                                    This field will replace the functionality of the
+                                    dataSource field and as such if both fields are
+                                    non-empty, they must have the same value. For
+                                    backwards compatibility, when namespace isn''t
+                                    specified in dataSourceRef, both fields (dataSource
+                                    and dataSourceRef) will be set to the same value
+                                    automatically if one of them is empty and the
+                                    other is non-empty. When namespace is specified
+                                    in dataSourceRef, dataSource isn''t set to the
+                                    same value and must be empty. There are three
+                                    important differences between dataSource and dataSourceRef:
+                                    * While dataSource only allows two specific types
+                                    of objects, dataSourceRef allows any non-core
+                                    object, as well as PersistentVolumeClaim objects.
+                                    * While dataSource ignores disallowed values (dropping
+                                    them), dataSourceRef preserves all values, and
+                                    generates an error if a disallowed value is specified.
+                                    * While dataSource only allows local objects,
+                                    dataSourceRef allows objects in any namespaces.
+                                    (Beta) Using this field requires the AnyVolumeDataSource
+                                    feature gate to be enabled. (Alpha) Using the
+                                    namespace field of dataSourceRef requires the
+                                    CrossNamespaceVolumeDataSource feature gate to
+                                    be enabled.'
+                                  properties:
+                                    apiGroup:
+                                      description: APIGroup is the group for the resource
+                                        being referenced. If APIGroup is not specified,
+                                        the specified Kind must be in the core API
+                                        group. For any other third-party types, APIGroup
+                                        is required.
+                                      type: string
+                                    kind:
+                                      description: Kind is the type of resource being
+                                        referenced
+                                      type: string
+                                    name:
+                                      description: Name is the name of resource being
+                                        referenced
+                                      type: string
+                                    namespace:
+                                      description: Namespace is the namespace of resource
+                                        being referenced Note that when a namespace
+                                        is specified, a gateway.networking.k8s.io/ReferenceGrant
+                                        object is required in the referent namespace
+                                        to allow that namespace's owner to accept
+                                        the reference. See the ReferenceGrant documentation
+                                        for details. (Alpha) This field requires the
+                                        CrossNamespaceVolumeDataSource feature gate
+                                        to be enabled.
+                                      type: string
+                                  required:
+                                  - kind
+                                  - name
+                                  type: object
+                                resources:
+                                  description: 'resources represents the minimum resources
+                                    the volume should have. If RecoverVolumeExpansionFailure
+                                    feature is enabled users are allowed to specify
+                                    resource requirements that are lower than previous
+                                    value but must still be higher than capacity recorded
+                                    in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
+                                  properties:
+                                    claims:
+                                      description: "Claims lists the names of resources,
+                                        defined in spec.resourceClaims, that are used
+                                        by this container. \n This is an alpha field
+                                        and requires enabling the DynamicResourceAllocation
+                                        feature gate. \n This field is immutable."
+                                      items:
+                                        description: ResourceClaim references one
+                                          entry in PodSpec.ResourceClaims.
+                                        properties:
+                                          name:
+                                            description: Name must match the name
+                                              of one entry in pod.spec.resourceClaims
+                                              of the Pod where this field is used.
+                                              It makes that resource available inside
+                                              a container.
+                                            type: string
+                                        required:
+                                        - name
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-map-keys:
+                                      - name
+                                      x-kubernetes-list-type: map
+                                    limits:
+                                      additionalProperties:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      description: 'Limits describes the maximum amount
+                                        of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                                      type: object
+                                    requests:
+                                      additionalProperties:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      description: 'Requests describes the minimum
+                                        amount of compute resources required. If Requests
+                                        is omitted for a container, it defaults to
+                                        Limits if that is explicitly specified, otherwise
+                                        to an implementation-defined value. More info:
+                                        https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                                      type: object
+                                  type: object
+                                selector:
+                                  description: selector is a label query over volumes
+                                    to consider for binding.
+                                  properties:
+                                    matchExpressions:
+                                      description: matchExpressions is a list of label
+                                        selector requirements. The requirements are
+                                        ANDed.
+                                      items:
+                                        description: A label selector requirement
+                                          is a selector that contains values, a key,
+                                          and an operator that relates the key and
+                                          values.
+                                        properties:
+                                          key:
+                                            description: key is the label key that
+                                              the selector applies to.
+                                            type: string
+                                          operator:
+                                            description: operator represents a key's
+                                              relationship to a set of values. Valid
+                                              operators are In, NotIn, Exists and
+                                              DoesNotExist.
+                                            type: string
+                                          values:
+                                            description: values is an array of string
+                                              values. If the operator is In or NotIn,
+                                              the values array must be non-empty.
+                                              If the operator is Exists or DoesNotExist,
+                                              the values array must be empty. This
+                                              array is replaced during a strategic
+                                              merge patch.
+                                            items:
+                                              type: string
+                                            type: array
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      description: matchLabels is a map of {key,value}
+                                        pairs. A single {key,value} in the matchLabels
+                                        map is equivalent to an element of matchExpressions,
+                                        whose key field is "key", the operator is
+                                        "In", and the values array contains only "value".
+                                        The requirements are ANDed.
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                storageClassName:
+                                  description: 'storageClassName is the name of the
+                                    StorageClass required by the claim. More info:
+                                    https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+                                  type: string
+                                volumeMode:
+                                  description: volumeMode defines what type of volume
+                                    is required by the claim. Value of Filesystem
+                                    is implied when not included in claim spec.
+                                  type: string
+                                volumeName:
+                                  description: volumeName is the binding reference
+                                    to the PersistentVolume backing this claim.
+                                  type: string
+                              type: object
+                          required:
+                          - spec
+                          type: object
+                      type: object
+                    fc:
+                      description: fc represents a Fibre Channel resource that is
+                        attached to a kubelet's host machine and then exposed to the
+                        pod.
+                      properties:
+                        fsType:
+                          description: 'fsType is the filesystem type to mount. Must
+                            be a filesystem type supported by the host operating system.
+                            Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
+                            if unspecified. TODO: how do we prevent errors in the
+                            filesystem from compromising the machine'
+                          type: string
+                        lun:
+                          description: 'lun is Optional: FC target lun number'
+                          format: int32
+                          type: integer
+                        readOnly:
+                          description: 'readOnly is Optional: Defaults to false (read/write).
+                            ReadOnly here will force the ReadOnly setting in VolumeMounts.'
+                          type: boolean
+                        targetWWNs:
+                          description: 'targetWWNs is Optional: FC target worldwide
+                            names (WWNs)'
+                          items:
+                            type: string
+                          type: array
+                        wwids:
+                          description: 'wwids Optional: FC volume world wide identifiers
+                            (wwids) Either wwids or combination of targetWWNs and
+                            lun must be set, but not both simultaneously.'
+                          items:
+                            type: string
+                          type: array
+                      type: object
+                    flexVolume:
+                      description: flexVolume represents a generic volume resource
+                        that is provisioned/attached using an exec based plugin.
+                      properties:
+                        driver:
+                          description: driver is the name of the driver to use for
+                            this volume.
+                          type: string
+                        fsType:
+                          description: fsType is the filesystem type to mount. Must
+                            be a filesystem type supported by the host operating system.
+                            Ex. "ext4", "xfs", "ntfs". The default filesystem depends
+                            on FlexVolume script.
+                          type: string
+                        options:
+                          additionalProperties:
+                            type: string
+                          description: 'options is Optional: this field holds extra
+                            command options if any.'
+                          type: object
+                        readOnly:
+                          description: 'readOnly is Optional: defaults to false (read/write).
+                            ReadOnly here will force the ReadOnly setting in VolumeMounts.'
+                          type: boolean
+                        secretRef:
+                          description: 'secretRef is Optional: secretRef is reference
+                            to the secret object containing sensitive information
+                            to pass to the plugin scripts. This may be empty if no
+                            secret object is specified. If the secret object contains
+                            more than one secret, all secrets are passed to the plugin
+                            scripts.'
+                          properties:
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                      required:
+                      - driver
+                      type: object
+                    flocker:
+                      description: flocker represents a Flocker volume attached to
+                        a kubelet's host machine. This depends on the Flocker control
+                        service being running
+                      properties:
+                        datasetName:
+                          description: datasetName is Name of the dataset stored as
+                            metadata -> name on the dataset for Flocker should be
+                            considered as deprecated
+                          type: string
+                        datasetUUID:
+                          description: datasetUUID is the UUID of the dataset. This
+                            is unique identifier of a Flocker dataset
+                          type: string
+                      type: object
+                    gcePersistentDisk:
+                      description: 'gcePersistentDisk represents a GCE Disk resource
+                        that is attached to a kubelet''s host machine and then exposed
+                        to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+                      properties:
+                        fsType:
+                          description: 'fsType is filesystem type of the volume that
+                            you want to mount. Tip: Ensure that the filesystem type
+                            is supported by the host operating system. Examples: "ext4",
+                            "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+                            More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+                            TODO: how do we prevent errors in the filesystem from
+                            compromising the machine'
+                          type: string
+                        partition:
+                          description: 'partition is the partition in the volume that
+                            you want to mount. If omitted, the default is to mount
+                            by volume name. Examples: For volume /dev/sda1, you specify
+                            the partition as "1". Similarly, the volume partition
+                            for /dev/sda is "0" (or you can leave the property empty).
+                            More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+                          format: int32
+                          type: integer
+                        pdName:
+                          description: 'pdName is unique name of the PD resource in
+                            GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+                          type: string
+                        readOnly:
+                          description: 'readOnly here will force the ReadOnly setting
+                            in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+                          type: boolean
+                      required:
+                      - pdName
+                      type: object
+                    gitRepo:
+                      description: 'gitRepo represents a git repository at a particular
+                        revision. DEPRECATED: GitRepo is deprecated. To provision
+                        a container with a git repo, mount an EmptyDir into an InitContainer
+                        that clones the repo using git, then mount the EmptyDir into
+                        the Pod''s container.'
+                      properties:
+                        directory:
+                          description: directory is the target directory name. Must
+                            not contain or start with '..'.  If '.' is supplied, the
+                            volume directory will be the git repository.  Otherwise,
+                            if specified, the volume will contain the git repository
+                            in the subdirectory with the given name.
+                          type: string
+                        repository:
+                          description: repository is the URL
+                          type: string
+                        revision:
+                          description: revision is the commit hash for the specified
+                            revision.
+                          type: string
+                      required:
+                      - repository
+                      type: object
+                    glusterfs:
+                      description: 'glusterfs represents a Glusterfs mount on the
+                        host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md'
+                      properties:
+                        endpoints:
+                          description: 'endpoints is the endpoint name that details
+                            Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+                          type: string
+                        path:
+                          description: 'path is the Glusterfs volume path. More info:
+                            https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+                          type: string
+                        readOnly:
+                          description: 'readOnly here will force the Glusterfs volume
+                            to be mounted with read-only permissions. Defaults to
+                            false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+                          type: boolean
+                      required:
+                      - endpoints
+                      - path
+                      type: object
+                    hostPath:
+                      description: 'hostPath represents a pre-existing file or directory
+                        on the host machine that is directly exposed to the container.
+                        This is generally used for system agents or other privileged
+                        things that are allowed to see the host machine. Most containers
+                        will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
+                        --- TODO(jonesdl) We need to restrict who can use host directory
+                        mounts and who can/can not mount host directories as read/write.'
+                      properties:
+                        path:
+                          description: 'path of the directory on the host. If the
+                            path is a symlink, it will follow the link to the real
+                            path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
+                          type: string
+                        type:
+                          description: 'type for HostPath Volume Defaults to "" More
+                            info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
+                          type: string
+                      required:
+                      - path
+                      type: object
+                    iscsi:
+                      description: 'iscsi represents an ISCSI Disk resource that is
+                        attached to a kubelet''s host machine and then exposed to
+                        the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
+                      properties:
+                        chapAuthDiscovery:
+                          description: chapAuthDiscovery defines whether support iSCSI
+                            Discovery CHAP authentication
+                          type: boolean
+                        chapAuthSession:
+                          description: chapAuthSession defines whether support iSCSI
+                            Session CHAP authentication
+                          type: boolean
+                        fsType:
+                          description: 'fsType is the filesystem type of the volume
+                            that you want to mount. Tip: Ensure that the filesystem
+                            type is supported by the host operating system. Examples:
+                            "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
+                            if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
+                            TODO: how do we prevent errors in the filesystem from
+                            compromising the machine'
+                          type: string
+                        initiatorName:
+                          description: initiatorName is the custom iSCSI Initiator
+                            Name. If initiatorName is specified with iscsiInterface
+                            simultaneously, new iSCSI interface <target portal>:<volume
+                            name> will be created for the connection.
+                          type: string
+                        iqn:
+                          description: iqn is the target iSCSI Qualified Name.
+                          type: string
+                        iscsiInterface:
+                          description: iscsiInterface is the interface Name that uses
+                            an iSCSI transport. Defaults to 'default' (tcp).
+                          type: string
+                        lun:
+                          description: lun represents iSCSI Target Lun number.
+                          format: int32
+                          type: integer
+                        portals:
+                          description: portals is the iSCSI Target Portal List. The
+                            portal is either an IP or ip_addr:port if the port is
+                            other than default (typically TCP ports 860 and 3260).
+                          items:
+                            type: string
+                          type: array
+                        readOnly:
+                          description: readOnly here will force the ReadOnly setting
+                            in VolumeMounts. Defaults to false.
+                          type: boolean
+                        secretRef:
+                          description: secretRef is the CHAP Secret for iSCSI target
+                            and initiator authentication
+                          properties:
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        targetPortal:
+                          description: targetPortal is iSCSI Target Portal. The Portal
+                            is either an IP or ip_addr:port if the port is other than
+                            default (typically TCP ports 860 and 3260).
+                          type: string
+                      required:
+                      - iqn
+                      - lun
+                      - targetPortal
+                      type: object
+                    name:
+                      description: 'name of the volume. Must be a DNS_LABEL and unique
+                        within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+                      type: string
+                    nfs:
+                      description: 'nfs represents an NFS mount on the host that shares
+                        a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+                      properties:
+                        path:
+                          description: 'path that is exported by the NFS server. More
+                            info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+                          type: string
+                        readOnly:
+                          description: 'readOnly here will force the NFS export to
+                            be mounted with read-only permissions. Defaults to false.
+                            More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+                          type: boolean
+                        server:
+                          description: 'server is the hostname or IP address of the
+                            NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+                          type: string
+                      required:
+                      - path
+                      - server
+                      type: object
+                    persistentVolumeClaim:
+                      description: 'persistentVolumeClaimVolumeSource represents a
+                        reference to a PersistentVolumeClaim in the same namespace.
+                        More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+                      properties:
+                        claimName:
+                          description: 'claimName is the name of a PersistentVolumeClaim
+                            in the same namespace as the pod using this volume. More
+                            info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+                          type: string
+                        readOnly:
+                          description: readOnly Will force the ReadOnly setting in
+                            VolumeMounts. Default false.
+                          type: boolean
+                      required:
+                      - claimName
+                      type: object
+                    photonPersistentDisk:
+                      description: photonPersistentDisk represents a PhotonController
+                        persistent disk attached and mounted on kubelets host machine
+                      properties:
+                        fsType:
+                          description: fsType is the filesystem type to mount. Must
+                            be a filesystem type supported by the host operating system.
+                            Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
+                            if unspecified.
+                          type: string
+                        pdID:
+                          description: pdID is the ID that identifies Photon Controller
+                            persistent disk
+                          type: string
+                      required:
+                      - pdID
+                      type: object
+                    portworxVolume:
+                      description: portworxVolume represents a portworx volume attached
+                        and mounted on kubelets host machine
+                      properties:
+                        fsType:
+                          description: fSType represents the filesystem type to mount
+                            Must be a filesystem type supported by the host operating
+                            system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4"
+                            if unspecified.
+                          type: string
+                        readOnly:
+                          description: readOnly defaults to false (read/write). ReadOnly
+                            here will force the ReadOnly setting in VolumeMounts.
+                          type: boolean
+                        volumeID:
+                          description: volumeID uniquely identifies a Portworx volume
+                          type: string
+                      required:
+                      - volumeID
+                      type: object
+                    projected:
+                      description: projected items for all in one resources secrets,
+                        configmaps, and downward API
+                      properties:
+                        defaultMode:
+                          description: defaultMode are the mode bits used to set permissions
+                            on created files by default. Must be an octal value between
+                            0000 and 0777 or a decimal value between 0 and 511. YAML
+                            accepts both octal and decimal values, JSON requires decimal
+                            values for mode bits. Directories within the path are
+                            not affected by this setting. This might be in conflict
+                            with other options that affect the file mode, like fsGroup,
+                            and the result can be other mode bits set.
+                          format: int32
+                          type: integer
+                        sources:
+                          description: sources is the list of volume projections
+                          items:
+                            description: Projection that may be projected along with
+                              other supported volume types
+                            properties:
+                              configMap:
+                                description: configMap information about the configMap
+                                  data to project
+                                properties:
+                                  items:
+                                    description: items if unspecified, each key-value
+                                      pair in the Data field of the referenced ConfigMap
+                                      will be projected into the volume as a file
+                                      whose name is the key and content is the value.
+                                      If specified, the listed keys will be projected
+                                      into the specified paths, and unlisted keys
+                                      will not be present. If a key is specified which
+                                      is not present in the ConfigMap, the volume
+                                      setup will error unless it is marked optional.
+                                      Paths must be relative and may not contain the
+                                      '..' path or start with '..'.
+                                    items:
+                                      description: Maps a string key to a path within
+                                        a volume.
+                                      properties:
+                                        key:
+                                          description: key is the key to project.
+                                          type: string
+                                        mode:
+                                          description: 'mode is Optional: mode bits
+                                            used to set permissions on this file.
+                                            Must be an octal value between 0000 and
+                                            0777 or a decimal value between 0 and
+                                            511. YAML accepts both octal and decimal
+                                            values, JSON requires decimal values for
+                                            mode bits. If not specified, the volume
+                                            defaultMode will be used. This might be
+                                            in conflict with other options that affect
+                                            the file mode, like fsGroup, and the result
+                                            can be other mode bits set.'
+                                          format: int32
+                                          type: integer
+                                        path:
+                                          description: path is the relative path of
+                                            the file to map the key to. May not be
+                                            an absolute path. May not contain the
+                                            path element '..'. May not start with
+                                            the string '..'.
+                                          type: string
+                                      required:
+                                      - key
+                                      - path
+                                      type: object
+                                    type: array
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: optional specify whether the ConfigMap
+                                      or its keys must be defined
+                                    type: boolean
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              downwardAPI:
+                                description: downwardAPI information about the downwardAPI
+                                  data to project
+                                properties:
+                                  items:
+                                    description: Items is a list of DownwardAPIVolume
+                                      file
+                                    items:
+                                      description: DownwardAPIVolumeFile represents
+                                        information to create the file containing
+                                        the pod field
+                                      properties:
+                                        fieldRef:
+                                          description: 'Required: Selects a field
+                                            of the pod: only annotations, labels,
+                                            name and namespace are supported.'
+                                          properties:
+                                            apiVersion:
+                                              description: Version of the schema the
+                                                FieldPath is written in terms of,
+                                                defaults to "v1".
+                                              type: string
+                                            fieldPath:
+                                              description: Path of the field to select
+                                                in the specified API version.
+                                              type: string
+                                          required:
+                                          - fieldPath
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        mode:
+                                          description: 'Optional: mode bits used to
+                                            set permissions on this file, must be
+                                            an octal value between 0000 and 0777 or
+                                            a decimal value between 0 and 511. YAML
+                                            accepts both octal and decimal values,
+                                            JSON requires decimal values for mode
+                                            bits. If not specified, the volume defaultMode
+                                            will be used. This might be in conflict
+                                            with other options that affect the file
+                                            mode, like fsGroup, and the result can
+                                            be other mode bits set.'
+                                          format: int32
+                                          type: integer
+                                        path:
+                                          description: 'Required: Path is  the relative
+                                            path name of the file to be created. Must
+                                            not be absolute or contain the ''..''
+                                            path. Must be utf-8 encoded. The first
+                                            item of the relative path must not start
+                                            with ''..'''
+                                          type: string
+                                        resourceFieldRef:
+                                          description: 'Selects a resource of the
+                                            container: only resources limits and requests
+                                            (limits.cpu, limits.memory, requests.cpu
+                                            and requests.memory) are currently supported.'
+                                          properties:
+                                            containerName:
+                                              description: 'Container name: required
+                                                for volumes, optional for env vars'
+                                              type: string
+                                            divisor:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              description: Specifies the output format
+                                                of the exposed resources, defaults
+                                                to "1"
+                                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                              x-kubernetes-int-or-string: true
+                                            resource:
+                                              description: 'Required: resource to
+                                                select'
+                                              type: string
+                                          required:
+                                          - resource
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                      required:
+                                      - path
+                                      type: object
+                                    type: array
+                                type: object
+                              secret:
+                                description: secret information about the secret data
+                                  to project
+                                properties:
+                                  items:
+                                    description: items if unspecified, each key-value
+                                      pair in the Data field of the referenced Secret
+                                      will be projected into the volume as a file
+                                      whose name is the key and content is the value.
+                                      If specified, the listed keys will be projected
+                                      into the specified paths, and unlisted keys
+                                      will not be present. If a key is specified which
+                                      is not present in the Secret, the volume setup
+                                      will error unless it is marked optional. Paths
+                                      must be relative and may not contain the '..'
+                                      path or start with '..'.
+                                    items:
+                                      description: Maps a string key to a path within
+                                        a volume.
+                                      properties:
+                                        key:
+                                          description: key is the key to project.
+                                          type: string
+                                        mode:
+                                          description: 'mode is Optional: mode bits
+                                            used to set permissions on this file.
+                                            Must be an octal value between 0000 and
+                                            0777 or a decimal value between 0 and
+                                            511. YAML accepts both octal and decimal
+                                            values, JSON requires decimal values for
+                                            mode bits. If not specified, the volume
+                                            defaultMode will be used. This might be
+                                            in conflict with other options that affect
+                                            the file mode, like fsGroup, and the result
+                                            can be other mode bits set.'
+                                          format: int32
+                                          type: integer
+                                        path:
+                                          description: path is the relative path of
+                                            the file to map the key to. May not be
+                                            an absolute path. May not contain the
+                                            path element '..'. May not start with
+                                            the string '..'.
+                                          type: string
+                                      required:
+                                      - key
+                                      - path
+                                      type: object
+                                    type: array
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: optional field specify whether the
+                                      Secret or its key must be defined
+                                    type: boolean
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              serviceAccountToken:
+                                description: serviceAccountToken is information about
+                                  the serviceAccountToken data to project
+                                properties:
+                                  audience:
+                                    description: audience is the intended audience
+                                      of the token. A recipient of a token must identify
+                                      itself with an identifier specified in the audience
+                                      of the token, and otherwise should reject the
+                                      token. The audience defaults to the identifier
+                                      of the apiserver.
+                                    type: string
+                                  expirationSeconds:
+                                    description: expirationSeconds is the requested
+                                      duration of validity of the service account
+                                      token. As the token approaches expiration, the
+                                      kubelet volume plugin will proactively rotate
+                                      the service account token. The kubelet will
+                                      start trying to rotate the token if the token
+                                      is older than 80 percent of its time to live
+                                      or if the token is older than 24 hours.Defaults
+                                      to 1 hour and must be at least 10 minutes.
+                                    format: int64
+                                    type: integer
+                                  path:
+                                    description: path is the path relative to the
+                                      mount point of the file to project the token
+                                      into.
+                                    type: string
+                                required:
+                                - path
+                                type: object
+                            type: object
+                          type: array
+                      type: object
+                    quobyte:
+                      description: quobyte represents a Quobyte mount on the host
+                        that shares a pod's lifetime
+                      properties:
+                        group:
+                          description: group to map volume access to Default is no
+                            group
+                          type: string
+                        readOnly:
+                          description: readOnly here will force the Quobyte volume
+                            to be mounted with read-only permissions. Defaults to
+                            false.
+                          type: boolean
+                        registry:
+                          description: registry represents a single or multiple Quobyte
+                            Registry services specified as a string as host:port pair
+                            (multiple entries are separated with commas) which acts
+                            as the central registry for volumes
+                          type: string
+                        tenant:
+                          description: tenant owning the given Quobyte volume in the
+                            Backend Used with dynamically provisioned Quobyte volumes,
+                            value is set by the plugin
+                          type: string
+                        user:
+                          description: user to map volume access to Defaults to serivceaccount
+                            user
+                          type: string
+                        volume:
+                          description: volume is a string that references an already
+                            created Quobyte volume by name.
+                          type: string
+                      required:
+                      - registry
+                      - volume
+                      type: object
+                    rbd:
+                      description: 'rbd represents a Rados Block Device mount on the
+                        host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md'
+                      properties:
+                        fsType:
+                          description: 'fsType is the filesystem type of the volume
+                            that you want to mount. Tip: Ensure that the filesystem
+                            type is supported by the host operating system. Examples:
+                            "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
+                            if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
+                            TODO: how do we prevent errors in the filesystem from
+                            compromising the machine'
+                          type: string
+                        image:
+                          description: 'image is the rados image name. More info:
+                            https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                          type: string
+                        keyring:
+                          description: 'keyring is the path to key ring for RBDUser.
+                            Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                          type: string
+                        monitors:
+                          description: 'monitors is a collection of Ceph monitors.
+                            More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                          items:
+                            type: string
+                          type: array
+                        pool:
+                          description: 'pool is the rados pool name. Default is rbd.
+                            More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                          type: string
+                        readOnly:
+                          description: 'readOnly here will force the ReadOnly setting
+                            in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                          type: boolean
+                        secretRef:
+                          description: 'secretRef is name of the authentication secret
+                            for RBDUser. If provided overrides keyring. Default is
+                            nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                          properties:
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        user:
+                          description: 'user is the rados user name. Default is admin.
+                            More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                          type: string
+                      required:
+                      - image
+                      - monitors
+                      type: object
+                    scaleIO:
+                      description: scaleIO represents a ScaleIO persistent volume
+                        attached and mounted on Kubernetes nodes.
+                      properties:
+                        fsType:
+                          description: fsType is the filesystem type to mount. Must
+                            be a filesystem type supported by the host operating system.
+                            Ex. "ext4", "xfs", "ntfs". Default is "xfs".
+                          type: string
+                        gateway:
+                          description: gateway is the host address of the ScaleIO
+                            API Gateway.
+                          type: string
+                        protectionDomain:
+                          description: protectionDomain is the name of the ScaleIO
+                            Protection Domain for the configured storage.
+                          type: string
+                        readOnly:
+                          description: readOnly Defaults to false (read/write). ReadOnly
+                            here will force the ReadOnly setting in VolumeMounts.
+                          type: boolean
+                        secretRef:
+                          description: secretRef references to the secret for ScaleIO
+                            user and other sensitive information. If this is not provided,
+                            Login operation will fail.
+                          properties:
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        sslEnabled:
+                          description: sslEnabled Flag enable/disable SSL communication
+                            with Gateway, default false
+                          type: boolean
+                        storageMode:
+                          description: storageMode indicates whether the storage for
+                            a volume should be ThickProvisioned or ThinProvisioned.
+                            Default is ThinProvisioned.
+                          type: string
+                        storagePool:
+                          description: storagePool is the ScaleIO Storage Pool associated
+                            with the protection domain.
+                          type: string
+                        system:
+                          description: system is the name of the storage system as
+                            configured in ScaleIO.
+                          type: string
+                        volumeName:
+                          description: volumeName is the name of a volume already
+                            created in the ScaleIO system that is associated with
+                            this volume source.
+                          type: string
+                      required:
+                      - gateway
+                      - secretRef
+                      - system
+                      type: object
+                    secret:
+                      description: 'secret represents a secret that should populate
+                        this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+                      properties:
+                        defaultMode:
+                          description: 'defaultMode is Optional: mode bits used to
+                            set permissions on created files by default. Must be an
+                            octal value between 0000 and 0777 or a decimal value between
+                            0 and 511. YAML accepts both octal and decimal values,
+                            JSON requires decimal values for mode bits. Defaults to
+                            0644. Directories within the path are not affected by
+                            this setting. This might be in conflict with other options
+                            that affect the file mode, like fsGroup, and the result
+                            can be other mode bits set.'
+                          format: int32
+                          type: integer
+                        items:
+                          description: items If unspecified, each key-value pair in
+                            the Data field of the referenced Secret will be projected
+                            into the volume as a file whose name is the key and content
+                            is the value. If specified, the listed keys will be projected
+                            into the specified paths, and unlisted keys will not be
+                            present. If a key is specified which is not present in
+                            the Secret, the volume setup will error unless it is marked
+                            optional. Paths must be relative and may not contain the
+                            '..' path or start with '..'.
+                          items:
+                            description: Maps a string key to a path within a volume.
+                            properties:
+                              key:
+                                description: key is the key to project.
+                                type: string
+                              mode:
+                                description: 'mode is Optional: mode bits used to
+                                  set permissions on this file. Must be an octal value
+                                  between 0000 and 0777 or a decimal value between
+                                  0 and 511. YAML accepts both octal and decimal values,
+                                  JSON requires decimal values for mode bits. If not
+                                  specified, the volume defaultMode will be used.
+                                  This might be in conflict with other options that
+                                  affect the file mode, like fsGroup, and the result
+                                  can be other mode bits set.'
+                                format: int32
+                                type: integer
+                              path:
+                                description: path is the relative path of the file
+                                  to map the key to. May not be an absolute path.
+                                  May not contain the path element '..'. May not start
+                                  with the string '..'.
+                                type: string
+                            required:
+                            - key
+                            - path
+                            type: object
+                          type: array
+                        optional:
+                          description: optional field specify whether the Secret or
+                            its keys must be defined
+                          type: boolean
+                        secretName:
+                          description: 'secretName is the name of the secret in the
+                            pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+                          type: string
+                      type: object
+                    storageos:
+                      description: storageOS represents a StorageOS volume attached
+                        and mounted on Kubernetes nodes.
+                      properties:
+                        fsType:
+                          description: fsType is the filesystem type to mount. Must
+                            be a filesystem type supported by the host operating system.
+                            Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
+                            if unspecified.
+                          type: string
+                        readOnly:
+                          description: readOnly defaults to false (read/write). ReadOnly
+                            here will force the ReadOnly setting in VolumeMounts.
+                          type: boolean
+                        secretRef:
+                          description: secretRef specifies the secret to use for obtaining
+                            the StorageOS API credentials.  If not specified, default
+                            values will be attempted.
+                          properties:
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        volumeName:
+                          description: volumeName is the human-readable name of the
+                            StorageOS volume.  Volume names are only unique within
+                            a namespace.
+                          type: string
+                        volumeNamespace:
+                          description: volumeNamespace specifies the scope of the
+                            volume within StorageOS.  If no namespace is specified
+                            then the Pod's namespace will be used.  This allows the
+                            Kubernetes name scoping to be mirrored within StorageOS
+                            for tighter integration. Set VolumeName to any name to
+                            override the default behaviour. Set to "default" if you
+                            are not using namespaces within StorageOS. Namespaces
+                            that do not pre-exist within StorageOS will be created.
+                          type: string
+                      type: object
+                    vsphereVolume:
+                      description: vsphereVolume represents a vSphere volume attached
+                        and mounted on kubelets host machine
+                      properties:
+                        fsType:
+                          description: fsType is filesystem type to mount. Must be
+                            a filesystem type supported by the host operating system.
+                            Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
+                            if unspecified.
+                          type: string
+                        storagePolicyID:
+                          description: storagePolicyID is the storage Policy Based
+                            Management (SPBM) profile ID associated with the StoragePolicyName.
+                          type: string
+                        storagePolicyName:
+                          description: storagePolicyName is the storage Policy Based
+                            Management (SPBM) profile name.
+                          type: string
+                        volumePath:
+                          description: volumePath is the path that identifies vSphere
+                            volume vmdk
+                          type: string
+                      required:
+                      - volumePath
+                      type: object
+                  required:
+                  - name
+                  type: object
+                type: array
+              web:
+                description: Defines the web command line flags when starting Alertmanager.
+                properties:
+                  httpConfig:
+                    description: Defines HTTP parameters for web server.
+                    properties:
+                      headers:
+                        description: List of headers that can be added to HTTP responses.
+                        properties:
+                          contentSecurityPolicy:
+                            description: Set the Content-Security-Policy header to
+                              HTTP responses. Unset if blank.
+                            type: string
+                          strictTransportSecurity:
+                            description: Set the Strict-Transport-Security header
+                              to HTTP responses. Unset if blank. Please make sure
+                              that you use this with care as this header might force
+                              browsers to load Prometheus and the other applications
+                              hosted on the same domain and subdomains over HTTPS.
+                              https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
+                            type: string
+                          xContentTypeOptions:
+                            description: Set the X-Content-Type-Options header to
+                              HTTP responses. Unset if blank. Accepted value is nosniff.
+                              https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
+                            enum:
+                            - ""
+                            - NoSniff
+                            type: string
+                          xFrameOptions:
+                            description: Set the X-Frame-Options header to HTTP responses.
+                              Unset if blank. Accepted values are deny and sameorigin.
+                              https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
+                            enum:
+                            - ""
+                            - Deny
+                            - SameOrigin
+                            type: string
+                          xXSSProtection:
+                            description: Set the X-XSS-Protection header to all responses.
+                              Unset if blank. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
+                            type: string
+                        type: object
+                      http2:
+                        description: Enable HTTP/2 support. Note that HTTP/2 is only
+                          supported with TLS. When TLSConfig is not configured, HTTP/2
+                          will be disabled. Whenever the value of the field changes,
+                          a rolling update will be triggered.
+                        type: boolean
+                    type: object
+                  tlsConfig:
+                    description: Defines the TLS parameters for HTTPS.
+                    properties:
+                      cert:
+                        description: Contains the TLS certificate for the server.
+                        properties:
+                          configMap:
+                            description: ConfigMap containing data to use for the
+                              targets.
+                            properties:
+                              key:
+                                description: The key to select.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the ConfigMap or its
+                                  key must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          secret:
+                            description: Secret containing data to use for the targets.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      cipherSuites:
+                        description: 'List of supported cipher suites for TLS versions
+                          up to TLS 1.2. If empty, Go default cipher suites are used.
+                          Available cipher suites are documented in the go documentation:
+                          https://golang.org/pkg/crypto/tls/#pkg-constants'
+                        items:
+                          type: string
+                        type: array
+                      client_ca:
+                        description: Contains the CA certificate for client certificate
+                          authentication to the server.
+                        properties:
+                          configMap:
+                            description: ConfigMap containing data to use for the
+                              targets.
+                            properties:
+                              key:
+                                description: The key to select.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the ConfigMap or its
+                                  key must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          secret:
+                            description: Secret containing data to use for the targets.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      clientAuthType:
+                        description: 'Server policy for client authentication. Maps
+                          to ClientAuth Policies. For more detail on clientAuth options:
+                          https://golang.org/pkg/crypto/tls/#ClientAuthType'
+                        type: string
+                      curvePreferences:
+                        description: 'Elliptic curves that will be used in an ECDHE
+                          handshake, in preference order. Available curves are documented
+                          in the go documentation: https://golang.org/pkg/crypto/tls/#CurveID'
+                        items:
+                          type: string
+                        type: array
+                      keySecret:
+                        description: Secret containing the TLS key for the server.
+                        properties:
+                          key:
+                            description: The key of the secret to select from.  Must
+                              be a valid secret key.
+                            type: string
+                          name:
+                            description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                              TODO: Add other useful fields. apiVersion, kind, uid?'
+                            type: string
+                          optional:
+                            description: Specify whether the Secret or its key must
+                              be defined
+                            type: boolean
+                        required:
+                        - key
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      maxVersion:
+                        description: Maximum TLS version that is acceptable. Defaults
+                          to TLS13.
+                        type: string
+                      minVersion:
+                        description: Minimum TLS version that is acceptable. Defaults
+                          to TLS12.
+                        type: string
+                      preferServerCipherSuites:
+                        description: Controls whether the server selects the client's
+                          most preferred cipher suite, or the server's most preferred
+                          cipher suite. If true then the server's preference, as expressed
+                          in the order of elements in cipherSuites, is used.
+                        type: boolean
+                    required:
+                    - cert
+                    - keySecret
+                    type: object
+                type: object
+            type: object
+          status:
+            description: 'Most recent observed status of the Alertmanager cluster.
+              Read-only. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
+            properties:
+              availableReplicas:
+                description: Total number of available pods (ready for at least minReadySeconds)
+                  targeted by this Alertmanager cluster.
+                format: int32
+                type: integer
+              conditions:
+                description: The current state of the Alertmanager object.
+                items:
+                  description: Condition represents the state of the resources associated
+                    with the Prometheus or Alertmanager resource.
+                  properties:
+                    lastTransitionTime:
+                      description: lastTransitionTime is the time of the last update
+                        to the current status property.
+                      format: date-time
+                      type: string
+                    message:
+                      description: Human-readable message indicating details for the
+                        condition's last transition.
+                      type: string
+                    observedGeneration:
+                      description: ObservedGeneration represents the .metadata.generation
+                        that the condition was set based upon. For instance, if `.metadata.generation`
+                        is currently 12, but the `.status.conditions[].observedGeneration`
+                        is 9, the condition is out of date with respect to the current
+                        state of the instance.
+                      format: int64
+                      type: integer
+                    reason:
+                      description: Reason for the condition's last transition.
+                      type: string
+                    status:
+                      description: Status of the condition.
+                      type: string
+                    type:
+                      description: Type of the condition being reported.
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - status
+                  - type
+                  type: object
+                type: array
+                x-kubernetes-list-map-keys:
+                - type
+                x-kubernetes-list-type: map
+              paused:
+                description: Represents whether any actions on the underlying managed
+                  objects are being performed. Only delete actions will be performed.
+                type: boolean
+              replicas:
+                description: Total number of non-terminated pods targeted by this
+                  Alertmanager object (their labels match the selector).
+                format: int32
+                type: integer
+              unavailableReplicas:
+                description: Total number of unavailable pods targeted by this Alertmanager
+                  object.
+                format: int32
+                type: integer
+              updatedReplicas:
+                description: Total number of non-terminated pods targeted by this
+                  Alertmanager object that have the desired version spec.
+                format: int32
+                type: integer
+            required:
+            - availableReplicas
+            - paused
+            - replicas
+            - unavailableReplicas
+            - updatedReplicas
+            type: object
+        required:
+        - spec
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-podmonitors.yaml b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-podmonitors.yaml
new file mode 100644
index 000000000..f3dfc4284
--- /dev/null
+++ b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-podmonitors.yaml
@@ -0,0 +1,666 @@
+# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.11.1
+  creationTimestamp: null
+  name: podmonitors.monitoring.coreos.com
+spec:
+  group: monitoring.coreos.com
+  names:
+    categories:
+    - prometheus-operator
+    kind: PodMonitor
+    listKind: PodMonitorList
+    plural: podmonitors
+    shortNames:
+    - pmon
+    singular: podmonitor
+  scope: Namespaced
+  versions:
+  - name: v1
+    schema:
+      openAPIV3Schema:
+        description: PodMonitor defines monitoring for a set of pods.
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: Specification of desired Pod selection for target discovery
+              by Prometheus.
+            properties:
+              attachMetadata:
+                description: Attaches node metadata to discovered targets. Requires
+                  Prometheus v2.35.0 and above.
+                properties:
+                  node:
+                    description: When set to true, Prometheus must have permissions
+                      to get Nodes.
+                    type: boolean
+                type: object
+              jobLabel:
+                description: The label to use to retrieve the job name from.
+                type: string
+              labelLimit:
+                description: Per-scrape limit on number of labels that will be accepted
+                  for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+                format: int64
+                type: integer
+              labelNameLengthLimit:
+                description: Per-scrape limit on length of labels name that will be
+                  accepted for a sample. Only valid in Prometheus versions 2.27.0
+                  and newer.
+                format: int64
+                type: integer
+              labelValueLengthLimit:
+                description: Per-scrape limit on length of labels value that will
+                  be accepted for a sample. Only valid in Prometheus versions 2.27.0
+                  and newer.
+                format: int64
+                type: integer
+              namespaceSelector:
+                description: Selector to select which namespaces the Endpoints objects
+                  are discovered from.
+                properties:
+                  any:
+                    description: Boolean describing whether all namespaces are selected
+                      in contrast to a list restricting them.
+                    type: boolean
+                  matchNames:
+                    description: List of namespace names to select from.
+                    items:
+                      type: string
+                    type: array
+                type: object
+              podMetricsEndpoints:
+                description: A list of endpoints allowed as part of this PodMonitor.
+                items:
+                  description: PodMetricsEndpoint defines a scrapeable endpoint of
+                    a Kubernetes Pod serving Prometheus metrics.
+                  properties:
+                    authorization:
+                      description: Authorization section for this endpoint
+                      properties:
+                        credentials:
+                          description: The secret's key that contains the credentials
+                            of the request
+                          properties:
+                            key:
+                              description: The key of the secret to select from.  Must
+                                be a valid secret key.
+                              type: string
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                            optional:
+                              description: Specify whether the Secret or its key must
+                                be defined
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        type:
+                          description: Set the authentication type. Defaults to Bearer,
+                            Basic will cause an error
+                          type: string
+                      type: object
+                    basicAuth:
+                      description: 'BasicAuth allow an endpoint to authenticate over
+                        basic authentication. More info: https://prometheus.io/docs/operating/configuration/#endpoint'
+                      properties:
+                        password:
+                          description: The secret in the service monitor namespace
+                            that contains the password for authentication.
+                          properties:
+                            key:
+                              description: The key of the secret to select from.  Must
+                                be a valid secret key.
+                              type: string
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                            optional:
+                              description: Specify whether the Secret or its key must
+                                be defined
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        username:
+                          description: The secret in the service monitor namespace
+                            that contains the username for authentication.
+                          properties:
+                            key:
+                              description: The key of the secret to select from.  Must
+                                be a valid secret key.
+                              type: string
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                            optional:
+                              description: Specify whether the Secret or its key must
+                                be defined
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                      type: object
+                    bearerTokenSecret:
+                      description: Secret to mount to read bearer token for scraping
+                        targets. The secret needs to be in the same namespace as the
+                        pod monitor and accessible by the Prometheus Operator.
+                      properties:
+                        key:
+                          description: The key of the secret to select from.  Must
+                            be a valid secret key.
+                          type: string
+                        name:
+                          description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                            TODO: Add other useful fields. apiVersion, kind, uid?'
+                          type: string
+                        optional:
+                          description: Specify whether the Secret or its key must
+                            be defined
+                          type: boolean
+                      required:
+                      - key
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    enableHttp2:
+                      description: Whether to enable HTTP2.
+                      type: boolean
+                    filterRunning:
+                      description: 'Drop pods that are not running. (Failed, Succeeded).
+                        Enabled by default. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase'
+                      type: boolean
+                    followRedirects:
+                      description: FollowRedirects configures whether scrape requests
+                        follow HTTP 3xx redirects.
+                      type: boolean
+                    honorLabels:
+                      description: HonorLabels chooses the metric's labels on collisions
+                        with target labels.
+                      type: boolean
+                    honorTimestamps:
+                      description: HonorTimestamps controls whether Prometheus respects
+                        the timestamps present in scraped data.
+                      type: boolean
+                    interval:
+                      description: Interval at which metrics should be scraped If
+                        not specified Prometheus' global scrape interval is used.
+                      pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                      type: string
+                    metricRelabelings:
+                      description: MetricRelabelConfigs to apply to samples before
+                        ingestion.
+                      items:
+                        description: 'RelabelConfig allows dynamic rewriting of the
+                          label set, being applied to samples before ingestion. It
+                          defines `<metric_relabel_configs>`-section of Prometheus
+                          configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
+                        properties:
+                          action:
+                            default: replace
+                            description: Action to perform based on regex matching.
+                              Default is 'replace'. uppercase and lowercase actions
+                              require Prometheus >= 2.36.
+                            enum:
+                            - replace
+                            - Replace
+                            - keep
+                            - Keep
+                            - drop
+                            - Drop
+                            - hashmod
+                            - HashMod
+                            - labelmap
+                            - LabelMap
+                            - labeldrop
+                            - LabelDrop
+                            - labelkeep
+                            - LabelKeep
+                            - lowercase
+                            - Lowercase
+                            - uppercase
+                            - Uppercase
+                            type: string
+                          modulus:
+                            description: Modulus to take of the hash of the source
+                              label values.
+                            format: int64
+                            type: integer
+                          regex:
+                            description: Regular expression against which the extracted
+                              value is matched. Default is '(.*)'
+                            type: string
+                          replacement:
+                            description: Replacement value against which a regex replace
+                              is performed if the regular expression matches. Regex
+                              capture groups are available. Default is '$1'
+                            type: string
+                          separator:
+                            description: Separator placed between concatenated source
+                              label values. default is ';'.
+                            type: string
+                          sourceLabels:
+                            description: The source labels select values from existing
+                              labels. Their content is concatenated using the configured
+                              separator and matched against the configured regular
+                              expression for the replace, keep, and drop actions.
+                            items:
+                              description: LabelName is a valid Prometheus label name
+                                which may only contain ASCII letters, numbers, as
+                                well as underscores.
+                              pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                              type: string
+                            type: array
+                          targetLabel:
+                            description: Label to which the resulting value is written
+                              in a replace action. It is mandatory for replace actions.
+                              Regex capture groups are available.
+                            type: string
+                        type: object
+                      type: array
+                    oauth2:
+                      description: OAuth2 for the URL. Only valid in Prometheus versions
+                        2.27.0 and newer.
+                      properties:
+                        clientId:
+                          description: The secret or configmap containing the OAuth2
+                            client id
+                          properties:
+                            configMap:
+                              description: ConfigMap containing data to use for the
+                                targets.
+                              properties:
+                                key:
+                                  description: The key to select.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the ConfigMap or its
+                                    key must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            secret:
+                              description: Secret containing data to use for the targets.
+                              properties:
+                                key:
+                                  description: The key of the secret to select from.  Must
+                                    be a valid secret key.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the Secret or its key
+                                    must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                        clientSecret:
+                          description: The secret containing the OAuth2 client secret
+                          properties:
+                            key:
+                              description: The key of the secret to select from.  Must
+                                be a valid secret key.
+                              type: string
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                            optional:
+                              description: Specify whether the Secret or its key must
+                                be defined
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        endpointParams:
+                          additionalProperties:
+                            type: string
+                          description: Parameters to append to the token URL
+                          type: object
+                        scopes:
+                          description: OAuth2 scopes used for the token request
+                          items:
+                            type: string
+                          type: array
+                        tokenUrl:
+                          description: The URL to fetch the token from
+                          minLength: 1
+                          type: string
+                      required:
+                      - clientId
+                      - clientSecret
+                      - tokenUrl
+                      type: object
+                    params:
+                      additionalProperties:
+                        items:
+                          type: string
+                        type: array
+                      description: Optional HTTP URL parameters
+                      type: object
+                    path:
+                      description: HTTP path to scrape for metrics. If empty, Prometheus
+                        uses the default value (e.g. `/metrics`).
+                      type: string
+                    port:
+                      description: Name of the pod port this endpoint refers to. Mutually
+                        exclusive with targetPort.
+                      type: string
+                    proxyUrl:
+                      description: ProxyURL eg http://proxyserver:2195 Directs scrapes
+                        to proxy through this endpoint.
+                      type: string
+                    relabelings:
+                      description: 'RelabelConfigs to apply to samples before scraping.
+                        Prometheus Operator automatically adds relabelings for a few
+                        standard Kubernetes fields. The original scrape job''s name
+                        is available via the `__tmp_prometheus_job_name` label. More
+                        info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config'
+                      items:
+                        description: 'RelabelConfig allows dynamic rewriting of the
+                          label set, being applied to samples before ingestion. It
+                          defines `<metric_relabel_configs>`-section of Prometheus
+                          configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
+                        properties:
+                          action:
+                            default: replace
+                            description: Action to perform based on regex matching.
+                              Default is 'replace'. uppercase and lowercase actions
+                              require Prometheus >= 2.36.
+                            enum:
+                            - replace
+                            - Replace
+                            - keep
+                            - Keep
+                            - drop
+                            - Drop
+                            - hashmod
+                            - HashMod
+                            - labelmap
+                            - LabelMap
+                            - labeldrop
+                            - LabelDrop
+                            - labelkeep
+                            - LabelKeep
+                            - lowercase
+                            - Lowercase
+                            - uppercase
+                            - Uppercase
+                            type: string
+                          modulus:
+                            description: Modulus to take of the hash of the source
+                              label values.
+                            format: int64
+                            type: integer
+                          regex:
+                            description: Regular expression against which the extracted
+                              value is matched. Default is '(.*)'
+                            type: string
+                          replacement:
+                            description: Replacement value against which a regex replace
+                              is performed if the regular expression matches. Regex
+                              capture groups are available. Default is '$1'
+                            type: string
+                          separator:
+                            description: Separator placed between concatenated source
+                              label values. default is ';'.
+                            type: string
+                          sourceLabels:
+                            description: The source labels select values from existing
+                              labels. Their content is concatenated using the configured
+                              separator and matched against the configured regular
+                              expression for the replace, keep, and drop actions.
+                            items:
+                              description: LabelName is a valid Prometheus label name
+                                which may only contain ASCII letters, numbers, as
+                                well as underscores.
+                              pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                              type: string
+                            type: array
+                          targetLabel:
+                            description: Label to which the resulting value is written
+                              in a replace action. It is mandatory for replace actions.
+                              Regex capture groups are available.
+                            type: string
+                        type: object
+                      type: array
+                    scheme:
+                      description: HTTP scheme to use for scraping.
+                      type: string
+                    scrapeTimeout:
+                      description: Timeout after which the scrape is ended If not
+                        specified, the Prometheus global scrape interval is used.
+                      pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                      type: string
+                    targetPort:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      description: 'Deprecated: Use ''port'' instead.'
+                      x-kubernetes-int-or-string: true
+                    tlsConfig:
+                      description: TLS configuration to use when scraping the endpoint.
+                      properties:
+                        ca:
+                          description: Certificate authority used when verifying server
+                            certificates.
+                          properties:
+                            configMap:
+                              description: ConfigMap containing data to use for the
+                                targets.
+                              properties:
+                                key:
+                                  description: The key to select.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the ConfigMap or its
+                                    key must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            secret:
+                              description: Secret containing data to use for the targets.
+                              properties:
+                                key:
+                                  description: The key of the secret to select from.  Must
+                                    be a valid secret key.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the Secret or its key
+                                    must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                        cert:
+                          description: Client certificate to present when doing client-authentication.
+                          properties:
+                            configMap:
+                              description: ConfigMap containing data to use for the
+                                targets.
+                              properties:
+                                key:
+                                  description: The key to select.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the ConfigMap or its
+                                    key must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            secret:
+                              description: Secret containing data to use for the targets.
+                              properties:
+                                key:
+                                  description: The key of the secret to select from.  Must
+                                    be a valid secret key.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the Secret or its key
+                                    must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                        insecureSkipVerify:
+                          description: Disable target certificate validation.
+                          type: boolean
+                        keySecret:
+                          description: Secret containing the client key file for the
+                            targets.
+                          properties:
+                            key:
+                              description: The key of the secret to select from.  Must
+                                be a valid secret key.
+                              type: string
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                            optional:
+                              description: Specify whether the Secret or its key must
+                                be defined
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        serverName:
+                          description: Used to verify the hostname for the targets.
+                          type: string
+                      type: object
+                  type: object
+                type: array
+              podTargetLabels:
+                description: PodTargetLabels transfers labels on the Kubernetes Pod
+                  onto the target.
+                items:
+                  type: string
+                type: array
+              sampleLimit:
+                description: SampleLimit defines per-scrape limit on number of scraped
+                  samples that will be accepted.
+                format: int64
+                type: integer
+              selector:
+                description: Selector to select Pod objects.
+                properties:
+                  matchExpressions:
+                    description: matchExpressions is a list of label selector requirements.
+                      The requirements are ANDed.
+                    items:
+                      description: A label selector requirement is a selector that
+                        contains values, a key, and an operator that relates the key
+                        and values.
+                      properties:
+                        key:
+                          description: key is the label key that the selector applies
+                            to.
+                          type: string
+                        operator:
+                          description: operator represents a key's relationship to
+                            a set of values. Valid operators are In, NotIn, Exists
+                            and DoesNotExist.
+                          type: string
+                        values:
+                          description: values is an array of string values. If the
+                            operator is In or NotIn, the values array must be non-empty.
+                            If the operator is Exists or DoesNotExist, the values
+                            array must be empty. This array is replaced during a strategic
+                            merge patch.
+                          items:
+                            type: string
+                          type: array
+                      required:
+                      - key
+                      - operator
+                      type: object
+                    type: array
+                  matchLabels:
+                    additionalProperties:
+                      type: string
+                    description: matchLabels is a map of {key,value} pairs. A single
+                      {key,value} in the matchLabels map is equivalent to an element
+                      of matchExpressions, whose key field is "key", the operator
+                      is "In", and the values array contains only "value". The requirements
+                      are ANDed.
+                    type: object
+                type: object
+                x-kubernetes-map-type: atomic
+              targetLimit:
+                description: TargetLimit defines a limit on the number of scraped
+                  targets that will be accepted.
+                format: int64
+                type: integer
+            required:
+            - podMetricsEndpoints
+            - selector
+            type: object
+        required:
+        - spec
+        type: object
+    served: true
+    storage: true
diff --git a/charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-probes.yaml b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-probes.yaml
new file mode 100644
index 000000000..a20c6ff06
--- /dev/null
+++ b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-probes.yaml
@@ -0,0 +1,705 @@
+# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.11.1
+  creationTimestamp: null
+  name: probes.monitoring.coreos.com
+spec:
+  group: monitoring.coreos.com
+  names:
+    categories:
+    - prometheus-operator
+    kind: Probe
+    listKind: ProbeList
+    plural: probes
+    shortNames:
+    - prb
+    singular: probe
+  scope: Namespaced
+  versions:
+  - name: v1
+    schema:
+      openAPIV3Schema:
+        description: Probe defines monitoring for a set of static targets or ingresses.
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: Specification of desired Ingress selection for target discovery
+              by Prometheus.
+            properties:
+              authorization:
+                description: Authorization section for this endpoint
+                properties:
+                  credentials:
+                    description: The secret's key that contains the credentials of
+                      the request
+                    properties:
+                      key:
+                        description: The key of the secret to select from.  Must be
+                          a valid secret key.
+                        type: string
+                      name:
+                        description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                          TODO: Add other useful fields. apiVersion, kind, uid?'
+                        type: string
+                      optional:
+                        description: Specify whether the Secret or its key must be
+                          defined
+                        type: boolean
+                    required:
+                    - key
+                    type: object
+                    x-kubernetes-map-type: atomic
+                  type:
+                    description: Set the authentication type. Defaults to Bearer,
+                      Basic will cause an error
+                    type: string
+                type: object
+              basicAuth:
+                description: 'BasicAuth allow an endpoint to authenticate over basic
+                  authentication. More info: https://prometheus.io/docs/operating/configuration/#endpoint'
+                properties:
+                  password:
+                    description: The secret in the service monitor namespace that
+                      contains the password for authentication.
+                    properties:
+                      key:
+                        description: The key of the secret to select from.  Must be
+                          a valid secret key.
+                        type: string
+                      name:
+                        description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                          TODO: Add other useful fields. apiVersion, kind, uid?'
+                        type: string
+                      optional:
+                        description: Specify whether the Secret or its key must be
+                          defined
+                        type: boolean
+                    required:
+                    - key
+                    type: object
+                    x-kubernetes-map-type: atomic
+                  username:
+                    description: The secret in the service monitor namespace that
+                      contains the username for authentication.
+                    properties:
+                      key:
+                        description: The key of the secret to select from.  Must be
+                          a valid secret key.
+                        type: string
+                      name:
+                        description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                          TODO: Add other useful fields. apiVersion, kind, uid?'
+                        type: string
+                      optional:
+                        description: Specify whether the Secret or its key must be
+                          defined
+                        type: boolean
+                    required:
+                    - key
+                    type: object
+                    x-kubernetes-map-type: atomic
+                type: object
+              bearerTokenSecret:
+                description: Secret to mount to read bearer token for scraping targets.
+                  The secret needs to be in the same namespace as the probe and accessible
+                  by the Prometheus Operator.
+                properties:
+                  key:
+                    description: The key of the secret to select from.  Must be a
+                      valid secret key.
+                    type: string
+                  name:
+                    description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                      TODO: Add other useful fields. apiVersion, kind, uid?'
+                    type: string
+                  optional:
+                    description: Specify whether the Secret or its key must be defined
+                    type: boolean
+                required:
+                - key
+                type: object
+                x-kubernetes-map-type: atomic
+              interval:
+                description: Interval at which targets are probed using the configured
+                  prober. If not specified Prometheus' global scrape interval is used.
+                pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                type: string
+              jobName:
+                description: The job name assigned to scraped metrics by default.
+                type: string
+              labelLimit:
+                description: Per-scrape limit on number of labels that will be accepted
+                  for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+                format: int64
+                type: integer
+              labelNameLengthLimit:
+                description: Per-scrape limit on length of labels name that will be
+                  accepted for a sample. Only valid in Prometheus versions 2.27.0
+                  and newer.
+                format: int64
+                type: integer
+              labelValueLengthLimit:
+                description: Per-scrape limit on length of labels value that will
+                  be accepted for a sample. Only valid in Prometheus versions 2.27.0
+                  and newer.
+                format: int64
+                type: integer
+              metricRelabelings:
+                description: MetricRelabelConfigs to apply to samples before ingestion.
+                items:
+                  description: 'RelabelConfig allows dynamic rewriting of the label
+                    set, being applied to samples before ingestion. It defines `<metric_relabel_configs>`-section
+                    of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
+                  properties:
+                    action:
+                      default: replace
+                      description: Action to perform based on regex matching. Default
+                        is 'replace'. uppercase and lowercase actions require Prometheus
+                        >= 2.36.
+                      enum:
+                      - replace
+                      - Replace
+                      - keep
+                      - Keep
+                      - drop
+                      - Drop
+                      - hashmod
+                      - HashMod
+                      - labelmap
+                      - LabelMap
+                      - labeldrop
+                      - LabelDrop
+                      - labelkeep
+                      - LabelKeep
+                      - lowercase
+                      - Lowercase
+                      - uppercase
+                      - Uppercase
+                      type: string
+                    modulus:
+                      description: Modulus to take of the hash of the source label
+                        values.
+                      format: int64
+                      type: integer
+                    regex:
+                      description: Regular expression against which the extracted
+                        value is matched. Default is '(.*)'
+                      type: string
+                    replacement:
+                      description: Replacement value against which a regex replace
+                        is performed if the regular expression matches. Regex capture
+                        groups are available. Default is '$1'
+                      type: string
+                    separator:
+                      description: Separator placed between concatenated source label
+                        values. default is ';'.
+                      type: string
+                    sourceLabels:
+                      description: The source labels select values from existing labels.
+                        Their content is concatenated using the configured separator
+                        and matched against the configured regular expression for
+                        the replace, keep, and drop actions.
+                      items:
+                        description: LabelName is a valid Prometheus label name which
+                          may only contain ASCII letters, numbers, as well as underscores.
+                        pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                        type: string
+                      type: array
+                    targetLabel:
+                      description: Label to which the resulting value is written in
+                        a replace action. It is mandatory for replace actions. Regex
+                        capture groups are available.
+                      type: string
+                  type: object
+                type: array
+              module:
+                description: 'The module to use for probing specifying how to probe
+                  the target. Example module configuring in the blackbox exporter:
+                  https://github.com/prometheus/blackbox_exporter/blob/master/example.yml'
+                type: string
+              oauth2:
+                description: OAuth2 for the URL. Only valid in Prometheus versions
+                  2.27.0 and newer.
+                properties:
+                  clientId:
+                    description: The secret or configmap containing the OAuth2 client
+                      id
+                    properties:
+                      configMap:
+                        description: ConfigMap containing data to use for the targets.
+                        properties:
+                          key:
+                            description: The key to select.
+                            type: string
+                          name:
+                            description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                              TODO: Add other useful fields. apiVersion, kind, uid?'
+                            type: string
+                          optional:
+                            description: Specify whether the ConfigMap or its key
+                              must be defined
+                            type: boolean
+                        required:
+                        - key
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      secret:
+                        description: Secret containing data to use for the targets.
+                        properties:
+                          key:
+                            description: The key of the secret to select from.  Must
+                              be a valid secret key.
+                            type: string
+                          name:
+                            description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                              TODO: Add other useful fields. apiVersion, kind, uid?'
+                            type: string
+                          optional:
+                            description: Specify whether the Secret or its key must
+                              be defined
+                            type: boolean
+                        required:
+                        - key
+                        type: object
+                        x-kubernetes-map-type: atomic
+                    type: object
+                  clientSecret:
+                    description: The secret containing the OAuth2 client secret
+                    properties:
+                      key:
+                        description: The key of the secret to select from.  Must be
+                          a valid secret key.
+                        type: string
+                      name:
+                        description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                          TODO: Add other useful fields. apiVersion, kind, uid?'
+                        type: string
+                      optional:
+                        description: Specify whether the Secret or its key must be
+                          defined
+                        type: boolean
+                    required:
+                    - key
+                    type: object
+                    x-kubernetes-map-type: atomic
+                  endpointParams:
+                    additionalProperties:
+                      type: string
+                    description: Parameters to append to the token URL
+                    type: object
+                  scopes:
+                    description: OAuth2 scopes used for the token request
+                    items:
+                      type: string
+                    type: array
+                  tokenUrl:
+                    description: The URL to fetch the token from
+                    minLength: 1
+                    type: string
+                required:
+                - clientId
+                - clientSecret
+                - tokenUrl
+                type: object
+              prober:
+                description: Specification for the prober to use for probing targets.
+                  The prober.URL parameter is required. Targets cannot be probed if
+                  left empty.
+                properties:
+                  path:
+                    default: /probe
+                    description: Path to collect metrics from. Defaults to `/probe`.
+                    type: string
+                  proxyUrl:
+                    description: Optional ProxyURL.
+                    type: string
+                  scheme:
+                    description: HTTP scheme to use for scraping. Defaults to `http`.
+                    type: string
+                  url:
+                    description: Mandatory URL of the prober.
+                    type: string
+                required:
+                - url
+                type: object
+              sampleLimit:
+                description: SampleLimit defines per-scrape limit on number of scraped
+                  samples that will be accepted.
+                format: int64
+                type: integer
+              scrapeTimeout:
+                description: Timeout for scraping metrics from the Prometheus exporter.
+                  If not specified, the Prometheus global scrape interval is used.
+                pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                type: string
+              targetLimit:
+                description: TargetLimit defines a limit on the number of scraped
+                  targets that will be accepted.
+                format: int64
+                type: integer
+              targets:
+                description: Targets defines a set of static or dynamically discovered
+                  targets to probe.
+                properties:
+                  ingress:
+                    description: ingress defines the Ingress objects to probe and
+                      the relabeling configuration. If `staticConfig` is also defined,
+                      `staticConfig` takes precedence.
+                    properties:
+                      namespaceSelector:
+                        description: From which namespaces to select Ingress objects.
+                        properties:
+                          any:
+                            description: Boolean describing whether all namespaces
+                              are selected in contrast to a list restricting them.
+                            type: boolean
+                          matchNames:
+                            description: List of namespace names to select from.
+                            items:
+                              type: string
+                            type: array
+                        type: object
+                      relabelingConfigs:
+                        description: 'RelabelConfigs to apply to the label set of
+                          the target before it gets scraped. The original ingress
+                          address is available via the `__tmp_prometheus_ingress_address`
+                          label. It can be used to customize the probed URL. The original
+                          scrape job''s name is available via the `__tmp_prometheus_job_name`
+                          label. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config'
+                        items:
+                          description: 'RelabelConfig allows dynamic rewriting of
+                            the label set, being applied to samples before ingestion.
+                            It defines `<metric_relabel_configs>`-section of Prometheus
+                            configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
+                          properties:
+                            action:
+                              default: replace
+                              description: Action to perform based on regex matching.
+                                Default is 'replace'. uppercase and lowercase actions
+                                require Prometheus >= 2.36.
+                              enum:
+                              - replace
+                              - Replace
+                              - keep
+                              - Keep
+                              - drop
+                              - Drop
+                              - hashmod
+                              - HashMod
+                              - labelmap
+                              - LabelMap
+                              - labeldrop
+                              - LabelDrop
+                              - labelkeep
+                              - LabelKeep
+                              - lowercase
+                              - Lowercase
+                              - uppercase
+                              - Uppercase
+                              type: string
+                            modulus:
+                              description: Modulus to take of the hash of the source
+                                label values.
+                              format: int64
+                              type: integer
+                            regex:
+                              description: Regular expression against which the extracted
+                                value is matched. Default is '(.*)'
+                              type: string
+                            replacement:
+                              description: Replacement value against which a regex
+                                replace is performed if the regular expression matches.
+                                Regex capture groups are available. Default is '$1'
+                              type: string
+                            separator:
+                              description: Separator placed between concatenated source
+                                label values. default is ';'.
+                              type: string
+                            sourceLabels:
+                              description: The source labels select values from existing
+                                labels. Their content is concatenated using the configured
+                                separator and matched against the configured regular
+                                expression for the replace, keep, and drop actions.
+                              items:
+                                description: LabelName is a valid Prometheus label
+                                  name which may only contain ASCII letters, numbers,
+                                  as well as underscores.
+                                pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                type: string
+                              type: array
+                            targetLabel:
+                              description: Label to which the resulting value is written
+                                in a replace action. It is mandatory for replace actions.
+                                Regex capture groups are available.
+                              type: string
+                          type: object
+                        type: array
+                      selector:
+                        description: Selector to select the Ingress objects.
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: A label selector requirement is a selector
+                                that contains values, a key, and an operator that
+                                relates the key and values.
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  type: string
+                                operator:
+                                  description: operator represents a key's relationship
+                                    to a set of values. Valid operators are In, NotIn,
+                                    Exists and DoesNotExist.
+                                  type: string
+                                values:
+                                  description: values is an array of string values.
+                                    If the operator is In or NotIn, the values array
+                                    must be non-empty. If the operator is Exists or
+                                    DoesNotExist, the values array must be empty.
+                                    This array is replaced during a strategic merge
+                                    patch.
+                                  items:
+                                    type: string
+                                  type: array
+                              required:
+                              - key
+                              - operator
+                              type: object
+                            type: array
+                          matchLabels:
+                            additionalProperties:
+                              type: string
+                            description: matchLabels is a map of {key,value} pairs.
+                              A single {key,value} in the matchLabels map is equivalent
+                              to an element of matchExpressions, whose key field is
+                              "key", the operator is "In", and the values array contains
+                              only "value". The requirements are ANDed.
+                            type: object
+                        type: object
+                        x-kubernetes-map-type: atomic
+                    type: object
+                  staticConfig:
+                    description: 'staticConfig defines the static list of targets
+                      to probe and the relabeling configuration. If `ingress` is also
+                      defined, `staticConfig` takes precedence. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#static_config.'
+                    properties:
+                      labels:
+                        additionalProperties:
+                          type: string
+                        description: Labels assigned to all metrics scraped from the
+                          targets.
+                        type: object
+                      relabelingConfigs:
+                        description: 'RelabelConfigs to apply to the label set of
+                          the targets before it gets scraped. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config'
+                        items:
+                          description: 'RelabelConfig allows dynamic rewriting of
+                            the label set, being applied to samples before ingestion.
+                            It defines `<metric_relabel_configs>`-section of Prometheus
+                            configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
+                          properties:
+                            action:
+                              default: replace
+                              description: Action to perform based on regex matching.
+                                Default is 'replace'. uppercase and lowercase actions
+                                require Prometheus >= 2.36.
+                              enum:
+                              - replace
+                              - Replace
+                              - keep
+                              - Keep
+                              - drop
+                              - Drop
+                              - hashmod
+                              - HashMod
+                              - labelmap
+                              - LabelMap
+                              - labeldrop
+                              - LabelDrop
+                              - labelkeep
+                              - LabelKeep
+                              - lowercase
+                              - Lowercase
+                              - uppercase
+                              - Uppercase
+                              type: string
+                            modulus:
+                              description: Modulus to take of the hash of the source
+                                label values.
+                              format: int64
+                              type: integer
+                            regex:
+                              description: Regular expression against which the extracted
+                                value is matched. Default is '(.*)'
+                              type: string
+                            replacement:
+                              description: Replacement value against which a regex
+                                replace is performed if the regular expression matches.
+                                Regex capture groups are available. Default is '$1'
+                              type: string
+                            separator:
+                              description: Separator placed between concatenated source
+                                label values. default is ';'.
+                              type: string
+                            sourceLabels:
+                              description: The source labels select values from existing
+                                labels. Their content is concatenated using the configured
+                                separator and matched against the configured regular
+                                expression for the replace, keep, and drop actions.
+                              items:
+                                description: LabelName is a valid Prometheus label
+                                  name which may only contain ASCII letters, numbers,
+                                  as well as underscores.
+                                pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                type: string
+                              type: array
+                            targetLabel:
+                              description: Label to which the resulting value is written
+                                in a replace action. It is mandatory for replace actions.
+                                Regex capture groups are available.
+                              type: string
+                          type: object
+                        type: array
+                      static:
+                        description: The list of hosts to probe.
+                        items:
+                          type: string
+                        type: array
+                    type: object
+                type: object
+              tlsConfig:
+                description: TLS configuration to use when scraping the endpoint.
+                properties:
+                  ca:
+                    description: Certificate authority used when verifying server
+                      certificates.
+                    properties:
+                      configMap:
+                        description: ConfigMap containing data to use for the targets.
+                        properties:
+                          key:
+                            description: The key to select.
+                            type: string
+                          name:
+                            description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                              TODO: Add other useful fields. apiVersion, kind, uid?'
+                            type: string
+                          optional:
+                            description: Specify whether the ConfigMap or its key
+                              must be defined
+                            type: boolean
+                        required:
+                        - key
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      secret:
+                        description: Secret containing data to use for the targets.
+                        properties:
+                          key:
+                            description: The key of the secret to select from.  Must
+                              be a valid secret key.
+                            type: string
+                          name:
+                            description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                              TODO: Add other useful fields. apiVersion, kind, uid?'
+                            type: string
+                          optional:
+                            description: Specify whether the Secret or its key must
+                              be defined
+                            type: boolean
+                        required:
+                        - key
+                        type: object
+                        x-kubernetes-map-type: atomic
+                    type: object
+                  cert:
+                    description: Client certificate to present when doing client-authentication.
+                    properties:
+                      configMap:
+                        description: ConfigMap containing data to use for the targets.
+                        properties:
+                          key:
+                            description: The key to select.
+                            type: string
+                          name:
+                            description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                              TODO: Add other useful fields. apiVersion, kind, uid?'
+                            type: string
+                          optional:
+                            description: Specify whether the ConfigMap or its key
+                              must be defined
+                            type: boolean
+                        required:
+                        - key
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      secret:
+                        description: Secret containing data to use for the targets.
+                        properties:
+                          key:
+                            description: The key of the secret to select from.  Must
+                              be a valid secret key.
+                            type: string
+                          name:
+                            description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                              TODO: Add other useful fields. apiVersion, kind, uid?'
+                            type: string
+                          optional:
+                            description: Specify whether the Secret or its key must
+                              be defined
+                            type: boolean
+                        required:
+                        - key
+                        type: object
+                        x-kubernetes-map-type: atomic
+                    type: object
+                  insecureSkipVerify:
+                    description: Disable target certificate validation.
+                    type: boolean
+                  keySecret:
+                    description: Secret containing the client key file for the targets.
+                    properties:
+                      key:
+                        description: The key of the secret to select from.  Must be
+                          a valid secret key.
+                        type: string
+                      name:
+                        description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                          TODO: Add other useful fields. apiVersion, kind, uid?'
+                        type: string
+                      optional:
+                        description: Specify whether the Secret or its key must be
+                          defined
+                        type: boolean
+                    required:
+                    - key
+                    type: object
+                    x-kubernetes-map-type: atomic
+                  serverName:
+                    description: Used to verify the hostname for the targets.
+                    type: string
+                type: object
+            type: object
+        required:
+        - spec
+        type: object
+    served: true
+    storage: true
diff --git a/charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-prometheuses.yaml b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-prometheuses.yaml
new file mode 100644
index 000000000..92c42c633
--- /dev/null
+++ b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-prometheuses.yaml
@@ -0,0 +1,9177 @@
+# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.11.1
+  creationTimestamp: null
+  name: prometheuses.monitoring.coreos.com
+spec:
+  group: monitoring.coreos.com
+  names:
+    categories:
+    - prometheus-operator
+    kind: Prometheus
+    listKind: PrometheusList
+    plural: prometheuses
+    shortNames:
+    - prom
+    singular: prometheus
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - description: The version of Prometheus
+      jsonPath: .spec.version
+      name: Version
+      type: string
+    - description: The number of desired replicas
+      jsonPath: .spec.replicas
+      name: Desired
+      type: integer
+    - description: The number of ready replicas
+      jsonPath: .status.availableReplicas
+      name: Ready
+      type: integer
+    - jsonPath: .status.conditions[?(@.type == 'Reconciled')].status
+      name: Reconciled
+      type: string
+    - jsonPath: .status.conditions[?(@.type == 'Available')].status
+      name: Available
+      type: string
+    - jsonPath: .metadata.creationTimestamp
+      name: Age
+      type: date
+    - description: Whether the resource reconciliation is paused or not
+      jsonPath: .status.paused
+      name: Paused
+      priority: 1
+      type: boolean
+    name: v1
+    schema:
+      openAPIV3Schema:
+        description: Prometheus defines a Prometheus deployment.
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: 'Specification of the desired behavior of the Prometheus
+              cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
+            properties:
+              additionalAlertManagerConfigs:
+                description: 'AdditionalAlertManagerConfigs allows specifying a key
+                  of a Secret containing additional Prometheus AlertManager configurations.
+                  AlertManager configurations specified are appended to the configurations
+                  generated by the Prometheus Operator. Job configurations specified
+                  must have the form as specified in the official Prometheus documentation:
+                  https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alertmanager_config.
+                  As AlertManager configs are appended, the user is responsible to
+                  make sure it is valid. Note that using this feature may expose the
+                  possibility to break upgrades of Prometheus. It is advised to review
+                  Prometheus release notes to ensure that no incompatible AlertManager
+                  configs are going to break Prometheus after the upgrade.'
+                properties:
+                  key:
+                    description: The key of the secret to select from.  Must be a
+                      valid secret key.
+                    type: string
+                  name:
+                    description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                      TODO: Add other useful fields. apiVersion, kind, uid?'
+                    type: string
+                  optional:
+                    description: Specify whether the Secret or its key must be defined
+                    type: boolean
+                required:
+                - key
+                type: object
+                x-kubernetes-map-type: atomic
+              additionalAlertRelabelConfigs:
+                description: 'AdditionalAlertRelabelConfigs allows specifying a key
+                  of a Secret containing additional Prometheus alert relabel configurations.
+                  Alert relabel configurations specified are appended to the configurations
+                  generated by the Prometheus Operator. Alert relabel configurations
+                  specified must have the form as specified in the official Prometheus
+                  documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs.
+                  As alert relabel configs are appended, the user is responsible to
+                  make sure it is valid. Note that using this feature may expose the
+                  possibility to break upgrades of Prometheus. It is advised to review
+                  Prometheus release notes to ensure that no incompatible alert relabel
+                  configs are going to break Prometheus after the upgrade.'
+                properties:
+                  key:
+                    description: The key of the secret to select from.  Must be a
+                      valid secret key.
+                    type: string
+                  name:
+                    description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                      TODO: Add other useful fields. apiVersion, kind, uid?'
+                    type: string
+                  optional:
+                    description: Specify whether the Secret or its key must be defined
+                    type: boolean
+                required:
+                - key
+                type: object
+                x-kubernetes-map-type: atomic
+              additionalArgs:
+                description: AdditionalArgs allows setting additional arguments for
+                  the Prometheus container. It is intended for e.g. activating hidden
+                  flags which are not supported by the dedicated configuration options
+                  yet. The arguments are passed as-is to the Prometheus container
+                  which may cause issues if they are invalid or not supported by the
+                  given Prometheus version. In case of an argument conflict (e.g.
+                  an argument which is already set by the operator itself) or when
+                  providing an invalid argument the reconciliation will fail and an
+                  error will be logged.
+                items:
+                  description: Argument as part of the AdditionalArgs list.
+                  properties:
+                    name:
+                      description: Name of the argument, e.g. "scrape.discovery-reload-interval".
+                      minLength: 1
+                      type: string
+                    value:
+                      description: Argument value, e.g. 30s. Can be empty for name-only
+                        arguments (e.g. --storage.tsdb.no-lockfile)
+                      type: string
+                  required:
+                  - name
+                  type: object
+                type: array
+              additionalScrapeConfigs:
+                description: 'AdditionalScrapeConfigs allows specifying a key of a
+                  Secret containing additional Prometheus scrape configurations. Scrape
+                  configurations specified are appended to the configurations generated
+                  by the Prometheus Operator. Job configurations specified must have
+                  the form as specified in the official Prometheus documentation:
+                  https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config.
+                  As scrape configs are appended, the user is responsible to make
+                  sure it is valid. Note that using this feature may expose the possibility
+                  to break upgrades of Prometheus. It is advised to review Prometheus
+                  release notes to ensure that no incompatible scrape configs are
+                  going to break Prometheus after the upgrade.'
+                properties:
+                  key:
+                    description: The key of the secret to select from.  Must be a
+                      valid secret key.
+                    type: string
+                  name:
+                    description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                      TODO: Add other useful fields. apiVersion, kind, uid?'
+                    type: string
+                  optional:
+                    description: Specify whether the Secret or its key must be defined
+                    type: boolean
+                required:
+                - key
+                type: object
+                x-kubernetes-map-type: atomic
+              affinity:
+                description: If specified, the pod's scheduling constraints.
+                properties:
+                  nodeAffinity:
+                    description: Describes node affinity scheduling rules for the
+                      pod.
+                    properties:
+                      preferredDuringSchedulingIgnoredDuringExecution:
+                        description: The scheduler will prefer to schedule pods to
+                          nodes that satisfy the affinity expressions specified by
+                          this field, but it may choose a node that violates one or
+                          more of the expressions. The node that is most preferred
+                          is the one with the greatest sum of weights, i.e. for each
+                          node that meets all of the scheduling requirements (resource
+                          request, requiredDuringScheduling affinity expressions,
+                          etc.), compute a sum by iterating through the elements of
+                          this field and adding "weight" to the sum if the node matches
+                          the corresponding matchExpressions; the node(s) with the
+                          highest sum are the most preferred.
+                        items:
+                          description: An empty preferred scheduling term matches
+                            all objects with implicit weight 0 (i.e. it's a no-op).
+                            A null preferred scheduling term matches no objects (i.e.
+                            is also a no-op).
+                          properties:
+                            preference:
+                              description: A node selector term, associated with the
+                                corresponding weight.
+                              properties:
+                                matchExpressions:
+                                  description: A list of node selector requirements
+                                    by node's labels.
+                                  items:
+                                    description: A node selector requirement is a
+                                      selector that contains values, a key, and an
+                                      operator that relates the key and values.
+                                    properties:
+                                      key:
+                                        description: The label key that the selector
+                                          applies to.
+                                        type: string
+                                      operator:
+                                        description: Represents a key's relationship
+                                          to a set of values. Valid operators are
+                                          In, NotIn, Exists, DoesNotExist. Gt, and
+                                          Lt.
+                                        type: string
+                                      values:
+                                        description: An array of string values. If
+                                          the operator is In or NotIn, the values
+                                          array must be non-empty. If the operator
+                                          is Exists or DoesNotExist, the values array
+                                          must be empty. If the operator is Gt or
+                                          Lt, the values array must have a single
+                                          element, which will be interpreted as an
+                                          integer. This array is replaced during a
+                                          strategic merge patch.
+                                        items:
+                                          type: string
+                                        type: array
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                matchFields:
+                                  description: A list of node selector requirements
+                                    by node's fields.
+                                  items:
+                                    description: A node selector requirement is a
+                                      selector that contains values, a key, and an
+                                      operator that relates the key and values.
+                                    properties:
+                                      key:
+                                        description: The label key that the selector
+                                          applies to.
+                                        type: string
+                                      operator:
+                                        description: Represents a key's relationship
+                                          to a set of values. Valid operators are
+                                          In, NotIn, Exists, DoesNotExist. Gt, and
+                                          Lt.
+                                        type: string
+                                      values:
+                                        description: An array of string values. If
+                                          the operator is In or NotIn, the values
+                                          array must be non-empty. If the operator
+                                          is Exists or DoesNotExist, the values array
+                                          must be empty. If the operator is Gt or
+                                          Lt, the values array must have a single
+                                          element, which will be interpreted as an
+                                          integer. This array is replaced during a
+                                          strategic merge patch.
+                                        items:
+                                          type: string
+                                        type: array
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            weight:
+                              description: Weight associated with matching the corresponding
+                                nodeSelectorTerm, in the range 1-100.
+                              format: int32
+                              type: integer
+                          required:
+                          - preference
+                          - weight
+                          type: object
+                        type: array
+                      requiredDuringSchedulingIgnoredDuringExecution:
+                        description: If the affinity requirements specified by this
+                          field are not met at scheduling time, the pod will not be
+                          scheduled onto the node. If the affinity requirements specified
+                          by this field cease to be met at some point during pod execution
+                          (e.g. due to an update), the system may or may not try to
+                          eventually evict the pod from its node.
+                        properties:
+                          nodeSelectorTerms:
+                            description: Required. A list of node selector terms.
+                              The terms are ORed.
+                            items:
+                              description: A null or empty node selector term matches
+                                no objects. The requirements of them are ANDed. The
+                                TopologySelectorTerm type implements a subset of the
+                                NodeSelectorTerm.
+                              properties:
+                                matchExpressions:
+                                  description: A list of node selector requirements
+                                    by node's labels.
+                                  items:
+                                    description: A node selector requirement is a
+                                      selector that contains values, a key, and an
+                                      operator that relates the key and values.
+                                    properties:
+                                      key:
+                                        description: The label key that the selector
+                                          applies to.
+                                        type: string
+                                      operator:
+                                        description: Represents a key's relationship
+                                          to a set of values. Valid operators are
+                                          In, NotIn, Exists, DoesNotExist. Gt, and
+                                          Lt.
+                                        type: string
+                                      values:
+                                        description: An array of string values. If
+                                          the operator is In or NotIn, the values
+                                          array must be non-empty. If the operator
+                                          is Exists or DoesNotExist, the values array
+                                          must be empty. If the operator is Gt or
+                                          Lt, the values array must have a single
+                                          element, which will be interpreted as an
+                                          integer. This array is replaced during a
+                                          strategic merge patch.
+                                        items:
+                                          type: string
+                                        type: array
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                matchFields:
+                                  description: A list of node selector requirements
+                                    by node's fields.
+                                  items:
+                                    description: A node selector requirement is a
+                                      selector that contains values, a key, and an
+                                      operator that relates the key and values.
+                                    properties:
+                                      key:
+                                        description: The label key that the selector
+                                          applies to.
+                                        type: string
+                                      operator:
+                                        description: Represents a key's relationship
+                                          to a set of values. Valid operators are
+                                          In, NotIn, Exists, DoesNotExist. Gt, and
+                                          Lt.
+                                        type: string
+                                      values:
+                                        description: An array of string values. If
+                                          the operator is In or NotIn, the values
+                                          array must be non-empty. If the operator
+                                          is Exists or DoesNotExist, the values array
+                                          must be empty. If the operator is Gt or
+                                          Lt, the values array must have a single
+                                          element, which will be interpreted as an
+                                          integer. This array is replaced during a
+                                          strategic merge patch.
+                                        items:
+                                          type: string
+                                        type: array
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            type: array
+                        required:
+                        - nodeSelectorTerms
+                        type: object
+                        x-kubernetes-map-type: atomic
+                    type: object
+                  podAffinity:
+                    description: Describes pod affinity scheduling rules (e.g. co-locate
+                      this pod in the same node, zone, etc. as some other pod(s)).
+                    properties:
+                      preferredDuringSchedulingIgnoredDuringExecution:
+                        description: The scheduler will prefer to schedule pods to
+                          nodes that satisfy the affinity expressions specified by
+                          this field, but it may choose a node that violates one or
+                          more of the expressions. The node that is most preferred
+                          is the one with the greatest sum of weights, i.e. for each
+                          node that meets all of the scheduling requirements (resource
+                          request, requiredDuringScheduling affinity expressions,
+                          etc.), compute a sum by iterating through the elements of
+                          this field and adding "weight" to the sum if the node has
+                          pods which matches the corresponding podAffinityTerm; the
+                          node(s) with the highest sum are the most preferred.
+                        items:
+                          description: The weights of all of the matched WeightedPodAffinityTerm
+                            fields are added per-node to find the most preferred node(s)
+                          properties:
+                            podAffinityTerm:
+                              description: Required. A pod affinity term, associated
+                                with the corresponding weight.
+                              properties:
+                                labelSelector:
+                                  description: A label query over a set of resources,
+                                    in this case pods.
+                                  properties:
+                                    matchExpressions:
+                                      description: matchExpressions is a list of label
+                                        selector requirements. The requirements are
+                                        ANDed.
+                                      items:
+                                        description: A label selector requirement
+                                          is a selector that contains values, a key,
+                                          and an operator that relates the key and
+                                          values.
+                                        properties:
+                                          key:
+                                            description: key is the label key that
+                                              the selector applies to.
+                                            type: string
+                                          operator:
+                                            description: operator represents a key's
+                                              relationship to a set of values. Valid
+                                              operators are In, NotIn, Exists and
+                                              DoesNotExist.
+                                            type: string
+                                          values:
+                                            description: values is an array of string
+                                              values. If the operator is In or NotIn,
+                                              the values array must be non-empty.
+                                              If the operator is Exists or DoesNotExist,
+                                              the values array must be empty. This
+                                              array is replaced during a strategic
+                                              merge patch.
+                                            items:
+                                              type: string
+                                            type: array
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      description: matchLabels is a map of {key,value}
+                                        pairs. A single {key,value} in the matchLabels
+                                        map is equivalent to an element of matchExpressions,
+                                        whose key field is "key", the operator is
+                                        "In", and the values array contains only "value".
+                                        The requirements are ANDed.
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                namespaceSelector:
+                                  description: A label query over the set of namespaces
+                                    that the term applies to. The term is applied
+                                    to the union of the namespaces selected by this
+                                    field and the ones listed in the namespaces field.
+                                    null selector and null or empty namespaces list
+                                    means "this pod's namespace". An empty selector
+                                    ({}) matches all namespaces.
+                                  properties:
+                                    matchExpressions:
+                                      description: matchExpressions is a list of label
+                                        selector requirements. The requirements are
+                                        ANDed.
+                                      items:
+                                        description: A label selector requirement
+                                          is a selector that contains values, a key,
+                                          and an operator that relates the key and
+                                          values.
+                                        properties:
+                                          key:
+                                            description: key is the label key that
+                                              the selector applies to.
+                                            type: string
+                                          operator:
+                                            description: operator represents a key's
+                                              relationship to a set of values. Valid
+                                              operators are In, NotIn, Exists and
+                                              DoesNotExist.
+                                            type: string
+                                          values:
+                                            description: values is an array of string
+                                              values. If the operator is In or NotIn,
+                                              the values array must be non-empty.
+                                              If the operator is Exists or DoesNotExist,
+                                              the values array must be empty. This
+                                              array is replaced during a strategic
+                                              merge patch.
+                                            items:
+                                              type: string
+                                            type: array
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      description: matchLabels is a map of {key,value}
+                                        pairs. A single {key,value} in the matchLabels
+                                        map is equivalent to an element of matchExpressions,
+                                        whose key field is "key", the operator is
+                                        "In", and the values array contains only "value".
+                                        The requirements are ANDed.
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                namespaces:
+                                  description: namespaces specifies a static list
+                                    of namespace names that the term applies to. The
+                                    term is applied to the union of the namespaces
+                                    listed in this field and the ones selected by
+                                    namespaceSelector. null or empty namespaces list
+                                    and null namespaceSelector means "this pod's namespace".
+                                  items:
+                                    type: string
+                                  type: array
+                                topologyKey:
+                                  description: This pod should be co-located (affinity)
+                                    or not co-located (anti-affinity) with the pods
+                                    matching the labelSelector in the specified namespaces,
+                                    where co-located is defined as running on a node
+                                    whose value of the label with key topologyKey
+                                    matches that of any node on which any of the selected
+                                    pods is running. Empty topologyKey is not allowed.
+                                  type: string
+                              required:
+                              - topologyKey
+                              type: object
+                            weight:
+                              description: weight associated with matching the corresponding
+                                podAffinityTerm, in the range 1-100.
+                              format: int32
+                              type: integer
+                          required:
+                          - podAffinityTerm
+                          - weight
+                          type: object
+                        type: array
+                      requiredDuringSchedulingIgnoredDuringExecution:
+                        description: If the affinity requirements specified by this
+                          field are not met at scheduling time, the pod will not be
+                          scheduled onto the node. If the affinity requirements specified
+                          by this field cease to be met at some point during pod execution
+                          (e.g. due to a pod label update), the system may or may
+                          not try to eventually evict the pod from its node. When
+                          there are multiple elements, the lists of nodes corresponding
+                          to each podAffinityTerm are intersected, i.e. all terms
+                          must be satisfied.
+                        items:
+                          description: Defines a set of pods (namely those matching
+                            the labelSelector relative to the given namespace(s))
+                            that this pod should be co-located (affinity) or not co-located
+                            (anti-affinity) with, where co-located is defined as running
+                            on a node whose value of the label with key <topologyKey>
+                            matches that of any node on which a pod of the set of
+                            pods is running
+                          properties:
+                            labelSelector:
+                              description: A label query over a set of resources,
+                                in this case pods.
+                              properties:
+                                matchExpressions:
+                                  description: matchExpressions is a list of label
+                                    selector requirements. The requirements are ANDed.
+                                  items:
+                                    description: A label selector requirement is a
+                                      selector that contains values, a key, and an
+                                      operator that relates the key and values.
+                                    properties:
+                                      key:
+                                        description: key is the label key that the
+                                          selector applies to.
+                                        type: string
+                                      operator:
+                                        description: operator represents a key's relationship
+                                          to a set of values. Valid operators are
+                                          In, NotIn, Exists and DoesNotExist.
+                                        type: string
+                                      values:
+                                        description: values is an array of string
+                                          values. If the operator is In or NotIn,
+                                          the values array must be non-empty. If the
+                                          operator is Exists or DoesNotExist, the
+                                          values array must be empty. This array is
+                                          replaced during a strategic merge patch.
+                                        items:
+                                          type: string
+                                        type: array
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                matchLabels:
+                                  additionalProperties:
+                                    type: string
+                                  description: matchLabels is a map of {key,value}
+                                    pairs. A single {key,value} in the matchLabels
+                                    map is equivalent to an element of matchExpressions,
+                                    whose key field is "key", the operator is "In",
+                                    and the values array contains only "value". The
+                                    requirements are ANDed.
+                                  type: object
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            namespaceSelector:
+                              description: A label query over the set of namespaces
+                                that the term applies to. The term is applied to the
+                                union of the namespaces selected by this field and
+                                the ones listed in the namespaces field. null selector
+                                and null or empty namespaces list means "this pod's
+                                namespace". An empty selector ({}) matches all namespaces.
+                              properties:
+                                matchExpressions:
+                                  description: matchExpressions is a list of label
+                                    selector requirements. The requirements are ANDed.
+                                  items:
+                                    description: A label selector requirement is a
+                                      selector that contains values, a key, and an
+                                      operator that relates the key and values.
+                                    properties:
+                                      key:
+                                        description: key is the label key that the
+                                          selector applies to.
+                                        type: string
+                                      operator:
+                                        description: operator represents a key's relationship
+                                          to a set of values. Valid operators are
+                                          In, NotIn, Exists and DoesNotExist.
+                                        type: string
+                                      values:
+                                        description: values is an array of string
+                                          values. If the operator is In or NotIn,
+                                          the values array must be non-empty. If the
+                                          operator is Exists or DoesNotExist, the
+                                          values array must be empty. This array is
+                                          replaced during a strategic merge patch.
+                                        items:
+                                          type: string
+                                        type: array
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                matchLabels:
+                                  additionalProperties:
+                                    type: string
+                                  description: matchLabels is a map of {key,value}
+                                    pairs. A single {key,value} in the matchLabels
+                                    map is equivalent to an element of matchExpressions,
+                                    whose key field is "key", the operator is "In",
+                                    and the values array contains only "value". The
+                                    requirements are ANDed.
+                                  type: object
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            namespaces:
+                              description: namespaces specifies a static list of namespace
+                                names that the term applies to. The term is applied
+                                to the union of the namespaces listed in this field
+                                and the ones selected by namespaceSelector. null or
+                                empty namespaces list and null namespaceSelector means
+                                "this pod's namespace".
+                              items:
+                                type: string
+                              type: array
+                            topologyKey:
+                              description: This pod should be co-located (affinity)
+                                or not co-located (anti-affinity) with the pods matching
+                                the labelSelector in the specified namespaces, where
+                                co-located is defined as running on a node whose value
+                                of the label with key topologyKey matches that of
+                                any node on which any of the selected pods is running.
+                                Empty topologyKey is not allowed.
+                              type: string
+                          required:
+                          - topologyKey
+                          type: object
+                        type: array
+                    type: object
+                  podAntiAffinity:
+                    description: Describes pod anti-affinity scheduling rules (e.g.
+                      avoid putting this pod in the same node, zone, etc. as some
+                      other pod(s)).
+                    properties:
+                      preferredDuringSchedulingIgnoredDuringExecution:
+                        description: The scheduler will prefer to schedule pods to
+                          nodes that satisfy the anti-affinity expressions specified
+                          by this field, but it may choose a node that violates one
+                          or more of the expressions. The node that is most preferred
+                          is the one with the greatest sum of weights, i.e. for each
+                          node that meets all of the scheduling requirements (resource
+                          request, requiredDuringScheduling anti-affinity expressions,
+                          etc.), compute a sum by iterating through the elements of
+                          this field and adding "weight" to the sum if the node has
+                          pods which matches the corresponding podAffinityTerm; the
+                          node(s) with the highest sum are the most preferred.
+                        items:
+                          description: The weights of all of the matched WeightedPodAffinityTerm
+                            fields are added per-node to find the most preferred node(s)
+                          properties:
+                            podAffinityTerm:
+                              description: Required. A pod affinity term, associated
+                                with the corresponding weight.
+                              properties:
+                                labelSelector:
+                                  description: A label query over a set of resources,
+                                    in this case pods.
+                                  properties:
+                                    matchExpressions:
+                                      description: matchExpressions is a list of label
+                                        selector requirements. The requirements are
+                                        ANDed.
+                                      items:
+                                        description: A label selector requirement
+                                          is a selector that contains values, a key,
+                                          and an operator that relates the key and
+                                          values.
+                                        properties:
+                                          key:
+                                            description: key is the label key that
+                                              the selector applies to.
+                                            type: string
+                                          operator:
+                                            description: operator represents a key's
+                                              relationship to a set of values. Valid
+                                              operators are In, NotIn, Exists and
+                                              DoesNotExist.
+                                            type: string
+                                          values:
+                                            description: values is an array of string
+                                              values. If the operator is In or NotIn,
+                                              the values array must be non-empty.
+                                              If the operator is Exists or DoesNotExist,
+                                              the values array must be empty. This
+                                              array is replaced during a strategic
+                                              merge patch.
+                                            items:
+                                              type: string
+                                            type: array
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      description: matchLabels is a map of {key,value}
+                                        pairs. A single {key,value} in the matchLabels
+                                        map is equivalent to an element of matchExpressions,
+                                        whose key field is "key", the operator is
+                                        "In", and the values array contains only "value".
+                                        The requirements are ANDed.
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                namespaceSelector:
+                                  description: A label query over the set of namespaces
+                                    that the term applies to. The term is applied
+                                    to the union of the namespaces selected by this
+                                    field and the ones listed in the namespaces field.
+                                    null selector and null or empty namespaces list
+                                    means "this pod's namespace". An empty selector
+                                    ({}) matches all namespaces.
+                                  properties:
+                                    matchExpressions:
+                                      description: matchExpressions is a list of label
+                                        selector requirements. The requirements are
+                                        ANDed.
+                                      items:
+                                        description: A label selector requirement
+                                          is a selector that contains values, a key,
+                                          and an operator that relates the key and
+                                          values.
+                                        properties:
+                                          key:
+                                            description: key is the label key that
+                                              the selector applies to.
+                                            type: string
+                                          operator:
+                                            description: operator represents a key's
+                                              relationship to a set of values. Valid
+                                              operators are In, NotIn, Exists and
+                                              DoesNotExist.
+                                            type: string
+                                          values:
+                                            description: values is an array of string
+                                              values. If the operator is In or NotIn,
+                                              the values array must be non-empty.
+                                              If the operator is Exists or DoesNotExist,
+                                              the values array must be empty. This
+                                              array is replaced during a strategic
+                                              merge patch.
+                                            items:
+                                              type: string
+                                            type: array
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      description: matchLabels is a map of {key,value}
+                                        pairs. A single {key,value} in the matchLabels
+                                        map is equivalent to an element of matchExpressions,
+                                        whose key field is "key", the operator is
+                                        "In", and the values array contains only "value".
+                                        The requirements are ANDed.
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                namespaces:
+                                  description: namespaces specifies a static list
+                                    of namespace names that the term applies to. The
+                                    term is applied to the union of the namespaces
+                                    listed in this field and the ones selected by
+                                    namespaceSelector. null or empty namespaces list
+                                    and null namespaceSelector means "this pod's namespace".
+                                  items:
+                                    type: string
+                                  type: array
+                                topologyKey:
+                                  description: This pod should be co-located (affinity)
+                                    or not co-located (anti-affinity) with the pods
+                                    matching the labelSelector in the specified namespaces,
+                                    where co-located is defined as running on a node
+                                    whose value of the label with key topologyKey
+                                    matches that of any node on which any of the selected
+                                    pods is running. Empty topologyKey is not allowed.
+                                  type: string
+                              required:
+                              - topologyKey
+                              type: object
+                            weight:
+                              description: weight associated with matching the corresponding
+                                podAffinityTerm, in the range 1-100.
+                              format: int32
+                              type: integer
+                          required:
+                          - podAffinityTerm
+                          - weight
+                          type: object
+                        type: array
+                      requiredDuringSchedulingIgnoredDuringExecution:
+                        description: If the anti-affinity requirements specified by
+                          this field are not met at scheduling time, the pod will
+                          not be scheduled onto the node. If the anti-affinity requirements
+                          specified by this field cease to be met at some point during
+                          pod execution (e.g. due to a pod label update), the system
+                          may or may not try to eventually evict the pod from its
+                          node. When there are multiple elements, the lists of nodes
+                          corresponding to each podAffinityTerm are intersected, i.e.
+                          all terms must be satisfied.
+                        items:
+                          description: Defines a set of pods (namely those matching
+                            the labelSelector relative to the given namespace(s))
+                            that this pod should be co-located (affinity) or not co-located
+                            (anti-affinity) with, where co-located is defined as running
+                            on a node whose value of the label with key <topologyKey>
+                            matches that of any node on which a pod of the set of
+                            pods is running
+                          properties:
+                            labelSelector:
+                              description: A label query over a set of resources,
+                                in this case pods.
+                              properties:
+                                matchExpressions:
+                                  description: matchExpressions is a list of label
+                                    selector requirements. The requirements are ANDed.
+                                  items:
+                                    description: A label selector requirement is a
+                                      selector that contains values, a key, and an
+                                      operator that relates the key and values.
+                                    properties:
+                                      key:
+                                        description: key is the label key that the
+                                          selector applies to.
+                                        type: string
+                                      operator:
+                                        description: operator represents a key's relationship
+                                          to a set of values. Valid operators are
+                                          In, NotIn, Exists and DoesNotExist.
+                                        type: string
+                                      values:
+                                        description: values is an array of string
+                                          values. If the operator is In or NotIn,
+                                          the values array must be non-empty. If the
+                                          operator is Exists or DoesNotExist, the
+                                          values array must be empty. This array is
+                                          replaced during a strategic merge patch.
+                                        items:
+                                          type: string
+                                        type: array
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                matchLabels:
+                                  additionalProperties:
+                                    type: string
+                                  description: matchLabels is a map of {key,value}
+                                    pairs. A single {key,value} in the matchLabels
+                                    map is equivalent to an element of matchExpressions,
+                                    whose key field is "key", the operator is "In",
+                                    and the values array contains only "value". The
+                                    requirements are ANDed.
+                                  type: object
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            namespaceSelector:
+                              description: A label query over the set of namespaces
+                                that the term applies to. The term is applied to the
+                                union of the namespaces selected by this field and
+                                the ones listed in the namespaces field. null selector
+                                and null or empty namespaces list means "this pod's
+                                namespace". An empty selector ({}) matches all namespaces.
+                              properties:
+                                matchExpressions:
+                                  description: matchExpressions is a list of label
+                                    selector requirements. The requirements are ANDed.
+                                  items:
+                                    description: A label selector requirement is a
+                                      selector that contains values, a key, and an
+                                      operator that relates the key and values.
+                                    properties:
+                                      key:
+                                        description: key is the label key that the
+                                          selector applies to.
+                                        type: string
+                                      operator:
+                                        description: operator represents a key's relationship
+                                          to a set of values. Valid operators are
+                                          In, NotIn, Exists and DoesNotExist.
+                                        type: string
+                                      values:
+                                        description: values is an array of string
+                                          values. If the operator is In or NotIn,
+                                          the values array must be non-empty. If the
+                                          operator is Exists or DoesNotExist, the
+                                          values array must be empty. This array is
+                                          replaced during a strategic merge patch.
+                                        items:
+                                          type: string
+                                        type: array
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                matchLabels:
+                                  additionalProperties:
+                                    type: string
+                                  description: matchLabels is a map of {key,value}
+                                    pairs. A single {key,value} in the matchLabels
+                                    map is equivalent to an element of matchExpressions,
+                                    whose key field is "key", the operator is "In",
+                                    and the values array contains only "value". The
+                                    requirements are ANDed.
+                                  type: object
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            namespaces:
+                              description: namespaces specifies a static list of namespace
+                                names that the term applies to. The term is applied
+                                to the union of the namespaces listed in this field
+                                and the ones selected by namespaceSelector. null or
+                                empty namespaces list and null namespaceSelector means
+                                "this pod's namespace".
+                              items:
+                                type: string
+                              type: array
+                            topologyKey:
+                              description: This pod should be co-located (affinity)
+                                or not co-located (anti-affinity) with the pods matching
+                                the labelSelector in the specified namespaces, where
+                                co-located is defined as running on a node whose value
+                                of the label with key topologyKey matches that of
+                                any node on which any of the selected pods is running.
+                                Empty topologyKey is not allowed.
+                              type: string
+                          required:
+                          - topologyKey
+                          type: object
+                        type: array
+                    type: object
+                type: object
+              alerting:
+                description: Define details regarding alerting.
+                properties:
+                  alertmanagers:
+                    description: AlertmanagerEndpoints Prometheus should fire alerts
+                      against.
+                    items:
+                      description: AlertmanagerEndpoints defines a selection of a
+                        single Endpoints object containing alertmanager IPs to fire
+                        alerts against.
+                      properties:
+                        apiVersion:
+                          description: Version of the Alertmanager API that Prometheus
+                            uses to send alerts. It can be "v1" or "v2".
+                          type: string
+                        authorization:
+                          description: Authorization section for this alertmanager
+                            endpoint
+                          properties:
+                            credentials:
+                              description: The secret's key that contains the credentials
+                                of the request
+                              properties:
+                                key:
+                                  description: The key of the secret to select from.  Must
+                                    be a valid secret key.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the Secret or its key
+                                    must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            type:
+                              description: Set the authentication type. Defaults to
+                                Bearer, Basic will cause an error
+                              type: string
+                          type: object
+                        basicAuth:
+                          description: BasicAuth allow an endpoint to authenticate
+                            over basic authentication
+                          properties:
+                            password:
+                              description: The secret in the service monitor namespace
+                                that contains the password for authentication.
+                              properties:
+                                key:
+                                  description: The key of the secret to select from.  Must
+                                    be a valid secret key.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the Secret or its key
+                                    must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            username:
+                              description: The secret in the service monitor namespace
+                                that contains the username for authentication.
+                              properties:
+                                key:
+                                  description: The key of the secret to select from.  Must
+                                    be a valid secret key.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the Secret or its key
+                                    must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                        bearerTokenFile:
+                          description: BearerTokenFile to read from filesystem to
+                            use when authenticating to Alertmanager.
+                          type: string
+                        enableHttp2:
+                          description: Whether to enable HTTP2.
+                          type: boolean
+                        name:
+                          description: Name of Endpoints object in Namespace.
+                          type: string
+                        namespace:
+                          description: Namespace of Endpoints object.
+                          type: string
+                        pathPrefix:
+                          description: Prefix for the HTTP path alerts are pushed
+                            to.
+                          type: string
+                        port:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          description: Port the Alertmanager API is exposed on.
+                          x-kubernetes-int-or-string: true
+                        scheme:
+                          description: Scheme to use when firing alerts.
+                          type: string
+                        timeout:
+                          description: Timeout is a per-target Alertmanager timeout
+                            when pushing alerts.
+                          pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                          type: string
+                        tlsConfig:
+                          description: TLS Config to use for alertmanager connection.
+                          properties:
+                            ca:
+                              description: Certificate authority used when verifying
+                                server certificates.
+                              properties:
+                                configMap:
+                                  description: ConfigMap containing data to use for
+                                    the targets.
+                                  properties:
+                                    key:
+                                      description: The key to select.
+                                      type: string
+                                    name:
+                                      description: 'Name of the referent. More info:
+                                        https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                        TODO: Add other useful fields. apiVersion,
+                                        kind, uid?'
+                                      type: string
+                                    optional:
+                                      description: Specify whether the ConfigMap or
+                                        its key must be defined
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                secret:
+                                  description: Secret containing data to use for the
+                                    targets.
+                                  properties:
+                                    key:
+                                      description: The key of the secret to select
+                                        from.  Must be a valid secret key.
+                                      type: string
+                                    name:
+                                      description: 'Name of the referent. More info:
+                                        https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                        TODO: Add other useful fields. apiVersion,
+                                        kind, uid?'
+                                      type: string
+                                    optional:
+                                      description: Specify whether the Secret or its
+                                        key must be defined
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            caFile:
+                              description: Path to the CA cert in the Prometheus container
+                                to use for the targets.
+                              type: string
+                            cert:
+                              description: Client certificate to present when doing
+                                client-authentication.
+                              properties:
+                                configMap:
+                                  description: ConfigMap containing data to use for
+                                    the targets.
+                                  properties:
+                                    key:
+                                      description: The key to select.
+                                      type: string
+                                    name:
+                                      description: 'Name of the referent. More info:
+                                        https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                        TODO: Add other useful fields. apiVersion,
+                                        kind, uid?'
+                                      type: string
+                                    optional:
+                                      description: Specify whether the ConfigMap or
+                                        its key must be defined
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                secret:
+                                  description: Secret containing data to use for the
+                                    targets.
+                                  properties:
+                                    key:
+                                      description: The key of the secret to select
+                                        from.  Must be a valid secret key.
+                                      type: string
+                                    name:
+                                      description: 'Name of the referent. More info:
+                                        https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                        TODO: Add other useful fields. apiVersion,
+                                        kind, uid?'
+                                      type: string
+                                    optional:
+                                      description: Specify whether the Secret or its
+                                        key must be defined
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            certFile:
+                              description: Path to the client cert file in the Prometheus
+                                container for the targets.
+                              type: string
+                            insecureSkipVerify:
+                              description: Disable target certificate validation.
+                              type: boolean
+                            keyFile:
+                              description: Path to the client key file in the Prometheus
+                                container for the targets.
+                              type: string
+                            keySecret:
+                              description: Secret containing the client key file for
+                                the targets.
+                              properties:
+                                key:
+                                  description: The key of the secret to select from.  Must
+                                    be a valid secret key.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the Secret or its key
+                                    must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            serverName:
+                              description: Used to verify the hostname for the targets.
+                              type: string
+                          type: object
+                      required:
+                      - name
+                      - namespace
+                      - port
+                      type: object
+                    type: array
+                required:
+                - alertmanagers
+                type: object
+              allowOverlappingBlocks:
+                description: AllowOverlappingBlocks enables vertical compaction and
+                  vertical query merge in Prometheus. This is still experimental in
+                  Prometheus so it may change in any upcoming release.
+                type: boolean
+              apiserverConfig:
+                description: APIServerConfig allows specifying a host and auth methods
+                  to access apiserver. If left empty, Prometheus is assumed to run
+                  inside of the cluster and will discover API servers automatically
+                  and use the pod's CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/.
+                properties:
+                  authorization:
+                    description: Authorization section for accessing apiserver
+                    properties:
+                      credentials:
+                        description: The secret's key that contains the credentials
+                          of the request
+                        properties:
+                          key:
+                            description: The key of the secret to select from.  Must
+                              be a valid secret key.
+                            type: string
+                          name:
+                            description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                              TODO: Add other useful fields. apiVersion, kind, uid?'
+                            type: string
+                          optional:
+                            description: Specify whether the Secret or its key must
+                              be defined
+                            type: boolean
+                        required:
+                        - key
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      credentialsFile:
+                        description: File to read a secret from, mutually exclusive
+                          with Credentials (from SafeAuthorization)
+                        type: string
+                      type:
+                        description: Set the authentication type. Defaults to Bearer,
+                          Basic will cause an error
+                        type: string
+                    type: object
+                  basicAuth:
+                    description: BasicAuth allow an endpoint to authenticate over
+                      basic authentication
+                    properties:
+                      password:
+                        description: The secret in the service monitor namespace that
+                          contains the password for authentication.
+                        properties:
+                          key:
+                            description: The key of the secret to select from.  Must
+                              be a valid secret key.
+                            type: string
+                          name:
+                            description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                              TODO: Add other useful fields. apiVersion, kind, uid?'
+                            type: string
+                          optional:
+                            description: Specify whether the Secret or its key must
+                              be defined
+                            type: boolean
+                        required:
+                        - key
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      username:
+                        description: The secret in the service monitor namespace that
+                          contains the username for authentication.
+                        properties:
+                          key:
+                            description: The key of the secret to select from.  Must
+                              be a valid secret key.
+                            type: string
+                          name:
+                            description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                              TODO: Add other useful fields. apiVersion, kind, uid?'
+                            type: string
+                          optional:
+                            description: Specify whether the Secret or its key must
+                              be defined
+                            type: boolean
+                        required:
+                        - key
+                        type: object
+                        x-kubernetes-map-type: atomic
+                    type: object
+                  bearerToken:
+                    description: Bearer token for accessing apiserver.
+                    type: string
+                  bearerTokenFile:
+                    description: File to read bearer token for accessing apiserver.
+                    type: string
+                  host:
+                    description: Host of apiserver. A valid string consisting of a
+                      hostname or IP followed by an optional port number
+                    type: string
+                  tlsConfig:
+                    description: TLS Config to use for accessing apiserver.
+                    properties:
+                      ca:
+                        description: Certificate authority used when verifying server
+                          certificates.
+                        properties:
+                          configMap:
+                            description: ConfigMap containing data to use for the
+                              targets.
+                            properties:
+                              key:
+                                description: The key to select.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the ConfigMap or its
+                                  key must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          secret:
+                            description: Secret containing data to use for the targets.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      caFile:
+                        description: Path to the CA cert in the Prometheus container
+                          to use for the targets.
+                        type: string
+                      cert:
+                        description: Client certificate to present when doing client-authentication.
+                        properties:
+                          configMap:
+                            description: ConfigMap containing data to use for the
+                              targets.
+                            properties:
+                              key:
+                                description: The key to select.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the ConfigMap or its
+                                  key must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          secret:
+                            description: Secret containing data to use for the targets.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      certFile:
+                        description: Path to the client cert file in the Prometheus
+                          container for the targets.
+                        type: string
+                      insecureSkipVerify:
+                        description: Disable target certificate validation.
+                        type: boolean
+                      keyFile:
+                        description: Path to the client key file in the Prometheus
+                          container for the targets.
+                        type: string
+                      keySecret:
+                        description: Secret containing the client key file for the
+                          targets.
+                        properties:
+                          key:
+                            description: The key of the secret to select from.  Must
+                              be a valid secret key.
+                            type: string
+                          name:
+                            description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                              TODO: Add other useful fields. apiVersion, kind, uid?'
+                            type: string
+                          optional:
+                            description: Specify whether the Secret or its key must
+                              be defined
+                            type: boolean
+                        required:
+                        - key
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      serverName:
+                        description: Used to verify the hostname for the targets.
+                        type: string
+                    type: object
+                required:
+                - host
+                type: object
+              arbitraryFSAccessThroughSMs:
+                description: ArbitraryFSAccessThroughSMs configures whether configuration
+                  based on a service monitor can access arbitrary files on the file
+                  system of the Prometheus container e.g. bearer token files.
+                properties:
+                  deny:
+                    type: boolean
+                type: object
+              baseImage:
+                description: 'Base image to use for a Prometheus deployment. Deprecated:
+                  use ''image'' instead'
+                type: string
+              configMaps:
+                description: ConfigMaps is a list of ConfigMaps in the same namespace
+                  as the Prometheus object, which shall be mounted into the Prometheus
+                  Pods. Each ConfigMap is added to the StatefulSet definition as a
+                  volume named `configmap-<configmap-name>`. The ConfigMaps are mounted
+                  into /etc/prometheus/configmaps/<configmap-name> in the 'prometheus'
+                  container.
+                items:
+                  type: string
+                type: array
+              containers:
+                description: 'Containers allows injecting additional containers or
+                  modifying operator generated containers. This can be used to allow
+                  adding an authentication proxy to a Prometheus pod or to change
+                  the behavior of an operator generated container. Containers described
+                  here modify an operator generated container if they share the same
+                  name and modifications are done via a strategic merge patch. The
+                  current container names are: `prometheus`, `config-reloader`, and
+                  `thanos-sidecar`. Overriding containers is entirely outside the
+                  scope of what the maintainers will support and by doing so, you
+                  accept that this behaviour may break at any time without notice.'
+                items:
+                  description: A single application container that you want to run
+                    within a pod.
+                  properties:
+                    args:
+                      description: 'Arguments to the entrypoint. The container image''s
+                        CMD is used if this is not provided. Variable references $(VAR_NAME)
+                        are expanded using the container''s environment. If a variable
+                        cannot be resolved, the reference in the input string will
+                        be unchanged. Double $$ are reduced to a single $, which allows
+                        for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
+                        produce the string literal "$(VAR_NAME)". Escaped references
+                        will never be expanded, regardless of whether the variable
+                        exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+                      items:
+                        type: string
+                      type: array
+                    command:
+                      description: 'Entrypoint array. Not executed within a shell.
+                        The container image''s ENTRYPOINT is used if this is not provided.
+                        Variable references $(VAR_NAME) are expanded using the container''s
+                        environment. If a variable cannot be resolved, the reference
+                        in the input string will be unchanged. Double $$ are reduced
+                        to a single $, which allows for escaping the $(VAR_NAME) syntax:
+                        i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
+                        Escaped references will never be expanded, regardless of whether
+                        the variable exists or not. Cannot be updated. More info:
+                        https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+                      items:
+                        type: string
+                      type: array
+                    env:
+                      description: List of environment variables to set in the container.
+                        Cannot be updated.
+                      items:
+                        description: EnvVar represents an environment variable present
+                          in a Container.
+                        properties:
+                          name:
+                            description: Name of the environment variable. Must be
+                              a C_IDENTIFIER.
+                            type: string
+                          value:
+                            description: 'Variable references $(VAR_NAME) are expanded
+                              using the previously defined environment variables in
+                              the container and any service environment variables.
+                              If a variable cannot be resolved, the reference in the
+                              input string will be unchanged. Double $$ are reduced
+                              to a single $, which allows for escaping the $(VAR_NAME)
+                              syntax: i.e. "$$(VAR_NAME)" will produce the string
+                              literal "$(VAR_NAME)". Escaped references will never
+                              be expanded, regardless of whether the variable exists
+                              or not. Defaults to "".'
+                            type: string
+                          valueFrom:
+                            description: Source for the environment variable's value.
+                              Cannot be used if value is not empty.
+                            properties:
+                              configMapKeyRef:
+                                description: Selects a key of a ConfigMap.
+                                properties:
+                                  key:
+                                    description: The key to select.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the ConfigMap or
+                                      its key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              fieldRef:
+                                description: 'Selects a field of the pod: supports
+                                  metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`,
+                                  `metadata.annotations[''<KEY>'']`, spec.nodeName,
+                                  spec.serviceAccountName, status.hostIP, status.podIP,
+                                  status.podIPs.'
+                                properties:
+                                  apiVersion:
+                                    description: Version of the schema the FieldPath
+                                      is written in terms of, defaults to "v1".
+                                    type: string
+                                  fieldPath:
+                                    description: Path of the field to select in the
+                                      specified API version.
+                                    type: string
+                                required:
+                                - fieldPath
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              resourceFieldRef:
+                                description: 'Selects a resource of the container:
+                                  only resources limits and requests (limits.cpu,
+                                  limits.memory, limits.ephemeral-storage, requests.cpu,
+                                  requests.memory and requests.ephemeral-storage)
+                                  are currently supported.'
+                                properties:
+                                  containerName:
+                                    description: 'Container name: required for volumes,
+                                      optional for env vars'
+                                    type: string
+                                  divisor:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    description: Specifies the output format of the
+                                      exposed resources, defaults to "1"
+                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                    x-kubernetes-int-or-string: true
+                                  resource:
+                                    description: 'Required: resource to select'
+                                    type: string
+                                required:
+                                - resource
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              secretKeyRef:
+                                description: Selects a key of a secret in the pod's
+                                  namespace
+                                properties:
+                                  key:
+                                    description: The key of the secret to select from.  Must
+                                      be a valid secret key.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the Secret or its
+                                      key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        required:
+                        - name
+                        type: object
+                      type: array
+                    envFrom:
+                      description: List of sources to populate environment variables
+                        in the container. The keys defined within a source must be
+                        a C_IDENTIFIER. All invalid keys will be reported as an event
+                        when the container is starting. When a key exists in multiple
+                        sources, the value associated with the last source will take
+                        precedence. Values defined by an Env with a duplicate key
+                        will take precedence. Cannot be updated.
+                      items:
+                        description: EnvFromSource represents the source of a set
+                          of ConfigMaps
+                        properties:
+                          configMapRef:
+                            description: The ConfigMap to select from
+                            properties:
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the ConfigMap must be
+                                  defined
+                                type: boolean
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          prefix:
+                            description: An optional identifier to prepend to each
+                              key in the ConfigMap. Must be a C_IDENTIFIER.
+                            type: string
+                          secretRef:
+                            description: The Secret to select from
+                            properties:
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret must be defined
+                                type: boolean
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      type: array
+                    image:
+                      description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images
+                        This field is optional to allow higher level config management
+                        to default or override container images in workload controllers
+                        like Deployments and StatefulSets.'
+                      type: string
+                    imagePullPolicy:
+                      description: 'Image pull policy. One of Always, Never, IfNotPresent.
+                        Defaults to Always if :latest tag is specified, or IfNotPresent
+                        otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
+                      type: string
+                    lifecycle:
+                      description: Actions that the management system should take
+                        in response to container lifecycle events. Cannot be updated.
+                      properties:
+                        postStart:
+                          description: 'PostStart is called immediately after a container
+                            is created. If the handler fails, the container is terminated
+                            and restarted according to its restart policy. Other management
+                            of the container blocks until the hook completes. More
+                            info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
+                          properties:
+                            exec:
+                              description: Exec specifies the action to take.
+                              properties:
+                                command:
+                                  description: Command is the command line to execute
+                                    inside the container, the working directory for
+                                    the command  is root ('/') in the container's
+                                    filesystem. The command is simply exec'd, it is
+                                    not run inside a shell, so traditional shell instructions
+                                    ('|', etc) won't work. To use a shell, you need
+                                    to explicitly call out to that shell. Exit status
+                                    of 0 is treated as live/healthy and non-zero is
+                                    unhealthy.
+                                  items:
+                                    type: string
+                                  type: array
+                              type: object
+                            httpGet:
+                              description: HTTPGet specifies the http request to perform.
+                              properties:
+                                host:
+                                  description: Host name to connect to, defaults to
+                                    the pod IP. You probably want to set "Host" in
+                                    httpHeaders instead.
+                                  type: string
+                                httpHeaders:
+                                  description: Custom headers to set in the request.
+                                    HTTP allows repeated headers.
+                                  items:
+                                    description: HTTPHeader describes a custom header
+                                      to be used in HTTP probes
+                                    properties:
+                                      name:
+                                        description: The header field name
+                                        type: string
+                                      value:
+                                        description: The header field value
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                path:
+                                  description: Path to access on the HTTP server.
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Name or number of the port to access
+                                    on the container. Number must be in the range
+                                    1 to 65535. Name must be an IANA_SVC_NAME.
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  description: Scheme to use for connecting to the
+                                    host. Defaults to HTTP.
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            tcpSocket:
+                              description: Deprecated. TCPSocket is NOT supported
+                                as a LifecycleHandler and kept for the backward compatibility.
+                                There are no validation of this field and lifecycle
+                                hooks will fail in runtime when tcp handler is specified.
+                              properties:
+                                host:
+                                  description: 'Optional: Host name to connect to,
+                                    defaults to the pod IP.'
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Number or name of the port to access
+                                    on the container. Number must be in the range
+                                    1 to 65535. Name must be an IANA_SVC_NAME.
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                          type: object
+                        preStop:
+                          description: 'PreStop is called immediately before a container
+                            is terminated due to an API request or management event
+                            such as liveness/startup probe failure, preemption, resource
+                            contention, etc. The handler is not called if the container
+                            crashes or exits. The Pod''s termination grace period
+                            countdown begins before the PreStop hook is executed.
+                            Regardless of the outcome of the handler, the container
+                            will eventually terminate within the Pod''s termination
+                            grace period (unless delayed by finalizers). Other management
+                            of the container blocks until the hook completes or until
+                            the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
+                          properties:
+                            exec:
+                              description: Exec specifies the action to take.
+                              properties:
+                                command:
+                                  description: Command is the command line to execute
+                                    inside the container, the working directory for
+                                    the command  is root ('/') in the container's
+                                    filesystem. The command is simply exec'd, it is
+                                    not run inside a shell, so traditional shell instructions
+                                    ('|', etc) won't work. To use a shell, you need
+                                    to explicitly call out to that shell. Exit status
+                                    of 0 is treated as live/healthy and non-zero is
+                                    unhealthy.
+                                  items:
+                                    type: string
+                                  type: array
+                              type: object
+                            httpGet:
+                              description: HTTPGet specifies the http request to perform.
+                              properties:
+                                host:
+                                  description: Host name to connect to, defaults to
+                                    the pod IP. You probably want to set "Host" in
+                                    httpHeaders instead.
+                                  type: string
+                                httpHeaders:
+                                  description: Custom headers to set in the request.
+                                    HTTP allows repeated headers.
+                                  items:
+                                    description: HTTPHeader describes a custom header
+                                      to be used in HTTP probes
+                                    properties:
+                                      name:
+                                        description: The header field name
+                                        type: string
+                                      value:
+                                        description: The header field value
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                path:
+                                  description: Path to access on the HTTP server.
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Name or number of the port to access
+                                    on the container. Number must be in the range
+                                    1 to 65535. Name must be an IANA_SVC_NAME.
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  description: Scheme to use for connecting to the
+                                    host. Defaults to HTTP.
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            tcpSocket:
+                              description: Deprecated. TCPSocket is NOT supported
+                                as a LifecycleHandler and kept for the backward compatibility.
+                                There are no validation of this field and lifecycle
+                                hooks will fail in runtime when tcp handler is specified.
+                              properties:
+                                host:
+                                  description: 'Optional: Host name to connect to,
+                                    defaults to the pod IP.'
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Number or name of the port to access
+                                    on the container. Number must be in the range
+                                    1 to 65535. Name must be an IANA_SVC_NAME.
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                          type: object
+                      type: object
+                    livenessProbe:
+                      description: 'Periodic probe of container liveness. Container
+                        will be restarted if the probe fails. Cannot be updated. More
+                        info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                      properties:
+                        exec:
+                          description: Exec specifies the action to take.
+                          properties:
+                            command:
+                              description: Command is the command line to execute
+                                inside the container, the working directory for the
+                                command  is root ('/') in the container's filesystem.
+                                The command is simply exec'd, it is not run inside
+                                a shell, so traditional shell instructions ('|', etc)
+                                won't work. To use a shell, you need to explicitly
+                                call out to that shell. Exit status of 0 is treated
+                                as live/healthy and non-zero is unhealthy.
+                              items:
+                                type: string
+                              type: array
+                          type: object
+                        failureThreshold:
+                          description: Minimum consecutive failures for the probe
+                            to be considered failed after having succeeded. Defaults
+                            to 3. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        grpc:
+                          description: GRPC specifies an action involving a GRPC port.
+                            This is a beta field and requires enabling GRPCContainerProbe
+                            feature gate.
+                          properties:
+                            port:
+                              description: Port number of the gRPC service. Number
+                                must be in the range 1 to 65535.
+                              format: int32
+                              type: integer
+                            service:
+                              description: "Service is the name of the service to
+                                place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+                                \n If this is not specified, the default behavior
+                                is defined by gRPC."
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          description: HTTPGet specifies the http request to perform.
+                          properties:
+                            host:
+                              description: Host name to connect to, defaults to the
+                                pod IP. You probably want to set "Host" in httpHeaders
+                                instead.
+                              type: string
+                            httpHeaders:
+                              description: Custom headers to set in the request. HTTP
+                                allows repeated headers.
+                              items:
+                                description: HTTPHeader describes a custom header
+                                  to be used in HTTP probes
+                                properties:
+                                  name:
+                                    description: The header field name
+                                    type: string
+                                  value:
+                                    description: The header field value
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                            path:
+                              description: Path to access on the HTTP server.
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Name or number of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              description: Scheme to use for connecting to the host.
+                                Defaults to HTTP.
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          description: 'Number of seconds after the container has
+                            started before liveness probes are initiated. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          description: How often (in seconds) to perform the probe.
+                            Default to 10 seconds. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          description: Minimum consecutive successes for the probe
+                            to be considered successful after having failed. Defaults
+                            to 1. Must be 1 for liveness and startup. Minimum value
+                            is 1.
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          description: TCPSocket specifies an action involving a TCP
+                            port.
+                          properties:
+                            host:
+                              description: 'Optional: Host name to connect to, defaults
+                                to the pod IP.'
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Number or name of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          description: Optional duration in seconds the pod needs
+                            to terminate gracefully upon probe failure. The grace
+                            period is the duration in seconds after the processes
+                            running in the pod are sent a termination signal and the
+                            time when the processes are forcibly halted with a kill
+                            signal. Set this value longer than the expected cleanup
+                            time for your process. If this value is nil, the pod's
+                            terminationGracePeriodSeconds will be used. Otherwise,
+                            this value overrides the value provided by the pod spec.
+                            Value must be non-negative integer. The value zero indicates
+                            stop immediately via the kill signal (no opportunity to
+                            shut down). This is a beta field and requires enabling
+                            ProbeTerminationGracePeriod feature gate. Minimum value
+                            is 1. spec.terminationGracePeriodSeconds is used if unset.
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          description: 'Number of seconds after which the probe times
+                            out. Defaults to 1 second. Minimum value is 1. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                      type: object
+                    name:
+                      description: Name of the container specified as a DNS_LABEL.
+                        Each container in a pod must have a unique name (DNS_LABEL).
+                        Cannot be updated.
+                      type: string
+                    ports:
+                      description: List of ports to expose from the container. Not
+                        specifying a port here DOES NOT prevent that port from being
+                        exposed. Any port which is listening on the default "0.0.0.0"
+                        address inside a container will be accessible from the network.
+                        Modifying this array with strategic merge patch may corrupt
+                        the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255.
+                        Cannot be updated.
+                      items:
+                        description: ContainerPort represents a network port in a
+                          single container.
+                        properties:
+                          containerPort:
+                            description: Number of port to expose on the pod's IP
+                              address. This must be a valid port number, 0 < x < 65536.
+                            format: int32
+                            type: integer
+                          hostIP:
+                            description: What host IP to bind the external port to.
+                            type: string
+                          hostPort:
+                            description: Number of port to expose on the host. If
+                              specified, this must be a valid port number, 0 < x <
+                              65536. If HostNetwork is specified, this must match
+                              ContainerPort. Most containers do not need this.
+                            format: int32
+                            type: integer
+                          name:
+                            description: If specified, this must be an IANA_SVC_NAME
+                              and unique within the pod. Each named port in a pod
+                              must have a unique name. Name for the port that can
+                              be referred to by services.
+                            type: string
+                          protocol:
+                            default: TCP
+                            description: Protocol for port. Must be UDP, TCP, or SCTP.
+                              Defaults to "TCP".
+                            type: string
+                        required:
+                        - containerPort
+                        type: object
+                      type: array
+                      x-kubernetes-list-map-keys:
+                      - containerPort
+                      - protocol
+                      x-kubernetes-list-type: map
+                    readinessProbe:
+                      description: 'Periodic probe of container service readiness.
+                        Container will be removed from service endpoints if the probe
+                        fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                      properties:
+                        exec:
+                          description: Exec specifies the action to take.
+                          properties:
+                            command:
+                              description: Command is the command line to execute
+                                inside the container, the working directory for the
+                                command  is root ('/') in the container's filesystem.
+                                The command is simply exec'd, it is not run inside
+                                a shell, so traditional shell instructions ('|', etc)
+                                won't work. To use a shell, you need to explicitly
+                                call out to that shell. Exit status of 0 is treated
+                                as live/healthy and non-zero is unhealthy.
+                              items:
+                                type: string
+                              type: array
+                          type: object
+                        failureThreshold:
+                          description: Minimum consecutive failures for the probe
+                            to be considered failed after having succeeded. Defaults
+                            to 3. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        grpc:
+                          description: GRPC specifies an action involving a GRPC port.
+                            This is a beta field and requires enabling GRPCContainerProbe
+                            feature gate.
+                          properties:
+                            port:
+                              description: Port number of the gRPC service. Number
+                                must be in the range 1 to 65535.
+                              format: int32
+                              type: integer
+                            service:
+                              description: "Service is the name of the service to
+                                place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+                                \n If this is not specified, the default behavior
+                                is defined by gRPC."
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          description: HTTPGet specifies the http request to perform.
+                          properties:
+                            host:
+                              description: Host name to connect to, defaults to the
+                                pod IP. You probably want to set "Host" in httpHeaders
+                                instead.
+                              type: string
+                            httpHeaders:
+                              description: Custom headers to set in the request. HTTP
+                                allows repeated headers.
+                              items:
+                                description: HTTPHeader describes a custom header
+                                  to be used in HTTP probes
+                                properties:
+                                  name:
+                                    description: The header field name
+                                    type: string
+                                  value:
+                                    description: The header field value
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                            path:
+                              description: Path to access on the HTTP server.
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Name or number of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              description: Scheme to use for connecting to the host.
+                                Defaults to HTTP.
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          description: 'Number of seconds after the container has
+                            started before liveness probes are initiated. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          description: How often (in seconds) to perform the probe.
+                            Default to 10 seconds. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          description: Minimum consecutive successes for the probe
+                            to be considered successful after having failed. Defaults
+                            to 1. Must be 1 for liveness and startup. Minimum value
+                            is 1.
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          description: TCPSocket specifies an action involving a TCP
+                            port.
+                          properties:
+                            host:
+                              description: 'Optional: Host name to connect to, defaults
+                                to the pod IP.'
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Number or name of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          description: Optional duration in seconds the pod needs
+                            to terminate gracefully upon probe failure. The grace
+                            period is the duration in seconds after the processes
+                            running in the pod are sent a termination signal and the
+                            time when the processes are forcibly halted with a kill
+                            signal. Set this value longer than the expected cleanup
+                            time for your process. If this value is nil, the pod's
+                            terminationGracePeriodSeconds will be used. Otherwise,
+                            this value overrides the value provided by the pod spec.
+                            Value must be non-negative integer. The value zero indicates
+                            stop immediately via the kill signal (no opportunity to
+                            shut down). This is a beta field and requires enabling
+                            ProbeTerminationGracePeriod feature gate. Minimum value
+                            is 1. spec.terminationGracePeriodSeconds is used if unset.
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          description: 'Number of seconds after which the probe times
+                            out. Defaults to 1 second. Minimum value is 1. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                      type: object
+                    resources:
+                      description: 'Compute Resources required by this container.
+                        Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                      properties:
+                        claims:
+                          description: "Claims lists the names of resources, defined
+                            in spec.resourceClaims, that are used by this container.
+                            \n This is an alpha field and requires enabling the DynamicResourceAllocation
+                            feature gate. \n This field is immutable."
+                          items:
+                            description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+                            properties:
+                              name:
+                                description: Name must match the name of one entry
+                                  in pod.spec.resourceClaims of the Pod where this
+                                  field is used. It makes that resource available
+                                  inside a container.
+                                type: string
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        limits:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          description: 'Limits describes the maximum amount of compute
+                            resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                          type: object
+                        requests:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          description: 'Requests describes the minimum amount of compute
+                            resources required. If Requests is omitted for a container,
+                            it defaults to Limits if that is explicitly specified,
+                            otherwise to an implementation-defined value. More info:
+                            https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                          type: object
+                      type: object
+                    securityContext:
+                      description: 'SecurityContext defines the security options the
+                        container should be run with. If set, the fields of SecurityContext
+                        override the equivalent fields of PodSecurityContext. More
+                        info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
+                      properties:
+                        allowPrivilegeEscalation:
+                          description: 'AllowPrivilegeEscalation controls whether
+                            a process can gain more privileges than its parent process.
+                            This bool directly controls if the no_new_privs flag will
+                            be set on the container process. AllowPrivilegeEscalation
+                            is true always when the container is: 1) run as Privileged
+                            2) has CAP_SYS_ADMIN Note that this field cannot be set
+                            when spec.os.name is windows.'
+                          type: boolean
+                        capabilities:
+                          description: The capabilities to add/drop when running containers.
+                            Defaults to the default set of capabilities granted by
+                            the container runtime. Note that this field cannot be
+                            set when spec.os.name is windows.
+                          properties:
+                            add:
+                              description: Added capabilities
+                              items:
+                                description: Capability represent POSIX capabilities
+                                  type
+                                type: string
+                              type: array
+                            drop:
+                              description: Removed capabilities
+                              items:
+                                description: Capability represent POSIX capabilities
+                                  type
+                                type: string
+                              type: array
+                          type: object
+                        privileged:
+                          description: Run container in privileged mode. Processes
+                            in privileged containers are essentially equivalent to
+                            root on the host. Defaults to false. Note that this field
+                            cannot be set when spec.os.name is windows.
+                          type: boolean
+                        procMount:
+                          description: procMount denotes the type of proc mount to
+                            use for the containers. The default is DefaultProcMount
+                            which uses the container runtime defaults for readonly
+                            paths and masked paths. This requires the ProcMountType
+                            feature flag to be enabled. Note that this field cannot
+                            be set when spec.os.name is windows.
+                          type: string
+                        readOnlyRootFilesystem:
+                          description: Whether this container has a read-only root
+                            filesystem. Default is false. Note that this field cannot
+                            be set when spec.os.name is windows.
+                          type: boolean
+                        runAsGroup:
+                          description: The GID to run the entrypoint of the container
+                            process. Uses runtime default if unset. May also be set
+                            in PodSecurityContext.  If set in both SecurityContext
+                            and PodSecurityContext, the value specified in SecurityContext
+                            takes precedence. Note that this field cannot be set when
+                            spec.os.name is windows.
+                          format: int64
+                          type: integer
+                        runAsNonRoot:
+                          description: Indicates that the container must run as a
+                            non-root user. If true, the Kubelet will validate the
+                            image at runtime to ensure that it does not run as UID
+                            0 (root) and fail to start the container if it does. If
+                            unset or false, no such validation will be performed.
+                            May also be set in PodSecurityContext.  If set in both
+                            SecurityContext and PodSecurityContext, the value specified
+                            in SecurityContext takes precedence.
+                          type: boolean
+                        runAsUser:
+                          description: The UID to run the entrypoint of the container
+                            process. Defaults to user specified in image metadata
+                            if unspecified. May also be set in PodSecurityContext.  If
+                            set in both SecurityContext and PodSecurityContext, the
+                            value specified in SecurityContext takes precedence. Note
+                            that this field cannot be set when spec.os.name is windows.
+                          format: int64
+                          type: integer
+                        seLinuxOptions:
+                          description: The SELinux context to be applied to the container.
+                            If unspecified, the container runtime will allocate a
+                            random SELinux context for each container.  May also be
+                            set in PodSecurityContext.  If set in both SecurityContext
+                            and PodSecurityContext, the value specified in SecurityContext
+                            takes precedence. Note that this field cannot be set when
+                            spec.os.name is windows.
+                          properties:
+                            level:
+                              description: Level is SELinux level label that applies
+                                to the container.
+                              type: string
+                            role:
+                              description: Role is a SELinux role label that applies
+                                to the container.
+                              type: string
+                            type:
+                              description: Type is a SELinux type label that applies
+                                to the container.
+                              type: string
+                            user:
+                              description: User is a SELinux user label that applies
+                                to the container.
+                              type: string
+                          type: object
+                        seccompProfile:
+                          description: The seccomp options to use by this container.
+                            If seccomp options are provided at both the pod & container
+                            level, the container options override the pod options.
+                            Note that this field cannot be set when spec.os.name is
+                            windows.
+                          properties:
+                            localhostProfile:
+                              description: localhostProfile indicates a profile defined
+                                in a file on the node should be used. The profile
+                                must be preconfigured on the node to work. Must be
+                                a descending path, relative to the kubelet's configured
+                                seccomp profile location. Must only be set if type
+                                is "Localhost".
+                              type: string
+                            type:
+                              description: "type indicates which kind of seccomp profile
+                                will be applied. Valid options are: \n Localhost -
+                                a profile defined in a file on the node should be
+                                used. RuntimeDefault - the container runtime default
+                                profile should be used. Unconfined - no profile should
+                                be applied."
+                              type: string
+                          required:
+                          - type
+                          type: object
+                        windowsOptions:
+                          description: The Windows specific settings applied to all
+                            containers. If unspecified, the options from the PodSecurityContext
+                            will be used. If set in both SecurityContext and PodSecurityContext,
+                            the value specified in SecurityContext takes precedence.
+                            Note that this field cannot be set when spec.os.name is
+                            linux.
+                          properties:
+                            gmsaCredentialSpec:
+                              description: GMSACredentialSpec is where the GMSA admission
+                                webhook (https://github.com/kubernetes-sigs/windows-gmsa)
+                                inlines the contents of the GMSA credential spec named
+                                by the GMSACredentialSpecName field.
+                              type: string
+                            gmsaCredentialSpecName:
+                              description: GMSACredentialSpecName is the name of the
+                                GMSA credential spec to use.
+                              type: string
+                            hostProcess:
+                              description: HostProcess determines if a container should
+                                be run as a 'Host Process' container. This field is
+                                alpha-level and will only be honored by components
+                                that enable the WindowsHostProcessContainers feature
+                                flag. Setting this field without the feature flag
+                                will result in errors when validating the Pod. All
+                                of a Pod's containers must have the same effective
+                                HostProcess value (it is not allowed to have a mix
+                                of HostProcess containers and non-HostProcess containers).  In
+                                addition, if HostProcess is true then HostNetwork
+                                must also be set to true.
+                              type: boolean
+                            runAsUserName:
+                              description: The UserName in Windows to run the entrypoint
+                                of the container process. Defaults to the user specified
+                                in image metadata if unspecified. May also be set
+                                in PodSecurityContext. If set in both SecurityContext
+                                and PodSecurityContext, the value specified in SecurityContext
+                                takes precedence.
+                              type: string
+                          type: object
+                      type: object
+                    startupProbe:
+                      description: 'StartupProbe indicates that the Pod has successfully
+                        initialized. If specified, no other probes are executed until
+                        this completes successfully. If this probe fails, the Pod
+                        will be restarted, just as if the livenessProbe failed. This
+                        can be used to provide different probe parameters at the beginning
+                        of a Pod''s lifecycle, when it might take a long time to load
+                        data or warm a cache, than during steady-state operation.
+                        This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                      properties:
+                        exec:
+                          description: Exec specifies the action to take.
+                          properties:
+                            command:
+                              description: Command is the command line to execute
+                                inside the container, the working directory for the
+                                command  is root ('/') in the container's filesystem.
+                                The command is simply exec'd, it is not run inside
+                                a shell, so traditional shell instructions ('|', etc)
+                                won't work. To use a shell, you need to explicitly
+                                call out to that shell. Exit status of 0 is treated
+                                as live/healthy and non-zero is unhealthy.
+                              items:
+                                type: string
+                              type: array
+                          type: object
+                        failureThreshold:
+                          description: Minimum consecutive failures for the probe
+                            to be considered failed after having succeeded. Defaults
+                            to 3. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        grpc:
+                          description: GRPC specifies an action involving a GRPC port.
+                            This is a beta field and requires enabling GRPCContainerProbe
+                            feature gate.
+                          properties:
+                            port:
+                              description: Port number of the gRPC service. Number
+                                must be in the range 1 to 65535.
+                              format: int32
+                              type: integer
+                            service:
+                              description: "Service is the name of the service to
+                                place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+                                \n If this is not specified, the default behavior
+                                is defined by gRPC."
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          description: HTTPGet specifies the http request to perform.
+                          properties:
+                            host:
+                              description: Host name to connect to, defaults to the
+                                pod IP. You probably want to set "Host" in httpHeaders
+                                instead.
+                              type: string
+                            httpHeaders:
+                              description: Custom headers to set in the request. HTTP
+                                allows repeated headers.
+                              items:
+                                description: HTTPHeader describes a custom header
+                                  to be used in HTTP probes
+                                properties:
+                                  name:
+                                    description: The header field name
+                                    type: string
+                                  value:
+                                    description: The header field value
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                            path:
+                              description: Path to access on the HTTP server.
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Name or number of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              description: Scheme to use for connecting to the host.
+                                Defaults to HTTP.
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          description: 'Number of seconds after the container has
+                            started before liveness probes are initiated. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          description: How often (in seconds) to perform the probe.
+                            Default to 10 seconds. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          description: Minimum consecutive successes for the probe
+                            to be considered successful after having failed. Defaults
+                            to 1. Must be 1 for liveness and startup. Minimum value
+                            is 1.
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          description: TCPSocket specifies an action involving a TCP
+                            port.
+                          properties:
+                            host:
+                              description: 'Optional: Host name to connect to, defaults
+                                to the pod IP.'
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Number or name of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          description: Optional duration in seconds the pod needs
+                            to terminate gracefully upon probe failure. The grace
+                            period is the duration in seconds after the processes
+                            running in the pod are sent a termination signal and the
+                            time when the processes are forcibly halted with a kill
+                            signal. Set this value longer than the expected cleanup
+                            time for your process. If this value is nil, the pod's
+                            terminationGracePeriodSeconds will be used. Otherwise,
+                            this value overrides the value provided by the pod spec.
+                            Value must be non-negative integer. The value zero indicates
+                            stop immediately via the kill signal (no opportunity to
+                            shut down). This is a beta field and requires enabling
+                            ProbeTerminationGracePeriod feature gate. Minimum value
+                            is 1. spec.terminationGracePeriodSeconds is used if unset.
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          description: 'Number of seconds after which the probe times
+                            out. Defaults to 1 second. Minimum value is 1. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                      type: object
+                    stdin:
+                      description: Whether this container should allocate a buffer
+                        for stdin in the container runtime. If this is not set, reads
+                        from stdin in the container will always result in EOF. Default
+                        is false.
+                      type: boolean
+                    stdinOnce:
+                      description: Whether the container runtime should close the
+                        stdin channel after it has been opened by a single attach.
+                        When stdin is true the stdin stream will remain open across
+                        multiple attach sessions. If stdinOnce is set to true, stdin
+                        is opened on container start, is empty until the first client
+                        attaches to stdin, and then remains open and accepts data
+                        until the client disconnects, at which time stdin is closed
+                        and remains closed until the container is restarted. If this
+                        flag is false, a container processes that reads from stdin
+                        will never receive an EOF. Default is false
+                      type: boolean
+                    terminationMessagePath:
+                      description: 'Optional: Path at which the file to which the
+                        container''s termination message will be written is mounted
+                        into the container''s filesystem. Message written is intended
+                        to be brief final status, such as an assertion failure message.
+                        Will be truncated by the node if greater than 4096 bytes.
+                        The total message length across all containers will be limited
+                        to 12kb. Defaults to /dev/termination-log. Cannot be updated.'
+                      type: string
+                    terminationMessagePolicy:
+                      description: Indicate how the termination message should be
+                        populated. File will use the contents of terminationMessagePath
+                        to populate the container status message on both success and
+                        failure. FallbackToLogsOnError will use the last chunk of
+                        container log output if the termination message file is empty
+                        and the container exited with an error. The log output is
+                        limited to 2048 bytes or 80 lines, whichever is smaller. Defaults
+                        to File. Cannot be updated.
+                      type: string
+                    tty:
+                      description: Whether this container should allocate a TTY for
+                        itself, also requires 'stdin' to be true. Default is false.
+                      type: boolean
+                    volumeDevices:
+                      description: volumeDevices is the list of block devices to be
+                        used by the container.
+                      items:
+                        description: volumeDevice describes a mapping of a raw block
+                          device within a container.
+                        properties:
+                          devicePath:
+                            description: devicePath is the path inside of the container
+                              that the device will be mapped to.
+                            type: string
+                          name:
+                            description: name must match the name of a persistentVolumeClaim
+                              in the pod
+                            type: string
+                        required:
+                        - devicePath
+                        - name
+                        type: object
+                      type: array
+                    volumeMounts:
+                      description: Pod volumes to mount into the container's filesystem.
+                        Cannot be updated.
+                      items:
+                        description: VolumeMount describes a mounting of a Volume
+                          within a container.
+                        properties:
+                          mountPath:
+                            description: Path within the container at which the volume
+                              should be mounted.  Must not contain ':'.
+                            type: string
+                          mountPropagation:
+                            description: mountPropagation determines how mounts are
+                              propagated from the host to container and the other
+                              way around. When not set, MountPropagationNone is used.
+                              This field is beta in 1.10.
+                            type: string
+                          name:
+                            description: This must match the Name of a Volume.
+                            type: string
+                          readOnly:
+                            description: Mounted read-only if true, read-write otherwise
+                              (false or unspecified). Defaults to false.
+                            type: boolean
+                          subPath:
+                            description: Path within the volume from which the container's
+                              volume should be mounted. Defaults to "" (volume's root).
+                            type: string
+                          subPathExpr:
+                            description: Expanded path within the volume from which
+                              the container's volume should be mounted. Behaves similarly
+                              to SubPath but environment variable references $(VAR_NAME)
+                              are expanded using the container's environment. Defaults
+                              to "" (volume's root). SubPathExpr and SubPath are mutually
+                              exclusive.
+                            type: string
+                        required:
+                        - mountPath
+                        - name
+                        type: object
+                      type: array
+                    workingDir:
+                      description: Container's working directory. If not specified,
+                        the container runtime's default will be used, which might
+                        be configured in the container image. Cannot be updated.
+                      type: string
+                  required:
+                  - name
+                  type: object
+                type: array
+              disableCompaction:
+                description: Disable prometheus compaction.
+                type: boolean
+              enableAdminAPI:
+                description: 'Enable access to prometheus web admin API. Defaults
+                  to the value of `false`. WARNING: Enabling the admin APIs enables
+                  mutating endpoints, to delete data, shutdown Prometheus, and more.
+                  Enabling this should be done with care and the user is advised to
+                  add additional authentication authorization via a proxy to ensure
+                  only clients authorized to perform these actions can do so. For
+                  more information see https://prometheus.io/docs/prometheus/latest/querying/api/#tsdb-admin-apis'
+                type: boolean
+              enableFeatures:
+                description: Enable access to Prometheus disabled features. By default,
+                  no features are enabled. Enabling disabled features is entirely
+                  outside the scope of what the maintainers will support and by doing
+                  so, you accept that this behaviour may break at any time without
+                  notice. For more information see https://prometheus.io/docs/prometheus/latest/disabled_features/
+                items:
+                  type: string
+                type: array
+              enableRemoteWriteReceiver:
+                description: 'Enable Prometheus to be used as a receiver for the Prometheus
+                  remote write protocol. Defaults to the value of `false`. WARNING:
+                  This is not considered an efficient way of ingesting samples. Use
+                  it with caution for specific low-volume use cases. It is not suitable
+                  for replacing the ingestion via scraping and turning Prometheus
+                  into a push-based metrics collection system. For more information
+                  see https://prometheus.io/docs/prometheus/latest/querying/api/#remote-write-receiver
+                  Only valid in Prometheus versions 2.33.0 and newer.'
+                type: boolean
+              enforcedBodySizeLimit:
+                description: 'EnforcedBodySizeLimit defines the maximum size of uncompressed
+                  response body that will be accepted by Prometheus. Targets responding
+                  with a body larger than this many bytes will cause the scrape to
+                  fail. Example: 100MB. If defined, the limit will apply to all service/pod
+                  monitors and probes. This is an experimental feature, this behaviour
+                  could change or be removed in the future. Only valid in Prometheus
+                  versions 2.28.0 and newer.'
+                pattern: (^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$
+                type: string
+              enforcedLabelLimit:
+                description: Per-scrape limit on number of labels that will be accepted
+                  for a sample. If more than this number of labels are present post
+                  metric-relabeling, the entire scrape will be treated as failed.
+                  0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
+                format: int64
+                type: integer
+              enforcedLabelNameLengthLimit:
+                description: Per-scrape limit on length of labels name that will be
+                  accepted for a sample. If a label name is longer than this number
+                  post metric-relabeling, the entire scrape will be treated as failed.
+                  0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
+                format: int64
+                type: integer
+              enforcedLabelValueLengthLimit:
+                description: Per-scrape limit on length of labels value that will
+                  be accepted for a sample. If a label value is longer than this number
+                  post metric-relabeling, the entire scrape will be treated as failed.
+                  0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
+                format: int64
+                type: integer
+              enforcedNamespaceLabel:
+                description: "EnforcedNamespaceLabel If set, a label will be added
+                  to \n 1. all user-metrics (created by `ServiceMonitor`, `PodMonitor`
+                  and `Probe` objects) and 2. in all `PrometheusRule` objects (except
+                  the ones excluded in `prometheusRulesExcludedFromEnforce`) to *
+                  alerting & recording rules and * the metrics used in their expressions
+                  (`expr`). \n Label name is this field's value. Label value is the
+                  namespace of the created object (mentioned above)."
+                type: string
+              enforcedSampleLimit:
+                description: EnforcedSampleLimit defines global limit on number of
+                  scraped samples that will be accepted. This overrides any SampleLimit
+                  set per ServiceMonitor or/and PodMonitor. It is meant to be used
+                  by admins to enforce the SampleLimit to keep overall number of samples/series
+                  under the desired limit. Note that if SampleLimit is lower that
+                  value will be taken instead.
+                format: int64
+                type: integer
+              enforcedTargetLimit:
+                description: EnforcedTargetLimit defines a global limit on the number
+                  of scraped targets.  This overrides any TargetLimit set per ServiceMonitor
+                  or/and PodMonitor.  It is meant to be used by admins to enforce
+                  the TargetLimit to keep the overall number of targets under the
+                  desired limit. Note that if TargetLimit is lower, that value will
+                  be taken instead, except if either value is zero, in which case
+                  the non-zero value will be used.  If both values are zero, no limit
+                  is enforced.
+                format: int64
+                type: integer
+              evaluationInterval:
+                default: 30s
+                description: 'Interval between consecutive evaluations. Default: `30s`'
+                pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                type: string
+              excludedFromEnforcement:
+                description: List of references to PodMonitor, ServiceMonitor, Probe
+                  and PrometheusRule objects to be excluded from enforcing a namespace
+                  label of origin. Applies only if enforcedNamespaceLabel set to true.
+                items:
+                  description: ObjectReference references a PodMonitor, ServiceMonitor,
+                    Probe or PrometheusRule object.
+                  properties:
+                    group:
+                      default: monitoring.coreos.com
+                      description: Group of the referent. When not specified, it defaults
+                        to `monitoring.coreos.com`
+                      enum:
+                      - monitoring.coreos.com
+                      type: string
+                    name:
+                      description: Name of the referent. When not set, all resources
+                        are matched.
+                      type: string
+                    namespace:
+                      description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
+                      minLength: 1
+                      type: string
+                    resource:
+                      description: Resource of the referent.
+                      enum:
+                      - prometheusrules
+                      - servicemonitors
+                      - podmonitors
+                      - probes
+                      type: string
+                  required:
+                  - namespace
+                  - resource
+                  type: object
+                type: array
+              exemplars:
+                description: Exemplars related settings that are runtime reloadable.
+                  It requires to enable the exemplar storage feature to be effective.
+                properties:
+                  maxSize:
+                    description: Maximum number of exemplars stored in memory for
+                      all series. If not set, Prometheus uses its default value. A
+                      value of zero or less than zero disables the storage.
+                    format: int64
+                    type: integer
+                type: object
+              externalLabels:
+                additionalProperties:
+                  type: string
+                description: The labels to add to any time series or alerts when communicating
+                  with external systems (federation, remote storage, Alertmanager).
+                type: object
+              externalUrl:
+                description: The external URL the Prometheus instances will be available
+                  under. This is necessary to generate correct URLs. This is necessary
+                  if Prometheus is not served from root of a DNS name.
+                type: string
+              hostAliases:
+                description: Pods' hostAliases configuration
+                items:
+                  description: HostAlias holds the mapping between IP and hostnames
+                    that will be injected as an entry in the pod's hosts file.
+                  properties:
+                    hostnames:
+                      description: Hostnames for the above IP address.
+                      items:
+                        type: string
+                      type: array
+                    ip:
+                      description: IP address of the host file entry.
+                      type: string
+                  required:
+                  - hostnames
+                  - ip
+                  type: object
+                type: array
+                x-kubernetes-list-map-keys:
+                - ip
+                x-kubernetes-list-type: map
+              hostNetwork:
+                description: Use the host's network namespace if true. Make sure to
+                  understand the security implications if you want to enable it. When
+                  hostNetwork is enabled, this will set dnsPolicy to ClusterFirstWithHostNet
+                  automatically.
+                type: boolean
+              ignoreNamespaceSelectors:
+                description: IgnoreNamespaceSelectors if set to true will ignore NamespaceSelector
+                  settings from all PodMonitor, ServiceMonitor and Probe objects.
+                  They will only discover endpoints within the namespace of the PodMonitor,
+                  ServiceMonitor and Probe objects. Defaults to false.
+                type: boolean
+              image:
+                description: Image if specified has precedence over baseImage, tag
+                  and sha combinations. Specifying the version is still necessary
+                  to ensure the Prometheus Operator knows what version of Prometheus
+                  is being configured.
+                type: string
+              imagePullPolicy:
+                description: Image pull policy for the 'prometheus', 'init-config-reloader'
+                  and 'config-reloader' containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy
+                  for more details.
+                enum:
+                - ""
+                - Always
+                - Never
+                - IfNotPresent
+                type: string
+              imagePullSecrets:
+                description: An optional list of references to secrets in the same
+                  namespace to use for pulling prometheus and alertmanager images
+                  from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
+                items:
+                  description: LocalObjectReference contains enough information to
+                    let you locate the referenced object inside the same namespace.
+                  properties:
+                    name:
+                      description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                        TODO: Add other useful fields. apiVersion, kind, uid?'
+                      type: string
+                  type: object
+                  x-kubernetes-map-type: atomic
+                type: array
+              initContainers:
+                description: 'InitContainers allows adding initContainers to the pod
+                  definition. Those can be used to e.g. fetch secrets for injection
+                  into the Prometheus configuration from external sources. Any errors
+                  during the execution of an initContainer will lead to a restart
+                  of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
+                  InitContainers described here modify an operator generated init
+                  containers if they share the same name and modifications are done
+                  via a strategic merge patch. The current init container name is:
+                  `init-config-reloader`. Overriding init containers is entirely outside
+                  the scope of what the maintainers will support and by doing so,
+                  you accept that this behaviour may break at any time without notice.'
+                items:
+                  description: A single application container that you want to run
+                    within a pod.
+                  properties:
+                    args:
+                      description: 'Arguments to the entrypoint. The container image''s
+                        CMD is used if this is not provided. Variable references $(VAR_NAME)
+                        are expanded using the container''s environment. If a variable
+                        cannot be resolved, the reference in the input string will
+                        be unchanged. Double $$ are reduced to a single $, which allows
+                        for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
+                        produce the string literal "$(VAR_NAME)". Escaped references
+                        will never be expanded, regardless of whether the variable
+                        exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+                      items:
+                        type: string
+                      type: array
+                    command:
+                      description: 'Entrypoint array. Not executed within a shell.
+                        The container image''s ENTRYPOINT is used if this is not provided.
+                        Variable references $(VAR_NAME) are expanded using the container''s
+                        environment. If a variable cannot be resolved, the reference
+                        in the input string will be unchanged. Double $$ are reduced
+                        to a single $, which allows for escaping the $(VAR_NAME) syntax:
+                        i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
+                        Escaped references will never be expanded, regardless of whether
+                        the variable exists or not. Cannot be updated. More info:
+                        https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+                      items:
+                        type: string
+                      type: array
+                    env:
+                      description: List of environment variables to set in the container.
+                        Cannot be updated.
+                      items:
+                        description: EnvVar represents an environment variable present
+                          in a Container.
+                        properties:
+                          name:
+                            description: Name of the environment variable. Must be
+                              a C_IDENTIFIER.
+                            type: string
+                          value:
+                            description: 'Variable references $(VAR_NAME) are expanded
+                              using the previously defined environment variables in
+                              the container and any service environment variables.
+                              If a variable cannot be resolved, the reference in the
+                              input string will be unchanged. Double $$ are reduced
+                              to a single $, which allows for escaping the $(VAR_NAME)
+                              syntax: i.e. "$$(VAR_NAME)" will produce the string
+                              literal "$(VAR_NAME)". Escaped references will never
+                              be expanded, regardless of whether the variable exists
+                              or not. Defaults to "".'
+                            type: string
+                          valueFrom:
+                            description: Source for the environment variable's value.
+                              Cannot be used if value is not empty.
+                            properties:
+                              configMapKeyRef:
+                                description: Selects a key of a ConfigMap.
+                                properties:
+                                  key:
+                                    description: The key to select.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the ConfigMap or
+                                      its key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              fieldRef:
+                                description: 'Selects a field of the pod: supports
+                                  metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`,
+                                  `metadata.annotations[''<KEY>'']`, spec.nodeName,
+                                  spec.serviceAccountName, status.hostIP, status.podIP,
+                                  status.podIPs.'
+                                properties:
+                                  apiVersion:
+                                    description: Version of the schema the FieldPath
+                                      is written in terms of, defaults to "v1".
+                                    type: string
+                                  fieldPath:
+                                    description: Path of the field to select in the
+                                      specified API version.
+                                    type: string
+                                required:
+                                - fieldPath
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              resourceFieldRef:
+                                description: 'Selects a resource of the container:
+                                  only resources limits and requests (limits.cpu,
+                                  limits.memory, limits.ephemeral-storage, requests.cpu,
+                                  requests.memory and requests.ephemeral-storage)
+                                  are currently supported.'
+                                properties:
+                                  containerName:
+                                    description: 'Container name: required for volumes,
+                                      optional for env vars'
+                                    type: string
+                                  divisor:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    description: Specifies the output format of the
+                                      exposed resources, defaults to "1"
+                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                    x-kubernetes-int-or-string: true
+                                  resource:
+                                    description: 'Required: resource to select'
+                                    type: string
+                                required:
+                                - resource
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              secretKeyRef:
+                                description: Selects a key of a secret in the pod's
+                                  namespace
+                                properties:
+                                  key:
+                                    description: The key of the secret to select from.  Must
+                                      be a valid secret key.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the Secret or its
+                                      key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        required:
+                        - name
+                        type: object
+                      type: array
+                    envFrom:
+                      description: List of sources to populate environment variables
+                        in the container. The keys defined within a source must be
+                        a C_IDENTIFIER. All invalid keys will be reported as an event
+                        when the container is starting. When a key exists in multiple
+                        sources, the value associated with the last source will take
+                        precedence. Values defined by an Env with a duplicate key
+                        will take precedence. Cannot be updated.
+                      items:
+                        description: EnvFromSource represents the source of a set
+                          of ConfigMaps
+                        properties:
+                          configMapRef:
+                            description: The ConfigMap to select from
+                            properties:
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the ConfigMap must be
+                                  defined
+                                type: boolean
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          prefix:
+                            description: An optional identifier to prepend to each
+                              key in the ConfigMap. Must be a C_IDENTIFIER.
+                            type: string
+                          secretRef:
+                            description: The Secret to select from
+                            properties:
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret must be defined
+                                type: boolean
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      type: array
+                    image:
+                      description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images
+                        This field is optional to allow higher level config management
+                        to default or override container images in workload controllers
+                        like Deployments and StatefulSets.'
+                      type: string
+                    imagePullPolicy:
+                      description: 'Image pull policy. One of Always, Never, IfNotPresent.
+                        Defaults to Always if :latest tag is specified, or IfNotPresent
+                        otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
+                      type: string
+                    lifecycle:
+                      description: Actions that the management system should take
+                        in response to container lifecycle events. Cannot be updated.
+                      properties:
+                        postStart:
+                          description: 'PostStart is called immediately after a container
+                            is created. If the handler fails, the container is terminated
+                            and restarted according to its restart policy. Other management
+                            of the container blocks until the hook completes. More
+                            info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
+                          properties:
+                            exec:
+                              description: Exec specifies the action to take.
+                              properties:
+                                command:
+                                  description: Command is the command line to execute
+                                    inside the container, the working directory for
+                                    the command  is root ('/') in the container's
+                                    filesystem. The command is simply exec'd, it is
+                                    not run inside a shell, so traditional shell instructions
+                                    ('|', etc) won't work. To use a shell, you need
+                                    to explicitly call out to that shell. Exit status
+                                    of 0 is treated as live/healthy and non-zero is
+                                    unhealthy.
+                                  items:
+                                    type: string
+                                  type: array
+                              type: object
+                            httpGet:
+                              description: HTTPGet specifies the http request to perform.
+                              properties:
+                                host:
+                                  description: Host name to connect to, defaults to
+                                    the pod IP. You probably want to set "Host" in
+                                    httpHeaders instead.
+                                  type: string
+                                httpHeaders:
+                                  description: Custom headers to set in the request.
+                                    HTTP allows repeated headers.
+                                  items:
+                                    description: HTTPHeader describes a custom header
+                                      to be used in HTTP probes
+                                    properties:
+                                      name:
+                                        description: The header field name
+                                        type: string
+                                      value:
+                                        description: The header field value
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                path:
+                                  description: Path to access on the HTTP server.
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Name or number of the port to access
+                                    on the container. Number must be in the range
+                                    1 to 65535. Name must be an IANA_SVC_NAME.
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  description: Scheme to use for connecting to the
+                                    host. Defaults to HTTP.
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            tcpSocket:
+                              description: Deprecated. TCPSocket is NOT supported
+                                as a LifecycleHandler and kept for the backward compatibility.
+                                There are no validation of this field and lifecycle
+                                hooks will fail in runtime when tcp handler is specified.
+                              properties:
+                                host:
+                                  description: 'Optional: Host name to connect to,
+                                    defaults to the pod IP.'
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Number or name of the port to access
+                                    on the container. Number must be in the range
+                                    1 to 65535. Name must be an IANA_SVC_NAME.
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                          type: object
+                        preStop:
+                          description: 'PreStop is called immediately before a container
+                            is terminated due to an API request or management event
+                            such as liveness/startup probe failure, preemption, resource
+                            contention, etc. The handler is not called if the container
+                            crashes or exits. The Pod''s termination grace period
+                            countdown begins before the PreStop hook is executed.
+                            Regardless of the outcome of the handler, the container
+                            will eventually terminate within the Pod''s termination
+                            grace period (unless delayed by finalizers). Other management
+                            of the container blocks until the hook completes or until
+                            the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
+                          properties:
+                            exec:
+                              description: Exec specifies the action to take.
+                              properties:
+                                command:
+                                  description: Command is the command line to execute
+                                    inside the container, the working directory for
+                                    the command  is root ('/') in the container's
+                                    filesystem. The command is simply exec'd, it is
+                                    not run inside a shell, so traditional shell instructions
+                                    ('|', etc) won't work. To use a shell, you need
+                                    to explicitly call out to that shell. Exit status
+                                    of 0 is treated as live/healthy and non-zero is
+                                    unhealthy.
+                                  items:
+                                    type: string
+                                  type: array
+                              type: object
+                            httpGet:
+                              description: HTTPGet specifies the http request to perform.
+                              properties:
+                                host:
+                                  description: Host name to connect to, defaults to
+                                    the pod IP. You probably want to set "Host" in
+                                    httpHeaders instead.
+                                  type: string
+                                httpHeaders:
+                                  description: Custom headers to set in the request.
+                                    HTTP allows repeated headers.
+                                  items:
+                                    description: HTTPHeader describes a custom header
+                                      to be used in HTTP probes
+                                    properties:
+                                      name:
+                                        description: The header field name
+                                        type: string
+                                      value:
+                                        description: The header field value
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                path:
+                                  description: Path to access on the HTTP server.
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Name or number of the port to access
+                                    on the container. Number must be in the range
+                                    1 to 65535. Name must be an IANA_SVC_NAME.
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  description: Scheme to use for connecting to the
+                                    host. Defaults to HTTP.
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            tcpSocket:
+                              description: Deprecated. TCPSocket is NOT supported
+                                as a LifecycleHandler and kept for the backward compatibility.
+                                There are no validation of this field and lifecycle
+                                hooks will fail in runtime when tcp handler is specified.
+                              properties:
+                                host:
+                                  description: 'Optional: Host name to connect to,
+                                    defaults to the pod IP.'
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Number or name of the port to access
+                                    on the container. Number must be in the range
+                                    1 to 65535. Name must be an IANA_SVC_NAME.
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                          type: object
+                      type: object
+                    livenessProbe:
+                      description: 'Periodic probe of container liveness. Container
+                        will be restarted if the probe fails. Cannot be updated. More
+                        info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                      properties:
+                        exec:
+                          description: Exec specifies the action to take.
+                          properties:
+                            command:
+                              description: Command is the command line to execute
+                                inside the container, the working directory for the
+                                command  is root ('/') in the container's filesystem.
+                                The command is simply exec'd, it is not run inside
+                                a shell, so traditional shell instructions ('|', etc)
+                                won't work. To use a shell, you need to explicitly
+                                call out to that shell. Exit status of 0 is treated
+                                as live/healthy and non-zero is unhealthy.
+                              items:
+                                type: string
+                              type: array
+                          type: object
+                        failureThreshold:
+                          description: Minimum consecutive failures for the probe
+                            to be considered failed after having succeeded. Defaults
+                            to 3. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        grpc:
+                          description: GRPC specifies an action involving a GRPC port.
+                            This is a beta field and requires enabling GRPCContainerProbe
+                            feature gate.
+                          properties:
+                            port:
+                              description: Port number of the gRPC service. Number
+                                must be in the range 1 to 65535.
+                              format: int32
+                              type: integer
+                            service:
+                              description: "Service is the name of the service to
+                                place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+                                \n If this is not specified, the default behavior
+                                is defined by gRPC."
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          description: HTTPGet specifies the http request to perform.
+                          properties:
+                            host:
+                              description: Host name to connect to, defaults to the
+                                pod IP. You probably want to set "Host" in httpHeaders
+                                instead.
+                              type: string
+                            httpHeaders:
+                              description: Custom headers to set in the request. HTTP
+                                allows repeated headers.
+                              items:
+                                description: HTTPHeader describes a custom header
+                                  to be used in HTTP probes
+                                properties:
+                                  name:
+                                    description: The header field name
+                                    type: string
+                                  value:
+                                    description: The header field value
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                            path:
+                              description: Path to access on the HTTP server.
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Name or number of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              description: Scheme to use for connecting to the host.
+                                Defaults to HTTP.
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          description: 'Number of seconds after the container has
+                            started before liveness probes are initiated. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          description: How often (in seconds) to perform the probe.
+                            Default to 10 seconds. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          description: Minimum consecutive successes for the probe
+                            to be considered successful after having failed. Defaults
+                            to 1. Must be 1 for liveness and startup. Minimum value
+                            is 1.
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          description: TCPSocket specifies an action involving a TCP
+                            port.
+                          properties:
+                            host:
+                              description: 'Optional: Host name to connect to, defaults
+                                to the pod IP.'
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Number or name of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          description: Optional duration in seconds the pod needs
+                            to terminate gracefully upon probe failure. The grace
+                            period is the duration in seconds after the processes
+                            running in the pod are sent a termination signal and the
+                            time when the processes are forcibly halted with a kill
+                            signal. Set this value longer than the expected cleanup
+                            time for your process. If this value is nil, the pod's
+                            terminationGracePeriodSeconds will be used. Otherwise,
+                            this value overrides the value provided by the pod spec.
+                            Value must be non-negative integer. The value zero indicates
+                            stop immediately via the kill signal (no opportunity to
+                            shut down). This is a beta field and requires enabling
+                            ProbeTerminationGracePeriod feature gate. Minimum value
+                            is 1. spec.terminationGracePeriodSeconds is used if unset.
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          description: 'Number of seconds after which the probe times
+                            out. Defaults to 1 second. Minimum value is 1. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                      type: object
+                    name:
+                      description: Name of the container specified as a DNS_LABEL.
+                        Each container in a pod must have a unique name (DNS_LABEL).
+                        Cannot be updated.
+                      type: string
+                    ports:
+                      description: List of ports to expose from the container. Not
+                        specifying a port here DOES NOT prevent that port from being
+                        exposed. Any port which is listening on the default "0.0.0.0"
+                        address inside a container will be accessible from the network.
+                        Modifying this array with strategic merge patch may corrupt
+                        the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255.
+                        Cannot be updated.
+                      items:
+                        description: ContainerPort represents a network port in a
+                          single container.
+                        properties:
+                          containerPort:
+                            description: Number of port to expose on the pod's IP
+                              address. This must be a valid port number, 0 < x < 65536.
+                            format: int32
+                            type: integer
+                          hostIP:
+                            description: What host IP to bind the external port to.
+                            type: string
+                          hostPort:
+                            description: Number of port to expose on the host. If
+                              specified, this must be a valid port number, 0 < x <
+                              65536. If HostNetwork is specified, this must match
+                              ContainerPort. Most containers do not need this.
+                            format: int32
+                            type: integer
+                          name:
+                            description: If specified, this must be an IANA_SVC_NAME
+                              and unique within the pod. Each named port in a pod
+                              must have a unique name. Name for the port that can
+                              be referred to by services.
+                            type: string
+                          protocol:
+                            default: TCP
+                            description: Protocol for port. Must be UDP, TCP, or SCTP.
+                              Defaults to "TCP".
+                            type: string
+                        required:
+                        - containerPort
+                        type: object
+                      type: array
+                      x-kubernetes-list-map-keys:
+                      - containerPort
+                      - protocol
+                      x-kubernetes-list-type: map
+                    readinessProbe:
+                      description: 'Periodic probe of container service readiness.
+                        Container will be removed from service endpoints if the probe
+                        fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                      properties:
+                        exec:
+                          description: Exec specifies the action to take.
+                          properties:
+                            command:
+                              description: Command is the command line to execute
+                                inside the container, the working directory for the
+                                command  is root ('/') in the container's filesystem.
+                                The command is simply exec'd, it is not run inside
+                                a shell, so traditional shell instructions ('|', etc)
+                                won't work. To use a shell, you need to explicitly
+                                call out to that shell. Exit status of 0 is treated
+                                as live/healthy and non-zero is unhealthy.
+                              items:
+                                type: string
+                              type: array
+                          type: object
+                        failureThreshold:
+                          description: Minimum consecutive failures for the probe
+                            to be considered failed after having succeeded. Defaults
+                            to 3. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        grpc:
+                          description: GRPC specifies an action involving a GRPC port.
+                            This is a beta field and requires enabling GRPCContainerProbe
+                            feature gate.
+                          properties:
+                            port:
+                              description: Port number of the gRPC service. Number
+                                must be in the range 1 to 65535.
+                              format: int32
+                              type: integer
+                            service:
+                              description: "Service is the name of the service to
+                                place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+                                \n If this is not specified, the default behavior
+                                is defined by gRPC."
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          description: HTTPGet specifies the http request to perform.
+                          properties:
+                            host:
+                              description: Host name to connect to, defaults to the
+                                pod IP. You probably want to set "Host" in httpHeaders
+                                instead.
+                              type: string
+                            httpHeaders:
+                              description: Custom headers to set in the request. HTTP
+                                allows repeated headers.
+                              items:
+                                description: HTTPHeader describes a custom header
+                                  to be used in HTTP probes
+                                properties:
+                                  name:
+                                    description: The header field name
+                                    type: string
+                                  value:
+                                    description: The header field value
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                            path:
+                              description: Path to access on the HTTP server.
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Name or number of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              description: Scheme to use for connecting to the host.
+                                Defaults to HTTP.
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          description: 'Number of seconds after the container has
+                            started before liveness probes are initiated. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          description: How often (in seconds) to perform the probe.
+                            Default to 10 seconds. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          description: Minimum consecutive successes for the probe
+                            to be considered successful after having failed. Defaults
+                            to 1. Must be 1 for liveness and startup. Minimum value
+                            is 1.
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          description: TCPSocket specifies an action involving a TCP
+                            port.
+                          properties:
+                            host:
+                              description: 'Optional: Host name to connect to, defaults
+                                to the pod IP.'
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Number or name of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          description: Optional duration in seconds the pod needs
+                            to terminate gracefully upon probe failure. The grace
+                            period is the duration in seconds after the processes
+                            running in the pod are sent a termination signal and the
+                            time when the processes are forcibly halted with a kill
+                            signal. Set this value longer than the expected cleanup
+                            time for your process. If this value is nil, the pod's
+                            terminationGracePeriodSeconds will be used. Otherwise,
+                            this value overrides the value provided by the pod spec.
+                            Value must be non-negative integer. The value zero indicates
+                            stop immediately via the kill signal (no opportunity to
+                            shut down). This is a beta field and requires enabling
+                            ProbeTerminationGracePeriod feature gate. Minimum value
+                            is 1. spec.terminationGracePeriodSeconds is used if unset.
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          description: 'Number of seconds after which the probe times
+                            out. Defaults to 1 second. Minimum value is 1. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                      type: object
+                    resources:
+                      description: 'Compute Resources required by this container.
+                        Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                      properties:
+                        claims:
+                          description: "Claims lists the names of resources, defined
+                            in spec.resourceClaims, that are used by this container.
+                            \n This is an alpha field and requires enabling the DynamicResourceAllocation
+                            feature gate. \n This field is immutable."
+                          items:
+                            description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+                            properties:
+                              name:
+                                description: Name must match the name of one entry
+                                  in pod.spec.resourceClaims of the Pod where this
+                                  field is used. It makes that resource available
+                                  inside a container.
+                                type: string
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        limits:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          description: 'Limits describes the maximum amount of compute
+                            resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                          type: object
+                        requests:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          description: 'Requests describes the minimum amount of compute
+                            resources required. If Requests is omitted for a container,
+                            it defaults to Limits if that is explicitly specified,
+                            otherwise to an implementation-defined value. More info:
+                            https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                          type: object
+                      type: object
+                    securityContext:
+                      description: 'SecurityContext defines the security options the
+                        container should be run with. If set, the fields of SecurityContext
+                        override the equivalent fields of PodSecurityContext. More
+                        info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
+                      properties:
+                        allowPrivilegeEscalation:
+                          description: 'AllowPrivilegeEscalation controls whether
+                            a process can gain more privileges than its parent process.
+                            This bool directly controls if the no_new_privs flag will
+                            be set on the container process. AllowPrivilegeEscalation
+                            is true always when the container is: 1) run as Privileged
+                            2) has CAP_SYS_ADMIN Note that this field cannot be set
+                            when spec.os.name is windows.'
+                          type: boolean
+                        capabilities:
+                          description: The capabilities to add/drop when running containers.
+                            Defaults to the default set of capabilities granted by
+                            the container runtime. Note that this field cannot be
+                            set when spec.os.name is windows.
+                          properties:
+                            add:
+                              description: Added capabilities
+                              items:
+                                description: Capability represent POSIX capabilities
+                                  type
+                                type: string
+                              type: array
+                            drop:
+                              description: Removed capabilities
+                              items:
+                                description: Capability represent POSIX capabilities
+                                  type
+                                type: string
+                              type: array
+                          type: object
+                        privileged:
+                          description: Run container in privileged mode. Processes
+                            in privileged containers are essentially equivalent to
+                            root on the host. Defaults to false. Note that this field
+                            cannot be set when spec.os.name is windows.
+                          type: boolean
+                        procMount:
+                          description: procMount denotes the type of proc mount to
+                            use for the containers. The default is DefaultProcMount
+                            which uses the container runtime defaults for readonly
+                            paths and masked paths. This requires the ProcMountType
+                            feature flag to be enabled. Note that this field cannot
+                            be set when spec.os.name is windows.
+                          type: string
+                        readOnlyRootFilesystem:
+                          description: Whether this container has a read-only root
+                            filesystem. Default is false. Note that this field cannot
+                            be set when spec.os.name is windows.
+                          type: boolean
+                        runAsGroup:
+                          description: The GID to run the entrypoint of the container
+                            process. Uses runtime default if unset. May also be set
+                            in PodSecurityContext.  If set in both SecurityContext
+                            and PodSecurityContext, the value specified in SecurityContext
+                            takes precedence. Note that this field cannot be set when
+                            spec.os.name is windows.
+                          format: int64
+                          type: integer
+                        runAsNonRoot:
+                          description: Indicates that the container must run as a
+                            non-root user. If true, the Kubelet will validate the
+                            image at runtime to ensure that it does not run as UID
+                            0 (root) and fail to start the container if it does. If
+                            unset or false, no such validation will be performed.
+                            May also be set in PodSecurityContext.  If set in both
+                            SecurityContext and PodSecurityContext, the value specified
+                            in SecurityContext takes precedence.
+                          type: boolean
+                        runAsUser:
+                          description: The UID to run the entrypoint of the container
+                            process. Defaults to user specified in image metadata
+                            if unspecified. May also be set in PodSecurityContext.  If
+                            set in both SecurityContext and PodSecurityContext, the
+                            value specified in SecurityContext takes precedence. Note
+                            that this field cannot be set when spec.os.name is windows.
+                          format: int64
+                          type: integer
+                        seLinuxOptions:
+                          description: The SELinux context to be applied to the container.
+                            If unspecified, the container runtime will allocate a
+                            random SELinux context for each container.  May also be
+                            set in PodSecurityContext.  If set in both SecurityContext
+                            and PodSecurityContext, the value specified in SecurityContext
+                            takes precedence. Note that this field cannot be set when
+                            spec.os.name is windows.
+                          properties:
+                            level:
+                              description: Level is SELinux level label that applies
+                                to the container.
+                              type: string
+                            role:
+                              description: Role is a SELinux role label that applies
+                                to the container.
+                              type: string
+                            type:
+                              description: Type is a SELinux type label that applies
+                                to the container.
+                              type: string
+                            user:
+                              description: User is a SELinux user label that applies
+                                to the container.
+                              type: string
+                          type: object
+                        seccompProfile:
+                          description: The seccomp options to use by this container.
+                            If seccomp options are provided at both the pod & container
+                            level, the container options override the pod options.
+                            Note that this field cannot be set when spec.os.name is
+                            windows.
+                          properties:
+                            localhostProfile:
+                              description: localhostProfile indicates a profile defined
+                                in a file on the node should be used. The profile
+                                must be preconfigured on the node to work. Must be
+                                a descending path, relative to the kubelet's configured
+                                seccomp profile location. Must only be set if type
+                                is "Localhost".
+                              type: string
+                            type:
+                              description: "type indicates which kind of seccomp profile
+                                will be applied. Valid options are: \n Localhost -
+                                a profile defined in a file on the node should be
+                                used. RuntimeDefault - the container runtime default
+                                profile should be used. Unconfined - no profile should
+                                be applied."
+                              type: string
+                          required:
+                          - type
+                          type: object
+                        windowsOptions:
+                          description: The Windows specific settings applied to all
+                            containers. If unspecified, the options from the PodSecurityContext
+                            will be used. If set in both SecurityContext and PodSecurityContext,
+                            the value specified in SecurityContext takes precedence.
+                            Note that this field cannot be set when spec.os.name is
+                            linux.
+                          properties:
+                            gmsaCredentialSpec:
+                              description: GMSACredentialSpec is where the GMSA admission
+                                webhook (https://github.com/kubernetes-sigs/windows-gmsa)
+                                inlines the contents of the GMSA credential spec named
+                                by the GMSACredentialSpecName field.
+                              type: string
+                            gmsaCredentialSpecName:
+                              description: GMSACredentialSpecName is the name of the
+                                GMSA credential spec to use.
+                              type: string
+                            hostProcess:
+                              description: HostProcess determines if a container should
+                                be run as a 'Host Process' container. This field is
+                                alpha-level and will only be honored by components
+                                that enable the WindowsHostProcessContainers feature
+                                flag. Setting this field without the feature flag
+                                will result in errors when validating the Pod. All
+                                of a Pod's containers must have the same effective
+                                HostProcess value (it is not allowed to have a mix
+                                of HostProcess containers and non-HostProcess containers).  In
+                                addition, if HostProcess is true then HostNetwork
+                                must also be set to true.
+                              type: boolean
+                            runAsUserName:
+                              description: The UserName in Windows to run the entrypoint
+                                of the container process. Defaults to the user specified
+                                in image metadata if unspecified. May also be set
+                                in PodSecurityContext. If set in both SecurityContext
+                                and PodSecurityContext, the value specified in SecurityContext
+                                takes precedence.
+                              type: string
+                          type: object
+                      type: object
+                    startupProbe:
+                      description: 'StartupProbe indicates that the Pod has successfully
+                        initialized. If specified, no other probes are executed until
+                        this completes successfully. If this probe fails, the Pod
+                        will be restarted, just as if the livenessProbe failed. This
+                        can be used to provide different probe parameters at the beginning
+                        of a Pod''s lifecycle, when it might take a long time to load
+                        data or warm a cache, than during steady-state operation.
+                        This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                      properties:
+                        exec:
+                          description: Exec specifies the action to take.
+                          properties:
+                            command:
+                              description: Command is the command line to execute
+                                inside the container, the working directory for the
+                                command  is root ('/') in the container's filesystem.
+                                The command is simply exec'd, it is not run inside
+                                a shell, so traditional shell instructions ('|', etc)
+                                won't work. To use a shell, you need to explicitly
+                                call out to that shell. Exit status of 0 is treated
+                                as live/healthy and non-zero is unhealthy.
+                              items:
+                                type: string
+                              type: array
+                          type: object
+                        failureThreshold:
+                          description: Minimum consecutive failures for the probe
+                            to be considered failed after having succeeded. Defaults
+                            to 3. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        grpc:
+                          description: GRPC specifies an action involving a GRPC port.
+                            This is a beta field and requires enabling GRPCContainerProbe
+                            feature gate.
+                          properties:
+                            port:
+                              description: Port number of the gRPC service. Number
+                                must be in the range 1 to 65535.
+                              format: int32
+                              type: integer
+                            service:
+                              description: "Service is the name of the service to
+                                place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+                                \n If this is not specified, the default behavior
+                                is defined by gRPC."
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          description: HTTPGet specifies the http request to perform.
+                          properties:
+                            host:
+                              description: Host name to connect to, defaults to the
+                                pod IP. You probably want to set "Host" in httpHeaders
+                                instead.
+                              type: string
+                            httpHeaders:
+                              description: Custom headers to set in the request. HTTP
+                                allows repeated headers.
+                              items:
+                                description: HTTPHeader describes a custom header
+                                  to be used in HTTP probes
+                                properties:
+                                  name:
+                                    description: The header field name
+                                    type: string
+                                  value:
+                                    description: The header field value
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                            path:
+                              description: Path to access on the HTTP server.
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Name or number of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              description: Scheme to use for connecting to the host.
+                                Defaults to HTTP.
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          description: 'Number of seconds after the container has
+                            started before liveness probes are initiated. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          description: How often (in seconds) to perform the probe.
+                            Default to 10 seconds. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          description: Minimum consecutive successes for the probe
+                            to be considered successful after having failed. Defaults
+                            to 1. Must be 1 for liveness and startup. Minimum value
+                            is 1.
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          description: TCPSocket specifies an action involving a TCP
+                            port.
+                          properties:
+                            host:
+                              description: 'Optional: Host name to connect to, defaults
+                                to the pod IP.'
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Number or name of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          description: Optional duration in seconds the pod needs
+                            to terminate gracefully upon probe failure. The grace
+                            period is the duration in seconds after the processes
+                            running in the pod are sent a termination signal and the
+                            time when the processes are forcibly halted with a kill
+                            signal. Set this value longer than the expected cleanup
+                            time for your process. If this value is nil, the pod's
+                            terminationGracePeriodSeconds will be used. Otherwise,
+                            this value overrides the value provided by the pod spec.
+                            Value must be non-negative integer. The value zero indicates
+                            stop immediately via the kill signal (no opportunity to
+                            shut down). This is a beta field and requires enabling
+                            ProbeTerminationGracePeriod feature gate. Minimum value
+                            is 1. spec.terminationGracePeriodSeconds is used if unset.
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          description: 'Number of seconds after which the probe times
+                            out. Defaults to 1 second. Minimum value is 1. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                      type: object
+                    stdin:
+                      description: Whether this container should allocate a buffer
+                        for stdin in the container runtime. If this is not set, reads
+                        from stdin in the container will always result in EOF. Default
+                        is false.
+                      type: boolean
+                    stdinOnce:
+                      description: Whether the container runtime should close the
+                        stdin channel after it has been opened by a single attach.
+                        When stdin is true the stdin stream will remain open across
+                        multiple attach sessions. If stdinOnce is set to true, stdin
+                        is opened on container start, is empty until the first client
+                        attaches to stdin, and then remains open and accepts data
+                        until the client disconnects, at which time stdin is closed
+                        and remains closed until the container is restarted. If this
+                        flag is false, a container processes that reads from stdin
+                        will never receive an EOF. Default is false
+                      type: boolean
+                    terminationMessagePath:
+                      description: 'Optional: Path at which the file to which the
+                        container''s termination message will be written is mounted
+                        into the container''s filesystem. Message written is intended
+                        to be brief final status, such as an assertion failure message.
+                        Will be truncated by the node if greater than 4096 bytes.
+                        The total message length across all containers will be limited
+                        to 12kb. Defaults to /dev/termination-log. Cannot be updated.'
+                      type: string
+                    terminationMessagePolicy:
+                      description: Indicate how the termination message should be
+                        populated. File will use the contents of terminationMessagePath
+                        to populate the container status message on both success and
+                        failure. FallbackToLogsOnError will use the last chunk of
+                        container log output if the termination message file is empty
+                        and the container exited with an error. The log output is
+                        limited to 2048 bytes or 80 lines, whichever is smaller. Defaults
+                        to File. Cannot be updated.
+                      type: string
+                    tty:
+                      description: Whether this container should allocate a TTY for
+                        itself, also requires 'stdin' to be true. Default is false.
+                      type: boolean
+                    volumeDevices:
+                      description: volumeDevices is the list of block devices to be
+                        used by the container.
+                      items:
+                        description: volumeDevice describes a mapping of a raw block
+                          device within a container.
+                        properties:
+                          devicePath:
+                            description: devicePath is the path inside of the container
+                              that the device will be mapped to.
+                            type: string
+                          name:
+                            description: name must match the name of a persistentVolumeClaim
+                              in the pod
+                            type: string
+                        required:
+                        - devicePath
+                        - name
+                        type: object
+                      type: array
+                    volumeMounts:
+                      description: Pod volumes to mount into the container's filesystem.
+                        Cannot be updated.
+                      items:
+                        description: VolumeMount describes a mounting of a Volume
+                          within a container.
+                        properties:
+                          mountPath:
+                            description: Path within the container at which the volume
+                              should be mounted.  Must not contain ':'.
+                            type: string
+                          mountPropagation:
+                            description: mountPropagation determines how mounts are
+                              propagated from the host to container and the other
+                              way around. When not set, MountPropagationNone is used.
+                              This field is beta in 1.10.
+                            type: string
+                          name:
+                            description: This must match the Name of a Volume.
+                            type: string
+                          readOnly:
+                            description: Mounted read-only if true, read-write otherwise
+                              (false or unspecified). Defaults to false.
+                            type: boolean
+                          subPath:
+                            description: Path within the volume from which the container's
+                              volume should be mounted. Defaults to "" (volume's root).
+                            type: string
+                          subPathExpr:
+                            description: Expanded path within the volume from which
+                              the container's volume should be mounted. Behaves similarly
+                              to SubPath but environment variable references $(VAR_NAME)
+                              are expanded using the container's environment. Defaults
+                              to "" (volume's root). SubPathExpr and SubPath are mutually
+                              exclusive.
+                            type: string
+                        required:
+                        - mountPath
+                        - name
+                        type: object
+                      type: array
+                    workingDir:
+                      description: Container's working directory. If not specified,
+                        the container runtime's default will be used, which might
+                        be configured in the container image. Cannot be updated.
+                      type: string
+                  required:
+                  - name
+                  type: object
+                type: array
+              listenLocal:
+                description: ListenLocal makes the Prometheus server listen on loopback,
+                  so that it does not bind against the Pod IP.
+                type: boolean
+              logFormat:
+                description: Log format for Prometheus to be configured with.
+                enum:
+                - ""
+                - logfmt
+                - json
+                type: string
+              logLevel:
+                description: Log level for Prometheus to be configured with.
+                enum:
+                - ""
+                - debug
+                - info
+                - warn
+                - error
+                type: string
+              minReadySeconds:
+                description: Minimum number of seconds for which a newly created pod
+                  should be ready without any of its container crashing for it to
+                  be considered available. Defaults to 0 (pod will be considered available
+                  as soon as it is ready) This is an alpha field from kubernetes 1.22
+                  until 1.24 which requires enabling the StatefulSetMinReadySeconds
+                  feature gate.
+                format: int32
+                type: integer
+              nodeSelector:
+                additionalProperties:
+                  type: string
+                description: Define which Nodes the Pods are scheduled on.
+                type: object
+              overrideHonorLabels:
+                description: When true, Prometheus resolves label conflicts by renaming
+                  the labels in the scraped data to "exported_<label value>" for all
+                  targets created from service and pod monitors. Otherwise the HonorLabels
+                  field of the service or pod monitor applies.
+                type: boolean
+              overrideHonorTimestamps:
+                description: When true, Prometheus ignores the timestamps for all
+                  the targets created from service and pod monitors. Otherwise the
+                  HonorTimestamps field of the service or pod monitor applies.
+                type: boolean
+              paused:
+                description: When a Prometheus deployment is paused, no actions except
+                  for deletion will be performed on the underlying objects.
+                type: boolean
+              podMetadata:
+                description: PodMetadata configures Labels and Annotations which are
+                  propagated to the prometheus pods.
+                properties:
+                  annotations:
+                    additionalProperties:
+                      type: string
+                    description: 'Annotations is an unstructured key value map stored
+                      with a resource that may be set by external tools to store and
+                      retrieve arbitrary metadata. They are not queryable and should
+                      be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations'
+                    type: object
+                  labels:
+                    additionalProperties:
+                      type: string
+                    description: 'Map of string keys and values that can be used to
+                      organize and categorize (scope and select) objects. May match
+                      selectors of replication controllers and services. More info:
+                      http://kubernetes.io/docs/user-guide/labels'
+                    type: object
+                  name:
+                    description: 'Name must be unique within a namespace. Is required
+                      when creating resources, although some resources may allow a
+                      client to request the generation of an appropriate name automatically.
+                      Name is primarily intended for creation idempotence and configuration
+                      definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
+                    type: string
+                type: object
+              podMonitorNamespaceSelector:
+                description: Namespace's labels to match for PodMonitor discovery.
+                  If nil, only check own namespace.
+                properties:
+                  matchExpressions:
+                    description: matchExpressions is a list of label selector requirements.
+                      The requirements are ANDed.
+                    items:
+                      description: A label selector requirement is a selector that
+                        contains values, a key, and an operator that relates the key
+                        and values.
+                      properties:
+                        key:
+                          description: key is the label key that the selector applies
+                            to.
+                          type: string
+                        operator:
+                          description: operator represents a key's relationship to
+                            a set of values. Valid operators are In, NotIn, Exists
+                            and DoesNotExist.
+                          type: string
+                        values:
+                          description: values is an array of string values. If the
+                            operator is In or NotIn, the values array must be non-empty.
+                            If the operator is Exists or DoesNotExist, the values
+                            array must be empty. This array is replaced during a strategic
+                            merge patch.
+                          items:
+                            type: string
+                          type: array
+                      required:
+                      - key
+                      - operator
+                      type: object
+                    type: array
+                  matchLabels:
+                    additionalProperties:
+                      type: string
+                    description: matchLabels is a map of {key,value} pairs. A single
+                      {key,value} in the matchLabels map is equivalent to an element
+                      of matchExpressions, whose key field is "key", the operator
+                      is "In", and the values array contains only "value". The requirements
+                      are ANDed.
+                    type: object
+                type: object
+                x-kubernetes-map-type: atomic
+              podMonitorSelector:
+                description: "*Experimental* PodMonitors to be selected for target
+                  discovery. \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector`
+                  and `spec.probeSelector` are null, the Prometheus configuration
+                  is unmanaged. The Prometheus operator will ensure that the Prometheus
+                  configuration's Secret exists, but it is the responsibility of the
+                  user to provide the raw gzipped Prometheus configuration under the
+                  `prometheus.yaml.gz` key. This behavior is deprecated and will be
+                  removed in the next major version of the custom resource definition.
+                  It is recommended to use `spec.additionalScrapeConfigs` instead."
+                properties:
+                  matchExpressions:
+                    description: matchExpressions is a list of label selector requirements.
+                      The requirements are ANDed.
+                    items:
+                      description: A label selector requirement is a selector that
+                        contains values, a key, and an operator that relates the key
+                        and values.
+                      properties:
+                        key:
+                          description: key is the label key that the selector applies
+                            to.
+                          type: string
+                        operator:
+                          description: operator represents a key's relationship to
+                            a set of values. Valid operators are In, NotIn, Exists
+                            and DoesNotExist.
+                          type: string
+                        values:
+                          description: values is an array of string values. If the
+                            operator is In or NotIn, the values array must be non-empty.
+                            If the operator is Exists or DoesNotExist, the values
+                            array must be empty. This array is replaced during a strategic
+                            merge patch.
+                          items:
+                            type: string
+                          type: array
+                      required:
+                      - key
+                      - operator
+                      type: object
+                    type: array
+                  matchLabels:
+                    additionalProperties:
+                      type: string
+                    description: matchLabels is a map of {key,value} pairs. A single
+                      {key,value} in the matchLabels map is equivalent to an element
+                      of matchExpressions, whose key field is "key", the operator
+                      is "In", and the values array contains only "value". The requirements
+                      are ANDed.
+                    type: object
+                type: object
+                x-kubernetes-map-type: atomic
+              podTargetLabels:
+                description: PodTargetLabels are added to all Pod/ServiceMonitors'
+                  podTargetLabels
+                items:
+                  type: string
+                type: array
+              portName:
+                description: Port name used for the pods and governing service. This
+                  defaults to web
+                type: string
+              priorityClassName:
+                description: Priority class assigned to the Pods
+                type: string
+              probeNamespaceSelector:
+                description: '*Experimental* Namespaces to be selected for Probe discovery.
+                  If nil, only check own namespace.'
+                properties:
+                  matchExpressions:
+                    description: matchExpressions is a list of label selector requirements.
+                      The requirements are ANDed.
+                    items:
+                      description: A label selector requirement is a selector that
+                        contains values, a key, and an operator that relates the key
+                        and values.
+                      properties:
+                        key:
+                          description: key is the label key that the selector applies
+                            to.
+                          type: string
+                        operator:
+                          description: operator represents a key's relationship to
+                            a set of values. Valid operators are In, NotIn, Exists
+                            and DoesNotExist.
+                          type: string
+                        values:
+                          description: values is an array of string values. If the
+                            operator is In or NotIn, the values array must be non-empty.
+                            If the operator is Exists or DoesNotExist, the values
+                            array must be empty. This array is replaced during a strategic
+                            merge patch.
+                          items:
+                            type: string
+                          type: array
+                      required:
+                      - key
+                      - operator
+                      type: object
+                    type: array
+                  matchLabels:
+                    additionalProperties:
+                      type: string
+                    description: matchLabels is a map of {key,value} pairs. A single
+                      {key,value} in the matchLabels map is equivalent to an element
+                      of matchExpressions, whose key field is "key", the operator
+                      is "In", and the values array contains only "value". The requirements
+                      are ANDed.
+                    type: object
+                type: object
+                x-kubernetes-map-type: atomic
+              probeSelector:
+                description: "*Experimental* Probes to be selected for target discovery.
+                  \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector` and
+                  `spec.probeSelector` are null, the Prometheus configuration is unmanaged.
+                  The Prometheus operator will ensure that the Prometheus configuration's
+                  Secret exists, but it is the responsibility of the user to provide
+                  the raw gzipped Prometheus configuration under the `prometheus.yaml.gz`
+                  key. This behavior is deprecated and will be removed in the next
+                  major version of the custom resource definition. It is recommended
+                  to use `spec.additionalScrapeConfigs` instead."
+                properties:
+                  matchExpressions:
+                    description: matchExpressions is a list of label selector requirements.
+                      The requirements are ANDed.
+                    items:
+                      description: A label selector requirement is a selector that
+                        contains values, a key, and an operator that relates the key
+                        and values.
+                      properties:
+                        key:
+                          description: key is the label key that the selector applies
+                            to.
+                          type: string
+                        operator:
+                          description: operator represents a key's relationship to
+                            a set of values. Valid operators are In, NotIn, Exists
+                            and DoesNotExist.
+                          type: string
+                        values:
+                          description: values is an array of string values. If the
+                            operator is In or NotIn, the values array must be non-empty.
+                            If the operator is Exists or DoesNotExist, the values
+                            array must be empty. This array is replaced during a strategic
+                            merge patch.
+                          items:
+                            type: string
+                          type: array
+                      required:
+                      - key
+                      - operator
+                      type: object
+                    type: array
+                  matchLabels:
+                    additionalProperties:
+                      type: string
+                    description: matchLabels is a map of {key,value} pairs. A single
+                      {key,value} in the matchLabels map is equivalent to an element
+                      of matchExpressions, whose key field is "key", the operator
+                      is "In", and the values array contains only "value". The requirements
+                      are ANDed.
+                    type: object
+                type: object
+                x-kubernetes-map-type: atomic
+              prometheusExternalLabelName:
+                description: Name of Prometheus external label used to denote Prometheus
+                  instance name. Defaults to the value of `prometheus`. External label
+                  will _not_ be added when value is set to empty string (`""`).
+                type: string
+              prometheusRulesExcludedFromEnforce:
+                description: 'PrometheusRulesExcludedFromEnforce - list of prometheus
+                  rules to be excluded from enforcing of adding namespace labels.
+                  Works only if enforcedNamespaceLabel set to true. Make sure both
+                  ruleNamespace and ruleName are set for each pair. Deprecated: use
+                  excludedFromEnforcement instead.'
+                items:
+                  description: PrometheusRuleExcludeConfig enables users to configure
+                    excluded PrometheusRule names and their namespaces to be ignored
+                    while enforcing namespace label for alerts and metrics.
+                  properties:
+                    ruleName:
+                      description: RuleNamespace - name of excluded rule
+                      type: string
+                    ruleNamespace:
+                      description: RuleNamespace - namespace of excluded rule
+                      type: string
+                  required:
+                  - ruleName
+                  - ruleNamespace
+                  type: object
+                type: array
+              query:
+                description: QuerySpec defines the query command line flags when starting
+                  Prometheus.
+                properties:
+                  lookbackDelta:
+                    description: The delta difference allowed for retrieving metrics
+                      during expression evaluations.
+                    type: string
+                  maxConcurrency:
+                    description: Number of concurrent queries that can be run at once.
+                    format: int32
+                    minimum: 1
+                    type: integer
+                  maxSamples:
+                    description: Maximum number of samples a single query can load
+                      into memory. Note that queries will fail if they would load
+                      more samples than this into memory, so this also limits the
+                      number of samples a query can return.
+                    format: int32
+                    type: integer
+                  timeout:
+                    description: Maximum time a query may take before being aborted.
+                    pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                    type: string
+                type: object
+              queryLogFile:
+                description: QueryLogFile specifies the file to which PromQL queries
+                  are logged. If the filename has an empty path, e.g. 'query.log',
+                  prometheus-operator will mount the file into an emptyDir volume
+                  at `/var/log/prometheus`. If a full path is provided, e.g. /var/log/prometheus/query.log,
+                  you must mount a volume in the specified directory and it must be
+                  writable. This is because the prometheus container runs with a read-only
+                  root filesystem for security reasons. Alternatively, the location
+                  can be set to a stdout location such as `/dev/stdout` to log query
+                  information to the default Prometheus log stream. This is only available
+                  in versions of Prometheus >= 2.16.0. For more details, see the Prometheus
+                  docs (https://prometheus.io/docs/guides/query-log/)
+                type: string
+              remoteRead:
+                description: remoteRead is the list of remote read configurations.
+                items:
+                  description: RemoteReadSpec defines the configuration for Prometheus
+                    to read back samples from a remote endpoint.
+                  properties:
+                    authorization:
+                      description: Authorization section for remote read
+                      properties:
+                        credentials:
+                          description: The secret's key that contains the credentials
+                            of the request
+                          properties:
+                            key:
+                              description: The key of the secret to select from.  Must
+                                be a valid secret key.
+                              type: string
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                            optional:
+                              description: Specify whether the Secret or its key must
+                                be defined
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        credentialsFile:
+                          description: File to read a secret from, mutually exclusive
+                            with Credentials (from SafeAuthorization)
+                          type: string
+                        type:
+                          description: Set the authentication type. Defaults to Bearer,
+                            Basic will cause an error
+                          type: string
+                      type: object
+                    basicAuth:
+                      description: BasicAuth for the URL.
+                      properties:
+                        password:
+                          description: The secret in the service monitor namespace
+                            that contains the password for authentication.
+                          properties:
+                            key:
+                              description: The key of the secret to select from.  Must
+                                be a valid secret key.
+                              type: string
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                            optional:
+                              description: Specify whether the Secret or its key must
+                                be defined
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        username:
+                          description: The secret in the service monitor namespace
+                            that contains the username for authentication.
+                          properties:
+                            key:
+                              description: The key of the secret to select from.  Must
+                                be a valid secret key.
+                              type: string
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                            optional:
+                              description: Specify whether the Secret or its key must
+                                be defined
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                      type: object
+                    bearerToken:
+                      description: Bearer token for remote read.
+                      type: string
+                    bearerTokenFile:
+                      description: File to read bearer token for remote read.
+                      type: string
+                    filterExternalLabels:
+                      description: Whether to use the external labels as selectors
+                        for the remote read endpoint. Requires Prometheus v2.34.0
+                        and above.
+                      type: boolean
+                    headers:
+                      additionalProperties:
+                        type: string
+                      description: Custom HTTP headers to be sent along with each
+                        remote read request. Be aware that headers that are set by
+                        Prometheus itself can't be overwritten. Only valid in Prometheus
+                        versions 2.26.0 and newer.
+                      type: object
+                    name:
+                      description: The name of the remote read queue, it must be unique
+                        if specified. The name is used in metrics and logging in order
+                        to differentiate read configurations.  Only valid in Prometheus
+                        versions 2.15.0 and newer.
+                      type: string
+                    oauth2:
+                      description: OAuth2 for the URL. Only valid in Prometheus versions
+                        2.27.0 and newer.
+                      properties:
+                        clientId:
+                          description: The secret or configmap containing the OAuth2
+                            client id
+                          properties:
+                            configMap:
+                              description: ConfigMap containing data to use for the
+                                targets.
+                              properties:
+                                key:
+                                  description: The key to select.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the ConfigMap or its
+                                    key must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            secret:
+                              description: Secret containing data to use for the targets.
+                              properties:
+                                key:
+                                  description: The key of the secret to select from.  Must
+                                    be a valid secret key.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the Secret or its key
+                                    must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                        clientSecret:
+                          description: The secret containing the OAuth2 client secret
+                          properties:
+                            key:
+                              description: The key of the secret to select from.  Must
+                                be a valid secret key.
+                              type: string
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                            optional:
+                              description: Specify whether the Secret or its key must
+                                be defined
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        endpointParams:
+                          additionalProperties:
+                            type: string
+                          description: Parameters to append to the token URL
+                          type: object
+                        scopes:
+                          description: OAuth2 scopes used for the token request
+                          items:
+                            type: string
+                          type: array
+                        tokenUrl:
+                          description: The URL to fetch the token from
+                          minLength: 1
+                          type: string
+                      required:
+                      - clientId
+                      - clientSecret
+                      - tokenUrl
+                      type: object
+                    proxyUrl:
+                      description: Optional ProxyURL.
+                      type: string
+                    readRecent:
+                      description: Whether reads should be made for queries for time
+                        ranges that the local storage should have complete data for.
+                      type: boolean
+                    remoteTimeout:
+                      description: Timeout for requests to the remote read endpoint.
+                      pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                      type: string
+                    requiredMatchers:
+                      additionalProperties:
+                        type: string
+                      description: An optional list of equality matchers which have
+                        to be present in a selector to query the remote read endpoint.
+                      type: object
+                    tlsConfig:
+                      description: TLS Config to use for remote read.
+                      properties:
+                        ca:
+                          description: Certificate authority used when verifying server
+                            certificates.
+                          properties:
+                            configMap:
+                              description: ConfigMap containing data to use for the
+                                targets.
+                              properties:
+                                key:
+                                  description: The key to select.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the ConfigMap or its
+                                    key must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            secret:
+                              description: Secret containing data to use for the targets.
+                              properties:
+                                key:
+                                  description: The key of the secret to select from.  Must
+                                    be a valid secret key.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the Secret or its key
+                                    must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                        caFile:
+                          description: Path to the CA cert in the Prometheus container
+                            to use for the targets.
+                          type: string
+                        cert:
+                          description: Client certificate to present when doing client-authentication.
+                          properties:
+                            configMap:
+                              description: ConfigMap containing data to use for the
+                                targets.
+                              properties:
+                                key:
+                                  description: The key to select.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the ConfigMap or its
+                                    key must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            secret:
+                              description: Secret containing data to use for the targets.
+                              properties:
+                                key:
+                                  description: The key of the secret to select from.  Must
+                                    be a valid secret key.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the Secret or its key
+                                    must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                        certFile:
+                          description: Path to the client cert file in the Prometheus
+                            container for the targets.
+                          type: string
+                        insecureSkipVerify:
+                          description: Disable target certificate validation.
+                          type: boolean
+                        keyFile:
+                          description: Path to the client key file in the Prometheus
+                            container for the targets.
+                          type: string
+                        keySecret:
+                          description: Secret containing the client key file for the
+                            targets.
+                          properties:
+                            key:
+                              description: The key of the secret to select from.  Must
+                                be a valid secret key.
+                              type: string
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                            optional:
+                              description: Specify whether the Secret or its key must
+                                be defined
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        serverName:
+                          description: Used to verify the hostname for the targets.
+                          type: string
+                      type: object
+                    url:
+                      description: The URL of the endpoint to query from.
+                      type: string
+                  required:
+                  - url
+                  type: object
+                type: array
+              remoteWrite:
+                description: remoteWrite is the list of remote write configurations.
+                items:
+                  description: RemoteWriteSpec defines the configuration to write
+                    samples from Prometheus to a remote endpoint.
+                  properties:
+                    authorization:
+                      description: Authorization section for remote write
+                      properties:
+                        credentials:
+                          description: The secret's key that contains the credentials
+                            of the request
+                          properties:
+                            key:
+                              description: The key of the secret to select from.  Must
+                                be a valid secret key.
+                              type: string
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                            optional:
+                              description: Specify whether the Secret or its key must
+                                be defined
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        credentialsFile:
+                          description: File to read a secret from, mutually exclusive
+                            with Credentials (from SafeAuthorization)
+                          type: string
+                        type:
+                          description: Set the authentication type. Defaults to Bearer,
+                            Basic will cause an error
+                          type: string
+                      type: object
+                    basicAuth:
+                      description: BasicAuth for the URL.
+                      properties:
+                        password:
+                          description: The secret in the service monitor namespace
+                            that contains the password for authentication.
+                          properties:
+                            key:
+                              description: The key of the secret to select from.  Must
+                                be a valid secret key.
+                              type: string
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                            optional:
+                              description: Specify whether the Secret or its key must
+                                be defined
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        username:
+                          description: The secret in the service monitor namespace
+                            that contains the username for authentication.
+                          properties:
+                            key:
+                              description: The key of the secret to select from.  Must
+                                be a valid secret key.
+                              type: string
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                            optional:
+                              description: Specify whether the Secret or its key must
+                                be defined
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                      type: object
+                    bearerToken:
+                      description: Bearer token for remote write.
+                      type: string
+                    bearerTokenFile:
+                      description: File to read bearer token for remote write.
+                      type: string
+                    headers:
+                      additionalProperties:
+                        type: string
+                      description: Custom HTTP headers to be sent along with each
+                        remote write request. Be aware that headers that are set by
+                        Prometheus itself can't be overwritten. Only valid in Prometheus
+                        versions 2.25.0 and newer.
+                      type: object
+                    metadataConfig:
+                      description: MetadataConfig configures the sending of series
+                        metadata to the remote storage.
+                      properties:
+                        send:
+                          description: Whether metric metadata is sent to the remote
+                            storage or not.
+                          type: boolean
+                        sendInterval:
+                          description: How frequently metric metadata is sent to the
+                            remote storage.
+                          pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                          type: string
+                      type: object
+                    name:
+                      description: The name of the remote write queue, it must be
+                        unique if specified. The name is used in metrics and logging
+                        in order to differentiate queues. Only valid in Prometheus
+                        versions 2.15.0 and newer.
+                      type: string
+                    oauth2:
+                      description: OAuth2 for the URL. Only valid in Prometheus versions
+                        2.27.0 and newer.
+                      properties:
+                        clientId:
+                          description: The secret or configmap containing the OAuth2
+                            client id
+                          properties:
+                            configMap:
+                              description: ConfigMap containing data to use for the
+                                targets.
+                              properties:
+                                key:
+                                  description: The key to select.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the ConfigMap or its
+                                    key must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            secret:
+                              description: Secret containing data to use for the targets.
+                              properties:
+                                key:
+                                  description: The key of the secret to select from.  Must
+                                    be a valid secret key.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the Secret or its key
+                                    must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                        clientSecret:
+                          description: The secret containing the OAuth2 client secret
+                          properties:
+                            key:
+                              description: The key of the secret to select from.  Must
+                                be a valid secret key.
+                              type: string
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                            optional:
+                              description: Specify whether the Secret or its key must
+                                be defined
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        endpointParams:
+                          additionalProperties:
+                            type: string
+                          description: Parameters to append to the token URL
+                          type: object
+                        scopes:
+                          description: OAuth2 scopes used for the token request
+                          items:
+                            type: string
+                          type: array
+                        tokenUrl:
+                          description: The URL to fetch the token from
+                          minLength: 1
+                          type: string
+                      required:
+                      - clientId
+                      - clientSecret
+                      - tokenUrl
+                      type: object
+                    proxyUrl:
+                      description: Optional ProxyURL.
+                      type: string
+                    queueConfig:
+                      description: QueueConfig allows tuning of the remote write queue
+                        parameters.
+                      properties:
+                        batchSendDeadline:
+                          description: BatchSendDeadline is the maximum time a sample
+                            will wait in buffer.
+                          type: string
+                        capacity:
+                          description: Capacity is the number of samples to buffer
+                            per shard before we start dropping them.
+                          type: integer
+                        maxBackoff:
+                          description: MaxBackoff is the maximum retry delay.
+                          type: string
+                        maxRetries:
+                          description: MaxRetries is the maximum number of times to
+                            retry a batch on recoverable errors.
+                          type: integer
+                        maxSamplesPerSend:
+                          description: MaxSamplesPerSend is the maximum number of
+                            samples per send.
+                          type: integer
+                        maxShards:
+                          description: MaxShards is the maximum number of shards,
+                            i.e. amount of concurrency.
+                          type: integer
+                        minBackoff:
+                          description: MinBackoff is the initial retry delay. Gets
+                            doubled for every retry.
+                          type: string
+                        minShards:
+                          description: MinShards is the minimum number of shards,
+                            i.e. amount of concurrency.
+                          type: integer
+                        retryOnRateLimit:
+                          description: Retry upon receiving a 429 status code from
+                            the remote-write storage. This is experimental feature
+                            and might change in the future.
+                          type: boolean
+                      type: object
+                    remoteTimeout:
+                      description: Timeout for requests to the remote write endpoint.
+                      pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                      type: string
+                    sendExemplars:
+                      description: Enables sending of exemplars over remote write.
+                        Note that exemplar-storage itself must be enabled using the
+                        enableFeature option for exemplars to be scraped in the first
+                        place.  Only valid in Prometheus versions 2.27.0 and newer.
+                      type: boolean
+                    sigv4:
+                      description: Sigv4 allows to configures AWS's Signature Verification
+                        4
+                      properties:
+                        accessKey:
+                          description: AccessKey is the AWS API key. If blank, the
+                            environment variable `AWS_ACCESS_KEY_ID` is used.
+                          properties:
+                            key:
+                              description: The key of the secret to select from.  Must
+                                be a valid secret key.
+                              type: string
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                            optional:
+                              description: Specify whether the Secret or its key must
+                                be defined
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        profile:
+                          description: Profile is the named AWS profile used to authenticate.
+                          type: string
+                        region:
+                          description: Region is the AWS region. If blank, the region
+                            from the default credentials chain used.
+                          type: string
+                        roleArn:
+                          description: RoleArn is the named AWS profile used to authenticate.
+                          type: string
+                        secretKey:
+                          description: SecretKey is the AWS API secret. If blank,
+                            the environment variable `AWS_SECRET_ACCESS_KEY` is used.
+                          properties:
+                            key:
+                              description: The key of the secret to select from.  Must
+                                be a valid secret key.
+                              type: string
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                            optional:
+                              description: Specify whether the Secret or its key must
+                                be defined
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                      type: object
+                    tlsConfig:
+                      description: TLS Config to use for remote write.
+                      properties:
+                        ca:
+                          description: Certificate authority used when verifying server
+                            certificates.
+                          properties:
+                            configMap:
+                              description: ConfigMap containing data to use for the
+                                targets.
+                              properties:
+                                key:
+                                  description: The key to select.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the ConfigMap or its
+                                    key must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            secret:
+                              description: Secret containing data to use for the targets.
+                              properties:
+                                key:
+                                  description: The key of the secret to select from.  Must
+                                    be a valid secret key.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the Secret or its key
+                                    must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                        caFile:
+                          description: Path to the CA cert in the Prometheus container
+                            to use for the targets.
+                          type: string
+                        cert:
+                          description: Client certificate to present when doing client-authentication.
+                          properties:
+                            configMap:
+                              description: ConfigMap containing data to use for the
+                                targets.
+                              properties:
+                                key:
+                                  description: The key to select.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the ConfigMap or its
+                                    key must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            secret:
+                              description: Secret containing data to use for the targets.
+                              properties:
+                                key:
+                                  description: The key of the secret to select from.  Must
+                                    be a valid secret key.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the Secret or its key
+                                    must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                        certFile:
+                          description: Path to the client cert file in the Prometheus
+                            container for the targets.
+                          type: string
+                        insecureSkipVerify:
+                          description: Disable target certificate validation.
+                          type: boolean
+                        keyFile:
+                          description: Path to the client key file in the Prometheus
+                            container for the targets.
+                          type: string
+                        keySecret:
+                          description: Secret containing the client key file for the
+                            targets.
+                          properties:
+                            key:
+                              description: The key of the secret to select from.  Must
+                                be a valid secret key.
+                              type: string
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                            optional:
+                              description: Specify whether the Secret or its key must
+                                be defined
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        serverName:
+                          description: Used to verify the hostname for the targets.
+                          type: string
+                      type: object
+                    url:
+                      description: The URL of the endpoint to send samples to.
+                      type: string
+                    writeRelabelConfigs:
+                      description: The list of remote write relabel configurations.
+                      items:
+                        description: 'RelabelConfig allows dynamic rewriting of the
+                          label set, being applied to samples before ingestion. It
+                          defines `<metric_relabel_configs>`-section of Prometheus
+                          configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
+                        properties:
+                          action:
+                            default: replace
+                            description: Action to perform based on regex matching.
+                              Default is 'replace'. uppercase and lowercase actions
+                              require Prometheus >= 2.36.
+                            enum:
+                            - replace
+                            - Replace
+                            - keep
+                            - Keep
+                            - drop
+                            - Drop
+                            - hashmod
+                            - HashMod
+                            - labelmap
+                            - LabelMap
+                            - labeldrop
+                            - LabelDrop
+                            - labelkeep
+                            - LabelKeep
+                            - lowercase
+                            - Lowercase
+                            - uppercase
+                            - Uppercase
+                            type: string
+                          modulus:
+                            description: Modulus to take of the hash of the source
+                              label values.
+                            format: int64
+                            type: integer
+                          regex:
+                            description: Regular expression against which the extracted
+                              value is matched. Default is '(.*)'
+                            type: string
+                          replacement:
+                            description: Replacement value against which a regex replace
+                              is performed if the regular expression matches. Regex
+                              capture groups are available. Default is '$1'
+                            type: string
+                          separator:
+                            description: Separator placed between concatenated source
+                              label values. default is ';'.
+                            type: string
+                          sourceLabels:
+                            description: The source labels select values from existing
+                              labels. Their content is concatenated using the configured
+                              separator and matched against the configured regular
+                              expression for the replace, keep, and drop actions.
+                            items:
+                              description: LabelName is a valid Prometheus label name
+                                which may only contain ASCII letters, numbers, as
+                                well as underscores.
+                              pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                              type: string
+                            type: array
+                          targetLabel:
+                            description: Label to which the resulting value is written
+                              in a replace action. It is mandatory for replace actions.
+                              Regex capture groups are available.
+                            type: string
+                        type: object
+                      type: array
+                  required:
+                  - url
+                  type: object
+                type: array
+              replicaExternalLabelName:
+                description: Name of Prometheus external label used to denote replica
+                  name. Defaults to the value of `prometheus_replica`. External label
+                  will _not_ be added when value is set to empty string (`""`).
+                type: string
+              replicas:
+                description: Number of replicas of each shard to deploy for a Prometheus
+                  deployment. Number of replicas multiplied by shards is the total
+                  number of Pods created.
+                format: int32
+                type: integer
+              resources:
+                description: Define resources requests and limits for single Pods.
+                properties:
+                  claims:
+                    description: "Claims lists the names of resources, defined in
+                      spec.resourceClaims, that are used by this container. \n This
+                      is an alpha field and requires enabling the DynamicResourceAllocation
+                      feature gate. \n This field is immutable."
+                    items:
+                      description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+                      properties:
+                        name:
+                          description: Name must match the name of one entry in pod.spec.resourceClaims
+                            of the Pod where this field is used. It makes that resource
+                            available inside a container.
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    type: array
+                    x-kubernetes-list-map-keys:
+                    - name
+                    x-kubernetes-list-type: map
+                  limits:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    description: 'Limits describes the maximum amount of compute resources
+                      allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                    type: object
+                  requests:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    description: 'Requests describes the minimum amount of compute
+                      resources required. If Requests is omitted for a container,
+                      it defaults to Limits if that is explicitly specified, otherwise
+                      to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                    type: object
+                type: object
+              retention:
+                description: Time duration Prometheus shall retain data for. Default
+                  is '24h' if retentionSize is not set, and must match the regular
+                  expression `[0-9]+(ms|s|m|h|d|w|y)` (milliseconds seconds minutes
+                  hours days weeks years).
+                pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                type: string
+              retentionSize:
+                description: Maximum amount of disk space used by blocks.
+                pattern: (^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$
+                type: string
+              routePrefix:
+                description: The route prefix Prometheus registers HTTP handlers for.
+                  This is useful, if using ExternalURL and a proxy is rewriting HTTP
+                  routes of a request, and the actual ExternalURL is still true, but
+                  the server serves requests under a different route prefix. For example
+                  for use with `kubectl proxy`.
+                type: string
+              ruleNamespaceSelector:
+                description: Namespaces to be selected for PrometheusRules discovery.
+                  If unspecified, only the same namespace as the Prometheus object
+                  is in is used.
+                properties:
+                  matchExpressions:
+                    description: matchExpressions is a list of label selector requirements.
+                      The requirements are ANDed.
+                    items:
+                      description: A label selector requirement is a selector that
+                        contains values, a key, and an operator that relates the key
+                        and values.
+                      properties:
+                        key:
+                          description: key is the label key that the selector applies
+                            to.
+                          type: string
+                        operator:
+                          description: operator represents a key's relationship to
+                            a set of values. Valid operators are In, NotIn, Exists
+                            and DoesNotExist.
+                          type: string
+                        values:
+                          description: values is an array of string values. If the
+                            operator is In or NotIn, the values array must be non-empty.
+                            If the operator is Exists or DoesNotExist, the values
+                            array must be empty. This array is replaced during a strategic
+                            merge patch.
+                          items:
+                            type: string
+                          type: array
+                      required:
+                      - key
+                      - operator
+                      type: object
+                    type: array
+                  matchLabels:
+                    additionalProperties:
+                      type: string
+                    description: matchLabels is a map of {key,value} pairs. A single
+                      {key,value} in the matchLabels map is equivalent to an element
+                      of matchExpressions, whose key field is "key", the operator
+                      is "In", and the values array contains only "value". The requirements
+                      are ANDed.
+                    type: object
+                type: object
+                x-kubernetes-map-type: atomic
+              ruleSelector:
+                description: A selector to select which PrometheusRules to mount for
+                  loading alerting/recording rules from. Until (excluding) Prometheus
+                  Operator v0.24.0 Prometheus Operator will migrate any legacy rule
+                  ConfigMaps to PrometheusRule custom resources selected by RuleSelector.
+                  Make sure it does not match any config maps that you do not want
+                  to be migrated.
+                properties:
+                  matchExpressions:
+                    description: matchExpressions is a list of label selector requirements.
+                      The requirements are ANDed.
+                    items:
+                      description: A label selector requirement is a selector that
+                        contains values, a key, and an operator that relates the key
+                        and values.
+                      properties:
+                        key:
+                          description: key is the label key that the selector applies
+                            to.
+                          type: string
+                        operator:
+                          description: operator represents a key's relationship to
+                            a set of values. Valid operators are In, NotIn, Exists
+                            and DoesNotExist.
+                          type: string
+                        values:
+                          description: values is an array of string values. If the
+                            operator is In or NotIn, the values array must be non-empty.
+                            If the operator is Exists or DoesNotExist, the values
+                            array must be empty. This array is replaced during a strategic
+                            merge patch.
+                          items:
+                            type: string
+                          type: array
+                      required:
+                      - key
+                      - operator
+                      type: object
+                    type: array
+                  matchLabels:
+                    additionalProperties:
+                      type: string
+                    description: matchLabels is a map of {key,value} pairs. A single
+                      {key,value} in the matchLabels map is equivalent to an element
+                      of matchExpressions, whose key field is "key", the operator
+                      is "In", and the values array contains only "value". The requirements
+                      are ANDed.
+                    type: object
+                type: object
+                x-kubernetes-map-type: atomic
+              rules:
+                description: /--rules.*/ command-line arguments.
+                properties:
+                  alert:
+                    description: /--rules.alert.*/ command-line arguments
+                    properties:
+                      forGracePeriod:
+                        description: Minimum duration between alert and restored 'for'
+                          state. This is maintained only for alerts with configured
+                          'for' time greater than grace period.
+                        type: string
+                      forOutageTolerance:
+                        description: Max time to tolerate prometheus outage for restoring
+                          'for' state of alert.
+                        type: string
+                      resendDelay:
+                        description: Minimum amount of time to wait before resending
+                          an alert to Alertmanager.
+                        type: string
+                    type: object
+                type: object
+              scrapeInterval:
+                default: 30s
+                description: 'Interval between consecutive scrapes. Default: `30s`'
+                pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                type: string
+              scrapeTimeout:
+                description: Number of seconds to wait for target to respond before
+                  erroring.
+                pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                type: string
+              secrets:
+                description: Secrets is a list of Secrets in the same namespace as
+                  the Prometheus object, which shall be mounted into the Prometheus
+                  Pods. Each Secret is added to the StatefulSet definition as a volume
+                  named `secret-<secret-name>`. The Secrets are mounted into /etc/prometheus/secrets/<secret-name>
+                  in the 'prometheus' container.
+                items:
+                  type: string
+                type: array
+              securityContext:
+                description: SecurityContext holds pod-level security attributes and
+                  common container settings. This defaults to the default PodSecurityContext.
+                properties:
+                  fsGroup:
+                    description: "A special supplemental group that applies to all
+                      containers in a pod. Some volume types allow the Kubelet to
+                      change the ownership of that volume to be owned by the pod:
+                      \n 1. The owning GID will be the FSGroup 2. The setgid bit is
+                      set (new files created in the volume will be owned by FSGroup)
+                      3. The permission bits are OR'd with rw-rw---- \n If unset,
+                      the Kubelet will not modify the ownership and permissions of
+                      any volume. Note that this field cannot be set when spec.os.name
+                      is windows."
+                    format: int64
+                    type: integer
+                  fsGroupChangePolicy:
+                    description: 'fsGroupChangePolicy defines behavior of changing
+                      ownership and permission of the volume before being exposed
+                      inside Pod. This field will only apply to volume types which
+                      support fsGroup based ownership(and permissions). It will have
+                      no effect on ephemeral volume types such as: secret, configmaps
+                      and emptydir. Valid values are "OnRootMismatch" and "Always".
+                      If not specified, "Always" is used. Note that this field cannot
+                      be set when spec.os.name is windows.'
+                    type: string
+                  runAsGroup:
+                    description: The GID to run the entrypoint of the container process.
+                      Uses runtime default if unset. May also be set in SecurityContext.  If
+                      set in both SecurityContext and PodSecurityContext, the value
+                      specified in SecurityContext takes precedence for that container.
+                      Note that this field cannot be set when spec.os.name is windows.
+                    format: int64
+                    type: integer
+                  runAsNonRoot:
+                    description: Indicates that the container must run as a non-root
+                      user. If true, the Kubelet will validate the image at runtime
+                      to ensure that it does not run as UID 0 (root) and fail to start
+                      the container if it does. If unset or false, no such validation
+                      will be performed. May also be set in SecurityContext.  If set
+                      in both SecurityContext and PodSecurityContext, the value specified
+                      in SecurityContext takes precedence.
+                    type: boolean
+                  runAsUser:
+                    description: The UID to run the entrypoint of the container process.
+                      Defaults to user specified in image metadata if unspecified.
+                      May also be set in SecurityContext.  If set in both SecurityContext
+                      and PodSecurityContext, the value specified in SecurityContext
+                      takes precedence for that container. Note that this field cannot
+                      be set when spec.os.name is windows.
+                    format: int64
+                    type: integer
+                  seLinuxOptions:
+                    description: The SELinux context to be applied to all containers.
+                      If unspecified, the container runtime will allocate a random
+                      SELinux context for each container.  May also be set in SecurityContext.  If
+                      set in both SecurityContext and PodSecurityContext, the value
+                      specified in SecurityContext takes precedence for that container.
+                      Note that this field cannot be set when spec.os.name is windows.
+                    properties:
+                      level:
+                        description: Level is SELinux level label that applies to
+                          the container.
+                        type: string
+                      role:
+                        description: Role is a SELinux role label that applies to
+                          the container.
+                        type: string
+                      type:
+                        description: Type is a SELinux type label that applies to
+                          the container.
+                        type: string
+                      user:
+                        description: User is a SELinux user label that applies to
+                          the container.
+                        type: string
+                    type: object
+                  seccompProfile:
+                    description: The seccomp options to use by the containers in this
+                      pod. Note that this field cannot be set when spec.os.name is
+                      windows.
+                    properties:
+                      localhostProfile:
+                        description: localhostProfile indicates a profile defined
+                          in a file on the node should be used. The profile must be
+                          preconfigured on the node to work. Must be a descending
+                          path, relative to the kubelet's configured seccomp profile
+                          location. Must only be set if type is "Localhost".
+                        type: string
+                      type:
+                        description: "type indicates which kind of seccomp profile
+                          will be applied. Valid options are: \n Localhost - a profile
+                          defined in a file on the node should be used. RuntimeDefault
+                          - the container runtime default profile should be used.
+                          Unconfined - no profile should be applied."
+                        type: string
+                    required:
+                    - type
+                    type: object
+                  supplementalGroups:
+                    description: A list of groups applied to the first process run
+                      in each container, in addition to the container's primary GID,
+                      the fsGroup (if specified), and group memberships defined in
+                      the container image for the uid of the container process. If
+                      unspecified, no additional groups are added to any container.
+                      Note that group memberships defined in the container image for
+                      the uid of the container process are still effective, even if
+                      they are not included in this list. Note that this field cannot
+                      be set when spec.os.name is windows.
+                    items:
+                      format: int64
+                      type: integer
+                    type: array
+                  sysctls:
+                    description: Sysctls hold a list of namespaced sysctls used for
+                      the pod. Pods with unsupported sysctls (by the container runtime)
+                      might fail to launch. Note that this field cannot be set when
+                      spec.os.name is windows.
+                    items:
+                      description: Sysctl defines a kernel parameter to be set
+                      properties:
+                        name:
+                          description: Name of a property to set
+                          type: string
+                        value:
+                          description: Value of a property to set
+                          type: string
+                      required:
+                      - name
+                      - value
+                      type: object
+                    type: array
+                  windowsOptions:
+                    description: The Windows specific settings applied to all containers.
+                      If unspecified, the options within a container's SecurityContext
+                      will be used. If set in both SecurityContext and PodSecurityContext,
+                      the value specified in SecurityContext takes precedence. Note
+                      that this field cannot be set when spec.os.name is linux.
+                    properties:
+                      gmsaCredentialSpec:
+                        description: GMSACredentialSpec is where the GMSA admission
+                          webhook (https://github.com/kubernetes-sigs/windows-gmsa)
+                          inlines the contents of the GMSA credential spec named by
+                          the GMSACredentialSpecName field.
+                        type: string
+                      gmsaCredentialSpecName:
+                        description: GMSACredentialSpecName is the name of the GMSA
+                          credential spec to use.
+                        type: string
+                      hostProcess:
+                        description: HostProcess determines if a container should
+                          be run as a 'Host Process' container. This field is alpha-level
+                          and will only be honored by components that enable the WindowsHostProcessContainers
+                          feature flag. Setting this field without the feature flag
+                          will result in errors when validating the Pod. All of a
+                          Pod's containers must have the same effective HostProcess
+                          value (it is not allowed to have a mix of HostProcess containers
+                          and non-HostProcess containers).  In addition, if HostProcess
+                          is true then HostNetwork must also be set to true.
+                        type: boolean
+                      runAsUserName:
+                        description: The UserName in Windows to run the entrypoint
+                          of the container process. Defaults to the user specified
+                          in image metadata if unspecified. May also be set in PodSecurityContext.
+                          If set in both SecurityContext and PodSecurityContext, the
+                          value specified in SecurityContext takes precedence.
+                        type: string
+                    type: object
+                type: object
+              serviceAccountName:
+                description: ServiceAccountName is the name of the ServiceAccount
+                  to use to run the Prometheus Pods.
+                type: string
+              serviceMonitorNamespaceSelector:
+                description: Namespace's labels to match for ServiceMonitor discovery.
+                  If nil, only check own namespace.
+                properties:
+                  matchExpressions:
+                    description: matchExpressions is a list of label selector requirements.
+                      The requirements are ANDed.
+                    items:
+                      description: A label selector requirement is a selector that
+                        contains values, a key, and an operator that relates the key
+                        and values.
+                      properties:
+                        key:
+                          description: key is the label key that the selector applies
+                            to.
+                          type: string
+                        operator:
+                          description: operator represents a key's relationship to
+                            a set of values. Valid operators are In, NotIn, Exists
+                            and DoesNotExist.
+                          type: string
+                        values:
+                          description: values is an array of string values. If the
+                            operator is In or NotIn, the values array must be non-empty.
+                            If the operator is Exists or DoesNotExist, the values
+                            array must be empty. This array is replaced during a strategic
+                            merge patch.
+                          items:
+                            type: string
+                          type: array
+                      required:
+                      - key
+                      - operator
+                      type: object
+                    type: array
+                  matchLabels:
+                    additionalProperties:
+                      type: string
+                    description: matchLabels is a map of {key,value} pairs. A single
+                      {key,value} in the matchLabels map is equivalent to an element
+                      of matchExpressions, whose key field is "key", the operator
+                      is "In", and the values array contains only "value". The requirements
+                      are ANDed.
+                    type: object
+                type: object
+                x-kubernetes-map-type: atomic
+              serviceMonitorSelector:
+                description: "ServiceMonitors to be selected for target discovery.
+                  \n If `spec.serviceMonitorSelector`, `spec.podMonitorSelector` and
+                  `spec.probeSelector` are null, the Prometheus configuration is unmanaged.
+                  The Prometheus operator will ensure that the Prometheus configuration's
+                  Secret exists, but it is the responsibility of the user to provide
+                  the raw gzipped Prometheus configuration under the `prometheus.yaml.gz`
+                  key. This behavior is deprecated and will be removed in the next
+                  major version of the custom resource definition. It is recommended
+                  to use `spec.additionalScrapeConfigs` instead."
+                properties:
+                  matchExpressions:
+                    description: matchExpressions is a list of label selector requirements.
+                      The requirements are ANDed.
+                    items:
+                      description: A label selector requirement is a selector that
+                        contains values, a key, and an operator that relates the key
+                        and values.
+                      properties:
+                        key:
+                          description: key is the label key that the selector applies
+                            to.
+                          type: string
+                        operator:
+                          description: operator represents a key's relationship to
+                            a set of values. Valid operators are In, NotIn, Exists
+                            and DoesNotExist.
+                          type: string
+                        values:
+                          description: values is an array of string values. If the
+                            operator is In or NotIn, the values array must be non-empty.
+                            If the operator is Exists or DoesNotExist, the values
+                            array must be empty. This array is replaced during a strategic
+                            merge patch.
+                          items:
+                            type: string
+                          type: array
+                      required:
+                      - key
+                      - operator
+                      type: object
+                    type: array
+                  matchLabels:
+                    additionalProperties:
+                      type: string
+                    description: matchLabels is a map of {key,value} pairs. A single
+                      {key,value} in the matchLabels map is equivalent to an element
+                      of matchExpressions, whose key field is "key", the operator
+                      is "In", and the values array contains only "value". The requirements
+                      are ANDed.
+                    type: object
+                type: object
+                x-kubernetes-map-type: atomic
+              sha:
+                description: 'SHA of Prometheus container image to be deployed. Defaults
+                  to the value of `version`. Similar to a tag, but the SHA explicitly
+                  deploys an immutable container image. Version and Tag are ignored
+                  if SHA is set. Deprecated: use ''image'' instead.  The image digest
+                  can be specified as part of the image URL.'
+                type: string
+              shards:
+                description: 'EXPERIMENTAL: Number of shards to distribute targets
+                  onto. Number of replicas multiplied by shards is the total number
+                  of Pods created. Note that scaling down shards will not reshard
+                  data onto remaining instances, it must be manually moved. Increasing
+                  shards will not reshard data either but it will continue to be available
+                  from the same instances. To query globally use Thanos sidecar and
+                  Thanos querier or remote write data to a central location. Sharding
+                  is done on the content of the `__address__` target meta-label.'
+                format: int32
+                type: integer
+              storage:
+                description: Storage spec to specify how storage shall be used.
+                properties:
+                  disableMountSubPath:
+                    description: 'Deprecated: subPath usage will be disabled by default
+                      in a future release, this option will become unnecessary. DisableMountSubPath
+                      allows to remove any subPath usage in volume mounts.'
+                    type: boolean
+                  emptyDir:
+                    description: 'EmptyDirVolumeSource to be used by the StatefulSet.
+                      If specified, used in place of any volumeClaimTemplate. More
+                      info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir'
+                    properties:
+                      medium:
+                        description: 'medium represents what type of storage medium
+                          should back this directory. The default is "" which means
+                          to use the node''s default medium. Must be an empty string
+                          (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+                        type: string
+                      sizeLimit:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        description: 'sizeLimit is the total amount of local storage
+                          required for this EmptyDir volume. The size limit is also
+                          applicable for memory medium. The maximum usage on memory
+                          medium EmptyDir would be the minimum value between the SizeLimit
+                          specified here and the sum of memory limits of all containers
+                          in a pod. The default is nil which means that the limit
+                          is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
+                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                        x-kubernetes-int-or-string: true
+                    type: object
+                  ephemeral:
+                    description: 'EphemeralVolumeSource to be used by the StatefulSet.
+                      This is a beta field in k8s 1.21, for lower versions, starting
+                      with k8s 1.19, it requires enabling the GenericEphemeralVolume
+                      feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes'
+                    properties:
+                      volumeClaimTemplate:
+                        description: "Will be used to create a stand-alone PVC to
+                          provision the volume. The pod in which this EphemeralVolumeSource
+                          is embedded will be the owner of the PVC, i.e. the PVC will
+                          be deleted together with the pod.  The name of the PVC will
+                          be `<pod name>-<volume name>` where `<volume name>` is the
+                          name from the `PodSpec.Volumes` array entry. Pod validation
+                          will reject the pod if the concatenated name is not valid
+                          for a PVC (for example, too long). \n An existing PVC with
+                          that name that is not owned by the pod will *not* be used
+                          for the pod to avoid using an unrelated volume by mistake.
+                          Starting the pod is then blocked until the unrelated PVC
+                          is removed. If such a pre-created PVC is meant to be used
+                          by the pod, the PVC has to updated with an owner reference
+                          to the pod once the pod exists. Normally this should not
+                          be necessary, but it may be useful when manually reconstructing
+                          a broken cluster. \n This field is read-only and no changes
+                          will be made by Kubernetes to the PVC after it has been
+                          created. \n Required, must not be nil."
+                        properties:
+                          metadata:
+                            description: May contain labels and annotations that will
+                              be copied into the PVC when creating it. No other fields
+                              are allowed and will be rejected during validation.
+                            type: object
+                          spec:
+                            description: The specification for the PersistentVolumeClaim.
+                              The entire content is copied unchanged into the PVC
+                              that gets created from this template. The same fields
+                              as in a PersistentVolumeClaim are also valid here.
+                            properties:
+                              accessModes:
+                                description: 'accessModes contains the desired access
+                                  modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
+                                items:
+                                  type: string
+                                type: array
+                              dataSource:
+                                description: 'dataSource field can be used to specify
+                                  either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
+                                  * An existing PVC (PersistentVolumeClaim) If the
+                                  provisioner or an external controller can support
+                                  the specified data source, it will create a new
+                                  volume based on the contents of the specified data
+                                  source. When the AnyVolumeDataSource feature gate
+                                  is enabled, dataSource contents will be copied to
+                                  dataSourceRef, and dataSourceRef contents will be
+                                  copied to dataSource when dataSourceRef.namespace
+                                  is not specified. If the namespace is specified,
+                                  then dataSourceRef will not be copied to dataSource.'
+                                properties:
+                                  apiGroup:
+                                    description: APIGroup is the group for the resource
+                                      being referenced. If APIGroup is not specified,
+                                      the specified Kind must be in the core API group.
+                                      For any other third-party types, APIGroup is
+                                      required.
+                                    type: string
+                                  kind:
+                                    description: Kind is the type of resource being
+                                      referenced
+                                    type: string
+                                  name:
+                                    description: Name is the name of resource being
+                                      referenced
+                                    type: string
+                                required:
+                                - kind
+                                - name
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              dataSourceRef:
+                                description: 'dataSourceRef specifies the object from
+                                  which to populate the volume with data, if a non-empty
+                                  volume is desired. This may be any object from a
+                                  non-empty API group (non core object) or a PersistentVolumeClaim
+                                  object. When this field is specified, volume binding
+                                  will only succeed if the type of the specified object
+                                  matches some installed volume populator or dynamic
+                                  provisioner. This field will replace the functionality
+                                  of the dataSource field and as such if both fields
+                                  are non-empty, they must have the same value. For
+                                  backwards compatibility, when namespace isn''t specified
+                                  in dataSourceRef, both fields (dataSource and dataSourceRef)
+                                  will be set to the same value automatically if one
+                                  of them is empty and the other is non-empty. When
+                                  namespace is specified in dataSourceRef, dataSource
+                                  isn''t set to the same value and must be empty.
+                                  There are three important differences between dataSource
+                                  and dataSourceRef: * While dataSource only allows
+                                  two specific types of objects, dataSourceRef allows
+                                  any non-core object, as well as PersistentVolumeClaim
+                                  objects. * While dataSource ignores disallowed values
+                                  (dropping them), dataSourceRef preserves all values,
+                                  and generates an error if a disallowed value is
+                                  specified. * While dataSource only allows local
+                                  objects, dataSourceRef allows objects in any namespaces.
+                                  (Beta) Using this field requires the AnyVolumeDataSource
+                                  feature gate to be enabled. (Alpha) Using the namespace
+                                  field of dataSourceRef requires the CrossNamespaceVolumeDataSource
+                                  feature gate to be enabled.'
+                                properties:
+                                  apiGroup:
+                                    description: APIGroup is the group for the resource
+                                      being referenced. If APIGroup is not specified,
+                                      the specified Kind must be in the core API group.
+                                      For any other third-party types, APIGroup is
+                                      required.
+                                    type: string
+                                  kind:
+                                    description: Kind is the type of resource being
+                                      referenced
+                                    type: string
+                                  name:
+                                    description: Name is the name of resource being
+                                      referenced
+                                    type: string
+                                  namespace:
+                                    description: Namespace is the namespace of resource
+                                      being referenced Note that when a namespace
+                                      is specified, a gateway.networking.k8s.io/ReferenceGrant
+                                      object is required in the referent namespace
+                                      to allow that namespace's owner to accept the
+                                      reference. See the ReferenceGrant documentation
+                                      for details. (Alpha) This field requires the
+                                      CrossNamespaceVolumeDataSource feature gate
+                                      to be enabled.
+                                    type: string
+                                required:
+                                - kind
+                                - name
+                                type: object
+                              resources:
+                                description: 'resources represents the minimum resources
+                                  the volume should have. If RecoverVolumeExpansionFailure
+                                  feature is enabled users are allowed to specify
+                                  resource requirements that are lower than previous
+                                  value but must still be higher than capacity recorded
+                                  in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
+                                properties:
+                                  claims:
+                                    description: "Claims lists the names of resources,
+                                      defined in spec.resourceClaims, that are used
+                                      by this container. \n This is an alpha field
+                                      and requires enabling the DynamicResourceAllocation
+                                      feature gate. \n This field is immutable."
+                                    items:
+                                      description: ResourceClaim references one entry
+                                        in PodSpec.ResourceClaims.
+                                      properties:
+                                        name:
+                                          description: Name must match the name of
+                                            one entry in pod.spec.resourceClaims of
+                                            the Pod where this field is used. It makes
+                                            that resource available inside a container.
+                                          type: string
+                                      required:
+                                      - name
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-map-keys:
+                                    - name
+                                    x-kubernetes-list-type: map
+                                  limits:
+                                    additionalProperties:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                      x-kubernetes-int-or-string: true
+                                    description: 'Limits describes the maximum amount
+                                      of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                                    type: object
+                                  requests:
+                                    additionalProperties:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                      x-kubernetes-int-or-string: true
+                                    description: 'Requests describes the minimum amount
+                                      of compute resources required. If Requests is
+                                      omitted for a container, it defaults to Limits
+                                      if that is explicitly specified, otherwise to
+                                      an implementation-defined value. More info:
+                                      https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                                    type: object
+                                type: object
+                              selector:
+                                description: selector is a label query over volumes
+                                  to consider for binding.
+                                properties:
+                                  matchExpressions:
+                                    description: matchExpressions is a list of label
+                                      selector requirements. The requirements are
+                                      ANDed.
+                                    items:
+                                      description: A label selector requirement is
+                                        a selector that contains values, a key, and
+                                        an operator that relates the key and values.
+                                      properties:
+                                        key:
+                                          description: key is the label key that the
+                                            selector applies to.
+                                          type: string
+                                        operator:
+                                          description: operator represents a key's
+                                            relationship to a set of values. Valid
+                                            operators are In, NotIn, Exists and DoesNotExist.
+                                          type: string
+                                        values:
+                                          description: values is an array of string
+                                            values. If the operator is In or NotIn,
+                                            the values array must be non-empty. If
+                                            the operator is Exists or DoesNotExist,
+                                            the values array must be empty. This array
+                                            is replaced during a strategic merge patch.
+                                          items:
+                                            type: string
+                                          type: array
+                                      required:
+                                      - key
+                                      - operator
+                                      type: object
+                                    type: array
+                                  matchLabels:
+                                    additionalProperties:
+                                      type: string
+                                    description: matchLabels is a map of {key,value}
+                                      pairs. A single {key,value} in the matchLabels
+                                      map is equivalent to an element of matchExpressions,
+                                      whose key field is "key", the operator is "In",
+                                      and the values array contains only "value".
+                                      The requirements are ANDed.
+                                    type: object
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              storageClassName:
+                                description: 'storageClassName is the name of the
+                                  StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+                                type: string
+                              volumeMode:
+                                description: volumeMode defines what type of volume
+                                  is required by the claim. Value of Filesystem is
+                                  implied when not included in claim spec.
+                                type: string
+                              volumeName:
+                                description: volumeName is the binding reference to
+                                  the PersistentVolume backing this claim.
+                                type: string
+                            type: object
+                        required:
+                        - spec
+                        type: object
+                    type: object
+                  volumeClaimTemplate:
+                    description: A PVC spec to be used by the StatefulSet. The easiest
+                      way to use a volume that cannot be automatically provisioned
+                      (for whatever reason) is to use a label selector alongside manually
+                      created PersistentVolumes.
+                    properties:
+                      apiVersion:
+                        description: 'APIVersion defines the versioned schema of this
+                          representation of an object. Servers should convert recognized
+                          schemas to the latest internal value, and may reject unrecognized
+                          values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+                        type: string
+                      kind:
+                        description: 'Kind is a string value representing the REST
+                          resource this object represents. Servers may infer this
+                          from the endpoint the client submits requests to. Cannot
+                          be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+                        type: string
+                      metadata:
+                        description: EmbeddedMetadata contains metadata relevant to
+                          an EmbeddedResource.
+                        properties:
+                          annotations:
+                            additionalProperties:
+                              type: string
+                            description: 'Annotations is an unstructured key value
+                              map stored with a resource that may be set by external
+                              tools to store and retrieve arbitrary metadata. They
+                              are not queryable and should be preserved when modifying
+                              objects. More info: http://kubernetes.io/docs/user-guide/annotations'
+                            type: object
+                          labels:
+                            additionalProperties:
+                              type: string
+                            description: 'Map of string keys and values that can be
+                              used to organize and categorize (scope and select) objects.
+                              May match selectors of replication controllers and services.
+                              More info: http://kubernetes.io/docs/user-guide/labels'
+                            type: object
+                          name:
+                            description: 'Name must be unique within a namespace.
+                              Is required when creating resources, although some resources
+                              may allow a client to request the generation of an appropriate
+                              name automatically. Name is primarily intended for creation
+                              idempotence and configuration definition. Cannot be
+                              updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
+                            type: string
+                        type: object
+                      spec:
+                        description: 'Spec defines the desired characteristics of
+                          a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+                        properties:
+                          accessModes:
+                            description: 'accessModes contains the desired access
+                              modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
+                            items:
+                              type: string
+                            type: array
+                          dataSource:
+                            description: 'dataSource field can be used to specify
+                              either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
+                              * An existing PVC (PersistentVolumeClaim) If the provisioner
+                              or an external controller can support the specified
+                              data source, it will create a new volume based on the
+                              contents of the specified data source. When the AnyVolumeDataSource
+                              feature gate is enabled, dataSource contents will be
+                              copied to dataSourceRef, and dataSourceRef contents
+                              will be copied to dataSource when dataSourceRef.namespace
+                              is not specified. If the namespace is specified, then
+                              dataSourceRef will not be copied to dataSource.'
+                            properties:
+                              apiGroup:
+                                description: APIGroup is the group for the resource
+                                  being referenced. If APIGroup is not specified,
+                                  the specified Kind must be in the core API group.
+                                  For any other third-party types, APIGroup is required.
+                                type: string
+                              kind:
+                                description: Kind is the type of resource being referenced
+                                type: string
+                              name:
+                                description: Name is the name of resource being referenced
+                                type: string
+                            required:
+                            - kind
+                            - name
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          dataSourceRef:
+                            description: 'dataSourceRef specifies the object from
+                              which to populate the volume with data, if a non-empty
+                              volume is desired. This may be any object from a non-empty
+                              API group (non core object) or a PersistentVolumeClaim
+                              object. When this field is specified, volume binding
+                              will only succeed if the type of the specified object
+                              matches some installed volume populator or dynamic provisioner.
+                              This field will replace the functionality of the dataSource
+                              field and as such if both fields are non-empty, they
+                              must have the same value. For backwards compatibility,
+                              when namespace isn''t specified in dataSourceRef, both
+                              fields (dataSource and dataSourceRef) will be set to
+                              the same value automatically if one of them is empty
+                              and the other is non-empty. When namespace is specified
+                              in dataSourceRef, dataSource isn''t set to the same
+                              value and must be empty. There are three important differences
+                              between dataSource and dataSourceRef: * While dataSource
+                              only allows two specific types of objects, dataSourceRef
+                              allows any non-core object, as well as PersistentVolumeClaim
+                              objects. * While dataSource ignores disallowed values
+                              (dropping them), dataSourceRef preserves all values,
+                              and generates an error if a disallowed value is specified.
+                              * While dataSource only allows local objects, dataSourceRef
+                              allows objects in any namespaces. (Beta) Using this
+                              field requires the AnyVolumeDataSource feature gate
+                              to be enabled. (Alpha) Using the namespace field of
+                              dataSourceRef requires the CrossNamespaceVolumeDataSource
+                              feature gate to be enabled.'
+                            properties:
+                              apiGroup:
+                                description: APIGroup is the group for the resource
+                                  being referenced. If APIGroup is not specified,
+                                  the specified Kind must be in the core API group.
+                                  For any other third-party types, APIGroup is required.
+                                type: string
+                              kind:
+                                description: Kind is the type of resource being referenced
+                                type: string
+                              name:
+                                description: Name is the name of resource being referenced
+                                type: string
+                              namespace:
+                                description: Namespace is the namespace of resource
+                                  being referenced Note that when a namespace is specified,
+                                  a gateway.networking.k8s.io/ReferenceGrant object
+                                  is required in the referent namespace to allow that
+                                  namespace's owner to accept the reference. See the
+                                  ReferenceGrant documentation for details. (Alpha)
+                                  This field requires the CrossNamespaceVolumeDataSource
+                                  feature gate to be enabled.
+                                type: string
+                            required:
+                            - kind
+                            - name
+                            type: object
+                          resources:
+                            description: 'resources represents the minimum resources
+                              the volume should have. If RecoverVolumeExpansionFailure
+                              feature is enabled users are allowed to specify resource
+                              requirements that are lower than previous value but
+                              must still be higher than capacity recorded in the status
+                              field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
+                            properties:
+                              claims:
+                                description: "Claims lists the names of resources,
+                                  defined in spec.resourceClaims, that are used by
+                                  this container. \n This is an alpha field and requires
+                                  enabling the DynamicResourceAllocation feature gate.
+                                  \n This field is immutable."
+                                items:
+                                  description: ResourceClaim references one entry
+                                    in PodSpec.ResourceClaims.
+                                  properties:
+                                    name:
+                                      description: Name must match the name of one
+                                        entry in pod.spec.resourceClaims of the Pod
+                                        where this field is used. It makes that resource
+                                        available inside a container.
+                                      type: string
+                                  required:
+                                  - name
+                                  type: object
+                                type: array
+                                x-kubernetes-list-map-keys:
+                                - name
+                                x-kubernetes-list-type: map
+                              limits:
+                                additionalProperties:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                description: 'Limits describes the maximum amount
+                                  of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                                type: object
+                              requests:
+                                additionalProperties:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                description: 'Requests describes the minimum amount
+                                  of compute resources required. If Requests is omitted
+                                  for a container, it defaults to Limits if that is
+                                  explicitly specified, otherwise to an implementation-defined
+                                  value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                                type: object
+                            type: object
+                          selector:
+                            description: selector is a label query over volumes to
+                              consider for binding.
+                            properties:
+                              matchExpressions:
+                                description: matchExpressions is a list of label selector
+                                  requirements. The requirements are ANDed.
+                                items:
+                                  description: A label selector requirement is a selector
+                                    that contains values, a key, and an operator that
+                                    relates the key and values.
+                                  properties:
+                                    key:
+                                      description: key is the label key that the selector
+                                        applies to.
+                                      type: string
+                                    operator:
+                                      description: operator represents a key's relationship
+                                        to a set of values. Valid operators are In,
+                                        NotIn, Exists and DoesNotExist.
+                                      type: string
+                                    values:
+                                      description: values is an array of string values.
+                                        If the operator is In or NotIn, the values
+                                        array must be non-empty. If the operator is
+                                        Exists or DoesNotExist, the values array must
+                                        be empty. This array is replaced during a
+                                        strategic merge patch.
+                                      items:
+                                        type: string
+                                      type: array
+                                  required:
+                                  - key
+                                  - operator
+                                  type: object
+                                type: array
+                              matchLabels:
+                                additionalProperties:
+                                  type: string
+                                description: matchLabels is a map of {key,value} pairs.
+                                  A single {key,value} in the matchLabels map is equivalent
+                                  to an element of matchExpressions, whose key field
+                                  is "key", the operator is "In", and the values array
+                                  contains only "value". The requirements are ANDed.
+                                type: object
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          storageClassName:
+                            description: 'storageClassName is the name of the StorageClass
+                              required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+                            type: string
+                          volumeMode:
+                            description: volumeMode defines what type of volume is
+                              required by the claim. Value of Filesystem is implied
+                              when not included in claim spec.
+                            type: string
+                          volumeName:
+                            description: volumeName is the binding reference to the
+                              PersistentVolume backing this claim.
+                            type: string
+                        type: object
+                      status:
+                        description: 'Status represents the current information/status
+                          of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+                        properties:
+                          accessModes:
+                            description: 'accessModes contains the actual access modes
+                              the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
+                            items:
+                              type: string
+                            type: array
+                          allocatedResources:
+                            additionalProperties:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                              x-kubernetes-int-or-string: true
+                            description: allocatedResources is the storage resource
+                              within AllocatedResources tracks the capacity allocated
+                              to a PVC. It may be larger than the actual capacity
+                              when a volume expansion operation is requested. For
+                              storage quota, the larger value from allocatedResources
+                              and PVC.spec.resources is used. If allocatedResources
+                              is not set, PVC.spec.resources alone is used for quota
+                              calculation. If a volume expansion capacity request
+                              is lowered, allocatedResources is only lowered if there
+                              are no expansion operations in progress and if the actual
+                              volume capacity is equal or lower than the requested
+                              capacity. This is an alpha field and requires enabling
+                              RecoverVolumeExpansionFailure feature.
+                            type: object
+                          capacity:
+                            additionalProperties:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                              x-kubernetes-int-or-string: true
+                            description: capacity represents the actual resources
+                              of the underlying volume.
+                            type: object
+                          conditions:
+                            description: conditions is the current Condition of persistent
+                              volume claim. If underlying persistent volume is being
+                              resized then the Condition will be set to 'ResizeStarted'.
+                            items:
+                              description: PersistentVolumeClaimCondition contails
+                                details about state of pvc
+                              properties:
+                                lastProbeTime:
+                                  description: lastProbeTime is the time we probed
+                                    the condition.
+                                  format: date-time
+                                  type: string
+                                lastTransitionTime:
+                                  description: lastTransitionTime is the time the
+                                    condition transitioned from one status to another.
+                                  format: date-time
+                                  type: string
+                                message:
+                                  description: message is the human-readable message
+                                    indicating details about last transition.
+                                  type: string
+                                reason:
+                                  description: reason is a unique, this should be
+                                    a short, machine understandable string that gives
+                                    the reason for condition's last transition. If
+                                    it reports "ResizeStarted" that means the underlying
+                                    persistent volume is being resized.
+                                  type: string
+                                status:
+                                  type: string
+                                type:
+                                  description: PersistentVolumeClaimConditionType
+                                    is a valid value of PersistentVolumeClaimCondition.Type
+                                  type: string
+                              required:
+                              - status
+                              - type
+                              type: object
+                            type: array
+                          phase:
+                            description: phase represents the current phase of PersistentVolumeClaim.
+                            type: string
+                          resizeStatus:
+                            description: resizeStatus stores status of resize operation.
+                              ResizeStatus is not set by default but when expansion
+                              is complete resizeStatus is set to empty string by resize
+                              controller or kubelet. This is an alpha field and requires
+                              enabling RecoverVolumeExpansionFailure feature.
+                            type: string
+                        type: object
+                    type: object
+                type: object
+              tag:
+                description: 'Tag of Prometheus container image to be deployed. Defaults
+                  to the value of `version`. Version is ignored if Tag is set. Deprecated:
+                  use ''image'' instead.  The image tag can be specified as part of
+                  the image URL.'
+                type: string
+              thanos:
+                description: "Thanos configuration allows configuring various aspects
+                  of a Prometheus server in a Thanos environment. \n This section
+                  is experimental, it may change significantly without deprecation
+                  notice in any release. \n This is experimental and may change significantly
+                  without backward compatibility in any release."
+                properties:
+                  additionalArgs:
+                    description: AdditionalArgs allows setting additional arguments
+                      for the Thanos container. The arguments are passed as-is to
+                      the Thanos container which may cause issues if they are invalid
+                      or not supported the given Thanos version. In case of an argument
+                      conflict (e.g. an argument which is already set by the operator
+                      itself) or when providing an invalid argument the reconciliation
+                      will fail and an error will be logged.
+                    items:
+                      description: Argument as part of the AdditionalArgs list.
+                      properties:
+                        name:
+                          description: Name of the argument, e.g. "scrape.discovery-reload-interval".
+                          minLength: 1
+                          type: string
+                        value:
+                          description: Argument value, e.g. 30s. Can be empty for
+                            name-only arguments (e.g. --storage.tsdb.no-lockfile)
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    type: array
+                  baseImage:
+                    description: 'Thanos base image if other than default. Deprecated:
+                      use ''image'' instead'
+                    type: string
+                  grpcListenLocal:
+                    description: If true, the Thanos sidecar listens on the loopback
+                      interface for the gRPC endpoints. It has no effect if `listenLocal`
+                      is true.
+                    type: boolean
+                  grpcServerTlsConfig:
+                    description: 'GRPCServerTLSConfig configures the TLS parameters
+                      for the gRPC server providing the StoreAPI. Note: Currently
+                      only the CAFile, CertFile, and KeyFile fields are supported.
+                      Maps to the ''--grpc-server-tls-*'' CLI args.'
+                    properties:
+                      ca:
+                        description: Certificate authority used when verifying server
+                          certificates.
+                        properties:
+                          configMap:
+                            description: ConfigMap containing data to use for the
+                              targets.
+                            properties:
+                              key:
+                                description: The key to select.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the ConfigMap or its
+                                  key must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          secret:
+                            description: Secret containing data to use for the targets.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      caFile:
+                        description: Path to the CA cert in the Prometheus container
+                          to use for the targets.
+                        type: string
+                      cert:
+                        description: Client certificate to present when doing client-authentication.
+                        properties:
+                          configMap:
+                            description: ConfigMap containing data to use for the
+                              targets.
+                            properties:
+                              key:
+                                description: The key to select.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the ConfigMap or its
+                                  key must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          secret:
+                            description: Secret containing data to use for the targets.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      certFile:
+                        description: Path to the client cert file in the Prometheus
+                          container for the targets.
+                        type: string
+                      insecureSkipVerify:
+                        description: Disable target certificate validation.
+                        type: boolean
+                      keyFile:
+                        description: Path to the client key file in the Prometheus
+                          container for the targets.
+                        type: string
+                      keySecret:
+                        description: Secret containing the client key file for the
+                          targets.
+                        properties:
+                          key:
+                            description: The key of the secret to select from.  Must
+                              be a valid secret key.
+                            type: string
+                          name:
+                            description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                              TODO: Add other useful fields. apiVersion, kind, uid?'
+                            type: string
+                          optional:
+                            description: Specify whether the Secret or its key must
+                              be defined
+                            type: boolean
+                        required:
+                        - key
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      serverName:
+                        description: Used to verify the hostname for the targets.
+                        type: string
+                    type: object
+                  httpListenLocal:
+                    description: If true, the Thanos sidecar listens on the loopback
+                      interface for the HTTP endpoints. It has no effect if `listenLocal`
+                      is true.
+                    type: boolean
+                  image:
+                    description: Image if specified has precedence over baseImage,
+                      tag and sha combinations. Specifying the version is still necessary
+                      to ensure the Prometheus Operator knows what version of Thanos
+                      is being configured.
+                    type: string
+                  listenLocal:
+                    description: 'If true, the Thanos sidecar listens on the loopback
+                      interface for the HTTP and gRPC endpoints. It takes precedence
+                      over `grpcListenLocal` and `httpListenLocal`. Deprecated: use
+                      `grpcListenLocal` and `httpListenLocal` instead.'
+                    type: boolean
+                  logFormat:
+                    description: LogFormat for Thanos sidecar to be configured with.
+                    enum:
+                    - ""
+                    - logfmt
+                    - json
+                    type: string
+                  logLevel:
+                    description: LogLevel for Thanos sidecar to be configured with.
+                    enum:
+                    - ""
+                    - debug
+                    - info
+                    - warn
+                    - error
+                    type: string
+                  minTime:
+                    description: MinTime for Thanos sidecar to be configured with.
+                      Option can be a constant time in RFC3339 format or time duration
+                      relative to current time, such as -1d or 2h45m. Valid duration
+                      units are ms, s, m, h, d, w, y.
+                    type: string
+                  objectStorageConfig:
+                    description: ObjectStorageConfig configures object storage in
+                      Thanos. Alternative to ObjectStorageConfigFile, and lower order
+                      priority.
+                    properties:
+                      key:
+                        description: The key of the secret to select from.  Must be
+                          a valid secret key.
+                        type: string
+                      name:
+                        description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                          TODO: Add other useful fields. apiVersion, kind, uid?'
+                        type: string
+                      optional:
+                        description: Specify whether the Secret or its key must be
+                          defined
+                        type: boolean
+                    required:
+                    - key
+                    type: object
+                    x-kubernetes-map-type: atomic
+                  objectStorageConfigFile:
+                    description: ObjectStorageConfigFile specifies the path of the
+                      object storage configuration file. When used alongside with
+                      ObjectStorageConfig, ObjectStorageConfigFile takes precedence.
+                    type: string
+                  readyTimeout:
+                    description: ReadyTimeout is the maximum time Thanos sidecar will
+                      wait for Prometheus to start. Eg 10m
+                    pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                    type: string
+                  resources:
+                    description: Resources defines the resource requirements for the
+                      Thanos sidecar. If not provided, no requests/limits will be
+                      set
+                    properties:
+                      claims:
+                        description: "Claims lists the names of resources, defined
+                          in spec.resourceClaims, that are used by this container.
+                          \n This is an alpha field and requires enabling the DynamicResourceAllocation
+                          feature gate. \n This field is immutable."
+                        items:
+                          description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+                          properties:
+                            name:
+                              description: Name must match the name of one entry in
+                                pod.spec.resourceClaims of the Pod where this field
+                                is used. It makes that resource available inside a
+                                container.
+                              type: string
+                          required:
+                          - name
+                          type: object
+                        type: array
+                        x-kubernetes-list-map-keys:
+                        - name
+                        x-kubernetes-list-type: map
+                      limits:
+                        additionalProperties:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                          x-kubernetes-int-or-string: true
+                        description: 'Limits describes the maximum amount of compute
+                          resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                        type: object
+                      requests:
+                        additionalProperties:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                          x-kubernetes-int-or-string: true
+                        description: 'Requests describes the minimum amount of compute
+                          resources required. If Requests is omitted for a container,
+                          it defaults to Limits if that is explicitly specified, otherwise
+                          to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                        type: object
+                    type: object
+                  sha:
+                    description: 'SHA of Thanos container image to be deployed. Defaults
+                      to the value of `version`. Similar to a tag, but the SHA explicitly
+                      deploys an immutable container image. Version and Tag are ignored
+                      if SHA is set. Deprecated: use ''image'' instead.  The image
+                      digest can be specified as part of the image URL.'
+                    type: string
+                  tag:
+                    description: 'Tag of Thanos sidecar container image to be deployed.
+                      Defaults to the value of `version`. Version is ignored if Tag
+                      is set. Deprecated: use ''image'' instead.  The image tag can
+                      be specified as part of the image URL.'
+                    type: string
+                  tracingConfig:
+                    description: TracingConfig configures tracing in Thanos. This
+                      is an experimental feature, it may change in any upcoming release
+                      in a breaking way.
+                    properties:
+                      key:
+                        description: The key of the secret to select from.  Must be
+                          a valid secret key.
+                        type: string
+                      name:
+                        description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                          TODO: Add other useful fields. apiVersion, kind, uid?'
+                        type: string
+                      optional:
+                        description: Specify whether the Secret or its key must be
+                          defined
+                        type: boolean
+                    required:
+                    - key
+                    type: object
+                    x-kubernetes-map-type: atomic
+                  tracingConfigFile:
+                    description: TracingConfig specifies the path of the tracing configuration
+                      file. When used alongside with TracingConfig, TracingConfigFile
+                      takes precedence.
+                    type: string
+                  version:
+                    description: Version describes the version of Thanos to use.
+                    type: string
+                  volumeMounts:
+                    description: VolumeMounts allows configuration of additional VolumeMounts
+                      on the output StatefulSet definition. VolumeMounts specified
+                      will be appended to other VolumeMounts in the thanos-sidecar
+                      container.
+                    items:
+                      description: VolumeMount describes a mounting of a Volume within
+                        a container.
+                      properties:
+                        mountPath:
+                          description: Path within the container at which the volume
+                            should be mounted.  Must not contain ':'.
+                          type: string
+                        mountPropagation:
+                          description: mountPropagation determines how mounts are
+                            propagated from the host to container and the other way
+                            around. When not set, MountPropagationNone is used. This
+                            field is beta in 1.10.
+                          type: string
+                        name:
+                          description: This must match the Name of a Volume.
+                          type: string
+                        readOnly:
+                          description: Mounted read-only if true, read-write otherwise
+                            (false or unspecified). Defaults to false.
+                          type: boolean
+                        subPath:
+                          description: Path within the volume from which the container's
+                            volume should be mounted. Defaults to "" (volume's root).
+                          type: string
+                        subPathExpr:
+                          description: Expanded path within the volume from which
+                            the container's volume should be mounted. Behaves similarly
+                            to SubPath but environment variable references $(VAR_NAME)
+                            are expanded using the container's environment. Defaults
+                            to "" (volume's root). SubPathExpr and SubPath are mutually
+                            exclusive.
+                          type: string
+                      required:
+                      - mountPath
+                      - name
+                      type: object
+                    type: array
+                type: object
+              tolerations:
+                description: If specified, the pod's tolerations.
+                items:
+                  description: The pod this Toleration is attached to tolerates any
+                    taint that matches the triple <key,value,effect> using the matching
+                    operator <operator>.
+                  properties:
+                    effect:
+                      description: Effect indicates the taint effect to match. Empty
+                        means match all taint effects. When specified, allowed values
+                        are NoSchedule, PreferNoSchedule and NoExecute.
+                      type: string
+                    key:
+                      description: Key is the taint key that the toleration applies
+                        to. Empty means match all taint keys. If the key is empty,
+                        operator must be Exists; this combination means to match all
+                        values and all keys.
+                      type: string
+                    operator:
+                      description: Operator represents a key's relationship to the
+                        value. Valid operators are Exists and Equal. Defaults to Equal.
+                        Exists is equivalent to wildcard for value, so that a pod
+                        can tolerate all taints of a particular category.
+                      type: string
+                    tolerationSeconds:
+                      description: TolerationSeconds represents the period of time
+                        the toleration (which must be of effect NoExecute, otherwise
+                        this field is ignored) tolerates the taint. By default, it
+                        is not set, which means tolerate the taint forever (do not
+                        evict). Zero and negative values will be treated as 0 (evict
+                        immediately) by the system.
+                      format: int64
+                      type: integer
+                    value:
+                      description: Value is the taint value the toleration matches
+                        to. If the operator is Exists, the value should be empty,
+                        otherwise just a regular string.
+                      type: string
+                  type: object
+                type: array
+              topologySpreadConstraints:
+                description: If specified, the pod's topology spread constraints.
+                items:
+                  description: TopologySpreadConstraint specifies how to spread matching
+                    pods among the given topology.
+                  properties:
+                    labelSelector:
+                      description: LabelSelector is used to find matching pods. Pods
+                        that match this label selector are counted to determine the
+                        number of pods in their corresponding topology domain.
+                      properties:
+                        matchExpressions:
+                          description: matchExpressions is a list of label selector
+                            requirements. The requirements are ANDed.
+                          items:
+                            description: A label selector requirement is a selector
+                              that contains values, a key, and an operator that relates
+                              the key and values.
+                            properties:
+                              key:
+                                description: key is the label key that the selector
+                                  applies to.
+                                type: string
+                              operator:
+                                description: operator represents a key's relationship
+                                  to a set of values. Valid operators are In, NotIn,
+                                  Exists and DoesNotExist.
+                                type: string
+                              values:
+                                description: values is an array of string values.
+                                  If the operator is In or NotIn, the values array
+                                  must be non-empty. If the operator is Exists or
+                                  DoesNotExist, the values array must be empty. This
+                                  array is replaced during a strategic merge patch.
+                                items:
+                                  type: string
+                                type: array
+                            required:
+                            - key
+                            - operator
+                            type: object
+                          type: array
+                        matchLabels:
+                          additionalProperties:
+                            type: string
+                          description: matchLabels is a map of {key,value} pairs.
+                            A single {key,value} in the matchLabels map is equivalent
+                            to an element of matchExpressions, whose key field is
+                            "key", the operator is "In", and the values array contains
+                            only "value". The requirements are ANDed.
+                          type: object
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    matchLabelKeys:
+                      description: MatchLabelKeys is a set of pod label keys to select
+                        the pods over which spreading will be calculated. The keys
+                        are used to lookup values from the incoming pod labels, those
+                        key-value labels are ANDed with labelSelector to select the
+                        group of existing pods over which spreading will be calculated
+                        for the incoming pod. Keys that don't exist in the incoming
+                        pod labels will be ignored. A null or empty list means only
+                        match against labelSelector.
+                      items:
+                        type: string
+                      type: array
+                      x-kubernetes-list-type: atomic
+                    maxSkew:
+                      description: 'MaxSkew describes the degree to which pods may
+                        be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`,
+                        it is the maximum permitted difference between the number
+                        of matching pods in the target topology and the global minimum.
+                        The global minimum is the minimum number of matching pods
+                        in an eligible domain or zero if the number of eligible domains
+                        is less than MinDomains. For example, in a 3-zone cluster,
+                        MaxSkew is set to 1, and pods with the same labelSelector
+                        spread as 2/2/1: In this case, the global minimum is 1. |
+                        zone1 | zone2 | zone3 | |  P P  |  P P  |   P   | - if MaxSkew
+                        is 1, incoming pod can only be scheduled to zone3 to become
+                        2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1)
+                        on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming
+                        pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`,
+                        it is used to give higher precedence to topologies that satisfy
+                        it. It''s a required field. Default value is 1 and 0 is not
+                        allowed.'
+                      format: int32
+                      type: integer
+                    minDomains:
+                      description: "MinDomains indicates a minimum number of eligible
+                        domains. When the number of eligible domains with matching
+                        topology keys is less than minDomains, Pod Topology Spread
+                        treats \"global minimum\" as 0, and then the calculation of
+                        Skew is performed. And when the number of eligible domains
+                        with matching topology keys equals or greater than minDomains,
+                        this value has no effect on scheduling. As a result, when
+                        the number of eligible domains is less than minDomains, scheduler
+                        won't schedule more than maxSkew Pods to those domains. If
+                        value is nil, the constraint behaves as if MinDomains is equal
+                        to 1. Valid values are integers greater than 0. When value
+                        is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For
+                        example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains
+                        is set to 5 and pods with the same labelSelector spread as
+                        2/2/2: | zone1 | zone2 | zone3 | |  P P  |  P P  |  P P  |
+                        The number of domains is less than 5(MinDomains), so \"global
+                        minimum\" is treated as 0. In this situation, new pod with
+                        the same labelSelector cannot be scheduled, because computed
+                        skew will be 3(3 - 0) if new Pod is scheduled to any of the
+                        three zones, it will violate MaxSkew. \n This is a beta field
+                        and requires the MinDomainsInPodTopologySpread feature gate
+                        to be enabled (enabled by default)."
+                      format: int32
+                      type: integer
+                    nodeAffinityPolicy:
+                      description: "NodeAffinityPolicy indicates how we will treat
+                        Pod's nodeAffinity/nodeSelector when calculating pod topology
+                        spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector
+                        are included in the calculations. - Ignore: nodeAffinity/nodeSelector
+                        are ignored. All nodes are included in the calculations. \n
+                        If this value is nil, the behavior is equivalent to the Honor
+                        policy. This is a beta-level feature default enabled by the
+                        NodeInclusionPolicyInPodTopologySpread feature flag."
+                      type: string
+                    nodeTaintsPolicy:
+                      description: "NodeTaintsPolicy indicates how we will treat node
+                        taints when calculating pod topology spread skew. Options
+                        are: - Honor: nodes without taints, along with tainted nodes
+                        for which the incoming pod has a toleration, are included.
+                        - Ignore: node taints are ignored. All nodes are included.
+                        \n If this value is nil, the behavior is equivalent to the
+                        Ignore policy. This is a beta-level feature default enabled
+                        by the NodeInclusionPolicyInPodTopologySpread feature flag."
+                      type: string
+                    topologyKey:
+                      description: TopologyKey is the key of node labels. Nodes that
+                        have a label with this key and identical values are considered
+                        to be in the same topology. We consider each <key, value>
+                        as a "bucket", and try to put balanced number of pods into
+                        each bucket. We define a domain as a particular instance of
+                        a topology. Also, we define an eligible domain as a domain
+                        whose nodes meet the requirements of nodeAffinityPolicy and
+                        nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname",
+                        each Node is a domain of that topology. And, if TopologyKey
+                        is "topology.kubernetes.io/zone", each zone is a domain of
+                        that topology. It's a required field.
+                      type: string
+                    whenUnsatisfiable:
+                      description: 'WhenUnsatisfiable indicates how to deal with a
+                        pod if it doesn''t satisfy the spread constraint. - DoNotSchedule
+                        (default) tells the scheduler not to schedule it. - ScheduleAnyway
+                        tells the scheduler to schedule the pod in any location, but
+                        giving higher precedence to topologies that would help reduce
+                        the skew. A constraint is considered "Unsatisfiable" for an
+                        incoming pod if and only if every possible node assignment
+                        for that pod would violate "MaxSkew" on some topology. For
+                        example, in a 3-zone cluster, MaxSkew is set to 1, and pods
+                        with the same labelSelector spread as 3/1/1: | zone1 | zone2
+                        | zone3 | | P P P |   P   |   P   | If WhenUnsatisfiable is
+                        set to DoNotSchedule, incoming pod can only be scheduled to
+                        zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on
+                        zone2(zone3) satisfies MaxSkew(1). In other words, the cluster
+                        can still be imbalanced, but scheduler won''t make it *more*
+                        imbalanced. It''s a required field.'
+                      type: string
+                  required:
+                  - maxSkew
+                  - topologyKey
+                  - whenUnsatisfiable
+                  type: object
+                type: array
+              tsdb:
+                description: Defines the runtime reloadable configuration of the timeseries
+                  database (TSDB).
+                properties:
+                  outOfOrderTimeWindow:
+                    description: Configures how old an out-of-order/out-of-bounds
+                      sample can be w.r.t. the TSDB max time. An out-of-order/out-of-bounds
+                      sample is ingested into the TSDB as long as the timestamp of
+                      the sample is >= (TSDB.MaxTime - outOfOrderTimeWindow). Out
+                      of order ingestion is an experimental feature and requires Prometheus
+                      >= v2.39.0.
+                    pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                    type: string
+                type: object
+              version:
+                description: Version of Prometheus to be deployed.
+                type: string
+              volumeMounts:
+                description: VolumeMounts allows configuration of additional VolumeMounts
+                  on the output StatefulSet definition. VolumeMounts specified will
+                  be appended to other VolumeMounts in the prometheus container, that
+                  are generated as a result of StorageSpec objects.
+                items:
+                  description: VolumeMount describes a mounting of a Volume within
+                    a container.
+                  properties:
+                    mountPath:
+                      description: Path within the container at which the volume should
+                        be mounted.  Must not contain ':'.
+                      type: string
+                    mountPropagation:
+                      description: mountPropagation determines how mounts are propagated
+                        from the host to container and the other way around. When
+                        not set, MountPropagationNone is used. This field is beta
+                        in 1.10.
+                      type: string
+                    name:
+                      description: This must match the Name of a Volume.
+                      type: string
+                    readOnly:
+                      description: Mounted read-only if true, read-write otherwise
+                        (false or unspecified). Defaults to false.
+                      type: boolean
+                    subPath:
+                      description: Path within the volume from which the container's
+                        volume should be mounted. Defaults to "" (volume's root).
+                      type: string
+                    subPathExpr:
+                      description: Expanded path within the volume from which the
+                        container's volume should be mounted. Behaves similarly to
+                        SubPath but environment variable references $(VAR_NAME) are
+                        expanded using the container's environment. Defaults to ""
+                        (volume's root). SubPathExpr and SubPath are mutually exclusive.
+                      type: string
+                  required:
+                  - mountPath
+                  - name
+                  type: object
+                type: array
+              volumes:
+                description: Volumes allows configuration of additional volumes on
+                  the output StatefulSet definition. Volumes specified will be appended
+                  to other volumes that are generated as a result of StorageSpec objects.
+                items:
+                  description: Volume represents a named volume in a pod that may
+                    be accessed by any container in the pod.
+                  properties:
+                    awsElasticBlockStore:
+                      description: 'awsElasticBlockStore represents an AWS Disk resource
+                        that is attached to a kubelet''s host machine and then exposed
+                        to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+                      properties:
+                        fsType:
+                          description: 'fsType is the filesystem type of the volume
+                            that you want to mount. Tip: Ensure that the filesystem
+                            type is supported by the host operating system. Examples:
+                            "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
+                            if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+                            TODO: how do we prevent errors in the filesystem from
+                            compromising the machine'
+                          type: string
+                        partition:
+                          description: 'partition is the partition in the volume that
+                            you want to mount. If omitted, the default is to mount
+                            by volume name. Examples: For volume /dev/sda1, you specify
+                            the partition as "1". Similarly, the volume partition
+                            for /dev/sda is "0" (or you can leave the property empty).'
+                          format: int32
+                          type: integer
+                        readOnly:
+                          description: 'readOnly value true will force the readOnly
+                            setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+                          type: boolean
+                        volumeID:
+                          description: 'volumeID is unique ID of the persistent disk
+                            resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+                          type: string
+                      required:
+                      - volumeID
+                      type: object
+                    azureDisk:
+                      description: azureDisk represents an Azure Data Disk mount on
+                        the host and bind mount to the pod.
+                      properties:
+                        cachingMode:
+                          description: 'cachingMode is the Host Caching mode: None,
+                            Read Only, Read Write.'
+                          type: string
+                        diskName:
+                          description: diskName is the Name of the data disk in the
+                            blob storage
+                          type: string
+                        diskURI:
+                          description: diskURI is the URI of data disk in the blob
+                            storage
+                          type: string
+                        fsType:
+                          description: fsType is Filesystem type to mount. Must be
+                            a filesystem type supported by the host operating system.
+                            Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
+                            if unspecified.
+                          type: string
+                        kind:
+                          description: 'kind expected values are Shared: multiple
+                            blob disks per storage account  Dedicated: single blob
+                            disk per storage account  Managed: azure managed data
+                            disk (only in managed availability set). defaults to shared'
+                          type: string
+                        readOnly:
+                          description: readOnly Defaults to false (read/write). ReadOnly
+                            here will force the ReadOnly setting in VolumeMounts.
+                          type: boolean
+                      required:
+                      - diskName
+                      - diskURI
+                      type: object
+                    azureFile:
+                      description: azureFile represents an Azure File Service mount
+                        on the host and bind mount to the pod.
+                      properties:
+                        readOnly:
+                          description: readOnly defaults to false (read/write). ReadOnly
+                            here will force the ReadOnly setting in VolumeMounts.
+                          type: boolean
+                        secretName:
+                          description: secretName is the  name of secret that contains
+                            Azure Storage Account Name and Key
+                          type: string
+                        shareName:
+                          description: shareName is the azure share Name
+                          type: string
+                      required:
+                      - secretName
+                      - shareName
+                      type: object
+                    cephfs:
+                      description: cephFS represents a Ceph FS mount on the host that
+                        shares a pod's lifetime
+                      properties:
+                        monitors:
+                          description: 'monitors is Required: Monitors is a collection
+                            of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                          items:
+                            type: string
+                          type: array
+                        path:
+                          description: 'path is Optional: Used as the mounted root,
+                            rather than the full Ceph tree, default is /'
+                          type: string
+                        readOnly:
+                          description: 'readOnly is Optional: Defaults to false (read/write).
+                            ReadOnly here will force the ReadOnly setting in VolumeMounts.
+                            More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                          type: boolean
+                        secretFile:
+                          description: 'secretFile is Optional: SecretFile is the
+                            path to key ring for User, default is /etc/ceph/user.secret
+                            More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                          type: string
+                        secretRef:
+                          description: 'secretRef is Optional: SecretRef is reference
+                            to the authentication secret for User, default is empty.
+                            More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                          properties:
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        user:
+                          description: 'user is optional: User is the rados user name,
+                            default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                          type: string
+                      required:
+                      - monitors
+                      type: object
+                    cinder:
+                      description: 'cinder represents a cinder volume attached and
+                        mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+                      properties:
+                        fsType:
+                          description: 'fsType is the filesystem type to mount. Must
+                            be a filesystem type supported by the host operating system.
+                            Examples: "ext4", "xfs", "ntfs". Implicitly inferred to
+                            be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+                          type: string
+                        readOnly:
+                          description: 'readOnly defaults to false (read/write). ReadOnly
+                            here will force the ReadOnly setting in VolumeMounts.
+                            More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+                          type: boolean
+                        secretRef:
+                          description: 'secretRef is optional: points to a secret
+                            object containing parameters used to connect to OpenStack.'
+                          properties:
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        volumeID:
+                          description: 'volumeID used to identify the volume in cinder.
+                            More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+                          type: string
+                      required:
+                      - volumeID
+                      type: object
+                    configMap:
+                      description: configMap represents a configMap that should populate
+                        this volume
+                      properties:
+                        defaultMode:
+                          description: 'defaultMode is optional: mode bits used to
+                            set permissions on created files by default. Must be an
+                            octal value between 0000 and 0777 or a decimal value between
+                            0 and 511. YAML accepts both octal and decimal values,
+                            JSON requires decimal values for mode bits. Defaults to
+                            0644. Directories within the path are not affected by
+                            this setting. This might be in conflict with other options
+                            that affect the file mode, like fsGroup, and the result
+                            can be other mode bits set.'
+                          format: int32
+                          type: integer
+                        items:
+                          description: items if unspecified, each key-value pair in
+                            the Data field of the referenced ConfigMap will be projected
+                            into the volume as a file whose name is the key and content
+                            is the value. If specified, the listed keys will be projected
+                            into the specified paths, and unlisted keys will not be
+                            present. If a key is specified which is not present in
+                            the ConfigMap, the volume setup will error unless it is
+                            marked optional. Paths must be relative and may not contain
+                            the '..' path or start with '..'.
+                          items:
+                            description: Maps a string key to a path within a volume.
+                            properties:
+                              key:
+                                description: key is the key to project.
+                                type: string
+                              mode:
+                                description: 'mode is Optional: mode bits used to
+                                  set permissions on this file. Must be an octal value
+                                  between 0000 and 0777 or a decimal value between
+                                  0 and 511. YAML accepts both octal and decimal values,
+                                  JSON requires decimal values for mode bits. If not
+                                  specified, the volume defaultMode will be used.
+                                  This might be in conflict with other options that
+                                  affect the file mode, like fsGroup, and the result
+                                  can be other mode bits set.'
+                                format: int32
+                                type: integer
+                              path:
+                                description: path is the relative path of the file
+                                  to map the key to. May not be an absolute path.
+                                  May not contain the path element '..'. May not start
+                                  with the string '..'.
+                                type: string
+                            required:
+                            - key
+                            - path
+                            type: object
+                          type: array
+                        name:
+                          description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                            TODO: Add other useful fields. apiVersion, kind, uid?'
+                          type: string
+                        optional:
+                          description: optional specify whether the ConfigMap or its
+                            keys must be defined
+                          type: boolean
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    csi:
+                      description: csi (Container Storage Interface) represents ephemeral
+                        storage that is handled by certain external CSI drivers (Beta
+                        feature).
+                      properties:
+                        driver:
+                          description: driver is the name of the CSI driver that handles
+                            this volume. Consult with your admin for the correct name
+                            as registered in the cluster.
+                          type: string
+                        fsType:
+                          description: fsType to mount. Ex. "ext4", "xfs", "ntfs".
+                            If not provided, the empty value is passed to the associated
+                            CSI driver which will determine the default filesystem
+                            to apply.
+                          type: string
+                        nodePublishSecretRef:
+                          description: nodePublishSecretRef is a reference to the
+                            secret object containing sensitive information to pass
+                            to the CSI driver to complete the CSI NodePublishVolume
+                            and NodeUnpublishVolume calls. This field is optional,
+                            and  may be empty if no secret is required. If the secret
+                            object contains more than one secret, all secret references
+                            are passed.
+                          properties:
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        readOnly:
+                          description: readOnly specifies a read-only configuration
+                            for the volume. Defaults to false (read/write).
+                          type: boolean
+                        volumeAttributes:
+                          additionalProperties:
+                            type: string
+                          description: volumeAttributes stores driver-specific properties
+                            that are passed to the CSI driver. Consult your driver's
+                            documentation for supported values.
+                          type: object
+                      required:
+                      - driver
+                      type: object
+                    downwardAPI:
+                      description: downwardAPI represents downward API about the pod
+                        that should populate this volume
+                      properties:
+                        defaultMode:
+                          description: 'Optional: mode bits to use on created files
+                            by default. Must be a Optional: mode bits used to set
+                            permissions on created files by default. Must be an octal
+                            value between 0000 and 0777 or a decimal value between
+                            0 and 511. YAML accepts both octal and decimal values,
+                            JSON requires decimal values for mode bits. Defaults to
+                            0644. Directories within the path are not affected by
+                            this setting. This might be in conflict with other options
+                            that affect the file mode, like fsGroup, and the result
+                            can be other mode bits set.'
+                          format: int32
+                          type: integer
+                        items:
+                          description: Items is a list of downward API volume file
+                          items:
+                            description: DownwardAPIVolumeFile represents information
+                              to create the file containing the pod field
+                            properties:
+                              fieldRef:
+                                description: 'Required: Selects a field of the pod:
+                                  only annotations, labels, name and namespace are
+                                  supported.'
+                                properties:
+                                  apiVersion:
+                                    description: Version of the schema the FieldPath
+                                      is written in terms of, defaults to "v1".
+                                    type: string
+                                  fieldPath:
+                                    description: Path of the field to select in the
+                                      specified API version.
+                                    type: string
+                                required:
+                                - fieldPath
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              mode:
+                                description: 'Optional: mode bits used to set permissions
+                                  on this file, must be an octal value between 0000
+                                  and 0777 or a decimal value between 0 and 511. YAML
+                                  accepts both octal and decimal values, JSON requires
+                                  decimal values for mode bits. If not specified,
+                                  the volume defaultMode will be used. This might
+                                  be in conflict with other options that affect the
+                                  file mode, like fsGroup, and the result can be other
+                                  mode bits set.'
+                                format: int32
+                                type: integer
+                              path:
+                                description: 'Required: Path is  the relative path
+                                  name of the file to be created. Must not be absolute
+                                  or contain the ''..'' path. Must be utf-8 encoded.
+                                  The first item of the relative path must not start
+                                  with ''..'''
+                                type: string
+                              resourceFieldRef:
+                                description: 'Selects a resource of the container:
+                                  only resources limits and requests (limits.cpu,
+                                  limits.memory, requests.cpu and requests.memory)
+                                  are currently supported.'
+                                properties:
+                                  containerName:
+                                    description: 'Container name: required for volumes,
+                                      optional for env vars'
+                                    type: string
+                                  divisor:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    description: Specifies the output format of the
+                                      exposed resources, defaults to "1"
+                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                    x-kubernetes-int-or-string: true
+                                  resource:
+                                    description: 'Required: resource to select'
+                                    type: string
+                                required:
+                                - resource
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            required:
+                            - path
+                            type: object
+                          type: array
+                      type: object
+                    emptyDir:
+                      description: 'emptyDir represents a temporary directory that
+                        shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+                      properties:
+                        medium:
+                          description: 'medium represents what type of storage medium
+                            should back this directory. The default is "" which means
+                            to use the node''s default medium. Must be an empty string
+                            (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+                          type: string
+                        sizeLimit:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          description: 'sizeLimit is the total amount of local storage
+                            required for this EmptyDir volume. The size limit is also
+                            applicable for memory medium. The maximum usage on memory
+                            medium EmptyDir would be the minimum value between the
+                            SizeLimit specified here and the sum of memory limits
+                            of all containers in a pod. The default is nil which means
+                            that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
+                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                          x-kubernetes-int-or-string: true
+                      type: object
+                    ephemeral:
+                      description: "ephemeral represents a volume that is handled
+                        by a cluster storage driver. The volume's lifecycle is tied
+                        to the pod that defines it - it will be created before the
+                        pod starts, and deleted when the pod is removed. \n Use this
+                        if: a) the volume is only needed while the pod runs, b) features
+                        of normal volumes like restoring from snapshot or capacity
+                        tracking are needed, c) the storage driver is specified through
+                        a storage class, and d) the storage driver supports dynamic
+                        volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource
+                        for more information on the connection between this volume
+                        type and PersistentVolumeClaim). \n Use PersistentVolumeClaim
+                        or one of the vendor-specific APIs for volumes that persist
+                        for longer than the lifecycle of an individual pod. \n Use
+                        CSI for light-weight local ephemeral volumes if the CSI driver
+                        is meant to be used that way - see the documentation of the
+                        driver for more information. \n A pod can use both types of
+                        ephemeral volumes and persistent volumes at the same time."
+                      properties:
+                        volumeClaimTemplate:
+                          description: "Will be used to create a stand-alone PVC to
+                            provision the volume. The pod in which this EphemeralVolumeSource
+                            is embedded will be the owner of the PVC, i.e. the PVC
+                            will be deleted together with the pod.  The name of the
+                            PVC will be `<pod name>-<volume name>` where `<volume
+                            name>` is the name from the `PodSpec.Volumes` array entry.
+                            Pod validation will reject the pod if the concatenated
+                            name is not valid for a PVC (for example, too long). \n
+                            An existing PVC with that name that is not owned by the
+                            pod will *not* be used for the pod to avoid using an unrelated
+                            volume by mistake. Starting the pod is then blocked until
+                            the unrelated PVC is removed. If such a pre-created PVC
+                            is meant to be used by the pod, the PVC has to updated
+                            with an owner reference to the pod once the pod exists.
+                            Normally this should not be necessary, but it may be useful
+                            when manually reconstructing a broken cluster. \n This
+                            field is read-only and no changes will be made by Kubernetes
+                            to the PVC after it has been created. \n Required, must
+                            not be nil."
+                          properties:
+                            metadata:
+                              description: May contain labels and annotations that
+                                will be copied into the PVC when creating it. No other
+                                fields are allowed and will be rejected during validation.
+                              type: object
+                            spec:
+                              description: The specification for the PersistentVolumeClaim.
+                                The entire content is copied unchanged into the PVC
+                                that gets created from this template. The same fields
+                                as in a PersistentVolumeClaim are also valid here.
+                              properties:
+                                accessModes:
+                                  description: 'accessModes contains the desired access
+                                    modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
+                                  items:
+                                    type: string
+                                  type: array
+                                dataSource:
+                                  description: 'dataSource field can be used to specify
+                                    either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
+                                    * An existing PVC (PersistentVolumeClaim) If the
+                                    provisioner or an external controller can support
+                                    the specified data source, it will create a new
+                                    volume based on the contents of the specified
+                                    data source. When the AnyVolumeDataSource feature
+                                    gate is enabled, dataSource contents will be copied
+                                    to dataSourceRef, and dataSourceRef contents will
+                                    be copied to dataSource when dataSourceRef.namespace
+                                    is not specified. If the namespace is specified,
+                                    then dataSourceRef will not be copied to dataSource.'
+                                  properties:
+                                    apiGroup:
+                                      description: APIGroup is the group for the resource
+                                        being referenced. If APIGroup is not specified,
+                                        the specified Kind must be in the core API
+                                        group. For any other third-party types, APIGroup
+                                        is required.
+                                      type: string
+                                    kind:
+                                      description: Kind is the type of resource being
+                                        referenced
+                                      type: string
+                                    name:
+                                      description: Name is the name of resource being
+                                        referenced
+                                      type: string
+                                  required:
+                                  - kind
+                                  - name
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                dataSourceRef:
+                                  description: 'dataSourceRef specifies the object
+                                    from which to populate the volume with data, if
+                                    a non-empty volume is desired. This may be any
+                                    object from a non-empty API group (non core object)
+                                    or a PersistentVolumeClaim object. When this field
+                                    is specified, volume binding will only succeed
+                                    if the type of the specified object matches some
+                                    installed volume populator or dynamic provisioner.
+                                    This field will replace the functionality of the
+                                    dataSource field and as such if both fields are
+                                    non-empty, they must have the same value. For
+                                    backwards compatibility, when namespace isn''t
+                                    specified in dataSourceRef, both fields (dataSource
+                                    and dataSourceRef) will be set to the same value
+                                    automatically if one of them is empty and the
+                                    other is non-empty. When namespace is specified
+                                    in dataSourceRef, dataSource isn''t set to the
+                                    same value and must be empty. There are three
+                                    important differences between dataSource and dataSourceRef:
+                                    * While dataSource only allows two specific types
+                                    of objects, dataSourceRef allows any non-core
+                                    object, as well as PersistentVolumeClaim objects.
+                                    * While dataSource ignores disallowed values (dropping
+                                    them), dataSourceRef preserves all values, and
+                                    generates an error if a disallowed value is specified.
+                                    * While dataSource only allows local objects,
+                                    dataSourceRef allows objects in any namespaces.
+                                    (Beta) Using this field requires the AnyVolumeDataSource
+                                    feature gate to be enabled. (Alpha) Using the
+                                    namespace field of dataSourceRef requires the
+                                    CrossNamespaceVolumeDataSource feature gate to
+                                    be enabled.'
+                                  properties:
+                                    apiGroup:
+                                      description: APIGroup is the group for the resource
+                                        being referenced. If APIGroup is not specified,
+                                        the specified Kind must be in the core API
+                                        group. For any other third-party types, APIGroup
+                                        is required.
+                                      type: string
+                                    kind:
+                                      description: Kind is the type of resource being
+                                        referenced
+                                      type: string
+                                    name:
+                                      description: Name is the name of resource being
+                                        referenced
+                                      type: string
+                                    namespace:
+                                      description: Namespace is the namespace of resource
+                                        being referenced Note that when a namespace
+                                        is specified, a gateway.networking.k8s.io/ReferenceGrant
+                                        object is required in the referent namespace
+                                        to allow that namespace's owner to accept
+                                        the reference. See the ReferenceGrant documentation
+                                        for details. (Alpha) This field requires the
+                                        CrossNamespaceVolumeDataSource feature gate
+                                        to be enabled.
+                                      type: string
+                                  required:
+                                  - kind
+                                  - name
+                                  type: object
+                                resources:
+                                  description: 'resources represents the minimum resources
+                                    the volume should have. If RecoverVolumeExpansionFailure
+                                    feature is enabled users are allowed to specify
+                                    resource requirements that are lower than previous
+                                    value but must still be higher than capacity recorded
+                                    in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
+                                  properties:
+                                    claims:
+                                      description: "Claims lists the names of resources,
+                                        defined in spec.resourceClaims, that are used
+                                        by this container. \n This is an alpha field
+                                        and requires enabling the DynamicResourceAllocation
+                                        feature gate. \n This field is immutable."
+                                      items:
+                                        description: ResourceClaim references one
+                                          entry in PodSpec.ResourceClaims.
+                                        properties:
+                                          name:
+                                            description: Name must match the name
+                                              of one entry in pod.spec.resourceClaims
+                                              of the Pod where this field is used.
+                                              It makes that resource available inside
+                                              a container.
+                                            type: string
+                                        required:
+                                        - name
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-map-keys:
+                                      - name
+                                      x-kubernetes-list-type: map
+                                    limits:
+                                      additionalProperties:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      description: 'Limits describes the maximum amount
+                                        of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                                      type: object
+                                    requests:
+                                      additionalProperties:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      description: 'Requests describes the minimum
+                                        amount of compute resources required. If Requests
+                                        is omitted for a container, it defaults to
+                                        Limits if that is explicitly specified, otherwise
+                                        to an implementation-defined value. More info:
+                                        https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                                      type: object
+                                  type: object
+                                selector:
+                                  description: selector is a label query over volumes
+                                    to consider for binding.
+                                  properties:
+                                    matchExpressions:
+                                      description: matchExpressions is a list of label
+                                        selector requirements. The requirements are
+                                        ANDed.
+                                      items:
+                                        description: A label selector requirement
+                                          is a selector that contains values, a key,
+                                          and an operator that relates the key and
+                                          values.
+                                        properties:
+                                          key:
+                                            description: key is the label key that
+                                              the selector applies to.
+                                            type: string
+                                          operator:
+                                            description: operator represents a key's
+                                              relationship to a set of values. Valid
+                                              operators are In, NotIn, Exists and
+                                              DoesNotExist.
+                                            type: string
+                                          values:
+                                            description: values is an array of string
+                                              values. If the operator is In or NotIn,
+                                              the values array must be non-empty.
+                                              If the operator is Exists or DoesNotExist,
+                                              the values array must be empty. This
+                                              array is replaced during a strategic
+                                              merge patch.
+                                            items:
+                                              type: string
+                                            type: array
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      description: matchLabels is a map of {key,value}
+                                        pairs. A single {key,value} in the matchLabels
+                                        map is equivalent to an element of matchExpressions,
+                                        whose key field is "key", the operator is
+                                        "In", and the values array contains only "value".
+                                        The requirements are ANDed.
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                storageClassName:
+                                  description: 'storageClassName is the name of the
+                                    StorageClass required by the claim. More info:
+                                    https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+                                  type: string
+                                volumeMode:
+                                  description: volumeMode defines what type of volume
+                                    is required by the claim. Value of Filesystem
+                                    is implied when not included in claim spec.
+                                  type: string
+                                volumeName:
+                                  description: volumeName is the binding reference
+                                    to the PersistentVolume backing this claim.
+                                  type: string
+                              type: object
+                          required:
+                          - spec
+                          type: object
+                      type: object
+                    fc:
+                      description: fc represents a Fibre Channel resource that is
+                        attached to a kubelet's host machine and then exposed to the
+                        pod.
+                      properties:
+                        fsType:
+                          description: 'fsType is the filesystem type to mount. Must
+                            be a filesystem type supported by the host operating system.
+                            Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
+                            if unspecified. TODO: how do we prevent errors in the
+                            filesystem from compromising the machine'
+                          type: string
+                        lun:
+                          description: 'lun is Optional: FC target lun number'
+                          format: int32
+                          type: integer
+                        readOnly:
+                          description: 'readOnly is Optional: Defaults to false (read/write).
+                            ReadOnly here will force the ReadOnly setting in VolumeMounts.'
+                          type: boolean
+                        targetWWNs:
+                          description: 'targetWWNs is Optional: FC target worldwide
+                            names (WWNs)'
+                          items:
+                            type: string
+                          type: array
+                        wwids:
+                          description: 'wwids Optional: FC volume world wide identifiers
+                            (wwids) Either wwids or combination of targetWWNs and
+                            lun must be set, but not both simultaneously.'
+                          items:
+                            type: string
+                          type: array
+                      type: object
+                    flexVolume:
+                      description: flexVolume represents a generic volume resource
+                        that is provisioned/attached using an exec based plugin.
+                      properties:
+                        driver:
+                          description: driver is the name of the driver to use for
+                            this volume.
+                          type: string
+                        fsType:
+                          description: fsType is the filesystem type to mount. Must
+                            be a filesystem type supported by the host operating system.
+                            Ex. "ext4", "xfs", "ntfs". The default filesystem depends
+                            on FlexVolume script.
+                          type: string
+                        options:
+                          additionalProperties:
+                            type: string
+                          description: 'options is Optional: this field holds extra
+                            command options if any.'
+                          type: object
+                        readOnly:
+                          description: 'readOnly is Optional: defaults to false (read/write).
+                            ReadOnly here will force the ReadOnly setting in VolumeMounts.'
+                          type: boolean
+                        secretRef:
+                          description: 'secretRef is Optional: secretRef is reference
+                            to the secret object containing sensitive information
+                            to pass to the plugin scripts. This may be empty if no
+                            secret object is specified. If the secret object contains
+                            more than one secret, all secrets are passed to the plugin
+                            scripts.'
+                          properties:
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                      required:
+                      - driver
+                      type: object
+                    flocker:
+                      description: flocker represents a Flocker volume attached to
+                        a kubelet's host machine. This depends on the Flocker control
+                        service being running
+                      properties:
+                        datasetName:
+                          description: datasetName is Name of the dataset stored as
+                            metadata -> name on the dataset for Flocker should be
+                            considered as deprecated
+                          type: string
+                        datasetUUID:
+                          description: datasetUUID is the UUID of the dataset. This
+                            is unique identifier of a Flocker dataset
+                          type: string
+                      type: object
+                    gcePersistentDisk:
+                      description: 'gcePersistentDisk represents a GCE Disk resource
+                        that is attached to a kubelet''s host machine and then exposed
+                        to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+                      properties:
+                        fsType:
+                          description: 'fsType is filesystem type of the volume that
+                            you want to mount. Tip: Ensure that the filesystem type
+                            is supported by the host operating system. Examples: "ext4",
+                            "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+                            More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+                            TODO: how do we prevent errors in the filesystem from
+                            compromising the machine'
+                          type: string
+                        partition:
+                          description: 'partition is the partition in the volume that
+                            you want to mount. If omitted, the default is to mount
+                            by volume name. Examples: For volume /dev/sda1, you specify
+                            the partition as "1". Similarly, the volume partition
+                            for /dev/sda is "0" (or you can leave the property empty).
+                            More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+                          format: int32
+                          type: integer
+                        pdName:
+                          description: 'pdName is unique name of the PD resource in
+                            GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+                          type: string
+                        readOnly:
+                          description: 'readOnly here will force the ReadOnly setting
+                            in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+                          type: boolean
+                      required:
+                      - pdName
+                      type: object
+                    gitRepo:
+                      description: 'gitRepo represents a git repository at a particular
+                        revision. DEPRECATED: GitRepo is deprecated. To provision
+                        a container with a git repo, mount an EmptyDir into an InitContainer
+                        that clones the repo using git, then mount the EmptyDir into
+                        the Pod''s container.'
+                      properties:
+                        directory:
+                          description: directory is the target directory name. Must
+                            not contain or start with '..'.  If '.' is supplied, the
+                            volume directory will be the git repository.  Otherwise,
+                            if specified, the volume will contain the git repository
+                            in the subdirectory with the given name.
+                          type: string
+                        repository:
+                          description: repository is the URL
+                          type: string
+                        revision:
+                          description: revision is the commit hash for the specified
+                            revision.
+                          type: string
+                      required:
+                      - repository
+                      type: object
+                    glusterfs:
+                      description: 'glusterfs represents a Glusterfs mount on the
+                        host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md'
+                      properties:
+                        endpoints:
+                          description: 'endpoints is the endpoint name that details
+                            Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+                          type: string
+                        path:
+                          description: 'path is the Glusterfs volume path. More info:
+                            https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+                          type: string
+                        readOnly:
+                          description: 'readOnly here will force the Glusterfs volume
+                            to be mounted with read-only permissions. Defaults to
+                            false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+                          type: boolean
+                      required:
+                      - endpoints
+                      - path
+                      type: object
+                    hostPath:
+                      description: 'hostPath represents a pre-existing file or directory
+                        on the host machine that is directly exposed to the container.
+                        This is generally used for system agents or other privileged
+                        things that are allowed to see the host machine. Most containers
+                        will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
+                        --- TODO(jonesdl) We need to restrict who can use host directory
+                        mounts and who can/can not mount host directories as read/write.'
+                      properties:
+                        path:
+                          description: 'path of the directory on the host. If the
+                            path is a symlink, it will follow the link to the real
+                            path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
+                          type: string
+                        type:
+                          description: 'type for HostPath Volume Defaults to "" More
+                            info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
+                          type: string
+                      required:
+                      - path
+                      type: object
+                    iscsi:
+                      description: 'iscsi represents an ISCSI Disk resource that is
+                        attached to a kubelet''s host machine and then exposed to
+                        the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
+                      properties:
+                        chapAuthDiscovery:
+                          description: chapAuthDiscovery defines whether support iSCSI
+                            Discovery CHAP authentication
+                          type: boolean
+                        chapAuthSession:
+                          description: chapAuthSession defines whether support iSCSI
+                            Session CHAP authentication
+                          type: boolean
+                        fsType:
+                          description: 'fsType is the filesystem type of the volume
+                            that you want to mount. Tip: Ensure that the filesystem
+                            type is supported by the host operating system. Examples:
+                            "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
+                            if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
+                            TODO: how do we prevent errors in the filesystem from
+                            compromising the machine'
+                          type: string
+                        initiatorName:
+                          description: initiatorName is the custom iSCSI Initiator
+                            Name. If initiatorName is specified with iscsiInterface
+                            simultaneously, new iSCSI interface <target portal>:<volume
+                            name> will be created for the connection.
+                          type: string
+                        iqn:
+                          description: iqn is the target iSCSI Qualified Name.
+                          type: string
+                        iscsiInterface:
+                          description: iscsiInterface is the interface Name that uses
+                            an iSCSI transport. Defaults to 'default' (tcp).
+                          type: string
+                        lun:
+                          description: lun represents iSCSI Target Lun number.
+                          format: int32
+                          type: integer
+                        portals:
+                          description: portals is the iSCSI Target Portal List. The
+                            portal is either an IP or ip_addr:port if the port is
+                            other than default (typically TCP ports 860 and 3260).
+                          items:
+                            type: string
+                          type: array
+                        readOnly:
+                          description: readOnly here will force the ReadOnly setting
+                            in VolumeMounts. Defaults to false.
+                          type: boolean
+                        secretRef:
+                          description: secretRef is the CHAP Secret for iSCSI target
+                            and initiator authentication
+                          properties:
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        targetPortal:
+                          description: targetPortal is iSCSI Target Portal. The Portal
+                            is either an IP or ip_addr:port if the port is other than
+                            default (typically TCP ports 860 and 3260).
+                          type: string
+                      required:
+                      - iqn
+                      - lun
+                      - targetPortal
+                      type: object
+                    name:
+                      description: 'name of the volume. Must be a DNS_LABEL and unique
+                        within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+                      type: string
+                    nfs:
+                      description: 'nfs represents an NFS mount on the host that shares
+                        a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+                      properties:
+                        path:
+                          description: 'path that is exported by the NFS server. More
+                            info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+                          type: string
+                        readOnly:
+                          description: 'readOnly here will force the NFS export to
+                            be mounted with read-only permissions. Defaults to false.
+                            More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+                          type: boolean
+                        server:
+                          description: 'server is the hostname or IP address of the
+                            NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+                          type: string
+                      required:
+                      - path
+                      - server
+                      type: object
+                    persistentVolumeClaim:
+                      description: 'persistentVolumeClaimVolumeSource represents a
+                        reference to a PersistentVolumeClaim in the same namespace.
+                        More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+                      properties:
+                        claimName:
+                          description: 'claimName is the name of a PersistentVolumeClaim
+                            in the same namespace as the pod using this volume. More
+                            info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+                          type: string
+                        readOnly:
+                          description: readOnly Will force the ReadOnly setting in
+                            VolumeMounts. Default false.
+                          type: boolean
+                      required:
+                      - claimName
+                      type: object
+                    photonPersistentDisk:
+                      description: photonPersistentDisk represents a PhotonController
+                        persistent disk attached and mounted on kubelets host machine
+                      properties:
+                        fsType:
+                          description: fsType is the filesystem type to mount. Must
+                            be a filesystem type supported by the host operating system.
+                            Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
+                            if unspecified.
+                          type: string
+                        pdID:
+                          description: pdID is the ID that identifies Photon Controller
+                            persistent disk
+                          type: string
+                      required:
+                      - pdID
+                      type: object
+                    portworxVolume:
+                      description: portworxVolume represents a portworx volume attached
+                        and mounted on kubelets host machine
+                      properties:
+                        fsType:
+                          description: fSType represents the filesystem type to mount
+                            Must be a filesystem type supported by the host operating
+                            system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4"
+                            if unspecified.
+                          type: string
+                        readOnly:
+                          description: readOnly defaults to false (read/write). ReadOnly
+                            here will force the ReadOnly setting in VolumeMounts.
+                          type: boolean
+                        volumeID:
+                          description: volumeID uniquely identifies a Portworx volume
+                          type: string
+                      required:
+                      - volumeID
+                      type: object
+                    projected:
+                      description: projected items for all in one resources secrets,
+                        configmaps, and downward API
+                      properties:
+                        defaultMode:
+                          description: defaultMode are the mode bits used to set permissions
+                            on created files by default. Must be an octal value between
+                            0000 and 0777 or a decimal value between 0 and 511. YAML
+                            accepts both octal and decimal values, JSON requires decimal
+                            values for mode bits. Directories within the path are
+                            not affected by this setting. This might be in conflict
+                            with other options that affect the file mode, like fsGroup,
+                            and the result can be other mode bits set.
+                          format: int32
+                          type: integer
+                        sources:
+                          description: sources is the list of volume projections
+                          items:
+                            description: Projection that may be projected along with
+                              other supported volume types
+                            properties:
+                              configMap:
+                                description: configMap information about the configMap
+                                  data to project
+                                properties:
+                                  items:
+                                    description: items if unspecified, each key-value
+                                      pair in the Data field of the referenced ConfigMap
+                                      will be projected into the volume as a file
+                                      whose name is the key and content is the value.
+                                      If specified, the listed keys will be projected
+                                      into the specified paths, and unlisted keys
+                                      will not be present. If a key is specified which
+                                      is not present in the ConfigMap, the volume
+                                      setup will error unless it is marked optional.
+                                      Paths must be relative and may not contain the
+                                      '..' path or start with '..'.
+                                    items:
+                                      description: Maps a string key to a path within
+                                        a volume.
+                                      properties:
+                                        key:
+                                          description: key is the key to project.
+                                          type: string
+                                        mode:
+                                          description: 'mode is Optional: mode bits
+                                            used to set permissions on this file.
+                                            Must be an octal value between 0000 and
+                                            0777 or a decimal value between 0 and
+                                            511. YAML accepts both octal and decimal
+                                            values, JSON requires decimal values for
+                                            mode bits. If not specified, the volume
+                                            defaultMode will be used. This might be
+                                            in conflict with other options that affect
+                                            the file mode, like fsGroup, and the result
+                                            can be other mode bits set.'
+                                          format: int32
+                                          type: integer
+                                        path:
+                                          description: path is the relative path of
+                                            the file to map the key to. May not be
+                                            an absolute path. May not contain the
+                                            path element '..'. May not start with
+                                            the string '..'.
+                                          type: string
+                                      required:
+                                      - key
+                                      - path
+                                      type: object
+                                    type: array
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: optional specify whether the ConfigMap
+                                      or its keys must be defined
+                                    type: boolean
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              downwardAPI:
+                                description: downwardAPI information about the downwardAPI
+                                  data to project
+                                properties:
+                                  items:
+                                    description: Items is a list of DownwardAPIVolume
+                                      file
+                                    items:
+                                      description: DownwardAPIVolumeFile represents
+                                        information to create the file containing
+                                        the pod field
+                                      properties:
+                                        fieldRef:
+                                          description: 'Required: Selects a field
+                                            of the pod: only annotations, labels,
+                                            name and namespace are supported.'
+                                          properties:
+                                            apiVersion:
+                                              description: Version of the schema the
+                                                FieldPath is written in terms of,
+                                                defaults to "v1".
+                                              type: string
+                                            fieldPath:
+                                              description: Path of the field to select
+                                                in the specified API version.
+                                              type: string
+                                          required:
+                                          - fieldPath
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        mode:
+                                          description: 'Optional: mode bits used to
+                                            set permissions on this file, must be
+                                            an octal value between 0000 and 0777 or
+                                            a decimal value between 0 and 511. YAML
+                                            accepts both octal and decimal values,
+                                            JSON requires decimal values for mode
+                                            bits. If not specified, the volume defaultMode
+                                            will be used. This might be in conflict
+                                            with other options that affect the file
+                                            mode, like fsGroup, and the result can
+                                            be other mode bits set.'
+                                          format: int32
+                                          type: integer
+                                        path:
+                                          description: 'Required: Path is  the relative
+                                            path name of the file to be created. Must
+                                            not be absolute or contain the ''..''
+                                            path. Must be utf-8 encoded. The first
+                                            item of the relative path must not start
+                                            with ''..'''
+                                          type: string
+                                        resourceFieldRef:
+                                          description: 'Selects a resource of the
+                                            container: only resources limits and requests
+                                            (limits.cpu, limits.memory, requests.cpu
+                                            and requests.memory) are currently supported.'
+                                          properties:
+                                            containerName:
+                                              description: 'Container name: required
+                                                for volumes, optional for env vars'
+                                              type: string
+                                            divisor:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              description: Specifies the output format
+                                                of the exposed resources, defaults
+                                                to "1"
+                                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                              x-kubernetes-int-or-string: true
+                                            resource:
+                                              description: 'Required: resource to
+                                                select'
+                                              type: string
+                                          required:
+                                          - resource
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                      required:
+                                      - path
+                                      type: object
+                                    type: array
+                                type: object
+                              secret:
+                                description: secret information about the secret data
+                                  to project
+                                properties:
+                                  items:
+                                    description: items if unspecified, each key-value
+                                      pair in the Data field of the referenced Secret
+                                      will be projected into the volume as a file
+                                      whose name is the key and content is the value.
+                                      If specified, the listed keys will be projected
+                                      into the specified paths, and unlisted keys
+                                      will not be present. If a key is specified which
+                                      is not present in the Secret, the volume setup
+                                      will error unless it is marked optional. Paths
+                                      must be relative and may not contain the '..'
+                                      path or start with '..'.
+                                    items:
+                                      description: Maps a string key to a path within
+                                        a volume.
+                                      properties:
+                                        key:
+                                          description: key is the key to project.
+                                          type: string
+                                        mode:
+                                          description: 'mode is Optional: mode bits
+                                            used to set permissions on this file.
+                                            Must be an octal value between 0000 and
+                                            0777 or a decimal value between 0 and
+                                            511. YAML accepts both octal and decimal
+                                            values, JSON requires decimal values for
+                                            mode bits. If not specified, the volume
+                                            defaultMode will be used. This might be
+                                            in conflict with other options that affect
+                                            the file mode, like fsGroup, and the result
+                                            can be other mode bits set.'
+                                          format: int32
+                                          type: integer
+                                        path:
+                                          description: path is the relative path of
+                                            the file to map the key to. May not be
+                                            an absolute path. May not contain the
+                                            path element '..'. May not start with
+                                            the string '..'.
+                                          type: string
+                                      required:
+                                      - key
+                                      - path
+                                      type: object
+                                    type: array
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: optional field specify whether the
+                                      Secret or its key must be defined
+                                    type: boolean
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              serviceAccountToken:
+                                description: serviceAccountToken is information about
+                                  the serviceAccountToken data to project
+                                properties:
+                                  audience:
+                                    description: audience is the intended audience
+                                      of the token. A recipient of a token must identify
+                                      itself with an identifier specified in the audience
+                                      of the token, and otherwise should reject the
+                                      token. The audience defaults to the identifier
+                                      of the apiserver.
+                                    type: string
+                                  expirationSeconds:
+                                    description: expirationSeconds is the requested
+                                      duration of validity of the service account
+                                      token. As the token approaches expiration, the
+                                      kubelet volume plugin will proactively rotate
+                                      the service account token. The kubelet will
+                                      start trying to rotate the token if the token
+                                      is older than 80 percent of its time to live
+                                      or if the token is older than 24 hours.Defaults
+                                      to 1 hour and must be at least 10 minutes.
+                                    format: int64
+                                    type: integer
+                                  path:
+                                    description: path is the path relative to the
+                                      mount point of the file to project the token
+                                      into.
+                                    type: string
+                                required:
+                                - path
+                                type: object
+                            type: object
+                          type: array
+                      type: object
+                    quobyte:
+                      description: quobyte represents a Quobyte mount on the host
+                        that shares a pod's lifetime
+                      properties:
+                        group:
+                          description: group to map volume access to Default is no
+                            group
+                          type: string
+                        readOnly:
+                          description: readOnly here will force the Quobyte volume
+                            to be mounted with read-only permissions. Defaults to
+                            false.
+                          type: boolean
+                        registry:
+                          description: registry represents a single or multiple Quobyte
+                            Registry services specified as a string as host:port pair
+                            (multiple entries are separated with commas) which acts
+                            as the central registry for volumes
+                          type: string
+                        tenant:
+                          description: tenant owning the given Quobyte volume in the
+                            Backend Used with dynamically provisioned Quobyte volumes,
+                            value is set by the plugin
+                          type: string
+                        user:
+                          description: user to map volume access to Defaults to serivceaccount
+                            user
+                          type: string
+                        volume:
+                          description: volume is a string that references an already
+                            created Quobyte volume by name.
+                          type: string
+                      required:
+                      - registry
+                      - volume
+                      type: object
+                    rbd:
+                      description: 'rbd represents a Rados Block Device mount on the
+                        host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md'
+                      properties:
+                        fsType:
+                          description: 'fsType is the filesystem type of the volume
+                            that you want to mount. Tip: Ensure that the filesystem
+                            type is supported by the host operating system. Examples:
+                            "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
+                            if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
+                            TODO: how do we prevent errors in the filesystem from
+                            compromising the machine'
+                          type: string
+                        image:
+                          description: 'image is the rados image name. More info:
+                            https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                          type: string
+                        keyring:
+                          description: 'keyring is the path to key ring for RBDUser.
+                            Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                          type: string
+                        monitors:
+                          description: 'monitors is a collection of Ceph monitors.
+                            More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                          items:
+                            type: string
+                          type: array
+                        pool:
+                          description: 'pool is the rados pool name. Default is rbd.
+                            More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                          type: string
+                        readOnly:
+                          description: 'readOnly here will force the ReadOnly setting
+                            in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                          type: boolean
+                        secretRef:
+                          description: 'secretRef is name of the authentication secret
+                            for RBDUser. If provided overrides keyring. Default is
+                            nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                          properties:
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        user:
+                          description: 'user is the rados user name. Default is admin.
+                            More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                          type: string
+                      required:
+                      - image
+                      - monitors
+                      type: object
+                    scaleIO:
+                      description: scaleIO represents a ScaleIO persistent volume
+                        attached and mounted on Kubernetes nodes.
+                      properties:
+                        fsType:
+                          description: fsType is the filesystem type to mount. Must
+                            be a filesystem type supported by the host operating system.
+                            Ex. "ext4", "xfs", "ntfs". Default is "xfs".
+                          type: string
+                        gateway:
+                          description: gateway is the host address of the ScaleIO
+                            API Gateway.
+                          type: string
+                        protectionDomain:
+                          description: protectionDomain is the name of the ScaleIO
+                            Protection Domain for the configured storage.
+                          type: string
+                        readOnly:
+                          description: readOnly Defaults to false (read/write). ReadOnly
+                            here will force the ReadOnly setting in VolumeMounts.
+                          type: boolean
+                        secretRef:
+                          description: secretRef references to the secret for ScaleIO
+                            user and other sensitive information. If this is not provided,
+                            Login operation will fail.
+                          properties:
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        sslEnabled:
+                          description: sslEnabled Flag enable/disable SSL communication
+                            with Gateway, default false
+                          type: boolean
+                        storageMode:
+                          description: storageMode indicates whether the storage for
+                            a volume should be ThickProvisioned or ThinProvisioned.
+                            Default is ThinProvisioned.
+                          type: string
+                        storagePool:
+                          description: storagePool is the ScaleIO Storage Pool associated
+                            with the protection domain.
+                          type: string
+                        system:
+                          description: system is the name of the storage system as
+                            configured in ScaleIO.
+                          type: string
+                        volumeName:
+                          description: volumeName is the name of a volume already
+                            created in the ScaleIO system that is associated with
+                            this volume source.
+                          type: string
+                      required:
+                      - gateway
+                      - secretRef
+                      - system
+                      type: object
+                    secret:
+                      description: 'secret represents a secret that should populate
+                        this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+                      properties:
+                        defaultMode:
+                          description: 'defaultMode is Optional: mode bits used to
+                            set permissions on created files by default. Must be an
+                            octal value between 0000 and 0777 or a decimal value between
+                            0 and 511. YAML accepts both octal and decimal values,
+                            JSON requires decimal values for mode bits. Defaults to
+                            0644. Directories within the path are not affected by
+                            this setting. This might be in conflict with other options
+                            that affect the file mode, like fsGroup, and the result
+                            can be other mode bits set.'
+                          format: int32
+                          type: integer
+                        items:
+                          description: items If unspecified, each key-value pair in
+                            the Data field of the referenced Secret will be projected
+                            into the volume as a file whose name is the key and content
+                            is the value. If specified, the listed keys will be projected
+                            into the specified paths, and unlisted keys will not be
+                            present. If a key is specified which is not present in
+                            the Secret, the volume setup will error unless it is marked
+                            optional. Paths must be relative and may not contain the
+                            '..' path or start with '..'.
+                          items:
+                            description: Maps a string key to a path within a volume.
+                            properties:
+                              key:
+                                description: key is the key to project.
+                                type: string
+                              mode:
+                                description: 'mode is Optional: mode bits used to
+                                  set permissions on this file. Must be an octal value
+                                  between 0000 and 0777 or a decimal value between
+                                  0 and 511. YAML accepts both octal and decimal values,
+                                  JSON requires decimal values for mode bits. If not
+                                  specified, the volume defaultMode will be used.
+                                  This might be in conflict with other options that
+                                  affect the file mode, like fsGroup, and the result
+                                  can be other mode bits set.'
+                                format: int32
+                                type: integer
+                              path:
+                                description: path is the relative path of the file
+                                  to map the key to. May not be an absolute path.
+                                  May not contain the path element '..'. May not start
+                                  with the string '..'.
+                                type: string
+                            required:
+                            - key
+                            - path
+                            type: object
+                          type: array
+                        optional:
+                          description: optional field specify whether the Secret or
+                            its keys must be defined
+                          type: boolean
+                        secretName:
+                          description: 'secretName is the name of the secret in the
+                            pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+                          type: string
+                      type: object
+                    storageos:
+                      description: storageOS represents a StorageOS volume attached
+                        and mounted on Kubernetes nodes.
+                      properties:
+                        fsType:
+                          description: fsType is the filesystem type to mount. Must
+                            be a filesystem type supported by the host operating system.
+                            Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
+                            if unspecified.
+                          type: string
+                        readOnly:
+                          description: readOnly defaults to false (read/write). ReadOnly
+                            here will force the ReadOnly setting in VolumeMounts.
+                          type: boolean
+                        secretRef:
+                          description: secretRef specifies the secret to use for obtaining
+                            the StorageOS API credentials.  If not specified, default
+                            values will be attempted.
+                          properties:
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        volumeName:
+                          description: volumeName is the human-readable name of the
+                            StorageOS volume.  Volume names are only unique within
+                            a namespace.
+                          type: string
+                        volumeNamespace:
+                          description: volumeNamespace specifies the scope of the
+                            volume within StorageOS.  If no namespace is specified
+                            then the Pod's namespace will be used.  This allows the
+                            Kubernetes name scoping to be mirrored within StorageOS
+                            for tighter integration. Set VolumeName to any name to
+                            override the default behaviour. Set to "default" if you
+                            are not using namespaces within StorageOS. Namespaces
+                            that do not pre-exist within StorageOS will be created.
+                          type: string
+                      type: object
+                    vsphereVolume:
+                      description: vsphereVolume represents a vSphere volume attached
+                        and mounted on kubelets host machine
+                      properties:
+                        fsType:
+                          description: fsType is filesystem type to mount. Must be
+                            a filesystem type supported by the host operating system.
+                            Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
+                            if unspecified.
+                          type: string
+                        storagePolicyID:
+                          description: storagePolicyID is the storage Policy Based
+                            Management (SPBM) profile ID associated with the StoragePolicyName.
+                          type: string
+                        storagePolicyName:
+                          description: storagePolicyName is the storage Policy Based
+                            Management (SPBM) profile name.
+                          type: string
+                        volumePath:
+                          description: volumePath is the path that identifies vSphere
+                            volume vmdk
+                          type: string
+                      required:
+                      - volumePath
+                      type: object
+                  required:
+                  - name
+                  type: object
+                type: array
+              walCompression:
+                description: Enable compression of the write-ahead log using Snappy.
+                  This flag is only available in versions of Prometheus >= 2.11.0.
+                type: boolean
+              web:
+                description: Defines the web command line flags when starting Prometheus.
+                properties:
+                  httpConfig:
+                    description: Defines HTTP parameters for web server.
+                    properties:
+                      headers:
+                        description: List of headers that can be added to HTTP responses.
+                        properties:
+                          contentSecurityPolicy:
+                            description: Set the Content-Security-Policy header to
+                              HTTP responses. Unset if blank.
+                            type: string
+                          strictTransportSecurity:
+                            description: Set the Strict-Transport-Security header
+                              to HTTP responses. Unset if blank. Please make sure
+                              that you use this with care as this header might force
+                              browsers to load Prometheus and the other applications
+                              hosted on the same domain and subdomains over HTTPS.
+                              https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
+                            type: string
+                          xContentTypeOptions:
+                            description: Set the X-Content-Type-Options header to
+                              HTTP responses. Unset if blank. Accepted value is nosniff.
+                              https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
+                            enum:
+                            - ""
+                            - NoSniff
+                            type: string
+                          xFrameOptions:
+                            description: Set the X-Frame-Options header to HTTP responses.
+                              Unset if blank. Accepted values are deny and sameorigin.
+                              https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
+                            enum:
+                            - ""
+                            - Deny
+                            - SameOrigin
+                            type: string
+                          xXSSProtection:
+                            description: Set the X-XSS-Protection header to all responses.
+                              Unset if blank. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
+                            type: string
+                        type: object
+                      http2:
+                        description: Enable HTTP/2 support. Note that HTTP/2 is only
+                          supported with TLS. When TLSConfig is not configured, HTTP/2
+                          will be disabled. Whenever the value of the field changes,
+                          a rolling update will be triggered.
+                        type: boolean
+                    type: object
+                  maxConnections:
+                    description: Defines the maximum number of simultaneous connections
+                      A zero value means that Prometheus doesn't accept any incoming
+                      connection.
+                    format: int32
+                    minimum: 0
+                    type: integer
+                  pageTitle:
+                    description: The prometheus web page title
+                    type: string
+                  tlsConfig:
+                    description: Defines the TLS parameters for HTTPS.
+                    properties:
+                      cert:
+                        description: Contains the TLS certificate for the server.
+                        properties:
+                          configMap:
+                            description: ConfigMap containing data to use for the
+                              targets.
+                            properties:
+                              key:
+                                description: The key to select.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the ConfigMap or its
+                                  key must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          secret:
+                            description: Secret containing data to use for the targets.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      cipherSuites:
+                        description: 'List of supported cipher suites for TLS versions
+                          up to TLS 1.2. If empty, Go default cipher suites are used.
+                          Available cipher suites are documented in the go documentation:
+                          https://golang.org/pkg/crypto/tls/#pkg-constants'
+                        items:
+                          type: string
+                        type: array
+                      client_ca:
+                        description: Contains the CA certificate for client certificate
+                          authentication to the server.
+                        properties:
+                          configMap:
+                            description: ConfigMap containing data to use for the
+                              targets.
+                            properties:
+                              key:
+                                description: The key to select.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the ConfigMap or its
+                                  key must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          secret:
+                            description: Secret containing data to use for the targets.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      clientAuthType:
+                        description: 'Server policy for client authentication. Maps
+                          to ClientAuth Policies. For more detail on clientAuth options:
+                          https://golang.org/pkg/crypto/tls/#ClientAuthType'
+                        type: string
+                      curvePreferences:
+                        description: 'Elliptic curves that will be used in an ECDHE
+                          handshake, in preference order. Available curves are documented
+                          in the go documentation: https://golang.org/pkg/crypto/tls/#CurveID'
+                        items:
+                          type: string
+                        type: array
+                      keySecret:
+                        description: Secret containing the TLS key for the server.
+                        properties:
+                          key:
+                            description: The key of the secret to select from.  Must
+                              be a valid secret key.
+                            type: string
+                          name:
+                            description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                              TODO: Add other useful fields. apiVersion, kind, uid?'
+                            type: string
+                          optional:
+                            description: Specify whether the Secret or its key must
+                              be defined
+                            type: boolean
+                        required:
+                        - key
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      maxVersion:
+                        description: Maximum TLS version that is acceptable. Defaults
+                          to TLS13.
+                        type: string
+                      minVersion:
+                        description: Minimum TLS version that is acceptable. Defaults
+                          to TLS12.
+                        type: string
+                      preferServerCipherSuites:
+                        description: Controls whether the server selects the client's
+                          most preferred cipher suite, or the server's most preferred
+                          cipher suite. If true then the server's preference, as expressed
+                          in the order of elements in cipherSuites, is used.
+                        type: boolean
+                    required:
+                    - cert
+                    - keySecret
+                    type: object
+                type: object
+            type: object
+          status:
+            description: 'Most recent observed status of the Prometheus cluster. Read-only.
+              More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
+            properties:
+              availableReplicas:
+                description: Total number of available pods (ready for at least minReadySeconds)
+                  targeted by this Prometheus deployment.
+                format: int32
+                type: integer
+              conditions:
+                description: The current state of the Prometheus deployment.
+                items:
+                  description: Condition represents the state of the resources associated
+                    with the Prometheus or Alertmanager resource.
+                  properties:
+                    lastTransitionTime:
+                      description: lastTransitionTime is the time of the last update
+                        to the current status property.
+                      format: date-time
+                      type: string
+                    message:
+                      description: Human-readable message indicating details for the
+                        condition's last transition.
+                      type: string
+                    observedGeneration:
+                      description: ObservedGeneration represents the .metadata.generation
+                        that the condition was set based upon. For instance, if `.metadata.generation`
+                        is currently 12, but the `.status.conditions[].observedGeneration`
+                        is 9, the condition is out of date with respect to the current
+                        state of the instance.
+                      format: int64
+                      type: integer
+                    reason:
+                      description: Reason for the condition's last transition.
+                      type: string
+                    status:
+                      description: Status of the condition.
+                      type: string
+                    type:
+                      description: Type of the condition being reported.
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - status
+                  - type
+                  type: object
+                type: array
+                x-kubernetes-list-map-keys:
+                - type
+                x-kubernetes-list-type: map
+              paused:
+                description: Represents whether any actions on the underlying managed
+                  objects are being performed. Only delete actions will be performed.
+                type: boolean
+              replicas:
+                description: Total number of non-terminated pods targeted by this
+                  Prometheus deployment (their labels match the selector).
+                format: int32
+                type: integer
+              shardStatuses:
+                description: The list has one entry per shard. Each entry provides
+                  a summary of the shard status.
+                items:
+                  properties:
+                    availableReplicas:
+                      description: Total number of available pods (ready for at least
+                        minReadySeconds) targeted by this shard.
+                      format: int32
+                      type: integer
+                    replicas:
+                      description: Total number of pods targeted by this shard.
+                      format: int32
+                      type: integer
+                    shardID:
+                      description: Identifier of the shard.
+                      type: string
+                    unavailableReplicas:
+                      description: Total number of unavailable pods targeted by this
+                        shard.
+                      format: int32
+                      type: integer
+                    updatedReplicas:
+                      description: Total number of non-terminated pods targeted by
+                        this shard that have the desired spec.
+                      format: int32
+                      type: integer
+                  required:
+                  - availableReplicas
+                  - replicas
+                  - shardID
+                  - unavailableReplicas
+                  - updatedReplicas
+                  type: object
+                type: array
+                x-kubernetes-list-map-keys:
+                - shardID
+                x-kubernetes-list-type: map
+              unavailableReplicas:
+                description: Total number of unavailable pods targeted by this Prometheus
+                  deployment.
+                format: int32
+                type: integer
+              updatedReplicas:
+                description: Total number of non-terminated pods targeted by this
+                  Prometheus deployment that have the desired version spec.
+                format: int32
+                type: integer
+            required:
+            - availableReplicas
+            - paused
+            - replicas
+            - unavailableReplicas
+            - updatedReplicas
+            type: object
+        required:
+        - spec
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-prometheusrules.yaml b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-prometheusrules.yaml
new file mode 100644
index 000000000..d8f2b40f8
--- /dev/null
+++ b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-prometheusrules.yaml
@@ -0,0 +1,120 @@
+# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.11.1
+  creationTimestamp: null
+  name: prometheusrules.monitoring.coreos.com
+spec:
+  group: monitoring.coreos.com
+  names:
+    categories:
+    - prometheus-operator
+    kind: PrometheusRule
+    listKind: PrometheusRuleList
+    plural: prometheusrules
+    shortNames:
+    - promrule
+    singular: prometheusrule
+  scope: Namespaced
+  versions:
+  - name: v1
+    schema:
+      openAPIV3Schema:
+        description: PrometheusRule defines recording and alerting rules for a Prometheus
+          instance
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: Specification of desired alerting rule definitions for Prometheus.
+            properties:
+              groups:
+                description: Content of Prometheus rule file
+                items:
+                  description: RuleGroup is a list of sequentially evaluated recording
+                    and alerting rules.
+                  properties:
+                    interval:
+                      description: Interval determines how often rules in the group
+                        are evaluated.
+                      pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                      type: string
+                    name:
+                      description: Name of the rule group.
+                      minLength: 1
+                      type: string
+                    partial_response_strategy:
+                      description: 'PartialResponseStrategy is only used by ThanosRuler
+                        and will be ignored by Prometheus instances. More info: https://github.com/thanos-io/thanos/blob/main/docs/components/rule.md#partial-response'
+                      pattern: ^(?i)(abort|warn)?$
+                      type: string
+                    rules:
+                      description: List of alerting and recording rules.
+                      items:
+                        description: 'Rule describes an alerting or recording rule
+                          See Prometheus documentation: [alerting](https://www.prometheus.io/docs/prometheus/latest/configuration/alerting_rules/)
+                          or [recording](https://www.prometheus.io/docs/prometheus/latest/configuration/recording_rules/#recording-rules)
+                          rule'
+                        properties:
+                          alert:
+                            description: Name of the alert. Must be a valid label
+                              value. Only one of `record` and `alert` must be set.
+                            type: string
+                          annotations:
+                            additionalProperties:
+                              type: string
+                            description: Annotations to add to each alert. Only valid
+                              for alerting rules.
+                            type: object
+                          expr:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            description: PromQL expression to evaluate.
+                            x-kubernetes-int-or-string: true
+                          for:
+                            description: Alerts are considered firing once they have
+                              been returned for this long.
+                            pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                            type: string
+                          labels:
+                            additionalProperties:
+                              type: string
+                            description: Labels to add or overwrite.
+                            type: object
+                          record:
+                            description: Name of the time series to output to. Must
+                              be a valid metric name. Only one of `record` and `alert`
+                              must be set.
+                            type: string
+                        required:
+                        - expr
+                        type: object
+                      type: array
+                  required:
+                  - name
+                  - rules
+                  type: object
+                type: array
+                x-kubernetes-list-map-keys:
+                - name
+                x-kubernetes-list-type: map
+            type: object
+        required:
+        - spec
+        type: object
+    served: true
+    storage: true
diff --git a/charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-servicemonitors.yaml b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-servicemonitors.yaml
new file mode 100644
index 000000000..f814eb7c7
--- /dev/null
+++ b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-servicemonitors.yaml
@@ -0,0 +1,696 @@
+# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.11.1
+  creationTimestamp: null
+  name: servicemonitors.monitoring.coreos.com
+spec:
+  group: monitoring.coreos.com
+  names:
+    categories:
+    - prometheus-operator
+    kind: ServiceMonitor
+    listKind: ServiceMonitorList
+    plural: servicemonitors
+    shortNames:
+    - smon
+    singular: servicemonitor
+  scope: Namespaced
+  versions:
+  - name: v1
+    schema:
+      openAPIV3Schema:
+        description: ServiceMonitor defines monitoring for a set of services.
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: Specification of desired Service selection for target discovery
+              by Prometheus.
+            properties:
+              attachMetadata:
+                description: Attaches node metadata to discovered targets. Requires
+                  Prometheus v2.37.0 and above.
+                properties:
+                  node:
+                    description: When set to true, Prometheus must have permissions
+                      to get Nodes.
+                    type: boolean
+                type: object
+              endpoints:
+                description: A list of endpoints allowed as part of this ServiceMonitor.
+                items:
+                  description: Endpoint defines a scrapeable endpoint serving Prometheus
+                    metrics.
+                  properties:
+                    authorization:
+                      description: Authorization section for this endpoint
+                      properties:
+                        credentials:
+                          description: The secret's key that contains the credentials
+                            of the request
+                          properties:
+                            key:
+                              description: The key of the secret to select from.  Must
+                                be a valid secret key.
+                              type: string
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                            optional:
+                              description: Specify whether the Secret or its key must
+                                be defined
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        type:
+                          description: Set the authentication type. Defaults to Bearer,
+                            Basic will cause an error
+                          type: string
+                      type: object
+                    basicAuth:
+                      description: 'BasicAuth allow an endpoint to authenticate over
+                        basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints'
+                      properties:
+                        password:
+                          description: The secret in the service monitor namespace
+                            that contains the password for authentication.
+                          properties:
+                            key:
+                              description: The key of the secret to select from.  Must
+                                be a valid secret key.
+                              type: string
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                            optional:
+                              description: Specify whether the Secret or its key must
+                                be defined
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        username:
+                          description: The secret in the service monitor namespace
+                            that contains the username for authentication.
+                          properties:
+                            key:
+                              description: The key of the secret to select from.  Must
+                                be a valid secret key.
+                              type: string
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                            optional:
+                              description: Specify whether the Secret or its key must
+                                be defined
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                      type: object
+                    bearerTokenFile:
+                      description: File to read bearer token for scraping targets.
+                      type: string
+                    bearerTokenSecret:
+                      description: Secret to mount to read bearer token for scraping
+                        targets. The secret needs to be in the same namespace as the
+                        service monitor and accessible by the Prometheus Operator.
+                      properties:
+                        key:
+                          description: The key of the secret to select from.  Must
+                            be a valid secret key.
+                          type: string
+                        name:
+                          description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                            TODO: Add other useful fields. apiVersion, kind, uid?'
+                          type: string
+                        optional:
+                          description: Specify whether the Secret or its key must
+                            be defined
+                          type: boolean
+                      required:
+                      - key
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    enableHttp2:
+                      description: Whether to enable HTTP2.
+                      type: boolean
+                    filterRunning:
+                      description: 'Drop pods that are not running. (Failed, Succeeded).
+                        Enabled by default. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase'
+                      type: boolean
+                    followRedirects:
+                      description: FollowRedirects configures whether scrape requests
+                        follow HTTP 3xx redirects.
+                      type: boolean
+                    honorLabels:
+                      description: HonorLabels chooses the metric's labels on collisions
+                        with target labels.
+                      type: boolean
+                    honorTimestamps:
+                      description: HonorTimestamps controls whether Prometheus respects
+                        the timestamps present in scraped data.
+                      type: boolean
+                    interval:
+                      description: Interval at which metrics should be scraped If
+                        not specified Prometheus' global scrape interval is used.
+                      pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                      type: string
+                    metricRelabelings:
+                      description: MetricRelabelConfigs to apply to samples before
+                        ingestion.
+                      items:
+                        description: 'RelabelConfig allows dynamic rewriting of the
+                          label set, being applied to samples before ingestion. It
+                          defines `<metric_relabel_configs>`-section of Prometheus
+                          configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
+                        properties:
+                          action:
+                            default: replace
+                            description: Action to perform based on regex matching.
+                              Default is 'replace'. uppercase and lowercase actions
+                              require Prometheus >= 2.36.
+                            enum:
+                            - replace
+                            - Replace
+                            - keep
+                            - Keep
+                            - drop
+                            - Drop
+                            - hashmod
+                            - HashMod
+                            - labelmap
+                            - LabelMap
+                            - labeldrop
+                            - LabelDrop
+                            - labelkeep
+                            - LabelKeep
+                            - lowercase
+                            - Lowercase
+                            - uppercase
+                            - Uppercase
+                            type: string
+                          modulus:
+                            description: Modulus to take of the hash of the source
+                              label values.
+                            format: int64
+                            type: integer
+                          regex:
+                            description: Regular expression against which the extracted
+                              value is matched. Default is '(.*)'
+                            type: string
+                          replacement:
+                            description: Replacement value against which a regex replace
+                              is performed if the regular expression matches. Regex
+                              capture groups are available. Default is '$1'
+                            type: string
+                          separator:
+                            description: Separator placed between concatenated source
+                              label values. default is ';'.
+                            type: string
+                          sourceLabels:
+                            description: The source labels select values from existing
+                              labels. Their content is concatenated using the configured
+                              separator and matched against the configured regular
+                              expression for the replace, keep, and drop actions.
+                            items:
+                              description: LabelName is a valid Prometheus label name
+                                which may only contain ASCII letters, numbers, as
+                                well as underscores.
+                              pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                              type: string
+                            type: array
+                          targetLabel:
+                            description: Label to which the resulting value is written
+                              in a replace action. It is mandatory for replace actions.
+                              Regex capture groups are available.
+                            type: string
+                        type: object
+                      type: array
+                    oauth2:
+                      description: OAuth2 for the URL. Only valid in Prometheus versions
+                        2.27.0 and newer.
+                      properties:
+                        clientId:
+                          description: The secret or configmap containing the OAuth2
+                            client id
+                          properties:
+                            configMap:
+                              description: ConfigMap containing data to use for the
+                                targets.
+                              properties:
+                                key:
+                                  description: The key to select.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the ConfigMap or its
+                                    key must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            secret:
+                              description: Secret containing data to use for the targets.
+                              properties:
+                                key:
+                                  description: The key of the secret to select from.  Must
+                                    be a valid secret key.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the Secret or its key
+                                    must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                        clientSecret:
+                          description: The secret containing the OAuth2 client secret
+                          properties:
+                            key:
+                              description: The key of the secret to select from.  Must
+                                be a valid secret key.
+                              type: string
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                            optional:
+                              description: Specify whether the Secret or its key must
+                                be defined
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        endpointParams:
+                          additionalProperties:
+                            type: string
+                          description: Parameters to append to the token URL
+                          type: object
+                        scopes:
+                          description: OAuth2 scopes used for the token request
+                          items:
+                            type: string
+                          type: array
+                        tokenUrl:
+                          description: The URL to fetch the token from
+                          minLength: 1
+                          type: string
+                      required:
+                      - clientId
+                      - clientSecret
+                      - tokenUrl
+                      type: object
+                    params:
+                      additionalProperties:
+                        items:
+                          type: string
+                        type: array
+                      description: Optional HTTP URL parameters
+                      type: object
+                    path:
+                      description: HTTP path to scrape for metrics. If empty, Prometheus
+                        uses the default value (e.g. `/metrics`).
+                      type: string
+                    port:
+                      description: Name of the service port this endpoint refers to.
+                        Mutually exclusive with targetPort.
+                      type: string
+                    proxyUrl:
+                      description: ProxyURL eg http://proxyserver:2195 Directs scrapes
+                        to proxy through this endpoint.
+                      type: string
+                    relabelings:
+                      description: 'RelabelConfigs to apply to samples before scraping.
+                        Prometheus Operator automatically adds relabelings for a few
+                        standard Kubernetes fields. The original scrape job''s name
+                        is available via the `__tmp_prometheus_job_name` label. More
+                        info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config'
+                      items:
+                        description: 'RelabelConfig allows dynamic rewriting of the
+                          label set, being applied to samples before ingestion. It
+                          defines `<metric_relabel_configs>`-section of Prometheus
+                          configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
+                        properties:
+                          action:
+                            default: replace
+                            description: Action to perform based on regex matching.
+                              Default is 'replace'. uppercase and lowercase actions
+                              require Prometheus >= 2.36.
+                            enum:
+                            - replace
+                            - Replace
+                            - keep
+                            - Keep
+                            - drop
+                            - Drop
+                            - hashmod
+                            - HashMod
+                            - labelmap
+                            - LabelMap
+                            - labeldrop
+                            - LabelDrop
+                            - labelkeep
+                            - LabelKeep
+                            - lowercase
+                            - Lowercase
+                            - uppercase
+                            - Uppercase
+                            type: string
+                          modulus:
+                            description: Modulus to take of the hash of the source
+                              label values.
+                            format: int64
+                            type: integer
+                          regex:
+                            description: Regular expression against which the extracted
+                              value is matched. Default is '(.*)'
+                            type: string
+                          replacement:
+                            description: Replacement value against which a regex replace
+                              is performed if the regular expression matches. Regex
+                              capture groups are available. Default is '$1'
+                            type: string
+                          separator:
+                            description: Separator placed between concatenated source
+                              label values. default is ';'.
+                            type: string
+                          sourceLabels:
+                            description: The source labels select values from existing
+                              labels. Their content is concatenated using the configured
+                              separator and matched against the configured regular
+                              expression for the replace, keep, and drop actions.
+                            items:
+                              description: LabelName is a valid Prometheus label name
+                                which may only contain ASCII letters, numbers, as
+                                well as underscores.
+                              pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                              type: string
+                            type: array
+                          targetLabel:
+                            description: Label to which the resulting value is written
+                              in a replace action. It is mandatory for replace actions.
+                              Regex capture groups are available.
+                            type: string
+                        type: object
+                      type: array
+                    scheme:
+                      description: HTTP scheme to use for scraping.
+                      type: string
+                    scrapeTimeout:
+                      description: Timeout after which the scrape is ended If not
+                        specified, the Prometheus global scrape timeout is used unless
+                        it is less than `Interval` in which the latter is used.
+                      pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                      type: string
+                    targetPort:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      description: Name or number of the target port of the Pod behind
+                        the Service, the port must be specified with container port
+                        property. Mutually exclusive with port.
+                      x-kubernetes-int-or-string: true
+                    tlsConfig:
+                      description: TLS configuration to use when scraping the endpoint
+                      properties:
+                        ca:
+                          description: Certificate authority used when verifying server
+                            certificates.
+                          properties:
+                            configMap:
+                              description: ConfigMap containing data to use for the
+                                targets.
+                              properties:
+                                key:
+                                  description: The key to select.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the ConfigMap or its
+                                    key must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            secret:
+                              description: Secret containing data to use for the targets.
+                              properties:
+                                key:
+                                  description: The key of the secret to select from.  Must
+                                    be a valid secret key.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the Secret or its key
+                                    must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                        caFile:
+                          description: Path to the CA cert in the Prometheus container
+                            to use for the targets.
+                          type: string
+                        cert:
+                          description: Client certificate to present when doing client-authentication.
+                          properties:
+                            configMap:
+                              description: ConfigMap containing data to use for the
+                                targets.
+                              properties:
+                                key:
+                                  description: The key to select.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the ConfigMap or its
+                                    key must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            secret:
+                              description: Secret containing data to use for the targets.
+                              properties:
+                                key:
+                                  description: The key of the secret to select from.  Must
+                                    be a valid secret key.
+                                  type: string
+                                name:
+                                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                    TODO: Add other useful fields. apiVersion, kind,
+                                    uid?'
+                                  type: string
+                                optional:
+                                  description: Specify whether the Secret or its key
+                                    must be defined
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                        certFile:
+                          description: Path to the client cert file in the Prometheus
+                            container for the targets.
+                          type: string
+                        insecureSkipVerify:
+                          description: Disable target certificate validation.
+                          type: boolean
+                        keyFile:
+                          description: Path to the client key file in the Prometheus
+                            container for the targets.
+                          type: string
+                        keySecret:
+                          description: Secret containing the client key file for the
+                            targets.
+                          properties:
+                            key:
+                              description: The key of the secret to select from.  Must
+                                be a valid secret key.
+                              type: string
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                            optional:
+                              description: Specify whether the Secret or its key must
+                                be defined
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        serverName:
+                          description: Used to verify the hostname for the targets.
+                          type: string
+                      type: object
+                  type: object
+                type: array
+              jobLabel:
+                description: "JobLabel selects the label from the associated Kubernetes
+                  service which will be used as the `job` label for all metrics. \n
+                  For example: If in `ServiceMonitor.spec.jobLabel: foo` and in `Service.metadata.labels.foo:
+                  bar`, then the `job=\"bar\"` label is added to all metrics. \n If
+                  the value of this field is empty or if the label doesn't exist for
+                  the given Service, the `job` label of the metrics defaults to the
+                  name of the Kubernetes Service."
+                type: string
+              labelLimit:
+                description: Per-scrape limit on number of labels that will be accepted
+                  for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+                format: int64
+                type: integer
+              labelNameLengthLimit:
+                description: Per-scrape limit on length of labels name that will be
+                  accepted for a sample. Only valid in Prometheus versions 2.27.0
+                  and newer.
+                format: int64
+                type: integer
+              labelValueLengthLimit:
+                description: Per-scrape limit on length of labels value that will
+                  be accepted for a sample. Only valid in Prometheus versions 2.27.0
+                  and newer.
+                format: int64
+                type: integer
+              namespaceSelector:
+                description: Selector to select which namespaces the Kubernetes Endpoints
+                  objects are discovered from.
+                properties:
+                  any:
+                    description: Boolean describing whether all namespaces are selected
+                      in contrast to a list restricting them.
+                    type: boolean
+                  matchNames:
+                    description: List of namespace names to select from.
+                    items:
+                      type: string
+                    type: array
+                type: object
+              podTargetLabels:
+                description: PodTargetLabels transfers labels on the Kubernetes `Pod`
+                  onto the created metrics.
+                items:
+                  type: string
+                type: array
+              sampleLimit:
+                description: SampleLimit defines per-scrape limit on number of scraped
+                  samples that will be accepted.
+                format: int64
+                type: integer
+              selector:
+                description: Selector to select Endpoints objects.
+                properties:
+                  matchExpressions:
+                    description: matchExpressions is a list of label selector requirements.
+                      The requirements are ANDed.
+                    items:
+                      description: A label selector requirement is a selector that
+                        contains values, a key, and an operator that relates the key
+                        and values.
+                      properties:
+                        key:
+                          description: key is the label key that the selector applies
+                            to.
+                          type: string
+                        operator:
+                          description: operator represents a key's relationship to
+                            a set of values. Valid operators are In, NotIn, Exists
+                            and DoesNotExist.
+                          type: string
+                        values:
+                          description: values is an array of string values. If the
+                            operator is In or NotIn, the values array must be non-empty.
+                            If the operator is Exists or DoesNotExist, the values
+                            array must be empty. This array is replaced during a strategic
+                            merge patch.
+                          items:
+                            type: string
+                          type: array
+                      required:
+                      - key
+                      - operator
+                      type: object
+                    type: array
+                  matchLabels:
+                    additionalProperties:
+                      type: string
+                    description: matchLabels is a map of {key,value} pairs. A single
+                      {key,value} in the matchLabels map is equivalent to an element
+                      of matchExpressions, whose key field is "key", the operator
+                      is "In", and the values array contains only "value". The requirements
+                      are ANDed.
+                    type: object
+                type: object
+                x-kubernetes-map-type: atomic
+              targetLabels:
+                description: TargetLabels transfers labels from the Kubernetes `Service`
+                  onto the created metrics.
+                items:
+                  type: string
+                type: array
+              targetLimit:
+                description: TargetLimit defines a limit on the number of scraped
+                  targets that will be accepted.
+                format: int64
+                type: integer
+            required:
+            - endpoints
+            - selector
+            type: object
+        required:
+        - spec
+        type: object
+    served: true
+    storage: true
diff --git a/charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-thanosrulers.yaml b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-thanosrulers.yaml
new file mode 100644
index 000000000..73c6cf02f
--- /dev/null
+++ b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/crd-manifest/crd-thanosrulers.yaml
@@ -0,0 +1,6675 @@
+# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.11.1
+  creationTimestamp: null
+  name: thanosrulers.monitoring.coreos.com
+spec:
+  group: monitoring.coreos.com
+  names:
+    categories:
+    - prometheus-operator
+    kind: ThanosRuler
+    listKind: ThanosRulerList
+    plural: thanosrulers
+    shortNames:
+    - ruler
+    singular: thanosruler
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - description: The number of desired replicas
+      jsonPath: .spec.replicas
+      name: Replicas
+      type: integer
+    - jsonPath: .metadata.creationTimestamp
+      name: Age
+      type: date
+    - description: Whether the resource reconciliation is paused or not
+      jsonPath: .status.paused
+      name: Paused
+      priority: 1
+      type: boolean
+    name: v1
+    schema:
+      openAPIV3Schema:
+        description: ThanosRuler defines a ThanosRuler deployment.
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: 'Specification of the desired behavior of the ThanosRuler
+              cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
+            properties:
+              additionalArgs:
+                description: AdditionalArgs allows setting additional arguments for
+                  the ThanosRuler container. It is intended for e.g. activating hidden
+                  flags which are not supported by the dedicated configuration options
+                  yet. The arguments are passed as-is to the ThanosRuler container
+                  which may cause issues if they are invalid or not supported by the
+                  given ThanosRuler version. In case of an argument conflict (e.g.
+                  an argument which is already set by the operator itself) or when
+                  providing an invalid argument the reconciliation will fail and an
+                  error will be logged.
+                items:
+                  description: Argument as part of the AdditionalArgs list.
+                  properties:
+                    name:
+                      description: Name of the argument, e.g. "scrape.discovery-reload-interval".
+                      minLength: 1
+                      type: string
+                    value:
+                      description: Argument value, e.g. 30s. Can be empty for name-only
+                        arguments (e.g. --storage.tsdb.no-lockfile)
+                      type: string
+                  required:
+                  - name
+                  type: object
+                type: array
+              affinity:
+                description: If specified, the pod's scheduling constraints.
+                properties:
+                  nodeAffinity:
+                    description: Describes node affinity scheduling rules for the
+                      pod.
+                    properties:
+                      preferredDuringSchedulingIgnoredDuringExecution:
+                        description: The scheduler will prefer to schedule pods to
+                          nodes that satisfy the affinity expressions specified by
+                          this field, but it may choose a node that violates one or
+                          more of the expressions. The node that is most preferred
+                          is the one with the greatest sum of weights, i.e. for each
+                          node that meets all of the scheduling requirements (resource
+                          request, requiredDuringScheduling affinity expressions,
+                          etc.), compute a sum by iterating through the elements of
+                          this field and adding "weight" to the sum if the node matches
+                          the corresponding matchExpressions; the node(s) with the
+                          highest sum are the most preferred.
+                        items:
+                          description: An empty preferred scheduling term matches
+                            all objects with implicit weight 0 (i.e. it's a no-op).
+                            A null preferred scheduling term matches no objects (i.e.
+                            is also a no-op).
+                          properties:
+                            preference:
+                              description: A node selector term, associated with the
+                                corresponding weight.
+                              properties:
+                                matchExpressions:
+                                  description: A list of node selector requirements
+                                    by node's labels.
+                                  items:
+                                    description: A node selector requirement is a
+                                      selector that contains values, a key, and an
+                                      operator that relates the key and values.
+                                    properties:
+                                      key:
+                                        description: The label key that the selector
+                                          applies to.
+                                        type: string
+                                      operator:
+                                        description: Represents a key's relationship
+                                          to a set of values. Valid operators are
+                                          In, NotIn, Exists, DoesNotExist. Gt, and
+                                          Lt.
+                                        type: string
+                                      values:
+                                        description: An array of string values. If
+                                          the operator is In or NotIn, the values
+                                          array must be non-empty. If the operator
+                                          is Exists or DoesNotExist, the values array
+                                          must be empty. If the operator is Gt or
+                                          Lt, the values array must have a single
+                                          element, which will be interpreted as an
+                                          integer. This array is replaced during a
+                                          strategic merge patch.
+                                        items:
+                                          type: string
+                                        type: array
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                matchFields:
+                                  description: A list of node selector requirements
+                                    by node's fields.
+                                  items:
+                                    description: A node selector requirement is a
+                                      selector that contains values, a key, and an
+                                      operator that relates the key and values.
+                                    properties:
+                                      key:
+                                        description: The label key that the selector
+                                          applies to.
+                                        type: string
+                                      operator:
+                                        description: Represents a key's relationship
+                                          to a set of values. Valid operators are
+                                          In, NotIn, Exists, DoesNotExist. Gt, and
+                                          Lt.
+                                        type: string
+                                      values:
+                                        description: An array of string values. If
+                                          the operator is In or NotIn, the values
+                                          array must be non-empty. If the operator
+                                          is Exists or DoesNotExist, the values array
+                                          must be empty. If the operator is Gt or
+                                          Lt, the values array must have a single
+                                          element, which will be interpreted as an
+                                          integer. This array is replaced during a
+                                          strategic merge patch.
+                                        items:
+                                          type: string
+                                        type: array
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            weight:
+                              description: Weight associated with matching the corresponding
+                                nodeSelectorTerm, in the range 1-100.
+                              format: int32
+                              type: integer
+                          required:
+                          - preference
+                          - weight
+                          type: object
+                        type: array
+                      requiredDuringSchedulingIgnoredDuringExecution:
+                        description: If the affinity requirements specified by this
+                          field are not met at scheduling time, the pod will not be
+                          scheduled onto the node. If the affinity requirements specified
+                          by this field cease to be met at some point during pod execution
+                          (e.g. due to an update), the system may or may not try to
+                          eventually evict the pod from its node.
+                        properties:
+                          nodeSelectorTerms:
+                            description: Required. A list of node selector terms.
+                              The terms are ORed.
+                            items:
+                              description: A null or empty node selector term matches
+                                no objects. The requirements of them are ANDed. The
+                                TopologySelectorTerm type implements a subset of the
+                                NodeSelectorTerm.
+                              properties:
+                                matchExpressions:
+                                  description: A list of node selector requirements
+                                    by node's labels.
+                                  items:
+                                    description: A node selector requirement is a
+                                      selector that contains values, a key, and an
+                                      operator that relates the key and values.
+                                    properties:
+                                      key:
+                                        description: The label key that the selector
+                                          applies to.
+                                        type: string
+                                      operator:
+                                        description: Represents a key's relationship
+                                          to a set of values. Valid operators are
+                                          In, NotIn, Exists, DoesNotExist. Gt, and
+                                          Lt.
+                                        type: string
+                                      values:
+                                        description: An array of string values. If
+                                          the operator is In or NotIn, the values
+                                          array must be non-empty. If the operator
+                                          is Exists or DoesNotExist, the values array
+                                          must be empty. If the operator is Gt or
+                                          Lt, the values array must have a single
+                                          element, which will be interpreted as an
+                                          integer. This array is replaced during a
+                                          strategic merge patch.
+                                        items:
+                                          type: string
+                                        type: array
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                matchFields:
+                                  description: A list of node selector requirements
+                                    by node's fields.
+                                  items:
+                                    description: A node selector requirement is a
+                                      selector that contains values, a key, and an
+                                      operator that relates the key and values.
+                                    properties:
+                                      key:
+                                        description: The label key that the selector
+                                          applies to.
+                                        type: string
+                                      operator:
+                                        description: Represents a key's relationship
+                                          to a set of values. Valid operators are
+                                          In, NotIn, Exists, DoesNotExist. Gt, and
+                                          Lt.
+                                        type: string
+                                      values:
+                                        description: An array of string values. If
+                                          the operator is In or NotIn, the values
+                                          array must be non-empty. If the operator
+                                          is Exists or DoesNotExist, the values array
+                                          must be empty. If the operator is Gt or
+                                          Lt, the values array must have a single
+                                          element, which will be interpreted as an
+                                          integer. This array is replaced during a
+                                          strategic merge patch.
+                                        items:
+                                          type: string
+                                        type: array
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            type: array
+                        required:
+                        - nodeSelectorTerms
+                        type: object
+                        x-kubernetes-map-type: atomic
+                    type: object
+                  podAffinity:
+                    description: Describes pod affinity scheduling rules (e.g. co-locate
+                      this pod in the same node, zone, etc. as some other pod(s)).
+                    properties:
+                      preferredDuringSchedulingIgnoredDuringExecution:
+                        description: The scheduler will prefer to schedule pods to
+                          nodes that satisfy the affinity expressions specified by
+                          this field, but it may choose a node that violates one or
+                          more of the expressions. The node that is most preferred
+                          is the one with the greatest sum of weights, i.e. for each
+                          node that meets all of the scheduling requirements (resource
+                          request, requiredDuringScheduling affinity expressions,
+                          etc.), compute a sum by iterating through the elements of
+                          this field and adding "weight" to the sum if the node has
+                          pods which matches the corresponding podAffinityTerm; the
+                          node(s) with the highest sum are the most preferred.
+                        items:
+                          description: The weights of all of the matched WeightedPodAffinityTerm
+                            fields are added per-node to find the most preferred node(s)
+                          properties:
+                            podAffinityTerm:
+                              description: Required. A pod affinity term, associated
+                                with the corresponding weight.
+                              properties:
+                                labelSelector:
+                                  description: A label query over a set of resources,
+                                    in this case pods.
+                                  properties:
+                                    matchExpressions:
+                                      description: matchExpressions is a list of label
+                                        selector requirements. The requirements are
+                                        ANDed.
+                                      items:
+                                        description: A label selector requirement
+                                          is a selector that contains values, a key,
+                                          and an operator that relates the key and
+                                          values.
+                                        properties:
+                                          key:
+                                            description: key is the label key that
+                                              the selector applies to.
+                                            type: string
+                                          operator:
+                                            description: operator represents a key's
+                                              relationship to a set of values. Valid
+                                              operators are In, NotIn, Exists and
+                                              DoesNotExist.
+                                            type: string
+                                          values:
+                                            description: values is an array of string
+                                              values. If the operator is In or NotIn,
+                                              the values array must be non-empty.
+                                              If the operator is Exists or DoesNotExist,
+                                              the values array must be empty. This
+                                              array is replaced during a strategic
+                                              merge patch.
+                                            items:
+                                              type: string
+                                            type: array
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      description: matchLabels is a map of {key,value}
+                                        pairs. A single {key,value} in the matchLabels
+                                        map is equivalent to an element of matchExpressions,
+                                        whose key field is "key", the operator is
+                                        "In", and the values array contains only "value".
+                                        The requirements are ANDed.
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                namespaceSelector:
+                                  description: A label query over the set of namespaces
+                                    that the term applies to. The term is applied
+                                    to the union of the namespaces selected by this
+                                    field and the ones listed in the namespaces field.
+                                    null selector and null or empty namespaces list
+                                    means "this pod's namespace". An empty selector
+                                    ({}) matches all namespaces.
+                                  properties:
+                                    matchExpressions:
+                                      description: matchExpressions is a list of label
+                                        selector requirements. The requirements are
+                                        ANDed.
+                                      items:
+                                        description: A label selector requirement
+                                          is a selector that contains values, a key,
+                                          and an operator that relates the key and
+                                          values.
+                                        properties:
+                                          key:
+                                            description: key is the label key that
+                                              the selector applies to.
+                                            type: string
+                                          operator:
+                                            description: operator represents a key's
+                                              relationship to a set of values. Valid
+                                              operators are In, NotIn, Exists and
+                                              DoesNotExist.
+                                            type: string
+                                          values:
+                                            description: values is an array of string
+                                              values. If the operator is In or NotIn,
+                                              the values array must be non-empty.
+                                              If the operator is Exists or DoesNotExist,
+                                              the values array must be empty. This
+                                              array is replaced during a strategic
+                                              merge patch.
+                                            items:
+                                              type: string
+                                            type: array
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      description: matchLabels is a map of {key,value}
+                                        pairs. A single {key,value} in the matchLabels
+                                        map is equivalent to an element of matchExpressions,
+                                        whose key field is "key", the operator is
+                                        "In", and the values array contains only "value".
+                                        The requirements are ANDed.
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                namespaces:
+                                  description: namespaces specifies a static list
+                                    of namespace names that the term applies to. The
+                                    term is applied to the union of the namespaces
+                                    listed in this field and the ones selected by
+                                    namespaceSelector. null or empty namespaces list
+                                    and null namespaceSelector means "this pod's namespace".
+                                  items:
+                                    type: string
+                                  type: array
+                                topologyKey:
+                                  description: This pod should be co-located (affinity)
+                                    or not co-located (anti-affinity) with the pods
+                                    matching the labelSelector in the specified namespaces,
+                                    where co-located is defined as running on a node
+                                    whose value of the label with key topologyKey
+                                    matches that of any node on which any of the selected
+                                    pods is running. Empty topologyKey is not allowed.
+                                  type: string
+                              required:
+                              - topologyKey
+                              type: object
+                            weight:
+                              description: weight associated with matching the corresponding
+                                podAffinityTerm, in the range 1-100.
+                              format: int32
+                              type: integer
+                          required:
+                          - podAffinityTerm
+                          - weight
+                          type: object
+                        type: array
+                      requiredDuringSchedulingIgnoredDuringExecution:
+                        description: If the affinity requirements specified by this
+                          field are not met at scheduling time, the pod will not be
+                          scheduled onto the node. If the affinity requirements specified
+                          by this field cease to be met at some point during pod execution
+                          (e.g. due to a pod label update), the system may or may
+                          not try to eventually evict the pod from its node. When
+                          there are multiple elements, the lists of nodes corresponding
+                          to each podAffinityTerm are intersected, i.e. all terms
+                          must be satisfied.
+                        items:
+                          description: Defines a set of pods (namely those matching
+                            the labelSelector relative to the given namespace(s))
+                            that this pod should be co-located (affinity) or not co-located
+                            (anti-affinity) with, where co-located is defined as running
+                            on a node whose value of the label with key <topologyKey>
+                            matches that of any node on which a pod of the set of
+                            pods is running
+                          properties:
+                            labelSelector:
+                              description: A label query over a set of resources,
+                                in this case pods.
+                              properties:
+                                matchExpressions:
+                                  description: matchExpressions is a list of label
+                                    selector requirements. The requirements are ANDed.
+                                  items:
+                                    description: A label selector requirement is a
+                                      selector that contains values, a key, and an
+                                      operator that relates the key and values.
+                                    properties:
+                                      key:
+                                        description: key is the label key that the
+                                          selector applies to.
+                                        type: string
+                                      operator:
+                                        description: operator represents a key's relationship
+                                          to a set of values. Valid operators are
+                                          In, NotIn, Exists and DoesNotExist.
+                                        type: string
+                                      values:
+                                        description: values is an array of string
+                                          values. If the operator is In or NotIn,
+                                          the values array must be non-empty. If the
+                                          operator is Exists or DoesNotExist, the
+                                          values array must be empty. This array is
+                                          replaced during a strategic merge patch.
+                                        items:
+                                          type: string
+                                        type: array
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                matchLabels:
+                                  additionalProperties:
+                                    type: string
+                                  description: matchLabels is a map of {key,value}
+                                    pairs. A single {key,value} in the matchLabels
+                                    map is equivalent to an element of matchExpressions,
+                                    whose key field is "key", the operator is "In",
+                                    and the values array contains only "value". The
+                                    requirements are ANDed.
+                                  type: object
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            namespaceSelector:
+                              description: A label query over the set of namespaces
+                                that the term applies to. The term is applied to the
+                                union of the namespaces selected by this field and
+                                the ones listed in the namespaces field. null selector
+                                and null or empty namespaces list means "this pod's
+                                namespace". An empty selector ({}) matches all namespaces.
+                              properties:
+                                matchExpressions:
+                                  description: matchExpressions is a list of label
+                                    selector requirements. The requirements are ANDed.
+                                  items:
+                                    description: A label selector requirement is a
+                                      selector that contains values, a key, and an
+                                      operator that relates the key and values.
+                                    properties:
+                                      key:
+                                        description: key is the label key that the
+                                          selector applies to.
+                                        type: string
+                                      operator:
+                                        description: operator represents a key's relationship
+                                          to a set of values. Valid operators are
+                                          In, NotIn, Exists and DoesNotExist.
+                                        type: string
+                                      values:
+                                        description: values is an array of string
+                                          values. If the operator is In or NotIn,
+                                          the values array must be non-empty. If the
+                                          operator is Exists or DoesNotExist, the
+                                          values array must be empty. This array is
+                                          replaced during a strategic merge patch.
+                                        items:
+                                          type: string
+                                        type: array
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                matchLabels:
+                                  additionalProperties:
+                                    type: string
+                                  description: matchLabels is a map of {key,value}
+                                    pairs. A single {key,value} in the matchLabels
+                                    map is equivalent to an element of matchExpressions,
+                                    whose key field is "key", the operator is "In",
+                                    and the values array contains only "value". The
+                                    requirements are ANDed.
+                                  type: object
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            namespaces:
+                              description: namespaces specifies a static list of namespace
+                                names that the term applies to. The term is applied
+                                to the union of the namespaces listed in this field
+                                and the ones selected by namespaceSelector. null or
+                                empty namespaces list and null namespaceSelector means
+                                "this pod's namespace".
+                              items:
+                                type: string
+                              type: array
+                            topologyKey:
+                              description: This pod should be co-located (affinity)
+                                or not co-located (anti-affinity) with the pods matching
+                                the labelSelector in the specified namespaces, where
+                                co-located is defined as running on a node whose value
+                                of the label with key topologyKey matches that of
+                                any node on which any of the selected pods is running.
+                                Empty topologyKey is not allowed.
+                              type: string
+                          required:
+                          - topologyKey
+                          type: object
+                        type: array
+                    type: object
+                  podAntiAffinity:
+                    description: Describes pod anti-affinity scheduling rules (e.g.
+                      avoid putting this pod in the same node, zone, etc. as some
+                      other pod(s)).
+                    properties:
+                      preferredDuringSchedulingIgnoredDuringExecution:
+                        description: The scheduler will prefer to schedule pods to
+                          nodes that satisfy the anti-affinity expressions specified
+                          by this field, but it may choose a node that violates one
+                          or more of the expressions. The node that is most preferred
+                          is the one with the greatest sum of weights, i.e. for each
+                          node that meets all of the scheduling requirements (resource
+                          request, requiredDuringScheduling anti-affinity expressions,
+                          etc.), compute a sum by iterating through the elements of
+                          this field and adding "weight" to the sum if the node has
+                          pods which matches the corresponding podAffinityTerm; the
+                          node(s) with the highest sum are the most preferred.
+                        items:
+                          description: The weights of all of the matched WeightedPodAffinityTerm
+                            fields are added per-node to find the most preferred node(s)
+                          properties:
+                            podAffinityTerm:
+                              description: Required. A pod affinity term, associated
+                                with the corresponding weight.
+                              properties:
+                                labelSelector:
+                                  description: A label query over a set of resources,
+                                    in this case pods.
+                                  properties:
+                                    matchExpressions:
+                                      description: matchExpressions is a list of label
+                                        selector requirements. The requirements are
+                                        ANDed.
+                                      items:
+                                        description: A label selector requirement
+                                          is a selector that contains values, a key,
+                                          and an operator that relates the key and
+                                          values.
+                                        properties:
+                                          key:
+                                            description: key is the label key that
+                                              the selector applies to.
+                                            type: string
+                                          operator:
+                                            description: operator represents a key's
+                                              relationship to a set of values. Valid
+                                              operators are In, NotIn, Exists and
+                                              DoesNotExist.
+                                            type: string
+                                          values:
+                                            description: values is an array of string
+                                              values. If the operator is In or NotIn,
+                                              the values array must be non-empty.
+                                              If the operator is Exists or DoesNotExist,
+                                              the values array must be empty. This
+                                              array is replaced during a strategic
+                                              merge patch.
+                                            items:
+                                              type: string
+                                            type: array
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      description: matchLabels is a map of {key,value}
+                                        pairs. A single {key,value} in the matchLabels
+                                        map is equivalent to an element of matchExpressions,
+                                        whose key field is "key", the operator is
+                                        "In", and the values array contains only "value".
+                                        The requirements are ANDed.
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                namespaceSelector:
+                                  description: A label query over the set of namespaces
+                                    that the term applies to. The term is applied
+                                    to the union of the namespaces selected by this
+                                    field and the ones listed in the namespaces field.
+                                    null selector and null or empty namespaces list
+                                    means "this pod's namespace". An empty selector
+                                    ({}) matches all namespaces.
+                                  properties:
+                                    matchExpressions:
+                                      description: matchExpressions is a list of label
+                                        selector requirements. The requirements are
+                                        ANDed.
+                                      items:
+                                        description: A label selector requirement
+                                          is a selector that contains values, a key,
+                                          and an operator that relates the key and
+                                          values.
+                                        properties:
+                                          key:
+                                            description: key is the label key that
+                                              the selector applies to.
+                                            type: string
+                                          operator:
+                                            description: operator represents a key's
+                                              relationship to a set of values. Valid
+                                              operators are In, NotIn, Exists and
+                                              DoesNotExist.
+                                            type: string
+                                          values:
+                                            description: values is an array of string
+                                              values. If the operator is In or NotIn,
+                                              the values array must be non-empty.
+                                              If the operator is Exists or DoesNotExist,
+                                              the values array must be empty. This
+                                              array is replaced during a strategic
+                                              merge patch.
+                                            items:
+                                              type: string
+                                            type: array
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      description: matchLabels is a map of {key,value}
+                                        pairs. A single {key,value} in the matchLabels
+                                        map is equivalent to an element of matchExpressions,
+                                        whose key field is "key", the operator is
+                                        "In", and the values array contains only "value".
+                                        The requirements are ANDed.
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                namespaces:
+                                  description: namespaces specifies a static list
+                                    of namespace names that the term applies to. The
+                                    term is applied to the union of the namespaces
+                                    listed in this field and the ones selected by
+                                    namespaceSelector. null or empty namespaces list
+                                    and null namespaceSelector means "this pod's namespace".
+                                  items:
+                                    type: string
+                                  type: array
+                                topologyKey:
+                                  description: This pod should be co-located (affinity)
+                                    or not co-located (anti-affinity) with the pods
+                                    matching the labelSelector in the specified namespaces,
+                                    where co-located is defined as running on a node
+                                    whose value of the label with key topologyKey
+                                    matches that of any node on which any of the selected
+                                    pods is running. Empty topologyKey is not allowed.
+                                  type: string
+                              required:
+                              - topologyKey
+                              type: object
+                            weight:
+                              description: weight associated with matching the corresponding
+                                podAffinityTerm, in the range 1-100.
+                              format: int32
+                              type: integer
+                          required:
+                          - podAffinityTerm
+                          - weight
+                          type: object
+                        type: array
+                      requiredDuringSchedulingIgnoredDuringExecution:
+                        description: If the anti-affinity requirements specified by
+                          this field are not met at scheduling time, the pod will
+                          not be scheduled onto the node. If the anti-affinity requirements
+                          specified by this field cease to be met at some point during
+                          pod execution (e.g. due to a pod label update), the system
+                          may or may not try to eventually evict the pod from its
+                          node. When there are multiple elements, the lists of nodes
+                          corresponding to each podAffinityTerm are intersected, i.e.
+                          all terms must be satisfied.
+                        items:
+                          description: Defines a set of pods (namely those matching
+                            the labelSelector relative to the given namespace(s))
+                            that this pod should be co-located (affinity) or not co-located
+                            (anti-affinity) with, where co-located is defined as running
+                            on a node whose value of the label with key <topologyKey>
+                            matches that of any node on which a pod of the set of
+                            pods is running
+                          properties:
+                            labelSelector:
+                              description: A label query over a set of resources,
+                                in this case pods.
+                              properties:
+                                matchExpressions:
+                                  description: matchExpressions is a list of label
+                                    selector requirements. The requirements are ANDed.
+                                  items:
+                                    description: A label selector requirement is a
+                                      selector that contains values, a key, and an
+                                      operator that relates the key and values.
+                                    properties:
+                                      key:
+                                        description: key is the label key that the
+                                          selector applies to.
+                                        type: string
+                                      operator:
+                                        description: operator represents a key's relationship
+                                          to a set of values. Valid operators are
+                                          In, NotIn, Exists and DoesNotExist.
+                                        type: string
+                                      values:
+                                        description: values is an array of string
+                                          values. If the operator is In or NotIn,
+                                          the values array must be non-empty. If the
+                                          operator is Exists or DoesNotExist, the
+                                          values array must be empty. This array is
+                                          replaced during a strategic merge patch.
+                                        items:
+                                          type: string
+                                        type: array
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                matchLabels:
+                                  additionalProperties:
+                                    type: string
+                                  description: matchLabels is a map of {key,value}
+                                    pairs. A single {key,value} in the matchLabels
+                                    map is equivalent to an element of matchExpressions,
+                                    whose key field is "key", the operator is "In",
+                                    and the values array contains only "value". The
+                                    requirements are ANDed.
+                                  type: object
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            namespaceSelector:
+                              description: A label query over the set of namespaces
+                                that the term applies to. The term is applied to the
+                                union of the namespaces selected by this field and
+                                the ones listed in the namespaces field. null selector
+                                and null or empty namespaces list means "this pod's
+                                namespace". An empty selector ({}) matches all namespaces.
+                              properties:
+                                matchExpressions:
+                                  description: matchExpressions is a list of label
+                                    selector requirements. The requirements are ANDed.
+                                  items:
+                                    description: A label selector requirement is a
+                                      selector that contains values, a key, and an
+                                      operator that relates the key and values.
+                                    properties:
+                                      key:
+                                        description: key is the label key that the
+                                          selector applies to.
+                                        type: string
+                                      operator:
+                                        description: operator represents a key's relationship
+                                          to a set of values. Valid operators are
+                                          In, NotIn, Exists and DoesNotExist.
+                                        type: string
+                                      values:
+                                        description: values is an array of string
+                                          values. If the operator is In or NotIn,
+                                          the values array must be non-empty. If the
+                                          operator is Exists or DoesNotExist, the
+                                          values array must be empty. This array is
+                                          replaced during a strategic merge patch.
+                                        items:
+                                          type: string
+                                        type: array
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                matchLabels:
+                                  additionalProperties:
+                                    type: string
+                                  description: matchLabels is a map of {key,value}
+                                    pairs. A single {key,value} in the matchLabels
+                                    map is equivalent to an element of matchExpressions,
+                                    whose key field is "key", the operator is "In",
+                                    and the values array contains only "value". The
+                                    requirements are ANDed.
+                                  type: object
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            namespaces:
+                              description: namespaces specifies a static list of namespace
+                                names that the term applies to. The term is applied
+                                to the union of the namespaces listed in this field
+                                and the ones selected by namespaceSelector. null or
+                                empty namespaces list and null namespaceSelector means
+                                "this pod's namespace".
+                              items:
+                                type: string
+                              type: array
+                            topologyKey:
+                              description: This pod should be co-located (affinity)
+                                or not co-located (anti-affinity) with the pods matching
+                                the labelSelector in the specified namespaces, where
+                                co-located is defined as running on a node whose value
+                                of the label with key topologyKey matches that of
+                                any node on which any of the selected pods is running.
+                                Empty topologyKey is not allowed.
+                              type: string
+                          required:
+                          - topologyKey
+                          type: object
+                        type: array
+                    type: object
+                type: object
+              alertDropLabels:
+                description: AlertDropLabels configure the label names which should
+                  be dropped in ThanosRuler alerts. The replica label `thanos_ruler_replica`
+                  will always be dropped in alerts.
+                items:
+                  type: string
+                type: array
+              alertQueryUrl:
+                description: The external Query URL the Thanos Ruler will set in the
+                  'Source' field of all alerts. Maps to the '--alert.query-url' CLI
+                  arg.
+                type: string
+              alertRelabelConfigFile:
+                description: AlertRelabelConfigFile specifies the path of the alert
+                  relabeling configuration file. When used alongside with AlertRelabelConfigs,
+                  alertRelabelConfigFile takes precedence.
+                type: string
+              alertRelabelConfigs:
+                description: 'AlertRelabelConfigs configures alert relabeling in ThanosRuler.
+                  Alert relabel configurations must have the form as specified in
+                  the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs
+                  Alternative to AlertRelabelConfigFile, and lower order priority.'
+                properties:
+                  key:
+                    description: The key of the secret to select from.  Must be a
+                      valid secret key.
+                    type: string
+                  name:
+                    description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                      TODO: Add other useful fields. apiVersion, kind, uid?'
+                    type: string
+                  optional:
+                    description: Specify whether the Secret or its key must be defined
+                    type: boolean
+                required:
+                - key
+                type: object
+                x-kubernetes-map-type: atomic
+              alertmanagersConfig:
+                description: Define configuration for connecting to alertmanager.  Only
+                  available with thanos v0.10.0 and higher.  Maps to the `alertmanagers.config`
+                  arg.
+                properties:
+                  key:
+                    description: The key of the secret to select from.  Must be a
+                      valid secret key.
+                    type: string
+                  name:
+                    description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                      TODO: Add other useful fields. apiVersion, kind, uid?'
+                    type: string
+                  optional:
+                    description: Specify whether the Secret or its key must be defined
+                    type: boolean
+                required:
+                - key
+                type: object
+                x-kubernetes-map-type: atomic
+              alertmanagersUrl:
+                description: 'Define URLs to send alerts to Alertmanager.  For Thanos
+                  v0.10.0 and higher, AlertManagersConfig should be used instead.  Note:
+                  this field will be ignored if AlertManagersConfig is specified.
+                  Maps to the `alertmanagers.url` arg.'
+                items:
+                  type: string
+                type: array
+              containers:
+                description: 'Containers allows injecting additional containers or
+                  modifying operator generated containers. This can be used to allow
+                  adding an authentication proxy to a ThanosRuler pod or to change
+                  the behavior of an operator generated container. Containers described
+                  here modify an operator generated container if they share the same
+                  name and modifications are done via a strategic merge patch. The
+                  current container names are: `thanos-ruler` and `config-reloader`.
+                  Overriding containers is entirely outside the scope of what the
+                  maintainers will support and by doing so, you accept that this behaviour
+                  may break at any time without notice.'
+                items:
+                  description: A single application container that you want to run
+                    within a pod.
+                  properties:
+                    args:
+                      description: 'Arguments to the entrypoint. The container image''s
+                        CMD is used if this is not provided. Variable references $(VAR_NAME)
+                        are expanded using the container''s environment. If a variable
+                        cannot be resolved, the reference in the input string will
+                        be unchanged. Double $$ are reduced to a single $, which allows
+                        for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
+                        produce the string literal "$(VAR_NAME)". Escaped references
+                        will never be expanded, regardless of whether the variable
+                        exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+                      items:
+                        type: string
+                      type: array
+                    command:
+                      description: 'Entrypoint array. Not executed within a shell.
+                        The container image''s ENTRYPOINT is used if this is not provided.
+                        Variable references $(VAR_NAME) are expanded using the container''s
+                        environment. If a variable cannot be resolved, the reference
+                        in the input string will be unchanged. Double $$ are reduced
+                        to a single $, which allows for escaping the $(VAR_NAME) syntax:
+                        i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
+                        Escaped references will never be expanded, regardless of whether
+                        the variable exists or not. Cannot be updated. More info:
+                        https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+                      items:
+                        type: string
+                      type: array
+                    env:
+                      description: List of environment variables to set in the container.
+                        Cannot be updated.
+                      items:
+                        description: EnvVar represents an environment variable present
+                          in a Container.
+                        properties:
+                          name:
+                            description: Name of the environment variable. Must be
+                              a C_IDENTIFIER.
+                            type: string
+                          value:
+                            description: 'Variable references $(VAR_NAME) are expanded
+                              using the previously defined environment variables in
+                              the container and any service environment variables.
+                              If a variable cannot be resolved, the reference in the
+                              input string will be unchanged. Double $$ are reduced
+                              to a single $, which allows for escaping the $(VAR_NAME)
+                              syntax: i.e. "$$(VAR_NAME)" will produce the string
+                              literal "$(VAR_NAME)". Escaped references will never
+                              be expanded, regardless of whether the variable exists
+                              or not. Defaults to "".'
+                            type: string
+                          valueFrom:
+                            description: Source for the environment variable's value.
+                              Cannot be used if value is not empty.
+                            properties:
+                              configMapKeyRef:
+                                description: Selects a key of a ConfigMap.
+                                properties:
+                                  key:
+                                    description: The key to select.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the ConfigMap or
+                                      its key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              fieldRef:
+                                description: 'Selects a field of the pod: supports
+                                  metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`,
+                                  `metadata.annotations[''<KEY>'']`, spec.nodeName,
+                                  spec.serviceAccountName, status.hostIP, status.podIP,
+                                  status.podIPs.'
+                                properties:
+                                  apiVersion:
+                                    description: Version of the schema the FieldPath
+                                      is written in terms of, defaults to "v1".
+                                    type: string
+                                  fieldPath:
+                                    description: Path of the field to select in the
+                                      specified API version.
+                                    type: string
+                                required:
+                                - fieldPath
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              resourceFieldRef:
+                                description: 'Selects a resource of the container:
+                                  only resources limits and requests (limits.cpu,
+                                  limits.memory, limits.ephemeral-storage, requests.cpu,
+                                  requests.memory and requests.ephemeral-storage)
+                                  are currently supported.'
+                                properties:
+                                  containerName:
+                                    description: 'Container name: required for volumes,
+                                      optional for env vars'
+                                    type: string
+                                  divisor:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    description: Specifies the output format of the
+                                      exposed resources, defaults to "1"
+                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                    x-kubernetes-int-or-string: true
+                                  resource:
+                                    description: 'Required: resource to select'
+                                    type: string
+                                required:
+                                - resource
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              secretKeyRef:
+                                description: Selects a key of a secret in the pod's
+                                  namespace
+                                properties:
+                                  key:
+                                    description: The key of the secret to select from.  Must
+                                      be a valid secret key.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the Secret or its
+                                      key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        required:
+                        - name
+                        type: object
+                      type: array
+                    envFrom:
+                      description: List of sources to populate environment variables
+                        in the container. The keys defined within a source must be
+                        a C_IDENTIFIER. All invalid keys will be reported as an event
+                        when the container is starting. When a key exists in multiple
+                        sources, the value associated with the last source will take
+                        precedence. Values defined by an Env with a duplicate key
+                        will take precedence. Cannot be updated.
+                      items:
+                        description: EnvFromSource represents the source of a set
+                          of ConfigMaps
+                        properties:
+                          configMapRef:
+                            description: The ConfigMap to select from
+                            properties:
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the ConfigMap must be
+                                  defined
+                                type: boolean
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          prefix:
+                            description: An optional identifier to prepend to each
+                              key in the ConfigMap. Must be a C_IDENTIFIER.
+                            type: string
+                          secretRef:
+                            description: The Secret to select from
+                            properties:
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret must be defined
+                                type: boolean
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      type: array
+                    image:
+                      description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images
+                        This field is optional to allow higher level config management
+                        to default or override container images in workload controllers
+                        like Deployments and StatefulSets.'
+                      type: string
+                    imagePullPolicy:
+                      description: 'Image pull policy. One of Always, Never, IfNotPresent.
+                        Defaults to Always if :latest tag is specified, or IfNotPresent
+                        otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
+                      type: string
+                    lifecycle:
+                      description: Actions that the management system should take
+                        in response to container lifecycle events. Cannot be updated.
+                      properties:
+                        postStart:
+                          description: 'PostStart is called immediately after a container
+                            is created. If the handler fails, the container is terminated
+                            and restarted according to its restart policy. Other management
+                            of the container blocks until the hook completes. More
+                            info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
+                          properties:
+                            exec:
+                              description: Exec specifies the action to take.
+                              properties:
+                                command:
+                                  description: Command is the command line to execute
+                                    inside the container, the working directory for
+                                    the command  is root ('/') in the container's
+                                    filesystem. The command is simply exec'd, it is
+                                    not run inside a shell, so traditional shell instructions
+                                    ('|', etc) won't work. To use a shell, you need
+                                    to explicitly call out to that shell. Exit status
+                                    of 0 is treated as live/healthy and non-zero is
+                                    unhealthy.
+                                  items:
+                                    type: string
+                                  type: array
+                              type: object
+                            httpGet:
+                              description: HTTPGet specifies the http request to perform.
+                              properties:
+                                host:
+                                  description: Host name to connect to, defaults to
+                                    the pod IP. You probably want to set "Host" in
+                                    httpHeaders instead.
+                                  type: string
+                                httpHeaders:
+                                  description: Custom headers to set in the request.
+                                    HTTP allows repeated headers.
+                                  items:
+                                    description: HTTPHeader describes a custom header
+                                      to be used in HTTP probes
+                                    properties:
+                                      name:
+                                        description: The header field name
+                                        type: string
+                                      value:
+                                        description: The header field value
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                path:
+                                  description: Path to access on the HTTP server.
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Name or number of the port to access
+                                    on the container. Number must be in the range
+                                    1 to 65535. Name must be an IANA_SVC_NAME.
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  description: Scheme to use for connecting to the
+                                    host. Defaults to HTTP.
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            tcpSocket:
+                              description: Deprecated. TCPSocket is NOT supported
+                                as a LifecycleHandler and kept for the backward compatibility.
+                                There are no validation of this field and lifecycle
+                                hooks will fail in runtime when tcp handler is specified.
+                              properties:
+                                host:
+                                  description: 'Optional: Host name to connect to,
+                                    defaults to the pod IP.'
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Number or name of the port to access
+                                    on the container. Number must be in the range
+                                    1 to 65535. Name must be an IANA_SVC_NAME.
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                          type: object
+                        preStop:
+                          description: 'PreStop is called immediately before a container
+                            is terminated due to an API request or management event
+                            such as liveness/startup probe failure, preemption, resource
+                            contention, etc. The handler is not called if the container
+                            crashes or exits. The Pod''s termination grace period
+                            countdown begins before the PreStop hook is executed.
+                            Regardless of the outcome of the handler, the container
+                            will eventually terminate within the Pod''s termination
+                            grace period (unless delayed by finalizers). Other management
+                            of the container blocks until the hook completes or until
+                            the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
+                          properties:
+                            exec:
+                              description: Exec specifies the action to take.
+                              properties:
+                                command:
+                                  description: Command is the command line to execute
+                                    inside the container, the working directory for
+                                    the command  is root ('/') in the container's
+                                    filesystem. The command is simply exec'd, it is
+                                    not run inside a shell, so traditional shell instructions
+                                    ('|', etc) won't work. To use a shell, you need
+                                    to explicitly call out to that shell. Exit status
+                                    of 0 is treated as live/healthy and non-zero is
+                                    unhealthy.
+                                  items:
+                                    type: string
+                                  type: array
+                              type: object
+                            httpGet:
+                              description: HTTPGet specifies the http request to perform.
+                              properties:
+                                host:
+                                  description: Host name to connect to, defaults to
+                                    the pod IP. You probably want to set "Host" in
+                                    httpHeaders instead.
+                                  type: string
+                                httpHeaders:
+                                  description: Custom headers to set in the request.
+                                    HTTP allows repeated headers.
+                                  items:
+                                    description: HTTPHeader describes a custom header
+                                      to be used in HTTP probes
+                                    properties:
+                                      name:
+                                        description: The header field name
+                                        type: string
+                                      value:
+                                        description: The header field value
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                path:
+                                  description: Path to access on the HTTP server.
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Name or number of the port to access
+                                    on the container. Number must be in the range
+                                    1 to 65535. Name must be an IANA_SVC_NAME.
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  description: Scheme to use for connecting to the
+                                    host. Defaults to HTTP.
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            tcpSocket:
+                              description: Deprecated. TCPSocket is NOT supported
+                                as a LifecycleHandler and kept for the backward compatibility.
+                                There are no validation of this field and lifecycle
+                                hooks will fail in runtime when tcp handler is specified.
+                              properties:
+                                host:
+                                  description: 'Optional: Host name to connect to,
+                                    defaults to the pod IP.'
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Number or name of the port to access
+                                    on the container. Number must be in the range
+                                    1 to 65535. Name must be an IANA_SVC_NAME.
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                          type: object
+                      type: object
+                    livenessProbe:
+                      description: 'Periodic probe of container liveness. Container
+                        will be restarted if the probe fails. Cannot be updated. More
+                        info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                      properties:
+                        exec:
+                          description: Exec specifies the action to take.
+                          properties:
+                            command:
+                              description: Command is the command line to execute
+                                inside the container, the working directory for the
+                                command  is root ('/') in the container's filesystem.
+                                The command is simply exec'd, it is not run inside
+                                a shell, so traditional shell instructions ('|', etc)
+                                won't work. To use a shell, you need to explicitly
+                                call out to that shell. Exit status of 0 is treated
+                                as live/healthy and non-zero is unhealthy.
+                              items:
+                                type: string
+                              type: array
+                          type: object
+                        failureThreshold:
+                          description: Minimum consecutive failures for the probe
+                            to be considered failed after having succeeded. Defaults
+                            to 3. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        grpc:
+                          description: GRPC specifies an action involving a GRPC port.
+                            This is a beta field and requires enabling GRPCContainerProbe
+                            feature gate.
+                          properties:
+                            port:
+                              description: Port number of the gRPC service. Number
+                                must be in the range 1 to 65535.
+                              format: int32
+                              type: integer
+                            service:
+                              description: "Service is the name of the service to
+                                place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+                                \n If this is not specified, the default behavior
+                                is defined by gRPC."
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          description: HTTPGet specifies the http request to perform.
+                          properties:
+                            host:
+                              description: Host name to connect to, defaults to the
+                                pod IP. You probably want to set "Host" in httpHeaders
+                                instead.
+                              type: string
+                            httpHeaders:
+                              description: Custom headers to set in the request. HTTP
+                                allows repeated headers.
+                              items:
+                                description: HTTPHeader describes a custom header
+                                  to be used in HTTP probes
+                                properties:
+                                  name:
+                                    description: The header field name
+                                    type: string
+                                  value:
+                                    description: The header field value
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                            path:
+                              description: Path to access on the HTTP server.
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Name or number of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              description: Scheme to use for connecting to the host.
+                                Defaults to HTTP.
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          description: 'Number of seconds after the container has
+                            started before liveness probes are initiated. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          description: How often (in seconds) to perform the probe.
+                            Default to 10 seconds. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          description: Minimum consecutive successes for the probe
+                            to be considered successful after having failed. Defaults
+                            to 1. Must be 1 for liveness and startup. Minimum value
+                            is 1.
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          description: TCPSocket specifies an action involving a TCP
+                            port.
+                          properties:
+                            host:
+                              description: 'Optional: Host name to connect to, defaults
+                                to the pod IP.'
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Number or name of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          description: Optional duration in seconds the pod needs
+                            to terminate gracefully upon probe failure. The grace
+                            period is the duration in seconds after the processes
+                            running in the pod are sent a termination signal and the
+                            time when the processes are forcibly halted with a kill
+                            signal. Set this value longer than the expected cleanup
+                            time for your process. If this value is nil, the pod's
+                            terminationGracePeriodSeconds will be used. Otherwise,
+                            this value overrides the value provided by the pod spec.
+                            Value must be non-negative integer. The value zero indicates
+                            stop immediately via the kill signal (no opportunity to
+                            shut down). This is a beta field and requires enabling
+                            ProbeTerminationGracePeriod feature gate. Minimum value
+                            is 1. spec.terminationGracePeriodSeconds is used if unset.
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          description: 'Number of seconds after which the probe times
+                            out. Defaults to 1 second. Minimum value is 1. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                      type: object
+                    name:
+                      description: Name of the container specified as a DNS_LABEL.
+                        Each container in a pod must have a unique name (DNS_LABEL).
+                        Cannot be updated.
+                      type: string
+                    ports:
+                      description: List of ports to expose from the container. Not
+                        specifying a port here DOES NOT prevent that port from being
+                        exposed. Any port which is listening on the default "0.0.0.0"
+                        address inside a container will be accessible from the network.
+                        Modifying this array with strategic merge patch may corrupt
+                        the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255.
+                        Cannot be updated.
+                      items:
+                        description: ContainerPort represents a network port in a
+                          single container.
+                        properties:
+                          containerPort:
+                            description: Number of port to expose on the pod's IP
+                              address. This must be a valid port number, 0 < x < 65536.
+                            format: int32
+                            type: integer
+                          hostIP:
+                            description: What host IP to bind the external port to.
+                            type: string
+                          hostPort:
+                            description: Number of port to expose on the host. If
+                              specified, this must be a valid port number, 0 < x <
+                              65536. If HostNetwork is specified, this must match
+                              ContainerPort. Most containers do not need this.
+                            format: int32
+                            type: integer
+                          name:
+                            description: If specified, this must be an IANA_SVC_NAME
+                              and unique within the pod. Each named port in a pod
+                              must have a unique name. Name for the port that can
+                              be referred to by services.
+                            type: string
+                          protocol:
+                            default: TCP
+                            description: Protocol for port. Must be UDP, TCP, or SCTP.
+                              Defaults to "TCP".
+                            type: string
+                        required:
+                        - containerPort
+                        type: object
+                      type: array
+                      x-kubernetes-list-map-keys:
+                      - containerPort
+                      - protocol
+                      x-kubernetes-list-type: map
+                    readinessProbe:
+                      description: 'Periodic probe of container service readiness.
+                        Container will be removed from service endpoints if the probe
+                        fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                      properties:
+                        exec:
+                          description: Exec specifies the action to take.
+                          properties:
+                            command:
+                              description: Command is the command line to execute
+                                inside the container, the working directory for the
+                                command  is root ('/') in the container's filesystem.
+                                The command is simply exec'd, it is not run inside
+                                a shell, so traditional shell instructions ('|', etc)
+                                won't work. To use a shell, you need to explicitly
+                                call out to that shell. Exit status of 0 is treated
+                                as live/healthy and non-zero is unhealthy.
+                              items:
+                                type: string
+                              type: array
+                          type: object
+                        failureThreshold:
+                          description: Minimum consecutive failures for the probe
+                            to be considered failed after having succeeded. Defaults
+                            to 3. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        grpc:
+                          description: GRPC specifies an action involving a GRPC port.
+                            This is a beta field and requires enabling GRPCContainerProbe
+                            feature gate.
+                          properties:
+                            port:
+                              description: Port number of the gRPC service. Number
+                                must be in the range 1 to 65535.
+                              format: int32
+                              type: integer
+                            service:
+                              description: "Service is the name of the service to
+                                place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+                                \n If this is not specified, the default behavior
+                                is defined by gRPC."
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          description: HTTPGet specifies the http request to perform.
+                          properties:
+                            host:
+                              description: Host name to connect to, defaults to the
+                                pod IP. You probably want to set "Host" in httpHeaders
+                                instead.
+                              type: string
+                            httpHeaders:
+                              description: Custom headers to set in the request. HTTP
+                                allows repeated headers.
+                              items:
+                                description: HTTPHeader describes a custom header
+                                  to be used in HTTP probes
+                                properties:
+                                  name:
+                                    description: The header field name
+                                    type: string
+                                  value:
+                                    description: The header field value
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                            path:
+                              description: Path to access on the HTTP server.
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Name or number of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              description: Scheme to use for connecting to the host.
+                                Defaults to HTTP.
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          description: 'Number of seconds after the container has
+                            started before liveness probes are initiated. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          description: How often (in seconds) to perform the probe.
+                            Default to 10 seconds. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          description: Minimum consecutive successes for the probe
+                            to be considered successful after having failed. Defaults
+                            to 1. Must be 1 for liveness and startup. Minimum value
+                            is 1.
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          description: TCPSocket specifies an action involving a TCP
+                            port.
+                          properties:
+                            host:
+                              description: 'Optional: Host name to connect to, defaults
+                                to the pod IP.'
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Number or name of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          description: Optional duration in seconds the pod needs
+                            to terminate gracefully upon probe failure. The grace
+                            period is the duration in seconds after the processes
+                            running in the pod are sent a termination signal and the
+                            time when the processes are forcibly halted with a kill
+                            signal. Set this value longer than the expected cleanup
+                            time for your process. If this value is nil, the pod's
+                            terminationGracePeriodSeconds will be used. Otherwise,
+                            this value overrides the value provided by the pod spec.
+                            Value must be non-negative integer. The value zero indicates
+                            stop immediately via the kill signal (no opportunity to
+                            shut down). This is a beta field and requires enabling
+                            ProbeTerminationGracePeriod feature gate. Minimum value
+                            is 1. spec.terminationGracePeriodSeconds is used if unset.
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          description: 'Number of seconds after which the probe times
+                            out. Defaults to 1 second. Minimum value is 1. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                      type: object
+                    resources:
+                      description: 'Compute Resources required by this container.
+                        Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                      properties:
+                        claims:
+                          description: "Claims lists the names of resources, defined
+                            in spec.resourceClaims, that are used by this container.
+                            \n This is an alpha field and requires enabling the DynamicResourceAllocation
+                            feature gate. \n This field is immutable."
+                          items:
+                            description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+                            properties:
+                              name:
+                                description: Name must match the name of one entry
+                                  in pod.spec.resourceClaims of the Pod where this
+                                  field is used. It makes that resource available
+                                  inside a container.
+                                type: string
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        limits:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          description: 'Limits describes the maximum amount of compute
+                            resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                          type: object
+                        requests:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          description: 'Requests describes the minimum amount of compute
+                            resources required. If Requests is omitted for a container,
+                            it defaults to Limits if that is explicitly specified,
+                            otherwise to an implementation-defined value. More info:
+                            https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                          type: object
+                      type: object
+                    securityContext:
+                      description: 'SecurityContext defines the security options the
+                        container should be run with. If set, the fields of SecurityContext
+                        override the equivalent fields of PodSecurityContext. More
+                        info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
+                      properties:
+                        allowPrivilegeEscalation:
+                          description: 'AllowPrivilegeEscalation controls whether
+                            a process can gain more privileges than its parent process.
+                            This bool directly controls if the no_new_privs flag will
+                            be set on the container process. AllowPrivilegeEscalation
+                            is true always when the container is: 1) run as Privileged
+                            2) has CAP_SYS_ADMIN Note that this field cannot be set
+                            when spec.os.name is windows.'
+                          type: boolean
+                        capabilities:
+                          description: The capabilities to add/drop when running containers.
+                            Defaults to the default set of capabilities granted by
+                            the container runtime. Note that this field cannot be
+                            set when spec.os.name is windows.
+                          properties:
+                            add:
+                              description: Added capabilities
+                              items:
+                                description: Capability represent POSIX capabilities
+                                  type
+                                type: string
+                              type: array
+                            drop:
+                              description: Removed capabilities
+                              items:
+                                description: Capability represent POSIX capabilities
+                                  type
+                                type: string
+                              type: array
+                          type: object
+                        privileged:
+                          description: Run container in privileged mode. Processes
+                            in privileged containers are essentially equivalent to
+                            root on the host. Defaults to false. Note that this field
+                            cannot be set when spec.os.name is windows.
+                          type: boolean
+                        procMount:
+                          description: procMount denotes the type of proc mount to
+                            use for the containers. The default is DefaultProcMount
+                            which uses the container runtime defaults for readonly
+                            paths and masked paths. This requires the ProcMountType
+                            feature flag to be enabled. Note that this field cannot
+                            be set when spec.os.name is windows.
+                          type: string
+                        readOnlyRootFilesystem:
+                          description: Whether this container has a read-only root
+                            filesystem. Default is false. Note that this field cannot
+                            be set when spec.os.name is windows.
+                          type: boolean
+                        runAsGroup:
+                          description: The GID to run the entrypoint of the container
+                            process. Uses runtime default if unset. May also be set
+                            in PodSecurityContext.  If set in both SecurityContext
+                            and PodSecurityContext, the value specified in SecurityContext
+                            takes precedence. Note that this field cannot be set when
+                            spec.os.name is windows.
+                          format: int64
+                          type: integer
+                        runAsNonRoot:
+                          description: Indicates that the container must run as a
+                            non-root user. If true, the Kubelet will validate the
+                            image at runtime to ensure that it does not run as UID
+                            0 (root) and fail to start the container if it does. If
+                            unset or false, no such validation will be performed.
+                            May also be set in PodSecurityContext.  If set in both
+                            SecurityContext and PodSecurityContext, the value specified
+                            in SecurityContext takes precedence.
+                          type: boolean
+                        runAsUser:
+                          description: The UID to run the entrypoint of the container
+                            process. Defaults to user specified in image metadata
+                            if unspecified. May also be set in PodSecurityContext.  If
+                            set in both SecurityContext and PodSecurityContext, the
+                            value specified in SecurityContext takes precedence. Note
+                            that this field cannot be set when spec.os.name is windows.
+                          format: int64
+                          type: integer
+                        seLinuxOptions:
+                          description: The SELinux context to be applied to the container.
+                            If unspecified, the container runtime will allocate a
+                            random SELinux context for each container.  May also be
+                            set in PodSecurityContext.  If set in both SecurityContext
+                            and PodSecurityContext, the value specified in SecurityContext
+                            takes precedence. Note that this field cannot be set when
+                            spec.os.name is windows.
+                          properties:
+                            level:
+                              description: Level is SELinux level label that applies
+                                to the container.
+                              type: string
+                            role:
+                              description: Role is a SELinux role label that applies
+                                to the container.
+                              type: string
+                            type:
+                              description: Type is a SELinux type label that applies
+                                to the container.
+                              type: string
+                            user:
+                              description: User is a SELinux user label that applies
+                                to the container.
+                              type: string
+                          type: object
+                        seccompProfile:
+                          description: The seccomp options to use by this container.
+                            If seccomp options are provided at both the pod & container
+                            level, the container options override the pod options.
+                            Note that this field cannot be set when spec.os.name is
+                            windows.
+                          properties:
+                            localhostProfile:
+                              description: localhostProfile indicates a profile defined
+                                in a file on the node should be used. The profile
+                                must be preconfigured on the node to work. Must be
+                                a descending path, relative to the kubelet's configured
+                                seccomp profile location. Must only be set if type
+                                is "Localhost".
+                              type: string
+                            type:
+                              description: "type indicates which kind of seccomp profile
+                                will be applied. Valid options are: \n Localhost -
+                                a profile defined in a file on the node should be
+                                used. RuntimeDefault - the container runtime default
+                                profile should be used. Unconfined - no profile should
+                                be applied."
+                              type: string
+                          required:
+                          - type
+                          type: object
+                        windowsOptions:
+                          description: The Windows specific settings applied to all
+                            containers. If unspecified, the options from the PodSecurityContext
+                            will be used. If set in both SecurityContext and PodSecurityContext,
+                            the value specified in SecurityContext takes precedence.
+                            Note that this field cannot be set when spec.os.name is
+                            linux.
+                          properties:
+                            gmsaCredentialSpec:
+                              description: GMSACredentialSpec is where the GMSA admission
+                                webhook (https://github.com/kubernetes-sigs/windows-gmsa)
+                                inlines the contents of the GMSA credential spec named
+                                by the GMSACredentialSpecName field.
+                              type: string
+                            gmsaCredentialSpecName:
+                              description: GMSACredentialSpecName is the name of the
+                                GMSA credential spec to use.
+                              type: string
+                            hostProcess:
+                              description: HostProcess determines if a container should
+                                be run as a 'Host Process' container. This field is
+                                alpha-level and will only be honored by components
+                                that enable the WindowsHostProcessContainers feature
+                                flag. Setting this field without the feature flag
+                                will result in errors when validating the Pod. All
+                                of a Pod's containers must have the same effective
+                                HostProcess value (it is not allowed to have a mix
+                                of HostProcess containers and non-HostProcess containers).  In
+                                addition, if HostProcess is true then HostNetwork
+                                must also be set to true.
+                              type: boolean
+                            runAsUserName:
+                              description: The UserName in Windows to run the entrypoint
+                                of the container process. Defaults to the user specified
+                                in image metadata if unspecified. May also be set
+                                in PodSecurityContext. If set in both SecurityContext
+                                and PodSecurityContext, the value specified in SecurityContext
+                                takes precedence.
+                              type: string
+                          type: object
+                      type: object
+                    startupProbe:
+                      description: 'StartupProbe indicates that the Pod has successfully
+                        initialized. If specified, no other probes are executed until
+                        this completes successfully. If this probe fails, the Pod
+                        will be restarted, just as if the livenessProbe failed. This
+                        can be used to provide different probe parameters at the beginning
+                        of a Pod''s lifecycle, when it might take a long time to load
+                        data or warm a cache, than during steady-state operation.
+                        This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                      properties:
+                        exec:
+                          description: Exec specifies the action to take.
+                          properties:
+                            command:
+                              description: Command is the command line to execute
+                                inside the container, the working directory for the
+                                command  is root ('/') in the container's filesystem.
+                                The command is simply exec'd, it is not run inside
+                                a shell, so traditional shell instructions ('|', etc)
+                                won't work. To use a shell, you need to explicitly
+                                call out to that shell. Exit status of 0 is treated
+                                as live/healthy and non-zero is unhealthy.
+                              items:
+                                type: string
+                              type: array
+                          type: object
+                        failureThreshold:
+                          description: Minimum consecutive failures for the probe
+                            to be considered failed after having succeeded. Defaults
+                            to 3. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        grpc:
+                          description: GRPC specifies an action involving a GRPC port.
+                            This is a beta field and requires enabling GRPCContainerProbe
+                            feature gate.
+                          properties:
+                            port:
+                              description: Port number of the gRPC service. Number
+                                must be in the range 1 to 65535.
+                              format: int32
+                              type: integer
+                            service:
+                              description: "Service is the name of the service to
+                                place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+                                \n If this is not specified, the default behavior
+                                is defined by gRPC."
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          description: HTTPGet specifies the http request to perform.
+                          properties:
+                            host:
+                              description: Host name to connect to, defaults to the
+                                pod IP. You probably want to set "Host" in httpHeaders
+                                instead.
+                              type: string
+                            httpHeaders:
+                              description: Custom headers to set in the request. HTTP
+                                allows repeated headers.
+                              items:
+                                description: HTTPHeader describes a custom header
+                                  to be used in HTTP probes
+                                properties:
+                                  name:
+                                    description: The header field name
+                                    type: string
+                                  value:
+                                    description: The header field value
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                            path:
+                              description: Path to access on the HTTP server.
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Name or number of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              description: Scheme to use for connecting to the host.
+                                Defaults to HTTP.
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          description: 'Number of seconds after the container has
+                            started before liveness probes are initiated. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          description: How often (in seconds) to perform the probe.
+                            Default to 10 seconds. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          description: Minimum consecutive successes for the probe
+                            to be considered successful after having failed. Defaults
+                            to 1. Must be 1 for liveness and startup. Minimum value
+                            is 1.
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          description: TCPSocket specifies an action involving a TCP
+                            port.
+                          properties:
+                            host:
+                              description: 'Optional: Host name to connect to, defaults
+                                to the pod IP.'
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Number or name of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          description: Optional duration in seconds the pod needs
+                            to terminate gracefully upon probe failure. The grace
+                            period is the duration in seconds after the processes
+                            running in the pod are sent a termination signal and the
+                            time when the processes are forcibly halted with a kill
+                            signal. Set this value longer than the expected cleanup
+                            time for your process. If this value is nil, the pod's
+                            terminationGracePeriodSeconds will be used. Otherwise,
+                            this value overrides the value provided by the pod spec.
+                            Value must be non-negative integer. The value zero indicates
+                            stop immediately via the kill signal (no opportunity to
+                            shut down). This is a beta field and requires enabling
+                            ProbeTerminationGracePeriod feature gate. Minimum value
+                            is 1. spec.terminationGracePeriodSeconds is used if unset.
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          description: 'Number of seconds after which the probe times
+                            out. Defaults to 1 second. Minimum value is 1. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                      type: object
+                    stdin:
+                      description: Whether this container should allocate a buffer
+                        for stdin in the container runtime. If this is not set, reads
+                        from stdin in the container will always result in EOF. Default
+                        is false.
+                      type: boolean
+                    stdinOnce:
+                      description: Whether the container runtime should close the
+                        stdin channel after it has been opened by a single attach.
+                        When stdin is true the stdin stream will remain open across
+                        multiple attach sessions. If stdinOnce is set to true, stdin
+                        is opened on container start, is empty until the first client
+                        attaches to stdin, and then remains open and accepts data
+                        until the client disconnects, at which time stdin is closed
+                        and remains closed until the container is restarted. If this
+                        flag is false, a container processes that reads from stdin
+                        will never receive an EOF. Default is false
+                      type: boolean
+                    terminationMessagePath:
+                      description: 'Optional: Path at which the file to which the
+                        container''s termination message will be written is mounted
+                        into the container''s filesystem. Message written is intended
+                        to be brief final status, such as an assertion failure message.
+                        Will be truncated by the node if greater than 4096 bytes.
+                        The total message length across all containers will be limited
+                        to 12kb. Defaults to /dev/termination-log. Cannot be updated.'
+                      type: string
+                    terminationMessagePolicy:
+                      description: Indicate how the termination message should be
+                        populated. File will use the contents of terminationMessagePath
+                        to populate the container status message on both success and
+                        failure. FallbackToLogsOnError will use the last chunk of
+                        container log output if the termination message file is empty
+                        and the container exited with an error. The log output is
+                        limited to 2048 bytes or 80 lines, whichever is smaller. Defaults
+                        to File. Cannot be updated.
+                      type: string
+                    tty:
+                      description: Whether this container should allocate a TTY for
+                        itself, also requires 'stdin' to be true. Default is false.
+                      type: boolean
+                    volumeDevices:
+                      description: volumeDevices is the list of block devices to be
+                        used by the container.
+                      items:
+                        description: volumeDevice describes a mapping of a raw block
+                          device within a container.
+                        properties:
+                          devicePath:
+                            description: devicePath is the path inside of the container
+                              that the device will be mapped to.
+                            type: string
+                          name:
+                            description: name must match the name of a persistentVolumeClaim
+                              in the pod
+                            type: string
+                        required:
+                        - devicePath
+                        - name
+                        type: object
+                      type: array
+                    volumeMounts:
+                      description: Pod volumes to mount into the container's filesystem.
+                        Cannot be updated.
+                      items:
+                        description: VolumeMount describes a mounting of a Volume
+                          within a container.
+                        properties:
+                          mountPath:
+                            description: Path within the container at which the volume
+                              should be mounted.  Must not contain ':'.
+                            type: string
+                          mountPropagation:
+                            description: mountPropagation determines how mounts are
+                              propagated from the host to container and the other
+                              way around. When not set, MountPropagationNone is used.
+                              This field is beta in 1.10.
+                            type: string
+                          name:
+                            description: This must match the Name of a Volume.
+                            type: string
+                          readOnly:
+                            description: Mounted read-only if true, read-write otherwise
+                              (false or unspecified). Defaults to false.
+                            type: boolean
+                          subPath:
+                            description: Path within the volume from which the container's
+                              volume should be mounted. Defaults to "" (volume's root).
+                            type: string
+                          subPathExpr:
+                            description: Expanded path within the volume from which
+                              the container's volume should be mounted. Behaves similarly
+                              to SubPath but environment variable references $(VAR_NAME)
+                              are expanded using the container's environment. Defaults
+                              to "" (volume's root). SubPathExpr and SubPath are mutually
+                              exclusive.
+                            type: string
+                        required:
+                        - mountPath
+                        - name
+                        type: object
+                      type: array
+                    workingDir:
+                      description: Container's working directory. If not specified,
+                        the container runtime's default will be used, which might
+                        be configured in the container image. Cannot be updated.
+                      type: string
+                  required:
+                  - name
+                  type: object
+                type: array
+              enforcedNamespaceLabel:
+                description: EnforcedNamespaceLabel enforces adding a namespace label
+                  of origin for each alert and metric that is user created. The label
+                  value will always be the namespace of the object that is being created.
+                type: string
+              evaluationInterval:
+                default: 15s
+                description: Interval between consecutive evaluations.
+                pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                type: string
+              excludedFromEnforcement:
+                description: List of references to PrometheusRule objects to be excluded
+                  from enforcing a namespace label of origin. Applies only if enforcedNamespaceLabel
+                  set to true.
+                items:
+                  description: ObjectReference references a PodMonitor, ServiceMonitor,
+                    Probe or PrometheusRule object.
+                  properties:
+                    group:
+                      default: monitoring.coreos.com
+                      description: Group of the referent. When not specified, it defaults
+                        to `monitoring.coreos.com`
+                      enum:
+                      - monitoring.coreos.com
+                      type: string
+                    name:
+                      description: Name of the referent. When not set, all resources
+                        are matched.
+                      type: string
+                    namespace:
+                      description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
+                      minLength: 1
+                      type: string
+                    resource:
+                      description: Resource of the referent.
+                      enum:
+                      - prometheusrules
+                      - servicemonitors
+                      - podmonitors
+                      - probes
+                      type: string
+                  required:
+                  - namespace
+                  - resource
+                  type: object
+                type: array
+              externalPrefix:
+                description: The external URL the Thanos Ruler instances will be available
+                  under. This is necessary to generate correct URLs. This is necessary
+                  if Thanos Ruler is not served from root of a DNS name.
+                type: string
+              grpcServerTlsConfig:
+                description: 'GRPCServerTLSConfig configures the gRPC server from
+                  which Thanos Querier reads recorded rule data. Note: Currently only
+                  the CAFile, CertFile, and KeyFile fields are supported. Maps to
+                  the ''--grpc-server-tls-*'' CLI args.'
+                properties:
+                  ca:
+                    description: Certificate authority used when verifying server
+                      certificates.
+                    properties:
+                      configMap:
+                        description: ConfigMap containing data to use for the targets.
+                        properties:
+                          key:
+                            description: The key to select.
+                            type: string
+                          name:
+                            description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                              TODO: Add other useful fields. apiVersion, kind, uid?'
+                            type: string
+                          optional:
+                            description: Specify whether the ConfigMap or its key
+                              must be defined
+                            type: boolean
+                        required:
+                        - key
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      secret:
+                        description: Secret containing data to use for the targets.
+                        properties:
+                          key:
+                            description: The key of the secret to select from.  Must
+                              be a valid secret key.
+                            type: string
+                          name:
+                            description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                              TODO: Add other useful fields. apiVersion, kind, uid?'
+                            type: string
+                          optional:
+                            description: Specify whether the Secret or its key must
+                              be defined
+                            type: boolean
+                        required:
+                        - key
+                        type: object
+                        x-kubernetes-map-type: atomic
+                    type: object
+                  caFile:
+                    description: Path to the CA cert in the Prometheus container to
+                      use for the targets.
+                    type: string
+                  cert:
+                    description: Client certificate to present when doing client-authentication.
+                    properties:
+                      configMap:
+                        description: ConfigMap containing data to use for the targets.
+                        properties:
+                          key:
+                            description: The key to select.
+                            type: string
+                          name:
+                            description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                              TODO: Add other useful fields. apiVersion, kind, uid?'
+                            type: string
+                          optional:
+                            description: Specify whether the ConfigMap or its key
+                              must be defined
+                            type: boolean
+                        required:
+                        - key
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      secret:
+                        description: Secret containing data to use for the targets.
+                        properties:
+                          key:
+                            description: The key of the secret to select from.  Must
+                              be a valid secret key.
+                            type: string
+                          name:
+                            description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                              TODO: Add other useful fields. apiVersion, kind, uid?'
+                            type: string
+                          optional:
+                            description: Specify whether the Secret or its key must
+                              be defined
+                            type: boolean
+                        required:
+                        - key
+                        type: object
+                        x-kubernetes-map-type: atomic
+                    type: object
+                  certFile:
+                    description: Path to the client cert file in the Prometheus container
+                      for the targets.
+                    type: string
+                  insecureSkipVerify:
+                    description: Disable target certificate validation.
+                    type: boolean
+                  keyFile:
+                    description: Path to the client key file in the Prometheus container
+                      for the targets.
+                    type: string
+                  keySecret:
+                    description: Secret containing the client key file for the targets.
+                    properties:
+                      key:
+                        description: The key of the secret to select from.  Must be
+                          a valid secret key.
+                        type: string
+                      name:
+                        description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                          TODO: Add other useful fields. apiVersion, kind, uid?'
+                        type: string
+                      optional:
+                        description: Specify whether the Secret or its key must be
+                          defined
+                        type: boolean
+                    required:
+                    - key
+                    type: object
+                    x-kubernetes-map-type: atomic
+                  serverName:
+                    description: Used to verify the hostname for the targets.
+                    type: string
+                type: object
+              hostAliases:
+                description: Pods' hostAliases configuration
+                items:
+                  description: HostAlias holds the mapping between IP and hostnames
+                    that will be injected as an entry in the pod's hosts file.
+                  properties:
+                    hostnames:
+                      description: Hostnames for the above IP address.
+                      items:
+                        type: string
+                      type: array
+                    ip:
+                      description: IP address of the host file entry.
+                      type: string
+                  required:
+                  - hostnames
+                  - ip
+                  type: object
+                type: array
+                x-kubernetes-list-map-keys:
+                - ip
+                x-kubernetes-list-type: map
+              image:
+                description: Thanos container image URL.
+                type: string
+              imagePullPolicy:
+                description: Image pull policy for the 'thanos', 'init-config-reloader'
+                  and 'config-reloader' containers. See https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy
+                  for more details.
+                enum:
+                - ""
+                - Always
+                - Never
+                - IfNotPresent
+                type: string
+              imagePullSecrets:
+                description: An optional list of references to secrets in the same
+                  namespace to use for pulling thanos images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
+                items:
+                  description: LocalObjectReference contains enough information to
+                    let you locate the referenced object inside the same namespace.
+                  properties:
+                    name:
+                      description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                        TODO: Add other useful fields. apiVersion, kind, uid?'
+                      type: string
+                  type: object
+                  x-kubernetes-map-type: atomic
+                type: array
+              initContainers:
+                description: 'InitContainers allows adding initContainers to the pod
+                  definition. Those can be used to e.g. fetch secrets for injection
+                  into the ThanosRuler configuration from external sources. Any errors
+                  during the execution of an initContainer will lead to a restart
+                  of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
+                  Using initContainers for any use case other then secret fetching
+                  is entirely outside the scope of what the maintainers will support
+                  and by doing so, you accept that this behaviour may break at any
+                  time without notice.'
+                items:
+                  description: A single application container that you want to run
+                    within a pod.
+                  properties:
+                    args:
+                      description: 'Arguments to the entrypoint. The container image''s
+                        CMD is used if this is not provided. Variable references $(VAR_NAME)
+                        are expanded using the container''s environment. If a variable
+                        cannot be resolved, the reference in the input string will
+                        be unchanged. Double $$ are reduced to a single $, which allows
+                        for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
+                        produce the string literal "$(VAR_NAME)". Escaped references
+                        will never be expanded, regardless of whether the variable
+                        exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+                      items:
+                        type: string
+                      type: array
+                    command:
+                      description: 'Entrypoint array. Not executed within a shell.
+                        The container image''s ENTRYPOINT is used if this is not provided.
+                        Variable references $(VAR_NAME) are expanded using the container''s
+                        environment. If a variable cannot be resolved, the reference
+                        in the input string will be unchanged. Double $$ are reduced
+                        to a single $, which allows for escaping the $(VAR_NAME) syntax:
+                        i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
+                        Escaped references will never be expanded, regardless of whether
+                        the variable exists or not. Cannot be updated. More info:
+                        https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+                      items:
+                        type: string
+                      type: array
+                    env:
+                      description: List of environment variables to set in the container.
+                        Cannot be updated.
+                      items:
+                        description: EnvVar represents an environment variable present
+                          in a Container.
+                        properties:
+                          name:
+                            description: Name of the environment variable. Must be
+                              a C_IDENTIFIER.
+                            type: string
+                          value:
+                            description: 'Variable references $(VAR_NAME) are expanded
+                              using the previously defined environment variables in
+                              the container and any service environment variables.
+                              If a variable cannot be resolved, the reference in the
+                              input string will be unchanged. Double $$ are reduced
+                              to a single $, which allows for escaping the $(VAR_NAME)
+                              syntax: i.e. "$$(VAR_NAME)" will produce the string
+                              literal "$(VAR_NAME)". Escaped references will never
+                              be expanded, regardless of whether the variable exists
+                              or not. Defaults to "".'
+                            type: string
+                          valueFrom:
+                            description: Source for the environment variable's value.
+                              Cannot be used if value is not empty.
+                            properties:
+                              configMapKeyRef:
+                                description: Selects a key of a ConfigMap.
+                                properties:
+                                  key:
+                                    description: The key to select.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the ConfigMap or
+                                      its key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              fieldRef:
+                                description: 'Selects a field of the pod: supports
+                                  metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`,
+                                  `metadata.annotations[''<KEY>'']`, spec.nodeName,
+                                  spec.serviceAccountName, status.hostIP, status.podIP,
+                                  status.podIPs.'
+                                properties:
+                                  apiVersion:
+                                    description: Version of the schema the FieldPath
+                                      is written in terms of, defaults to "v1".
+                                    type: string
+                                  fieldPath:
+                                    description: Path of the field to select in the
+                                      specified API version.
+                                    type: string
+                                required:
+                                - fieldPath
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              resourceFieldRef:
+                                description: 'Selects a resource of the container:
+                                  only resources limits and requests (limits.cpu,
+                                  limits.memory, limits.ephemeral-storage, requests.cpu,
+                                  requests.memory and requests.ephemeral-storage)
+                                  are currently supported.'
+                                properties:
+                                  containerName:
+                                    description: 'Container name: required for volumes,
+                                      optional for env vars'
+                                    type: string
+                                  divisor:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    description: Specifies the output format of the
+                                      exposed resources, defaults to "1"
+                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                    x-kubernetes-int-or-string: true
+                                  resource:
+                                    description: 'Required: resource to select'
+                                    type: string
+                                required:
+                                - resource
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              secretKeyRef:
+                                description: Selects a key of a secret in the pod's
+                                  namespace
+                                properties:
+                                  key:
+                                    description: The key of the secret to select from.  Must
+                                      be a valid secret key.
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: Specify whether the Secret or its
+                                      key must be defined
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        required:
+                        - name
+                        type: object
+                      type: array
+                    envFrom:
+                      description: List of sources to populate environment variables
+                        in the container. The keys defined within a source must be
+                        a C_IDENTIFIER. All invalid keys will be reported as an event
+                        when the container is starting. When a key exists in multiple
+                        sources, the value associated with the last source will take
+                        precedence. Values defined by an Env with a duplicate key
+                        will take precedence. Cannot be updated.
+                      items:
+                        description: EnvFromSource represents the source of a set
+                          of ConfigMaps
+                        properties:
+                          configMapRef:
+                            description: The ConfigMap to select from
+                            properties:
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the ConfigMap must be
+                                  defined
+                                type: boolean
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          prefix:
+                            description: An optional identifier to prepend to each
+                              key in the ConfigMap. Must be a C_IDENTIFIER.
+                            type: string
+                          secretRef:
+                            description: The Secret to select from
+                            properties:
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret must be defined
+                                type: boolean
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      type: array
+                    image:
+                      description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images
+                        This field is optional to allow higher level config management
+                        to default or override container images in workload controllers
+                        like Deployments and StatefulSets.'
+                      type: string
+                    imagePullPolicy:
+                      description: 'Image pull policy. One of Always, Never, IfNotPresent.
+                        Defaults to Always if :latest tag is specified, or IfNotPresent
+                        otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
+                      type: string
+                    lifecycle:
+                      description: Actions that the management system should take
+                        in response to container lifecycle events. Cannot be updated.
+                      properties:
+                        postStart:
+                          description: 'PostStart is called immediately after a container
+                            is created. If the handler fails, the container is terminated
+                            and restarted according to its restart policy. Other management
+                            of the container blocks until the hook completes. More
+                            info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
+                          properties:
+                            exec:
+                              description: Exec specifies the action to take.
+                              properties:
+                                command:
+                                  description: Command is the command line to execute
+                                    inside the container, the working directory for
+                                    the command  is root ('/') in the container's
+                                    filesystem. The command is simply exec'd, it is
+                                    not run inside a shell, so traditional shell instructions
+                                    ('|', etc) won't work. To use a shell, you need
+                                    to explicitly call out to that shell. Exit status
+                                    of 0 is treated as live/healthy and non-zero is
+                                    unhealthy.
+                                  items:
+                                    type: string
+                                  type: array
+                              type: object
+                            httpGet:
+                              description: HTTPGet specifies the http request to perform.
+                              properties:
+                                host:
+                                  description: Host name to connect to, defaults to
+                                    the pod IP. You probably want to set "Host" in
+                                    httpHeaders instead.
+                                  type: string
+                                httpHeaders:
+                                  description: Custom headers to set in the request.
+                                    HTTP allows repeated headers.
+                                  items:
+                                    description: HTTPHeader describes a custom header
+                                      to be used in HTTP probes
+                                    properties:
+                                      name:
+                                        description: The header field name
+                                        type: string
+                                      value:
+                                        description: The header field value
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                path:
+                                  description: Path to access on the HTTP server.
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Name or number of the port to access
+                                    on the container. Number must be in the range
+                                    1 to 65535. Name must be an IANA_SVC_NAME.
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  description: Scheme to use for connecting to the
+                                    host. Defaults to HTTP.
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            tcpSocket:
+                              description: Deprecated. TCPSocket is NOT supported
+                                as a LifecycleHandler and kept for the backward compatibility.
+                                There are no validation of this field and lifecycle
+                                hooks will fail in runtime when tcp handler is specified.
+                              properties:
+                                host:
+                                  description: 'Optional: Host name to connect to,
+                                    defaults to the pod IP.'
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Number or name of the port to access
+                                    on the container. Number must be in the range
+                                    1 to 65535. Name must be an IANA_SVC_NAME.
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                          type: object
+                        preStop:
+                          description: 'PreStop is called immediately before a container
+                            is terminated due to an API request or management event
+                            such as liveness/startup probe failure, preemption, resource
+                            contention, etc. The handler is not called if the container
+                            crashes or exits. The Pod''s termination grace period
+                            countdown begins before the PreStop hook is executed.
+                            Regardless of the outcome of the handler, the container
+                            will eventually terminate within the Pod''s termination
+                            grace period (unless delayed by finalizers). Other management
+                            of the container blocks until the hook completes or until
+                            the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
+                          properties:
+                            exec:
+                              description: Exec specifies the action to take.
+                              properties:
+                                command:
+                                  description: Command is the command line to execute
+                                    inside the container, the working directory for
+                                    the command  is root ('/') in the container's
+                                    filesystem. The command is simply exec'd, it is
+                                    not run inside a shell, so traditional shell instructions
+                                    ('|', etc) won't work. To use a shell, you need
+                                    to explicitly call out to that shell. Exit status
+                                    of 0 is treated as live/healthy and non-zero is
+                                    unhealthy.
+                                  items:
+                                    type: string
+                                  type: array
+                              type: object
+                            httpGet:
+                              description: HTTPGet specifies the http request to perform.
+                              properties:
+                                host:
+                                  description: Host name to connect to, defaults to
+                                    the pod IP. You probably want to set "Host" in
+                                    httpHeaders instead.
+                                  type: string
+                                httpHeaders:
+                                  description: Custom headers to set in the request.
+                                    HTTP allows repeated headers.
+                                  items:
+                                    description: HTTPHeader describes a custom header
+                                      to be used in HTTP probes
+                                    properties:
+                                      name:
+                                        description: The header field name
+                                        type: string
+                                      value:
+                                        description: The header field value
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                path:
+                                  description: Path to access on the HTTP server.
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Name or number of the port to access
+                                    on the container. Number must be in the range
+                                    1 to 65535. Name must be an IANA_SVC_NAME.
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  description: Scheme to use for connecting to the
+                                    host. Defaults to HTTP.
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            tcpSocket:
+                              description: Deprecated. TCPSocket is NOT supported
+                                as a LifecycleHandler and kept for the backward compatibility.
+                                There are no validation of this field and lifecycle
+                                hooks will fail in runtime when tcp handler is specified.
+                              properties:
+                                host:
+                                  description: 'Optional: Host name to connect to,
+                                    defaults to the pod IP.'
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  description: Number or name of the port to access
+                                    on the container. Number must be in the range
+                                    1 to 65535. Name must be an IANA_SVC_NAME.
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                          type: object
+                      type: object
+                    livenessProbe:
+                      description: 'Periodic probe of container liveness. Container
+                        will be restarted if the probe fails. Cannot be updated. More
+                        info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                      properties:
+                        exec:
+                          description: Exec specifies the action to take.
+                          properties:
+                            command:
+                              description: Command is the command line to execute
+                                inside the container, the working directory for the
+                                command  is root ('/') in the container's filesystem.
+                                The command is simply exec'd, it is not run inside
+                                a shell, so traditional shell instructions ('|', etc)
+                                won't work. To use a shell, you need to explicitly
+                                call out to that shell. Exit status of 0 is treated
+                                as live/healthy and non-zero is unhealthy.
+                              items:
+                                type: string
+                              type: array
+                          type: object
+                        failureThreshold:
+                          description: Minimum consecutive failures for the probe
+                            to be considered failed after having succeeded. Defaults
+                            to 3. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        grpc:
+                          description: GRPC specifies an action involving a GRPC port.
+                            This is a beta field and requires enabling GRPCContainerProbe
+                            feature gate.
+                          properties:
+                            port:
+                              description: Port number of the gRPC service. Number
+                                must be in the range 1 to 65535.
+                              format: int32
+                              type: integer
+                            service:
+                              description: "Service is the name of the service to
+                                place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+                                \n If this is not specified, the default behavior
+                                is defined by gRPC."
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          description: HTTPGet specifies the http request to perform.
+                          properties:
+                            host:
+                              description: Host name to connect to, defaults to the
+                                pod IP. You probably want to set "Host" in httpHeaders
+                                instead.
+                              type: string
+                            httpHeaders:
+                              description: Custom headers to set in the request. HTTP
+                                allows repeated headers.
+                              items:
+                                description: HTTPHeader describes a custom header
+                                  to be used in HTTP probes
+                                properties:
+                                  name:
+                                    description: The header field name
+                                    type: string
+                                  value:
+                                    description: The header field value
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                            path:
+                              description: Path to access on the HTTP server.
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Name or number of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              description: Scheme to use for connecting to the host.
+                                Defaults to HTTP.
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          description: 'Number of seconds after the container has
+                            started before liveness probes are initiated. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          description: How often (in seconds) to perform the probe.
+                            Default to 10 seconds. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          description: Minimum consecutive successes for the probe
+                            to be considered successful after having failed. Defaults
+                            to 1. Must be 1 for liveness and startup. Minimum value
+                            is 1.
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          description: TCPSocket specifies an action involving a TCP
+                            port.
+                          properties:
+                            host:
+                              description: 'Optional: Host name to connect to, defaults
+                                to the pod IP.'
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Number or name of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          description: Optional duration in seconds the pod needs
+                            to terminate gracefully upon probe failure. The grace
+                            period is the duration in seconds after the processes
+                            running in the pod are sent a termination signal and the
+                            time when the processes are forcibly halted with a kill
+                            signal. Set this value longer than the expected cleanup
+                            time for your process. If this value is nil, the pod's
+                            terminationGracePeriodSeconds will be used. Otherwise,
+                            this value overrides the value provided by the pod spec.
+                            Value must be non-negative integer. The value zero indicates
+                            stop immediately via the kill signal (no opportunity to
+                            shut down). This is a beta field and requires enabling
+                            ProbeTerminationGracePeriod feature gate. Minimum value
+                            is 1. spec.terminationGracePeriodSeconds is used if unset.
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          description: 'Number of seconds after which the probe times
+                            out. Defaults to 1 second. Minimum value is 1. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                      type: object
+                    name:
+                      description: Name of the container specified as a DNS_LABEL.
+                        Each container in a pod must have a unique name (DNS_LABEL).
+                        Cannot be updated.
+                      type: string
+                    ports:
+                      description: List of ports to expose from the container. Not
+                        specifying a port here DOES NOT prevent that port from being
+                        exposed. Any port which is listening on the default "0.0.0.0"
+                        address inside a container will be accessible from the network.
+                        Modifying this array with strategic merge patch may corrupt
+                        the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255.
+                        Cannot be updated.
+                      items:
+                        description: ContainerPort represents a network port in a
+                          single container.
+                        properties:
+                          containerPort:
+                            description: Number of port to expose on the pod's IP
+                              address. This must be a valid port number, 0 < x < 65536.
+                            format: int32
+                            type: integer
+                          hostIP:
+                            description: What host IP to bind the external port to.
+                            type: string
+                          hostPort:
+                            description: Number of port to expose on the host. If
+                              specified, this must be a valid port number, 0 < x <
+                              65536. If HostNetwork is specified, this must match
+                              ContainerPort. Most containers do not need this.
+                            format: int32
+                            type: integer
+                          name:
+                            description: If specified, this must be an IANA_SVC_NAME
+                              and unique within the pod. Each named port in a pod
+                              must have a unique name. Name for the port that can
+                              be referred to by services.
+                            type: string
+                          protocol:
+                            default: TCP
+                            description: Protocol for port. Must be UDP, TCP, or SCTP.
+                              Defaults to "TCP".
+                            type: string
+                        required:
+                        - containerPort
+                        type: object
+                      type: array
+                      x-kubernetes-list-map-keys:
+                      - containerPort
+                      - protocol
+                      x-kubernetes-list-type: map
+                    readinessProbe:
+                      description: 'Periodic probe of container service readiness.
+                        Container will be removed from service endpoints if the probe
+                        fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                      properties:
+                        exec:
+                          description: Exec specifies the action to take.
+                          properties:
+                            command:
+                              description: Command is the command line to execute
+                                inside the container, the working directory for the
+                                command  is root ('/') in the container's filesystem.
+                                The command is simply exec'd, it is not run inside
+                                a shell, so traditional shell instructions ('|', etc)
+                                won't work. To use a shell, you need to explicitly
+                                call out to that shell. Exit status of 0 is treated
+                                as live/healthy and non-zero is unhealthy.
+                              items:
+                                type: string
+                              type: array
+                          type: object
+                        failureThreshold:
+                          description: Minimum consecutive failures for the probe
+                            to be considered failed after having succeeded. Defaults
+                            to 3. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        grpc:
+                          description: GRPC specifies an action involving a GRPC port.
+                            This is a beta field and requires enabling GRPCContainerProbe
+                            feature gate.
+                          properties:
+                            port:
+                              description: Port number of the gRPC service. Number
+                                must be in the range 1 to 65535.
+                              format: int32
+                              type: integer
+                            service:
+                              description: "Service is the name of the service to
+                                place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+                                \n If this is not specified, the default behavior
+                                is defined by gRPC."
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          description: HTTPGet specifies the http request to perform.
+                          properties:
+                            host:
+                              description: Host name to connect to, defaults to the
+                                pod IP. You probably want to set "Host" in httpHeaders
+                                instead.
+                              type: string
+                            httpHeaders:
+                              description: Custom headers to set in the request. HTTP
+                                allows repeated headers.
+                              items:
+                                description: HTTPHeader describes a custom header
+                                  to be used in HTTP probes
+                                properties:
+                                  name:
+                                    description: The header field name
+                                    type: string
+                                  value:
+                                    description: The header field value
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                            path:
+                              description: Path to access on the HTTP server.
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Name or number of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              description: Scheme to use for connecting to the host.
+                                Defaults to HTTP.
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          description: 'Number of seconds after the container has
+                            started before liveness probes are initiated. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          description: How often (in seconds) to perform the probe.
+                            Default to 10 seconds. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          description: Minimum consecutive successes for the probe
+                            to be considered successful after having failed. Defaults
+                            to 1. Must be 1 for liveness and startup. Minimum value
+                            is 1.
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          description: TCPSocket specifies an action involving a TCP
+                            port.
+                          properties:
+                            host:
+                              description: 'Optional: Host name to connect to, defaults
+                                to the pod IP.'
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Number or name of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          description: Optional duration in seconds the pod needs
+                            to terminate gracefully upon probe failure. The grace
+                            period is the duration in seconds after the processes
+                            running in the pod are sent a termination signal and the
+                            time when the processes are forcibly halted with a kill
+                            signal. Set this value longer than the expected cleanup
+                            time for your process. If this value is nil, the pod's
+                            terminationGracePeriodSeconds will be used. Otherwise,
+                            this value overrides the value provided by the pod spec.
+                            Value must be non-negative integer. The value zero indicates
+                            stop immediately via the kill signal (no opportunity to
+                            shut down). This is a beta field and requires enabling
+                            ProbeTerminationGracePeriod feature gate. Minimum value
+                            is 1. spec.terminationGracePeriodSeconds is used if unset.
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          description: 'Number of seconds after which the probe times
+                            out. Defaults to 1 second. Minimum value is 1. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                      type: object
+                    resources:
+                      description: 'Compute Resources required by this container.
+                        Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                      properties:
+                        claims:
+                          description: "Claims lists the names of resources, defined
+                            in spec.resourceClaims, that are used by this container.
+                            \n This is an alpha field and requires enabling the DynamicResourceAllocation
+                            feature gate. \n This field is immutable."
+                          items:
+                            description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+                            properties:
+                              name:
+                                description: Name must match the name of one entry
+                                  in pod.spec.resourceClaims of the Pod where this
+                                  field is used. It makes that resource available
+                                  inside a container.
+                                type: string
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        limits:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          description: 'Limits describes the maximum amount of compute
+                            resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                          type: object
+                        requests:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          description: 'Requests describes the minimum amount of compute
+                            resources required. If Requests is omitted for a container,
+                            it defaults to Limits if that is explicitly specified,
+                            otherwise to an implementation-defined value. More info:
+                            https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                          type: object
+                      type: object
+                    securityContext:
+                      description: 'SecurityContext defines the security options the
+                        container should be run with. If set, the fields of SecurityContext
+                        override the equivalent fields of PodSecurityContext. More
+                        info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
+                      properties:
+                        allowPrivilegeEscalation:
+                          description: 'AllowPrivilegeEscalation controls whether
+                            a process can gain more privileges than its parent process.
+                            This bool directly controls if the no_new_privs flag will
+                            be set on the container process. AllowPrivilegeEscalation
+                            is true always when the container is: 1) run as Privileged
+                            2) has CAP_SYS_ADMIN Note that this field cannot be set
+                            when spec.os.name is windows.'
+                          type: boolean
+                        capabilities:
+                          description: The capabilities to add/drop when running containers.
+                            Defaults to the default set of capabilities granted by
+                            the container runtime. Note that this field cannot be
+                            set when spec.os.name is windows.
+                          properties:
+                            add:
+                              description: Added capabilities
+                              items:
+                                description: Capability represent POSIX capabilities
+                                  type
+                                type: string
+                              type: array
+                            drop:
+                              description: Removed capabilities
+                              items:
+                                description: Capability represent POSIX capabilities
+                                  type
+                                type: string
+                              type: array
+                          type: object
+                        privileged:
+                          description: Run container in privileged mode. Processes
+                            in privileged containers are essentially equivalent to
+                            root on the host. Defaults to false. Note that this field
+                            cannot be set when spec.os.name is windows.
+                          type: boolean
+                        procMount:
+                          description: procMount denotes the type of proc mount to
+                            use for the containers. The default is DefaultProcMount
+                            which uses the container runtime defaults for readonly
+                            paths and masked paths. This requires the ProcMountType
+                            feature flag to be enabled. Note that this field cannot
+                            be set when spec.os.name is windows.
+                          type: string
+                        readOnlyRootFilesystem:
+                          description: Whether this container has a read-only root
+                            filesystem. Default is false. Note that this field cannot
+                            be set when spec.os.name is windows.
+                          type: boolean
+                        runAsGroup:
+                          description: The GID to run the entrypoint of the container
+                            process. Uses runtime default if unset. May also be set
+                            in PodSecurityContext.  If set in both SecurityContext
+                            and PodSecurityContext, the value specified in SecurityContext
+                            takes precedence. Note that this field cannot be set when
+                            spec.os.name is windows.
+                          format: int64
+                          type: integer
+                        runAsNonRoot:
+                          description: Indicates that the container must run as a
+                            non-root user. If true, the Kubelet will validate the
+                            image at runtime to ensure that it does not run as UID
+                            0 (root) and fail to start the container if it does. If
+                            unset or false, no such validation will be performed.
+                            May also be set in PodSecurityContext.  If set in both
+                            SecurityContext and PodSecurityContext, the value specified
+                            in SecurityContext takes precedence.
+                          type: boolean
+                        runAsUser:
+                          description: The UID to run the entrypoint of the container
+                            process. Defaults to user specified in image metadata
+                            if unspecified. May also be set in PodSecurityContext.  If
+                            set in both SecurityContext and PodSecurityContext, the
+                            value specified in SecurityContext takes precedence. Note
+                            that this field cannot be set when spec.os.name is windows.
+                          format: int64
+                          type: integer
+                        seLinuxOptions:
+                          description: The SELinux context to be applied to the container.
+                            If unspecified, the container runtime will allocate a
+                            random SELinux context for each container.  May also be
+                            set in PodSecurityContext.  If set in both SecurityContext
+                            and PodSecurityContext, the value specified in SecurityContext
+                            takes precedence. Note that this field cannot be set when
+                            spec.os.name is windows.
+                          properties:
+                            level:
+                              description: Level is SELinux level label that applies
+                                to the container.
+                              type: string
+                            role:
+                              description: Role is a SELinux role label that applies
+                                to the container.
+                              type: string
+                            type:
+                              description: Type is a SELinux type label that applies
+                                to the container.
+                              type: string
+                            user:
+                              description: User is a SELinux user label that applies
+                                to the container.
+                              type: string
+                          type: object
+                        seccompProfile:
+                          description: The seccomp options to use by this container.
+                            If seccomp options are provided at both the pod & container
+                            level, the container options override the pod options.
+                            Note that this field cannot be set when spec.os.name is
+                            windows.
+                          properties:
+                            localhostProfile:
+                              description: localhostProfile indicates a profile defined
+                                in a file on the node should be used. The profile
+                                must be preconfigured on the node to work. Must be
+                                a descending path, relative to the kubelet's configured
+                                seccomp profile location. Must only be set if type
+                                is "Localhost".
+                              type: string
+                            type:
+                              description: "type indicates which kind of seccomp profile
+                                will be applied. Valid options are: \n Localhost -
+                                a profile defined in a file on the node should be
+                                used. RuntimeDefault - the container runtime default
+                                profile should be used. Unconfined - no profile should
+                                be applied."
+                              type: string
+                          required:
+                          - type
+                          type: object
+                        windowsOptions:
+                          description: The Windows specific settings applied to all
+                            containers. If unspecified, the options from the PodSecurityContext
+                            will be used. If set in both SecurityContext and PodSecurityContext,
+                            the value specified in SecurityContext takes precedence.
+                            Note that this field cannot be set when spec.os.name is
+                            linux.
+                          properties:
+                            gmsaCredentialSpec:
+                              description: GMSACredentialSpec is where the GMSA admission
+                                webhook (https://github.com/kubernetes-sigs/windows-gmsa)
+                                inlines the contents of the GMSA credential spec named
+                                by the GMSACredentialSpecName field.
+                              type: string
+                            gmsaCredentialSpecName:
+                              description: GMSACredentialSpecName is the name of the
+                                GMSA credential spec to use.
+                              type: string
+                            hostProcess:
+                              description: HostProcess determines if a container should
+                                be run as a 'Host Process' container. This field is
+                                alpha-level and will only be honored by components
+                                that enable the WindowsHostProcessContainers feature
+                                flag. Setting this field without the feature flag
+                                will result in errors when validating the Pod. All
+                                of a Pod's containers must have the same effective
+                                HostProcess value (it is not allowed to have a mix
+                                of HostProcess containers and non-HostProcess containers).  In
+                                addition, if HostProcess is true then HostNetwork
+                                must also be set to true.
+                              type: boolean
+                            runAsUserName:
+                              description: The UserName in Windows to run the entrypoint
+                                of the container process. Defaults to the user specified
+                                in image metadata if unspecified. May also be set
+                                in PodSecurityContext. If set in both SecurityContext
+                                and PodSecurityContext, the value specified in SecurityContext
+                                takes precedence.
+                              type: string
+                          type: object
+                      type: object
+                    startupProbe:
+                      description: 'StartupProbe indicates that the Pod has successfully
+                        initialized. If specified, no other probes are executed until
+                        this completes successfully. If this probe fails, the Pod
+                        will be restarted, just as if the livenessProbe failed. This
+                        can be used to provide different probe parameters at the beginning
+                        of a Pod''s lifecycle, when it might take a long time to load
+                        data or warm a cache, than during steady-state operation.
+                        This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                      properties:
+                        exec:
+                          description: Exec specifies the action to take.
+                          properties:
+                            command:
+                              description: Command is the command line to execute
+                                inside the container, the working directory for the
+                                command  is root ('/') in the container's filesystem.
+                                The command is simply exec'd, it is not run inside
+                                a shell, so traditional shell instructions ('|', etc)
+                                won't work. To use a shell, you need to explicitly
+                                call out to that shell. Exit status of 0 is treated
+                                as live/healthy and non-zero is unhealthy.
+                              items:
+                                type: string
+                              type: array
+                          type: object
+                        failureThreshold:
+                          description: Minimum consecutive failures for the probe
+                            to be considered failed after having succeeded. Defaults
+                            to 3. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        grpc:
+                          description: GRPC specifies an action involving a GRPC port.
+                            This is a beta field and requires enabling GRPCContainerProbe
+                            feature gate.
+                          properties:
+                            port:
+                              description: Port number of the gRPC service. Number
+                                must be in the range 1 to 65535.
+                              format: int32
+                              type: integer
+                            service:
+                              description: "Service is the name of the service to
+                                place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+                                \n If this is not specified, the default behavior
+                                is defined by gRPC."
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          description: HTTPGet specifies the http request to perform.
+                          properties:
+                            host:
+                              description: Host name to connect to, defaults to the
+                                pod IP. You probably want to set "Host" in httpHeaders
+                                instead.
+                              type: string
+                            httpHeaders:
+                              description: Custom headers to set in the request. HTTP
+                                allows repeated headers.
+                              items:
+                                description: HTTPHeader describes a custom header
+                                  to be used in HTTP probes
+                                properties:
+                                  name:
+                                    description: The header field name
+                                    type: string
+                                  value:
+                                    description: The header field value
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                            path:
+                              description: Path to access on the HTTP server.
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Name or number of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              description: Scheme to use for connecting to the host.
+                                Defaults to HTTP.
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          description: 'Number of seconds after the container has
+                            started before liveness probes are initiated. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          description: How often (in seconds) to perform the probe.
+                            Default to 10 seconds. Minimum value is 1.
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          description: Minimum consecutive successes for the probe
+                            to be considered successful after having failed. Defaults
+                            to 1. Must be 1 for liveness and startup. Minimum value
+                            is 1.
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          description: TCPSocket specifies an action involving a TCP
+                            port.
+                          properties:
+                            host:
+                              description: 'Optional: Host name to connect to, defaults
+                                to the pod IP.'
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              description: Number or name of the port to access on
+                                the container. Number must be in the range 1 to 65535.
+                                Name must be an IANA_SVC_NAME.
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          description: Optional duration in seconds the pod needs
+                            to terminate gracefully upon probe failure. The grace
+                            period is the duration in seconds after the processes
+                            running in the pod are sent a termination signal and the
+                            time when the processes are forcibly halted with a kill
+                            signal. Set this value longer than the expected cleanup
+                            time for your process. If this value is nil, the pod's
+                            terminationGracePeriodSeconds will be used. Otherwise,
+                            this value overrides the value provided by the pod spec.
+                            Value must be non-negative integer. The value zero indicates
+                            stop immediately via the kill signal (no opportunity to
+                            shut down). This is a beta field and requires enabling
+                            ProbeTerminationGracePeriod feature gate. Minimum value
+                            is 1. spec.terminationGracePeriodSeconds is used if unset.
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          description: 'Number of seconds after which the probe times
+                            out. Defaults to 1 second. Minimum value is 1. More info:
+                            https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+                          format: int32
+                          type: integer
+                      type: object
+                    stdin:
+                      description: Whether this container should allocate a buffer
+                        for stdin in the container runtime. If this is not set, reads
+                        from stdin in the container will always result in EOF. Default
+                        is false.
+                      type: boolean
+                    stdinOnce:
+                      description: Whether the container runtime should close the
+                        stdin channel after it has been opened by a single attach.
+                        When stdin is true the stdin stream will remain open across
+                        multiple attach sessions. If stdinOnce is set to true, stdin
+                        is opened on container start, is empty until the first client
+                        attaches to stdin, and then remains open and accepts data
+                        until the client disconnects, at which time stdin is closed
+                        and remains closed until the container is restarted. If this
+                        flag is false, a container processes that reads from stdin
+                        will never receive an EOF. Default is false
+                      type: boolean
+                    terminationMessagePath:
+                      description: 'Optional: Path at which the file to which the
+                        container''s termination message will be written is mounted
+                        into the container''s filesystem. Message written is intended
+                        to be brief final status, such as an assertion failure message.
+                        Will be truncated by the node if greater than 4096 bytes.
+                        The total message length across all containers will be limited
+                        to 12kb. Defaults to /dev/termination-log. Cannot be updated.'
+                      type: string
+                    terminationMessagePolicy:
+                      description: Indicate how the termination message should be
+                        populated. File will use the contents of terminationMessagePath
+                        to populate the container status message on both success and
+                        failure. FallbackToLogsOnError will use the last chunk of
+                        container log output if the termination message file is empty
+                        and the container exited with an error. The log output is
+                        limited to 2048 bytes or 80 lines, whichever is smaller. Defaults
+                        to File. Cannot be updated.
+                      type: string
+                    tty:
+                      description: Whether this container should allocate a TTY for
+                        itself, also requires 'stdin' to be true. Default is false.
+                      type: boolean
+                    volumeDevices:
+                      description: volumeDevices is the list of block devices to be
+                        used by the container.
+                      items:
+                        description: volumeDevice describes a mapping of a raw block
+                          device within a container.
+                        properties:
+                          devicePath:
+                            description: devicePath is the path inside of the container
+                              that the device will be mapped to.
+                            type: string
+                          name:
+                            description: name must match the name of a persistentVolumeClaim
+                              in the pod
+                            type: string
+                        required:
+                        - devicePath
+                        - name
+                        type: object
+                      type: array
+                    volumeMounts:
+                      description: Pod volumes to mount into the container's filesystem.
+                        Cannot be updated.
+                      items:
+                        description: VolumeMount describes a mounting of a Volume
+                          within a container.
+                        properties:
+                          mountPath:
+                            description: Path within the container at which the volume
+                              should be mounted.  Must not contain ':'.
+                            type: string
+                          mountPropagation:
+                            description: mountPropagation determines how mounts are
+                              propagated from the host to container and the other
+                              way around. When not set, MountPropagationNone is used.
+                              This field is beta in 1.10.
+                            type: string
+                          name:
+                            description: This must match the Name of a Volume.
+                            type: string
+                          readOnly:
+                            description: Mounted read-only if true, read-write otherwise
+                              (false or unspecified). Defaults to false.
+                            type: boolean
+                          subPath:
+                            description: Path within the volume from which the container's
+                              volume should be mounted. Defaults to "" (volume's root).
+                            type: string
+                          subPathExpr:
+                            description: Expanded path within the volume from which
+                              the container's volume should be mounted. Behaves similarly
+                              to SubPath but environment variable references $(VAR_NAME)
+                              are expanded using the container's environment. Defaults
+                              to "" (volume's root). SubPathExpr and SubPath are mutually
+                              exclusive.
+                            type: string
+                        required:
+                        - mountPath
+                        - name
+                        type: object
+                      type: array
+                    workingDir:
+                      description: Container's working directory. If not specified,
+                        the container runtime's default will be used, which might
+                        be configured in the container image. Cannot be updated.
+                      type: string
+                  required:
+                  - name
+                  type: object
+                type: array
+              labels:
+                additionalProperties:
+                  type: string
+                description: Labels configure the external label pairs to ThanosRuler.
+                  A default replica label `thanos_ruler_replica` will be always added  as
+                  a label with the value of the pod's name and it will be dropped
+                  in the alerts.
+                type: object
+              listenLocal:
+                description: ListenLocal makes the Thanos ruler listen on loopback,
+                  so that it does not bind against the Pod IP.
+                type: boolean
+              logFormat:
+                description: Log format for ThanosRuler to be configured with.
+                enum:
+                - ""
+                - logfmt
+                - json
+                type: string
+              logLevel:
+                description: Log level for ThanosRuler to be configured with.
+                enum:
+                - ""
+                - debug
+                - info
+                - warn
+                - error
+                type: string
+              minReadySeconds:
+                description: Minimum number of seconds for which a newly created pod
+                  should be ready without any of its container crashing for it to
+                  be considered available. Defaults to 0 (pod will be considered available
+                  as soon as it is ready) This is an alpha field from kubernetes 1.22
+                  until 1.24 which requires enabling the StatefulSetMinReadySeconds
+                  feature gate.
+                format: int32
+                type: integer
+              nodeSelector:
+                additionalProperties:
+                  type: string
+                description: Define which Nodes the Pods are scheduled on.
+                type: object
+              objectStorageConfig:
+                description: ObjectStorageConfig configures object storage in Thanos.
+                  Alternative to ObjectStorageConfigFile, and lower order priority.
+                properties:
+                  key:
+                    description: The key of the secret to select from.  Must be a
+                      valid secret key.
+                    type: string
+                  name:
+                    description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                      TODO: Add other useful fields. apiVersion, kind, uid?'
+                    type: string
+                  optional:
+                    description: Specify whether the Secret or its key must be defined
+                    type: boolean
+                required:
+                - key
+                type: object
+                x-kubernetes-map-type: atomic
+              objectStorageConfigFile:
+                description: ObjectStorageConfigFile specifies the path of the object
+                  storage configuration file. When used alongside with ObjectStorageConfig,
+                  ObjectStorageConfigFile takes precedence.
+                type: string
+              paused:
+                description: When a ThanosRuler deployment is paused, no actions except
+                  for deletion will be performed on the underlying objects.
+                type: boolean
+              podMetadata:
+                description: PodMetadata contains Labels and Annotations gets propagated
+                  to the thanos ruler pods.
+                properties:
+                  annotations:
+                    additionalProperties:
+                      type: string
+                    description: 'Annotations is an unstructured key value map stored
+                      with a resource that may be set by external tools to store and
+                      retrieve arbitrary metadata. They are not queryable and should
+                      be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations'
+                    type: object
+                  labels:
+                    additionalProperties:
+                      type: string
+                    description: 'Map of string keys and values that can be used to
+                      organize and categorize (scope and select) objects. May match
+                      selectors of replication controllers and services. More info:
+                      http://kubernetes.io/docs/user-guide/labels'
+                    type: object
+                  name:
+                    description: 'Name must be unique within a namespace. Is required
+                      when creating resources, although some resources may allow a
+                      client to request the generation of an appropriate name automatically.
+                      Name is primarily intended for creation idempotence and configuration
+                      definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
+                    type: string
+                type: object
+              portName:
+                description: Port name used for the pods and governing service. This
+                  defaults to web
+                type: string
+              priorityClassName:
+                description: Priority class assigned to the Pods
+                type: string
+              prometheusRulesExcludedFromEnforce:
+                description: 'PrometheusRulesExcludedFromEnforce - list of Prometheus
+                  rules to be excluded from enforcing of adding namespace labels.
+                  Works only if enforcedNamespaceLabel set to true. Make sure both
+                  ruleNamespace and ruleName are set for each pair Deprecated: use
+                  excludedFromEnforcement instead.'
+                items:
+                  description: PrometheusRuleExcludeConfig enables users to configure
+                    excluded PrometheusRule names and their namespaces to be ignored
+                    while enforcing namespace label for alerts and metrics.
+                  properties:
+                    ruleName:
+                      description: RuleNamespace - name of excluded rule
+                      type: string
+                    ruleNamespace:
+                      description: RuleNamespace - namespace of excluded rule
+                      type: string
+                  required:
+                  - ruleName
+                  - ruleNamespace
+                  type: object
+                type: array
+              queryConfig:
+                description: Define configuration for connecting to thanos query instances.
+                  If this is defined, the QueryEndpoints field will be ignored. Maps
+                  to the `query.config` CLI argument. Only available with thanos v0.11.0
+                  and higher.
+                properties:
+                  key:
+                    description: The key of the secret to select from.  Must be a
+                      valid secret key.
+                    type: string
+                  name:
+                    description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                      TODO: Add other useful fields. apiVersion, kind, uid?'
+                    type: string
+                  optional:
+                    description: Specify whether the Secret or its key must be defined
+                    type: boolean
+                required:
+                - key
+                type: object
+                x-kubernetes-map-type: atomic
+              queryEndpoints:
+                description: QueryEndpoints defines Thanos querier endpoints from
+                  which to query metrics. Maps to the --query flag of thanos ruler.
+                items:
+                  type: string
+                type: array
+              replicas:
+                description: Number of thanos ruler instances to deploy.
+                format: int32
+                type: integer
+              resources:
+                description: Resources defines the resource requirements for single
+                  Pods. If not provided, no requests/limits will be set
+                properties:
+                  claims:
+                    description: "Claims lists the names of resources, defined in
+                      spec.resourceClaims, that are used by this container. \n This
+                      is an alpha field and requires enabling the DynamicResourceAllocation
+                      feature gate. \n This field is immutable."
+                    items:
+                      description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+                      properties:
+                        name:
+                          description: Name must match the name of one entry in pod.spec.resourceClaims
+                            of the Pod where this field is used. It makes that resource
+                            available inside a container.
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    type: array
+                    x-kubernetes-list-map-keys:
+                    - name
+                    x-kubernetes-list-type: map
+                  limits:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    description: 'Limits describes the maximum amount of compute resources
+                      allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                    type: object
+                  requests:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    description: 'Requests describes the minimum amount of compute
+                      resources required. If Requests is omitted for a container,
+                      it defaults to Limits if that is explicitly specified, otherwise
+                      to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                    type: object
+                type: object
+              retention:
+                default: 24h
+                description: Time duration ThanosRuler shall retain data for. Default
+                  is '24h', and must match the regular expression `[0-9]+(ms|s|m|h|d|w|y)`
+                  (milliseconds seconds minutes hours days weeks years).
+                pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                type: string
+              routePrefix:
+                description: The route prefix ThanosRuler registers HTTP handlers
+                  for. This allows thanos UI to be served on a sub-path.
+                type: string
+              ruleNamespaceSelector:
+                description: Namespaces to be selected for Rules discovery. If unspecified,
+                  only the same namespace as the ThanosRuler object is in is used.
+                properties:
+                  matchExpressions:
+                    description: matchExpressions is a list of label selector requirements.
+                      The requirements are ANDed.
+                    items:
+                      description: A label selector requirement is a selector that
+                        contains values, a key, and an operator that relates the key
+                        and values.
+                      properties:
+                        key:
+                          description: key is the label key that the selector applies
+                            to.
+                          type: string
+                        operator:
+                          description: operator represents a key's relationship to
+                            a set of values. Valid operators are In, NotIn, Exists
+                            and DoesNotExist.
+                          type: string
+                        values:
+                          description: values is an array of string values. If the
+                            operator is In or NotIn, the values array must be non-empty.
+                            If the operator is Exists or DoesNotExist, the values
+                            array must be empty. This array is replaced during a strategic
+                            merge patch.
+                          items:
+                            type: string
+                          type: array
+                      required:
+                      - key
+                      - operator
+                      type: object
+                    type: array
+                  matchLabels:
+                    additionalProperties:
+                      type: string
+                    description: matchLabels is a map of {key,value} pairs. A single
+                      {key,value} in the matchLabels map is equivalent to an element
+                      of matchExpressions, whose key field is "key", the operator
+                      is "In", and the values array contains only "value". The requirements
+                      are ANDed.
+                    type: object
+                type: object
+                x-kubernetes-map-type: atomic
+              ruleSelector:
+                description: A label selector to select which PrometheusRules to mount
+                  for alerting and recording.
+                properties:
+                  matchExpressions:
+                    description: matchExpressions is a list of label selector requirements.
+                      The requirements are ANDed.
+                    items:
+                      description: A label selector requirement is a selector that
+                        contains values, a key, and an operator that relates the key
+                        and values.
+                      properties:
+                        key:
+                          description: key is the label key that the selector applies
+                            to.
+                          type: string
+                        operator:
+                          description: operator represents a key's relationship to
+                            a set of values. Valid operators are In, NotIn, Exists
+                            and DoesNotExist.
+                          type: string
+                        values:
+                          description: values is an array of string values. If the
+                            operator is In or NotIn, the values array must be non-empty.
+                            If the operator is Exists or DoesNotExist, the values
+                            array must be empty. This array is replaced during a strategic
+                            merge patch.
+                          items:
+                            type: string
+                          type: array
+                      required:
+                      - key
+                      - operator
+                      type: object
+                    type: array
+                  matchLabels:
+                    additionalProperties:
+                      type: string
+                    description: matchLabels is a map of {key,value} pairs. A single
+                      {key,value} in the matchLabels map is equivalent to an element
+                      of matchExpressions, whose key field is "key", the operator
+                      is "In", and the values array contains only "value". The requirements
+                      are ANDed.
+                    type: object
+                type: object
+                x-kubernetes-map-type: atomic
+              securityContext:
+                description: SecurityContext holds pod-level security attributes and
+                  common container settings. This defaults to the default PodSecurityContext.
+                properties:
+                  fsGroup:
+                    description: "A special supplemental group that applies to all
+                      containers in a pod. Some volume types allow the Kubelet to
+                      change the ownership of that volume to be owned by the pod:
+                      \n 1. The owning GID will be the FSGroup 2. The setgid bit is
+                      set (new files created in the volume will be owned by FSGroup)
+                      3. The permission bits are OR'd with rw-rw---- \n If unset,
+                      the Kubelet will not modify the ownership and permissions of
+                      any volume. Note that this field cannot be set when spec.os.name
+                      is windows."
+                    format: int64
+                    type: integer
+                  fsGroupChangePolicy:
+                    description: 'fsGroupChangePolicy defines behavior of changing
+                      ownership and permission of the volume before being exposed
+                      inside Pod. This field will only apply to volume types which
+                      support fsGroup based ownership(and permissions). It will have
+                      no effect on ephemeral volume types such as: secret, configmaps
+                      and emptydir. Valid values are "OnRootMismatch" and "Always".
+                      If not specified, "Always" is used. Note that this field cannot
+                      be set when spec.os.name is windows.'
+                    type: string
+                  runAsGroup:
+                    description: The GID to run the entrypoint of the container process.
+                      Uses runtime default if unset. May also be set in SecurityContext.  If
+                      set in both SecurityContext and PodSecurityContext, the value
+                      specified in SecurityContext takes precedence for that container.
+                      Note that this field cannot be set when spec.os.name is windows.
+                    format: int64
+                    type: integer
+                  runAsNonRoot:
+                    description: Indicates that the container must run as a non-root
+                      user. If true, the Kubelet will validate the image at runtime
+                      to ensure that it does not run as UID 0 (root) and fail to start
+                      the container if it does. If unset or false, no such validation
+                      will be performed. May also be set in SecurityContext.  If set
+                      in both SecurityContext and PodSecurityContext, the value specified
+                      in SecurityContext takes precedence.
+                    type: boolean
+                  runAsUser:
+                    description: The UID to run the entrypoint of the container process.
+                      Defaults to user specified in image metadata if unspecified.
+                      May also be set in SecurityContext.  If set in both SecurityContext
+                      and PodSecurityContext, the value specified in SecurityContext
+                      takes precedence for that container. Note that this field cannot
+                      be set when spec.os.name is windows.
+                    format: int64
+                    type: integer
+                  seLinuxOptions:
+                    description: The SELinux context to be applied to all containers.
+                      If unspecified, the container runtime will allocate a random
+                      SELinux context for each container.  May also be set in SecurityContext.  If
+                      set in both SecurityContext and PodSecurityContext, the value
+                      specified in SecurityContext takes precedence for that container.
+                      Note that this field cannot be set when spec.os.name is windows.
+                    properties:
+                      level:
+                        description: Level is SELinux level label that applies to
+                          the container.
+                        type: string
+                      role:
+                        description: Role is a SELinux role label that applies to
+                          the container.
+                        type: string
+                      type:
+                        description: Type is a SELinux type label that applies to
+                          the container.
+                        type: string
+                      user:
+                        description: User is a SELinux user label that applies to
+                          the container.
+                        type: string
+                    type: object
+                  seccompProfile:
+                    description: The seccomp options to use by the containers in this
+                      pod. Note that this field cannot be set when spec.os.name is
+                      windows.
+                    properties:
+                      localhostProfile:
+                        description: localhostProfile indicates a profile defined
+                          in a file on the node should be used. The profile must be
+                          preconfigured on the node to work. Must be a descending
+                          path, relative to the kubelet's configured seccomp profile
+                          location. Must only be set if type is "Localhost".
+                        type: string
+                      type:
+                        description: "type indicates which kind of seccomp profile
+                          will be applied. Valid options are: \n Localhost - a profile
+                          defined in a file on the node should be used. RuntimeDefault
+                          - the container runtime default profile should be used.
+                          Unconfined - no profile should be applied."
+                        type: string
+                    required:
+                    - type
+                    type: object
+                  supplementalGroups:
+                    description: A list of groups applied to the first process run
+                      in each container, in addition to the container's primary GID,
+                      the fsGroup (if specified), and group memberships defined in
+                      the container image for the uid of the container process. If
+                      unspecified, no additional groups are added to any container.
+                      Note that group memberships defined in the container image for
+                      the uid of the container process are still effective, even if
+                      they are not included in this list. Note that this field cannot
+                      be set when spec.os.name is windows.
+                    items:
+                      format: int64
+                      type: integer
+                    type: array
+                  sysctls:
+                    description: Sysctls hold a list of namespaced sysctls used for
+                      the pod. Pods with unsupported sysctls (by the container runtime)
+                      might fail to launch. Note that this field cannot be set when
+                      spec.os.name is windows.
+                    items:
+                      description: Sysctl defines a kernel parameter to be set
+                      properties:
+                        name:
+                          description: Name of a property to set
+                          type: string
+                        value:
+                          description: Value of a property to set
+                          type: string
+                      required:
+                      - name
+                      - value
+                      type: object
+                    type: array
+                  windowsOptions:
+                    description: The Windows specific settings applied to all containers.
+                      If unspecified, the options within a container's SecurityContext
+                      will be used. If set in both SecurityContext and PodSecurityContext,
+                      the value specified in SecurityContext takes precedence. Note
+                      that this field cannot be set when spec.os.name is linux.
+                    properties:
+                      gmsaCredentialSpec:
+                        description: GMSACredentialSpec is where the GMSA admission
+                          webhook (https://github.com/kubernetes-sigs/windows-gmsa)
+                          inlines the contents of the GMSA credential spec named by
+                          the GMSACredentialSpecName field.
+                        type: string
+                      gmsaCredentialSpecName:
+                        description: GMSACredentialSpecName is the name of the GMSA
+                          credential spec to use.
+                        type: string
+                      hostProcess:
+                        description: HostProcess determines if a container should
+                          be run as a 'Host Process' container. This field is alpha-level
+                          and will only be honored by components that enable the WindowsHostProcessContainers
+                          feature flag. Setting this field without the feature flag
+                          will result in errors when validating the Pod. All of a
+                          Pod's containers must have the same effective HostProcess
+                          value (it is not allowed to have a mix of HostProcess containers
+                          and non-HostProcess containers).  In addition, if HostProcess
+                          is true then HostNetwork must also be set to true.
+                        type: boolean
+                      runAsUserName:
+                        description: The UserName in Windows to run the entrypoint
+                          of the container process. Defaults to the user specified
+                          in image metadata if unspecified. May also be set in PodSecurityContext.
+                          If set in both SecurityContext and PodSecurityContext, the
+                          value specified in SecurityContext takes precedence.
+                        type: string
+                    type: object
+                type: object
+              serviceAccountName:
+                description: ServiceAccountName is the name of the ServiceAccount
+                  to use to run the Thanos Ruler Pods.
+                type: string
+              storage:
+                description: Storage spec to specify how storage shall be used.
+                properties:
+                  disableMountSubPath:
+                    description: 'Deprecated: subPath usage will be disabled by default
+                      in a future release, this option will become unnecessary. DisableMountSubPath
+                      allows to remove any subPath usage in volume mounts.'
+                    type: boolean
+                  emptyDir:
+                    description: 'EmptyDirVolumeSource to be used by the StatefulSet.
+                      If specified, used in place of any volumeClaimTemplate. More
+                      info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir'
+                    properties:
+                      medium:
+                        description: 'medium represents what type of storage medium
+                          should back this directory. The default is "" which means
+                          to use the node''s default medium. Must be an empty string
+                          (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+                        type: string
+                      sizeLimit:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        description: 'sizeLimit is the total amount of local storage
+                          required for this EmptyDir volume. The size limit is also
+                          applicable for memory medium. The maximum usage on memory
+                          medium EmptyDir would be the minimum value between the SizeLimit
+                          specified here and the sum of memory limits of all containers
+                          in a pod. The default is nil which means that the limit
+                          is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
+                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                        x-kubernetes-int-or-string: true
+                    type: object
+                  ephemeral:
+                    description: 'EphemeralVolumeSource to be used by the StatefulSet.
+                      This is a beta field in k8s 1.21, for lower versions, starting
+                      with k8s 1.19, it requires enabling the GenericEphemeralVolume
+                      feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes'
+                    properties:
+                      volumeClaimTemplate:
+                        description: "Will be used to create a stand-alone PVC to
+                          provision the volume. The pod in which this EphemeralVolumeSource
+                          is embedded will be the owner of the PVC, i.e. the PVC will
+                          be deleted together with the pod.  The name of the PVC will
+                          be `<pod name>-<volume name>` where `<volume name>` is the
+                          name from the `PodSpec.Volumes` array entry. Pod validation
+                          will reject the pod if the concatenated name is not valid
+                          for a PVC (for example, too long). \n An existing PVC with
+                          that name that is not owned by the pod will *not* be used
+                          for the pod to avoid using an unrelated volume by mistake.
+                          Starting the pod is then blocked until the unrelated PVC
+                          is removed. If such a pre-created PVC is meant to be used
+                          by the pod, the PVC has to updated with an owner reference
+                          to the pod once the pod exists. Normally this should not
+                          be necessary, but it may be useful when manually reconstructing
+                          a broken cluster. \n This field is read-only and no changes
+                          will be made by Kubernetes to the PVC after it has been
+                          created. \n Required, must not be nil."
+                        properties:
+                          metadata:
+                            description: May contain labels and annotations that will
+                              be copied into the PVC when creating it. No other fields
+                              are allowed and will be rejected during validation.
+                            type: object
+                          spec:
+                            description: The specification for the PersistentVolumeClaim.
+                              The entire content is copied unchanged into the PVC
+                              that gets created from this template. The same fields
+                              as in a PersistentVolumeClaim are also valid here.
+                            properties:
+                              accessModes:
+                                description: 'accessModes contains the desired access
+                                  modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
+                                items:
+                                  type: string
+                                type: array
+                              dataSource:
+                                description: 'dataSource field can be used to specify
+                                  either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
+                                  * An existing PVC (PersistentVolumeClaim) If the
+                                  provisioner or an external controller can support
+                                  the specified data source, it will create a new
+                                  volume based on the contents of the specified data
+                                  source. When the AnyVolumeDataSource feature gate
+                                  is enabled, dataSource contents will be copied to
+                                  dataSourceRef, and dataSourceRef contents will be
+                                  copied to dataSource when dataSourceRef.namespace
+                                  is not specified. If the namespace is specified,
+                                  then dataSourceRef will not be copied to dataSource.'
+                                properties:
+                                  apiGroup:
+                                    description: APIGroup is the group for the resource
+                                      being referenced. If APIGroup is not specified,
+                                      the specified Kind must be in the core API group.
+                                      For any other third-party types, APIGroup is
+                                      required.
+                                    type: string
+                                  kind:
+                                    description: Kind is the type of resource being
+                                      referenced
+                                    type: string
+                                  name:
+                                    description: Name is the name of resource being
+                                      referenced
+                                    type: string
+                                required:
+                                - kind
+                                - name
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              dataSourceRef:
+                                description: 'dataSourceRef specifies the object from
+                                  which to populate the volume with data, if a non-empty
+                                  volume is desired. This may be any object from a
+                                  non-empty API group (non core object) or a PersistentVolumeClaim
+                                  object. When this field is specified, volume binding
+                                  will only succeed if the type of the specified object
+                                  matches some installed volume populator or dynamic
+                                  provisioner. This field will replace the functionality
+                                  of the dataSource field and as such if both fields
+                                  are non-empty, they must have the same value. For
+                                  backwards compatibility, when namespace isn''t specified
+                                  in dataSourceRef, both fields (dataSource and dataSourceRef)
+                                  will be set to the same value automatically if one
+                                  of them is empty and the other is non-empty. When
+                                  namespace is specified in dataSourceRef, dataSource
+                                  isn''t set to the same value and must be empty.
+                                  There are three important differences between dataSource
+                                  and dataSourceRef: * While dataSource only allows
+                                  two specific types of objects, dataSourceRef allows
+                                  any non-core object, as well as PersistentVolumeClaim
+                                  objects. * While dataSource ignores disallowed values
+                                  (dropping them), dataSourceRef preserves all values,
+                                  and generates an error if a disallowed value is
+                                  specified. * While dataSource only allows local
+                                  objects, dataSourceRef allows objects in any namespaces.
+                                  (Beta) Using this field requires the AnyVolumeDataSource
+                                  feature gate to be enabled. (Alpha) Using the namespace
+                                  field of dataSourceRef requires the CrossNamespaceVolumeDataSource
+                                  feature gate to be enabled.'
+                                properties:
+                                  apiGroup:
+                                    description: APIGroup is the group for the resource
+                                      being referenced. If APIGroup is not specified,
+                                      the specified Kind must be in the core API group.
+                                      For any other third-party types, APIGroup is
+                                      required.
+                                    type: string
+                                  kind:
+                                    description: Kind is the type of resource being
+                                      referenced
+                                    type: string
+                                  name:
+                                    description: Name is the name of resource being
+                                      referenced
+                                    type: string
+                                  namespace:
+                                    description: Namespace is the namespace of resource
+                                      being referenced Note that when a namespace
+                                      is specified, a gateway.networking.k8s.io/ReferenceGrant
+                                      object is required in the referent namespace
+                                      to allow that namespace's owner to accept the
+                                      reference. See the ReferenceGrant documentation
+                                      for details. (Alpha) This field requires the
+                                      CrossNamespaceVolumeDataSource feature gate
+                                      to be enabled.
+                                    type: string
+                                required:
+                                - kind
+                                - name
+                                type: object
+                              resources:
+                                description: 'resources represents the minimum resources
+                                  the volume should have. If RecoverVolumeExpansionFailure
+                                  feature is enabled users are allowed to specify
+                                  resource requirements that are lower than previous
+                                  value but must still be higher than capacity recorded
+                                  in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
+                                properties:
+                                  claims:
+                                    description: "Claims lists the names of resources,
+                                      defined in spec.resourceClaims, that are used
+                                      by this container. \n This is an alpha field
+                                      and requires enabling the DynamicResourceAllocation
+                                      feature gate. \n This field is immutable."
+                                    items:
+                                      description: ResourceClaim references one entry
+                                        in PodSpec.ResourceClaims.
+                                      properties:
+                                        name:
+                                          description: Name must match the name of
+                                            one entry in pod.spec.resourceClaims of
+                                            the Pod where this field is used. It makes
+                                            that resource available inside a container.
+                                          type: string
+                                      required:
+                                      - name
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-map-keys:
+                                    - name
+                                    x-kubernetes-list-type: map
+                                  limits:
+                                    additionalProperties:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                      x-kubernetes-int-or-string: true
+                                    description: 'Limits describes the maximum amount
+                                      of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                                    type: object
+                                  requests:
+                                    additionalProperties:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                      x-kubernetes-int-or-string: true
+                                    description: 'Requests describes the minimum amount
+                                      of compute resources required. If Requests is
+                                      omitted for a container, it defaults to Limits
+                                      if that is explicitly specified, otherwise to
+                                      an implementation-defined value. More info:
+                                      https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                                    type: object
+                                type: object
+                              selector:
+                                description: selector is a label query over volumes
+                                  to consider for binding.
+                                properties:
+                                  matchExpressions:
+                                    description: matchExpressions is a list of label
+                                      selector requirements. The requirements are
+                                      ANDed.
+                                    items:
+                                      description: A label selector requirement is
+                                        a selector that contains values, a key, and
+                                        an operator that relates the key and values.
+                                      properties:
+                                        key:
+                                          description: key is the label key that the
+                                            selector applies to.
+                                          type: string
+                                        operator:
+                                          description: operator represents a key's
+                                            relationship to a set of values. Valid
+                                            operators are In, NotIn, Exists and DoesNotExist.
+                                          type: string
+                                        values:
+                                          description: values is an array of string
+                                            values. If the operator is In or NotIn,
+                                            the values array must be non-empty. If
+                                            the operator is Exists or DoesNotExist,
+                                            the values array must be empty. This array
+                                            is replaced during a strategic merge patch.
+                                          items:
+                                            type: string
+                                          type: array
+                                      required:
+                                      - key
+                                      - operator
+                                      type: object
+                                    type: array
+                                  matchLabels:
+                                    additionalProperties:
+                                      type: string
+                                    description: matchLabels is a map of {key,value}
+                                      pairs. A single {key,value} in the matchLabels
+                                      map is equivalent to an element of matchExpressions,
+                                      whose key field is "key", the operator is "In",
+                                      and the values array contains only "value".
+                                      The requirements are ANDed.
+                                    type: object
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              storageClassName:
+                                description: 'storageClassName is the name of the
+                                  StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+                                type: string
+                              volumeMode:
+                                description: volumeMode defines what type of volume
+                                  is required by the claim. Value of Filesystem is
+                                  implied when not included in claim spec.
+                                type: string
+                              volumeName:
+                                description: volumeName is the binding reference to
+                                  the PersistentVolume backing this claim.
+                                type: string
+                            type: object
+                        required:
+                        - spec
+                        type: object
+                    type: object
+                  volumeClaimTemplate:
+                    description: A PVC spec to be used by the StatefulSet. The easiest
+                      way to use a volume that cannot be automatically provisioned
+                      (for whatever reason) is to use a label selector alongside manually
+                      created PersistentVolumes.
+                    properties:
+                      apiVersion:
+                        description: 'APIVersion defines the versioned schema of this
+                          representation of an object. Servers should convert recognized
+                          schemas to the latest internal value, and may reject unrecognized
+                          values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+                        type: string
+                      kind:
+                        description: 'Kind is a string value representing the REST
+                          resource this object represents. Servers may infer this
+                          from the endpoint the client submits requests to. Cannot
+                          be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+                        type: string
+                      metadata:
+                        description: EmbeddedMetadata contains metadata relevant to
+                          an EmbeddedResource.
+                        properties:
+                          annotations:
+                            additionalProperties:
+                              type: string
+                            description: 'Annotations is an unstructured key value
+                              map stored with a resource that may be set by external
+                              tools to store and retrieve arbitrary metadata. They
+                              are not queryable and should be preserved when modifying
+                              objects. More info: http://kubernetes.io/docs/user-guide/annotations'
+                            type: object
+                          labels:
+                            additionalProperties:
+                              type: string
+                            description: 'Map of string keys and values that can be
+                              used to organize and categorize (scope and select) objects.
+                              May match selectors of replication controllers and services.
+                              More info: http://kubernetes.io/docs/user-guide/labels'
+                            type: object
+                          name:
+                            description: 'Name must be unique within a namespace.
+                              Is required when creating resources, although some resources
+                              may allow a client to request the generation of an appropriate
+                              name automatically. Name is primarily intended for creation
+                              idempotence and configuration definition. Cannot be
+                              updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
+                            type: string
+                        type: object
+                      spec:
+                        description: 'Spec defines the desired characteristics of
+                          a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+                        properties:
+                          accessModes:
+                            description: 'accessModes contains the desired access
+                              modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
+                            items:
+                              type: string
+                            type: array
+                          dataSource:
+                            description: 'dataSource field can be used to specify
+                              either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
+                              * An existing PVC (PersistentVolumeClaim) If the provisioner
+                              or an external controller can support the specified
+                              data source, it will create a new volume based on the
+                              contents of the specified data source. When the AnyVolumeDataSource
+                              feature gate is enabled, dataSource contents will be
+                              copied to dataSourceRef, and dataSourceRef contents
+                              will be copied to dataSource when dataSourceRef.namespace
+                              is not specified. If the namespace is specified, then
+                              dataSourceRef will not be copied to dataSource.'
+                            properties:
+                              apiGroup:
+                                description: APIGroup is the group for the resource
+                                  being referenced. If APIGroup is not specified,
+                                  the specified Kind must be in the core API group.
+                                  For any other third-party types, APIGroup is required.
+                                type: string
+                              kind:
+                                description: Kind is the type of resource being referenced
+                                type: string
+                              name:
+                                description: Name is the name of resource being referenced
+                                type: string
+                            required:
+                            - kind
+                            - name
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          dataSourceRef:
+                            description: 'dataSourceRef specifies the object from
+                              which to populate the volume with data, if a non-empty
+                              volume is desired. This may be any object from a non-empty
+                              API group (non core object) or a PersistentVolumeClaim
+                              object. When this field is specified, volume binding
+                              will only succeed if the type of the specified object
+                              matches some installed volume populator or dynamic provisioner.
+                              This field will replace the functionality of the dataSource
+                              field and as such if both fields are non-empty, they
+                              must have the same value. For backwards compatibility,
+                              when namespace isn''t specified in dataSourceRef, both
+                              fields (dataSource and dataSourceRef) will be set to
+                              the same value automatically if one of them is empty
+                              and the other is non-empty. When namespace is specified
+                              in dataSourceRef, dataSource isn''t set to the same
+                              value and must be empty. There are three important differences
+                              between dataSource and dataSourceRef: * While dataSource
+                              only allows two specific types of objects, dataSourceRef
+                              allows any non-core object, as well as PersistentVolumeClaim
+                              objects. * While dataSource ignores disallowed values
+                              (dropping them), dataSourceRef preserves all values,
+                              and generates an error if a disallowed value is specified.
+                              * While dataSource only allows local objects, dataSourceRef
+                              allows objects in any namespaces. (Beta) Using this
+                              field requires the AnyVolumeDataSource feature gate
+                              to be enabled. (Alpha) Using the namespace field of
+                              dataSourceRef requires the CrossNamespaceVolumeDataSource
+                              feature gate to be enabled.'
+                            properties:
+                              apiGroup:
+                                description: APIGroup is the group for the resource
+                                  being referenced. If APIGroup is not specified,
+                                  the specified Kind must be in the core API group.
+                                  For any other third-party types, APIGroup is required.
+                                type: string
+                              kind:
+                                description: Kind is the type of resource being referenced
+                                type: string
+                              name:
+                                description: Name is the name of resource being referenced
+                                type: string
+                              namespace:
+                                description: Namespace is the namespace of resource
+                                  being referenced Note that when a namespace is specified,
+                                  a gateway.networking.k8s.io/ReferenceGrant object
+                                  is required in the referent namespace to allow that
+                                  namespace's owner to accept the reference. See the
+                                  ReferenceGrant documentation for details. (Alpha)
+                                  This field requires the CrossNamespaceVolumeDataSource
+                                  feature gate to be enabled.
+                                type: string
+                            required:
+                            - kind
+                            - name
+                            type: object
+                          resources:
+                            description: 'resources represents the minimum resources
+                              the volume should have. If RecoverVolumeExpansionFailure
+                              feature is enabled users are allowed to specify resource
+                              requirements that are lower than previous value but
+                              must still be higher than capacity recorded in the status
+                              field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
+                            properties:
+                              claims:
+                                description: "Claims lists the names of resources,
+                                  defined in spec.resourceClaims, that are used by
+                                  this container. \n This is an alpha field and requires
+                                  enabling the DynamicResourceAllocation feature gate.
+                                  \n This field is immutable."
+                                items:
+                                  description: ResourceClaim references one entry
+                                    in PodSpec.ResourceClaims.
+                                  properties:
+                                    name:
+                                      description: Name must match the name of one
+                                        entry in pod.spec.resourceClaims of the Pod
+                                        where this field is used. It makes that resource
+                                        available inside a container.
+                                      type: string
+                                  required:
+                                  - name
+                                  type: object
+                                type: array
+                                x-kubernetes-list-map-keys:
+                                - name
+                                x-kubernetes-list-type: map
+                              limits:
+                                additionalProperties:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                description: 'Limits describes the maximum amount
+                                  of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                                type: object
+                              requests:
+                                additionalProperties:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                description: 'Requests describes the minimum amount
+                                  of compute resources required. If Requests is omitted
+                                  for a container, it defaults to Limits if that is
+                                  explicitly specified, otherwise to an implementation-defined
+                                  value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                                type: object
+                            type: object
+                          selector:
+                            description: selector is a label query over volumes to
+                              consider for binding.
+                            properties:
+                              matchExpressions:
+                                description: matchExpressions is a list of label selector
+                                  requirements. The requirements are ANDed.
+                                items:
+                                  description: A label selector requirement is a selector
+                                    that contains values, a key, and an operator that
+                                    relates the key and values.
+                                  properties:
+                                    key:
+                                      description: key is the label key that the selector
+                                        applies to.
+                                      type: string
+                                    operator:
+                                      description: operator represents a key's relationship
+                                        to a set of values. Valid operators are In,
+                                        NotIn, Exists and DoesNotExist.
+                                      type: string
+                                    values:
+                                      description: values is an array of string values.
+                                        If the operator is In or NotIn, the values
+                                        array must be non-empty. If the operator is
+                                        Exists or DoesNotExist, the values array must
+                                        be empty. This array is replaced during a
+                                        strategic merge patch.
+                                      items:
+                                        type: string
+                                      type: array
+                                  required:
+                                  - key
+                                  - operator
+                                  type: object
+                                type: array
+                              matchLabels:
+                                additionalProperties:
+                                  type: string
+                                description: matchLabels is a map of {key,value} pairs.
+                                  A single {key,value} in the matchLabels map is equivalent
+                                  to an element of matchExpressions, whose key field
+                                  is "key", the operator is "In", and the values array
+                                  contains only "value". The requirements are ANDed.
+                                type: object
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          storageClassName:
+                            description: 'storageClassName is the name of the StorageClass
+                              required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+                            type: string
+                          volumeMode:
+                            description: volumeMode defines what type of volume is
+                              required by the claim. Value of Filesystem is implied
+                              when not included in claim spec.
+                            type: string
+                          volumeName:
+                            description: volumeName is the binding reference to the
+                              PersistentVolume backing this claim.
+                            type: string
+                        type: object
+                      status:
+                        description: 'Status represents the current information/status
+                          of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+                        properties:
+                          accessModes:
+                            description: 'accessModes contains the actual access modes
+                              the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
+                            items:
+                              type: string
+                            type: array
+                          allocatedResources:
+                            additionalProperties:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                              x-kubernetes-int-or-string: true
+                            description: allocatedResources is the storage resource
+                              within AllocatedResources tracks the capacity allocated
+                              to a PVC. It may be larger than the actual capacity
+                              when a volume expansion operation is requested. For
+                              storage quota, the larger value from allocatedResources
+                              and PVC.spec.resources is used. If allocatedResources
+                              is not set, PVC.spec.resources alone is used for quota
+                              calculation. If a volume expansion capacity request
+                              is lowered, allocatedResources is only lowered if there
+                              are no expansion operations in progress and if the actual
+                              volume capacity is equal or lower than the requested
+                              capacity. This is an alpha field and requires enabling
+                              RecoverVolumeExpansionFailure feature.
+                            type: object
+                          capacity:
+                            additionalProperties:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                              x-kubernetes-int-or-string: true
+                            description: capacity represents the actual resources
+                              of the underlying volume.
+                            type: object
+                          conditions:
+                            description: conditions is the current Condition of persistent
+                              volume claim. If underlying persistent volume is being
+                              resized then the Condition will be set to 'ResizeStarted'.
+                            items:
+                              description: PersistentVolumeClaimCondition contails
+                                details about state of pvc
+                              properties:
+                                lastProbeTime:
+                                  description: lastProbeTime is the time we probed
+                                    the condition.
+                                  format: date-time
+                                  type: string
+                                lastTransitionTime:
+                                  description: lastTransitionTime is the time the
+                                    condition transitioned from one status to another.
+                                  format: date-time
+                                  type: string
+                                message:
+                                  description: message is the human-readable message
+                                    indicating details about last transition.
+                                  type: string
+                                reason:
+                                  description: reason is a unique, this should be
+                                    a short, machine understandable string that gives
+                                    the reason for condition's last transition. If
+                                    it reports "ResizeStarted" that means the underlying
+                                    persistent volume is being resized.
+                                  type: string
+                                status:
+                                  type: string
+                                type:
+                                  description: PersistentVolumeClaimConditionType
+                                    is a valid value of PersistentVolumeClaimCondition.Type
+                                  type: string
+                              required:
+                              - status
+                              - type
+                              type: object
+                            type: array
+                          phase:
+                            description: phase represents the current phase of PersistentVolumeClaim.
+                            type: string
+                          resizeStatus:
+                            description: resizeStatus stores status of resize operation.
+                              ResizeStatus is not set by default but when expansion
+                              is complete resizeStatus is set to empty string by resize
+                              controller or kubelet. This is an alpha field and requires
+                              enabling RecoverVolumeExpansionFailure feature.
+                            type: string
+                        type: object
+                    type: object
+                type: object
+              tolerations:
+                description: If specified, the pod's tolerations.
+                items:
+                  description: The pod this Toleration is attached to tolerates any
+                    taint that matches the triple <key,value,effect> using the matching
+                    operator <operator>.
+                  properties:
+                    effect:
+                      description: Effect indicates the taint effect to match. Empty
+                        means match all taint effects. When specified, allowed values
+                        are NoSchedule, PreferNoSchedule and NoExecute.
+                      type: string
+                    key:
+                      description: Key is the taint key that the toleration applies
+                        to. Empty means match all taint keys. If the key is empty,
+                        operator must be Exists; this combination means to match all
+                        values and all keys.
+                      type: string
+                    operator:
+                      description: Operator represents a key's relationship to the
+                        value. Valid operators are Exists and Equal. Defaults to Equal.
+                        Exists is equivalent to wildcard for value, so that a pod
+                        can tolerate all taints of a particular category.
+                      type: string
+                    tolerationSeconds:
+                      description: TolerationSeconds represents the period of time
+                        the toleration (which must be of effect NoExecute, otherwise
+                        this field is ignored) tolerates the taint. By default, it
+                        is not set, which means tolerate the taint forever (do not
+                        evict). Zero and negative values will be treated as 0 (evict
+                        immediately) by the system.
+                      format: int64
+                      type: integer
+                    value:
+                      description: Value is the taint value the toleration matches
+                        to. If the operator is Exists, the value should be empty,
+                        otherwise just a regular string.
+                      type: string
+                  type: object
+                type: array
+              topologySpreadConstraints:
+                description: If specified, the pod's topology spread constraints.
+                items:
+                  description: TopologySpreadConstraint specifies how to spread matching
+                    pods among the given topology.
+                  properties:
+                    labelSelector:
+                      description: LabelSelector is used to find matching pods. Pods
+                        that match this label selector are counted to determine the
+                        number of pods in their corresponding topology domain.
+                      properties:
+                        matchExpressions:
+                          description: matchExpressions is a list of label selector
+                            requirements. The requirements are ANDed.
+                          items:
+                            description: A label selector requirement is a selector
+                              that contains values, a key, and an operator that relates
+                              the key and values.
+                            properties:
+                              key:
+                                description: key is the label key that the selector
+                                  applies to.
+                                type: string
+                              operator:
+                                description: operator represents a key's relationship
+                                  to a set of values. Valid operators are In, NotIn,
+                                  Exists and DoesNotExist.
+                                type: string
+                              values:
+                                description: values is an array of string values.
+                                  If the operator is In or NotIn, the values array
+                                  must be non-empty. If the operator is Exists or
+                                  DoesNotExist, the values array must be empty. This
+                                  array is replaced during a strategic merge patch.
+                                items:
+                                  type: string
+                                type: array
+                            required:
+                            - key
+                            - operator
+                            type: object
+                          type: array
+                        matchLabels:
+                          additionalProperties:
+                            type: string
+                          description: matchLabels is a map of {key,value} pairs.
+                            A single {key,value} in the matchLabels map is equivalent
+                            to an element of matchExpressions, whose key field is
+                            "key", the operator is "In", and the values array contains
+                            only "value". The requirements are ANDed.
+                          type: object
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    matchLabelKeys:
+                      description: MatchLabelKeys is a set of pod label keys to select
+                        the pods over which spreading will be calculated. The keys
+                        are used to lookup values from the incoming pod labels, those
+                        key-value labels are ANDed with labelSelector to select the
+                        group of existing pods over which spreading will be calculated
+                        for the incoming pod. Keys that don't exist in the incoming
+                        pod labels will be ignored. A null or empty list means only
+                        match against labelSelector.
+                      items:
+                        type: string
+                      type: array
+                      x-kubernetes-list-type: atomic
+                    maxSkew:
+                      description: 'MaxSkew describes the degree to which pods may
+                        be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`,
+                        it is the maximum permitted difference between the number
+                        of matching pods in the target topology and the global minimum.
+                        The global minimum is the minimum number of matching pods
+                        in an eligible domain or zero if the number of eligible domains
+                        is less than MinDomains. For example, in a 3-zone cluster,
+                        MaxSkew is set to 1, and pods with the same labelSelector
+                        spread as 2/2/1: In this case, the global minimum is 1. |
+                        zone1 | zone2 | zone3 | |  P P  |  P P  |   P   | - if MaxSkew
+                        is 1, incoming pod can only be scheduled to zone3 to become
+                        2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1)
+                        on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming
+                        pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`,
+                        it is used to give higher precedence to topologies that satisfy
+                        it. It''s a required field. Default value is 1 and 0 is not
+                        allowed.'
+                      format: int32
+                      type: integer
+                    minDomains:
+                      description: "MinDomains indicates a minimum number of eligible
+                        domains. When the number of eligible domains with matching
+                        topology keys is less than minDomains, Pod Topology Spread
+                        treats \"global minimum\" as 0, and then the calculation of
+                        Skew is performed. And when the number of eligible domains
+                        with matching topology keys equals or greater than minDomains,
+                        this value has no effect on scheduling. As a result, when
+                        the number of eligible domains is less than minDomains, scheduler
+                        won't schedule more than maxSkew Pods to those domains. If
+                        value is nil, the constraint behaves as if MinDomains is equal
+                        to 1. Valid values are integers greater than 0. When value
+                        is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For
+                        example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains
+                        is set to 5 and pods with the same labelSelector spread as
+                        2/2/2: | zone1 | zone2 | zone3 | |  P P  |  P P  |  P P  |
+                        The number of domains is less than 5(MinDomains), so \"global
+                        minimum\" is treated as 0. In this situation, new pod with
+                        the same labelSelector cannot be scheduled, because computed
+                        skew will be 3(3 - 0) if new Pod is scheduled to any of the
+                        three zones, it will violate MaxSkew. \n This is a beta field
+                        and requires the MinDomainsInPodTopologySpread feature gate
+                        to be enabled (enabled by default)."
+                      format: int32
+                      type: integer
+                    nodeAffinityPolicy:
+                      description: "NodeAffinityPolicy indicates how we will treat
+                        Pod's nodeAffinity/nodeSelector when calculating pod topology
+                        spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector
+                        are included in the calculations. - Ignore: nodeAffinity/nodeSelector
+                        are ignored. All nodes are included in the calculations. \n
+                        If this value is nil, the behavior is equivalent to the Honor
+                        policy. This is a beta-level feature default enabled by the
+                        NodeInclusionPolicyInPodTopologySpread feature flag."
+                      type: string
+                    nodeTaintsPolicy:
+                      description: "NodeTaintsPolicy indicates how we will treat node
+                        taints when calculating pod topology spread skew. Options
+                        are: - Honor: nodes without taints, along with tainted nodes
+                        for which the incoming pod has a toleration, are included.
+                        - Ignore: node taints are ignored. All nodes are included.
+                        \n If this value is nil, the behavior is equivalent to the
+                        Ignore policy. This is a beta-level feature default enabled
+                        by the NodeInclusionPolicyInPodTopologySpread feature flag."
+                      type: string
+                    topologyKey:
+                      description: TopologyKey is the key of node labels. Nodes that
+                        have a label with this key and identical values are considered
+                        to be in the same topology. We consider each <key, value>
+                        as a "bucket", and try to put balanced number of pods into
+                        each bucket. We define a domain as a particular instance of
+                        a topology. Also, we define an eligible domain as a domain
+                        whose nodes meet the requirements of nodeAffinityPolicy and
+                        nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname",
+                        each Node is a domain of that topology. And, if TopologyKey
+                        is "topology.kubernetes.io/zone", each zone is a domain of
+                        that topology. It's a required field.
+                      type: string
+                    whenUnsatisfiable:
+                      description: 'WhenUnsatisfiable indicates how to deal with a
+                        pod if it doesn''t satisfy the spread constraint. - DoNotSchedule
+                        (default) tells the scheduler not to schedule it. - ScheduleAnyway
+                        tells the scheduler to schedule the pod in any location, but
+                        giving higher precedence to topologies that would help reduce
+                        the skew. A constraint is considered "Unsatisfiable" for an
+                        incoming pod if and only if every possible node assignment
+                        for that pod would violate "MaxSkew" on some topology. For
+                        example, in a 3-zone cluster, MaxSkew is set to 1, and pods
+                        with the same labelSelector spread as 3/1/1: | zone1 | zone2
+                        | zone3 | | P P P |   P   |   P   | If WhenUnsatisfiable is
+                        set to DoNotSchedule, incoming pod can only be scheduled to
+                        zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on
+                        zone2(zone3) satisfies MaxSkew(1). In other words, the cluster
+                        can still be imbalanced, but scheduler won''t make it *more*
+                        imbalanced. It''s a required field.'
+                      type: string
+                  required:
+                  - maxSkew
+                  - topologyKey
+                  - whenUnsatisfiable
+                  type: object
+                type: array
+              tracingConfig:
+                description: TracingConfig configures tracing in Thanos. This is an
+                  experimental feature, it may change in any upcoming release in a
+                  breaking way.
+                properties:
+                  key:
+                    description: The key of the secret to select from.  Must be a
+                      valid secret key.
+                    type: string
+                  name:
+                    description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                      TODO: Add other useful fields. apiVersion, kind, uid?'
+                    type: string
+                  optional:
+                    description: Specify whether the Secret or its key must be defined
+                    type: boolean
+                required:
+                - key
+                type: object
+                x-kubernetes-map-type: atomic
+              tracingConfigFile:
+                description: TracingConfig specifies the path of the tracing configuration
+                  file. When used alongside with TracingConfig, TracingConfigFile
+                  takes precedence.
+                type: string
+              version:
+                description: Version of Thanos to be deployed.
+                type: string
+              volumes:
+                description: Volumes allows configuration of additional volumes on
+                  the output StatefulSet definition. Volumes specified will be appended
+                  to other volumes that are generated as a result of StorageSpec objects.
+                items:
+                  description: Volume represents a named volume in a pod that may
+                    be accessed by any container in the pod.
+                  properties:
+                    awsElasticBlockStore:
+                      description: 'awsElasticBlockStore represents an AWS Disk resource
+                        that is attached to a kubelet''s host machine and then exposed
+                        to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+                      properties:
+                        fsType:
+                          description: 'fsType is the filesystem type of the volume
+                            that you want to mount. Tip: Ensure that the filesystem
+                            type is supported by the host operating system. Examples:
+                            "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
+                            if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+                            TODO: how do we prevent errors in the filesystem from
+                            compromising the machine'
+                          type: string
+                        partition:
+                          description: 'partition is the partition in the volume that
+                            you want to mount. If omitted, the default is to mount
+                            by volume name. Examples: For volume /dev/sda1, you specify
+                            the partition as "1". Similarly, the volume partition
+                            for /dev/sda is "0" (or you can leave the property empty).'
+                          format: int32
+                          type: integer
+                        readOnly:
+                          description: 'readOnly value true will force the readOnly
+                            setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+                          type: boolean
+                        volumeID:
+                          description: 'volumeID is unique ID of the persistent disk
+                            resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
+                          type: string
+                      required:
+                      - volumeID
+                      type: object
+                    azureDisk:
+                      description: azureDisk represents an Azure Data Disk mount on
+                        the host and bind mount to the pod.
+                      properties:
+                        cachingMode:
+                          description: 'cachingMode is the Host Caching mode: None,
+                            Read Only, Read Write.'
+                          type: string
+                        diskName:
+                          description: diskName is the Name of the data disk in the
+                            blob storage
+                          type: string
+                        diskURI:
+                          description: diskURI is the URI of data disk in the blob
+                            storage
+                          type: string
+                        fsType:
+                          description: fsType is Filesystem type to mount. Must be
+                            a filesystem type supported by the host operating system.
+                            Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
+                            if unspecified.
+                          type: string
+                        kind:
+                          description: 'kind expected values are Shared: multiple
+                            blob disks per storage account  Dedicated: single blob
+                            disk per storage account  Managed: azure managed data
+                            disk (only in managed availability set). defaults to shared'
+                          type: string
+                        readOnly:
+                          description: readOnly Defaults to false (read/write). ReadOnly
+                            here will force the ReadOnly setting in VolumeMounts.
+                          type: boolean
+                      required:
+                      - diskName
+                      - diskURI
+                      type: object
+                    azureFile:
+                      description: azureFile represents an Azure File Service mount
+                        on the host and bind mount to the pod.
+                      properties:
+                        readOnly:
+                          description: readOnly defaults to false (read/write). ReadOnly
+                            here will force the ReadOnly setting in VolumeMounts.
+                          type: boolean
+                        secretName:
+                          description: secretName is the  name of secret that contains
+                            Azure Storage Account Name and Key
+                          type: string
+                        shareName:
+                          description: shareName is the azure share Name
+                          type: string
+                      required:
+                      - secretName
+                      - shareName
+                      type: object
+                    cephfs:
+                      description: cephFS represents a Ceph FS mount on the host that
+                        shares a pod's lifetime
+                      properties:
+                        monitors:
+                          description: 'monitors is Required: Monitors is a collection
+                            of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                          items:
+                            type: string
+                          type: array
+                        path:
+                          description: 'path is Optional: Used as the mounted root,
+                            rather than the full Ceph tree, default is /'
+                          type: string
+                        readOnly:
+                          description: 'readOnly is Optional: Defaults to false (read/write).
+                            ReadOnly here will force the ReadOnly setting in VolumeMounts.
+                            More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                          type: boolean
+                        secretFile:
+                          description: 'secretFile is Optional: SecretFile is the
+                            path to key ring for User, default is /etc/ceph/user.secret
+                            More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                          type: string
+                        secretRef:
+                          description: 'secretRef is Optional: SecretRef is reference
+                            to the authentication secret for User, default is empty.
+                            More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                          properties:
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        user:
+                          description: 'user is optional: User is the rados user name,
+                            default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
+                          type: string
+                      required:
+                      - monitors
+                      type: object
+                    cinder:
+                      description: 'cinder represents a cinder volume attached and
+                        mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+                      properties:
+                        fsType:
+                          description: 'fsType is the filesystem type to mount. Must
+                            be a filesystem type supported by the host operating system.
+                            Examples: "ext4", "xfs", "ntfs". Implicitly inferred to
+                            be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+                          type: string
+                        readOnly:
+                          description: 'readOnly defaults to false (read/write). ReadOnly
+                            here will force the ReadOnly setting in VolumeMounts.
+                            More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+                          type: boolean
+                        secretRef:
+                          description: 'secretRef is optional: points to a secret
+                            object containing parameters used to connect to OpenStack.'
+                          properties:
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        volumeID:
+                          description: 'volumeID used to identify the volume in cinder.
+                            More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
+                          type: string
+                      required:
+                      - volumeID
+                      type: object
+                    configMap:
+                      description: configMap represents a configMap that should populate
+                        this volume
+                      properties:
+                        defaultMode:
+                          description: 'defaultMode is optional: mode bits used to
+                            set permissions on created files by default. Must be an
+                            octal value between 0000 and 0777 or a decimal value between
+                            0 and 511. YAML accepts both octal and decimal values,
+                            JSON requires decimal values for mode bits. Defaults to
+                            0644. Directories within the path are not affected by
+                            this setting. This might be in conflict with other options
+                            that affect the file mode, like fsGroup, and the result
+                            can be other mode bits set.'
+                          format: int32
+                          type: integer
+                        items:
+                          description: items if unspecified, each key-value pair in
+                            the Data field of the referenced ConfigMap will be projected
+                            into the volume as a file whose name is the key and content
+                            is the value. If specified, the listed keys will be projected
+                            into the specified paths, and unlisted keys will not be
+                            present. If a key is specified which is not present in
+                            the ConfigMap, the volume setup will error unless it is
+                            marked optional. Paths must be relative and may not contain
+                            the '..' path or start with '..'.
+                          items:
+                            description: Maps a string key to a path within a volume.
+                            properties:
+                              key:
+                                description: key is the key to project.
+                                type: string
+                              mode:
+                                description: 'mode is Optional: mode bits used to
+                                  set permissions on this file. Must be an octal value
+                                  between 0000 and 0777 or a decimal value between
+                                  0 and 511. YAML accepts both octal and decimal values,
+                                  JSON requires decimal values for mode bits. If not
+                                  specified, the volume defaultMode will be used.
+                                  This might be in conflict with other options that
+                                  affect the file mode, like fsGroup, and the result
+                                  can be other mode bits set.'
+                                format: int32
+                                type: integer
+                              path:
+                                description: path is the relative path of the file
+                                  to map the key to. May not be an absolute path.
+                                  May not contain the path element '..'. May not start
+                                  with the string '..'.
+                                type: string
+                            required:
+                            - key
+                            - path
+                            type: object
+                          type: array
+                        name:
+                          description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                            TODO: Add other useful fields. apiVersion, kind, uid?'
+                          type: string
+                        optional:
+                          description: optional specify whether the ConfigMap or its
+                            keys must be defined
+                          type: boolean
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    csi:
+                      description: csi (Container Storage Interface) represents ephemeral
+                        storage that is handled by certain external CSI drivers (Beta
+                        feature).
+                      properties:
+                        driver:
+                          description: driver is the name of the CSI driver that handles
+                            this volume. Consult with your admin for the correct name
+                            as registered in the cluster.
+                          type: string
+                        fsType:
+                          description: fsType to mount. Ex. "ext4", "xfs", "ntfs".
+                            If not provided, the empty value is passed to the associated
+                            CSI driver which will determine the default filesystem
+                            to apply.
+                          type: string
+                        nodePublishSecretRef:
+                          description: nodePublishSecretRef is a reference to the
+                            secret object containing sensitive information to pass
+                            to the CSI driver to complete the CSI NodePublishVolume
+                            and NodeUnpublishVolume calls. This field is optional,
+                            and  may be empty if no secret is required. If the secret
+                            object contains more than one secret, all secret references
+                            are passed.
+                          properties:
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        readOnly:
+                          description: readOnly specifies a read-only configuration
+                            for the volume. Defaults to false (read/write).
+                          type: boolean
+                        volumeAttributes:
+                          additionalProperties:
+                            type: string
+                          description: volumeAttributes stores driver-specific properties
+                            that are passed to the CSI driver. Consult your driver's
+                            documentation for supported values.
+                          type: object
+                      required:
+                      - driver
+                      type: object
+                    downwardAPI:
+                      description: downwardAPI represents downward API about the pod
+                        that should populate this volume
+                      properties:
+                        defaultMode:
+                          description: 'Optional: mode bits to use on created files
+                            by default. Must be a Optional: mode bits used to set
+                            permissions on created files by default. Must be an octal
+                            value between 0000 and 0777 or a decimal value between
+                            0 and 511. YAML accepts both octal and decimal values,
+                            JSON requires decimal values for mode bits. Defaults to
+                            0644. Directories within the path are not affected by
+                            this setting. This might be in conflict with other options
+                            that affect the file mode, like fsGroup, and the result
+                            can be other mode bits set.'
+                          format: int32
+                          type: integer
+                        items:
+                          description: Items is a list of downward API volume file
+                          items:
+                            description: DownwardAPIVolumeFile represents information
+                              to create the file containing the pod field
+                            properties:
+                              fieldRef:
+                                description: 'Required: Selects a field of the pod:
+                                  only annotations, labels, name and namespace are
+                                  supported.'
+                                properties:
+                                  apiVersion:
+                                    description: Version of the schema the FieldPath
+                                      is written in terms of, defaults to "v1".
+                                    type: string
+                                  fieldPath:
+                                    description: Path of the field to select in the
+                                      specified API version.
+                                    type: string
+                                required:
+                                - fieldPath
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              mode:
+                                description: 'Optional: mode bits used to set permissions
+                                  on this file, must be an octal value between 0000
+                                  and 0777 or a decimal value between 0 and 511. YAML
+                                  accepts both octal and decimal values, JSON requires
+                                  decimal values for mode bits. If not specified,
+                                  the volume defaultMode will be used. This might
+                                  be in conflict with other options that affect the
+                                  file mode, like fsGroup, and the result can be other
+                                  mode bits set.'
+                                format: int32
+                                type: integer
+                              path:
+                                description: 'Required: Path is  the relative path
+                                  name of the file to be created. Must not be absolute
+                                  or contain the ''..'' path. Must be utf-8 encoded.
+                                  The first item of the relative path must not start
+                                  with ''..'''
+                                type: string
+                              resourceFieldRef:
+                                description: 'Selects a resource of the container:
+                                  only resources limits and requests (limits.cpu,
+                                  limits.memory, requests.cpu and requests.memory)
+                                  are currently supported.'
+                                properties:
+                                  containerName:
+                                    description: 'Container name: required for volumes,
+                                      optional for env vars'
+                                    type: string
+                                  divisor:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    description: Specifies the output format of the
+                                      exposed resources, defaults to "1"
+                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                    x-kubernetes-int-or-string: true
+                                  resource:
+                                    description: 'Required: resource to select'
+                                    type: string
+                                required:
+                                - resource
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            required:
+                            - path
+                            type: object
+                          type: array
+                      type: object
+                    emptyDir:
+                      description: 'emptyDir represents a temporary directory that
+                        shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+                      properties:
+                        medium:
+                          description: 'medium represents what type of storage medium
+                            should back this directory. The default is "" which means
+                            to use the node''s default medium. Must be an empty string
+                            (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
+                          type: string
+                        sizeLimit:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          description: 'sizeLimit is the total amount of local storage
+                            required for this EmptyDir volume. The size limit is also
+                            applicable for memory medium. The maximum usage on memory
+                            medium EmptyDir would be the minimum value between the
+                            SizeLimit specified here and the sum of memory limits
+                            of all containers in a pod. The default is nil which means
+                            that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
+                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                          x-kubernetes-int-or-string: true
+                      type: object
+                    ephemeral:
+                      description: "ephemeral represents a volume that is handled
+                        by a cluster storage driver. The volume's lifecycle is tied
+                        to the pod that defines it - it will be created before the
+                        pod starts, and deleted when the pod is removed. \n Use this
+                        if: a) the volume is only needed while the pod runs, b) features
+                        of normal volumes like restoring from snapshot or capacity
+                        tracking are needed, c) the storage driver is specified through
+                        a storage class, and d) the storage driver supports dynamic
+                        volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource
+                        for more information on the connection between this volume
+                        type and PersistentVolumeClaim). \n Use PersistentVolumeClaim
+                        or one of the vendor-specific APIs for volumes that persist
+                        for longer than the lifecycle of an individual pod. \n Use
+                        CSI for light-weight local ephemeral volumes if the CSI driver
+                        is meant to be used that way - see the documentation of the
+                        driver for more information. \n A pod can use both types of
+                        ephemeral volumes and persistent volumes at the same time."
+                      properties:
+                        volumeClaimTemplate:
+                          description: "Will be used to create a stand-alone PVC to
+                            provision the volume. The pod in which this EphemeralVolumeSource
+                            is embedded will be the owner of the PVC, i.e. the PVC
+                            will be deleted together with the pod.  The name of the
+                            PVC will be `<pod name>-<volume name>` where `<volume
+                            name>` is the name from the `PodSpec.Volumes` array entry.
+                            Pod validation will reject the pod if the concatenated
+                            name is not valid for a PVC (for example, too long). \n
+                            An existing PVC with that name that is not owned by the
+                            pod will *not* be used for the pod to avoid using an unrelated
+                            volume by mistake. Starting the pod is then blocked until
+                            the unrelated PVC is removed. If such a pre-created PVC
+                            is meant to be used by the pod, the PVC has to updated
+                            with an owner reference to the pod once the pod exists.
+                            Normally this should not be necessary, but it may be useful
+                            when manually reconstructing a broken cluster. \n This
+                            field is read-only and no changes will be made by Kubernetes
+                            to the PVC after it has been created. \n Required, must
+                            not be nil."
+                          properties:
+                            metadata:
+                              description: May contain labels and annotations that
+                                will be copied into the PVC when creating it. No other
+                                fields are allowed and will be rejected during validation.
+                              type: object
+                            spec:
+                              description: The specification for the PersistentVolumeClaim.
+                                The entire content is copied unchanged into the PVC
+                                that gets created from this template. The same fields
+                                as in a PersistentVolumeClaim are also valid here.
+                              properties:
+                                accessModes:
+                                  description: 'accessModes contains the desired access
+                                    modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
+                                  items:
+                                    type: string
+                                  type: array
+                                dataSource:
+                                  description: 'dataSource field can be used to specify
+                                    either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
+                                    * An existing PVC (PersistentVolumeClaim) If the
+                                    provisioner or an external controller can support
+                                    the specified data source, it will create a new
+                                    volume based on the contents of the specified
+                                    data source. When the AnyVolumeDataSource feature
+                                    gate is enabled, dataSource contents will be copied
+                                    to dataSourceRef, and dataSourceRef contents will
+                                    be copied to dataSource when dataSourceRef.namespace
+                                    is not specified. If the namespace is specified,
+                                    then dataSourceRef will not be copied to dataSource.'
+                                  properties:
+                                    apiGroup:
+                                      description: APIGroup is the group for the resource
+                                        being referenced. If APIGroup is not specified,
+                                        the specified Kind must be in the core API
+                                        group. For any other third-party types, APIGroup
+                                        is required.
+                                      type: string
+                                    kind:
+                                      description: Kind is the type of resource being
+                                        referenced
+                                      type: string
+                                    name:
+                                      description: Name is the name of resource being
+                                        referenced
+                                      type: string
+                                  required:
+                                  - kind
+                                  - name
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                dataSourceRef:
+                                  description: 'dataSourceRef specifies the object
+                                    from which to populate the volume with data, if
+                                    a non-empty volume is desired. This may be any
+                                    object from a non-empty API group (non core object)
+                                    or a PersistentVolumeClaim object. When this field
+                                    is specified, volume binding will only succeed
+                                    if the type of the specified object matches some
+                                    installed volume populator or dynamic provisioner.
+                                    This field will replace the functionality of the
+                                    dataSource field and as such if both fields are
+                                    non-empty, they must have the same value. For
+                                    backwards compatibility, when namespace isn''t
+                                    specified in dataSourceRef, both fields (dataSource
+                                    and dataSourceRef) will be set to the same value
+                                    automatically if one of them is empty and the
+                                    other is non-empty. When namespace is specified
+                                    in dataSourceRef, dataSource isn''t set to the
+                                    same value and must be empty. There are three
+                                    important differences between dataSource and dataSourceRef:
+                                    * While dataSource only allows two specific types
+                                    of objects, dataSourceRef allows any non-core
+                                    object, as well as PersistentVolumeClaim objects.
+                                    * While dataSource ignores disallowed values (dropping
+                                    them), dataSourceRef preserves all values, and
+                                    generates an error if a disallowed value is specified.
+                                    * While dataSource only allows local objects,
+                                    dataSourceRef allows objects in any namespaces.
+                                    (Beta) Using this field requires the AnyVolumeDataSource
+                                    feature gate to be enabled. (Alpha) Using the
+                                    namespace field of dataSourceRef requires the
+                                    CrossNamespaceVolumeDataSource feature gate to
+                                    be enabled.'
+                                  properties:
+                                    apiGroup:
+                                      description: APIGroup is the group for the resource
+                                        being referenced. If APIGroup is not specified,
+                                        the specified Kind must be in the core API
+                                        group. For any other third-party types, APIGroup
+                                        is required.
+                                      type: string
+                                    kind:
+                                      description: Kind is the type of resource being
+                                        referenced
+                                      type: string
+                                    name:
+                                      description: Name is the name of resource being
+                                        referenced
+                                      type: string
+                                    namespace:
+                                      description: Namespace is the namespace of resource
+                                        being referenced Note that when a namespace
+                                        is specified, a gateway.networking.k8s.io/ReferenceGrant
+                                        object is required in the referent namespace
+                                        to allow that namespace's owner to accept
+                                        the reference. See the ReferenceGrant documentation
+                                        for details. (Alpha) This field requires the
+                                        CrossNamespaceVolumeDataSource feature gate
+                                        to be enabled.
+                                      type: string
+                                  required:
+                                  - kind
+                                  - name
+                                  type: object
+                                resources:
+                                  description: 'resources represents the minimum resources
+                                    the volume should have. If RecoverVolumeExpansionFailure
+                                    feature is enabled users are allowed to specify
+                                    resource requirements that are lower than previous
+                                    value but must still be higher than capacity recorded
+                                    in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
+                                  properties:
+                                    claims:
+                                      description: "Claims lists the names of resources,
+                                        defined in spec.resourceClaims, that are used
+                                        by this container. \n This is an alpha field
+                                        and requires enabling the DynamicResourceAllocation
+                                        feature gate. \n This field is immutable."
+                                      items:
+                                        description: ResourceClaim references one
+                                          entry in PodSpec.ResourceClaims.
+                                        properties:
+                                          name:
+                                            description: Name must match the name
+                                              of one entry in pod.spec.resourceClaims
+                                              of the Pod where this field is used.
+                                              It makes that resource available inside
+                                              a container.
+                                            type: string
+                                        required:
+                                        - name
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-map-keys:
+                                      - name
+                                      x-kubernetes-list-type: map
+                                    limits:
+                                      additionalProperties:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      description: 'Limits describes the maximum amount
+                                        of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                                      type: object
+                                    requests:
+                                      additionalProperties:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      description: 'Requests describes the minimum
+                                        amount of compute resources required. If Requests
+                                        is omitted for a container, it defaults to
+                                        Limits if that is explicitly specified, otherwise
+                                        to an implementation-defined value. More info:
+                                        https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                                      type: object
+                                  type: object
+                                selector:
+                                  description: selector is a label query over volumes
+                                    to consider for binding.
+                                  properties:
+                                    matchExpressions:
+                                      description: matchExpressions is a list of label
+                                        selector requirements. The requirements are
+                                        ANDed.
+                                      items:
+                                        description: A label selector requirement
+                                          is a selector that contains values, a key,
+                                          and an operator that relates the key and
+                                          values.
+                                        properties:
+                                          key:
+                                            description: key is the label key that
+                                              the selector applies to.
+                                            type: string
+                                          operator:
+                                            description: operator represents a key's
+                                              relationship to a set of values. Valid
+                                              operators are In, NotIn, Exists and
+                                              DoesNotExist.
+                                            type: string
+                                          values:
+                                            description: values is an array of string
+                                              values. If the operator is In or NotIn,
+                                              the values array must be non-empty.
+                                              If the operator is Exists or DoesNotExist,
+                                              the values array must be empty. This
+                                              array is replaced during a strategic
+                                              merge patch.
+                                            items:
+                                              type: string
+                                            type: array
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      description: matchLabels is a map of {key,value}
+                                        pairs. A single {key,value} in the matchLabels
+                                        map is equivalent to an element of matchExpressions,
+                                        whose key field is "key", the operator is
+                                        "In", and the values array contains only "value".
+                                        The requirements are ANDed.
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                storageClassName:
+                                  description: 'storageClassName is the name of the
+                                    StorageClass required by the claim. More info:
+                                    https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
+                                  type: string
+                                volumeMode:
+                                  description: volumeMode defines what type of volume
+                                    is required by the claim. Value of Filesystem
+                                    is implied when not included in claim spec.
+                                  type: string
+                                volumeName:
+                                  description: volumeName is the binding reference
+                                    to the PersistentVolume backing this claim.
+                                  type: string
+                              type: object
+                          required:
+                          - spec
+                          type: object
+                      type: object
+                    fc:
+                      description: fc represents a Fibre Channel resource that is
+                        attached to a kubelet's host machine and then exposed to the
+                        pod.
+                      properties:
+                        fsType:
+                          description: 'fsType is the filesystem type to mount. Must
+                            be a filesystem type supported by the host operating system.
+                            Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
+                            if unspecified. TODO: how do we prevent errors in the
+                            filesystem from compromising the machine'
+                          type: string
+                        lun:
+                          description: 'lun is Optional: FC target lun number'
+                          format: int32
+                          type: integer
+                        readOnly:
+                          description: 'readOnly is Optional: Defaults to false (read/write).
+                            ReadOnly here will force the ReadOnly setting in VolumeMounts.'
+                          type: boolean
+                        targetWWNs:
+                          description: 'targetWWNs is Optional: FC target worldwide
+                            names (WWNs)'
+                          items:
+                            type: string
+                          type: array
+                        wwids:
+                          description: 'wwids Optional: FC volume world wide identifiers
+                            (wwids) Either wwids or combination of targetWWNs and
+                            lun must be set, but not both simultaneously.'
+                          items:
+                            type: string
+                          type: array
+                      type: object
+                    flexVolume:
+                      description: flexVolume represents a generic volume resource
+                        that is provisioned/attached using an exec based plugin.
+                      properties:
+                        driver:
+                          description: driver is the name of the driver to use for
+                            this volume.
+                          type: string
+                        fsType:
+                          description: fsType is the filesystem type to mount. Must
+                            be a filesystem type supported by the host operating system.
+                            Ex. "ext4", "xfs", "ntfs". The default filesystem depends
+                            on FlexVolume script.
+                          type: string
+                        options:
+                          additionalProperties:
+                            type: string
+                          description: 'options is Optional: this field holds extra
+                            command options if any.'
+                          type: object
+                        readOnly:
+                          description: 'readOnly is Optional: defaults to false (read/write).
+                            ReadOnly here will force the ReadOnly setting in VolumeMounts.'
+                          type: boolean
+                        secretRef:
+                          description: 'secretRef is Optional: secretRef is reference
+                            to the secret object containing sensitive information
+                            to pass to the plugin scripts. This may be empty if no
+                            secret object is specified. If the secret object contains
+                            more than one secret, all secrets are passed to the plugin
+                            scripts.'
+                          properties:
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                      required:
+                      - driver
+                      type: object
+                    flocker:
+                      description: flocker represents a Flocker volume attached to
+                        a kubelet's host machine. This depends on the Flocker control
+                        service being running
+                      properties:
+                        datasetName:
+                          description: datasetName is Name of the dataset stored as
+                            metadata -> name on the dataset for Flocker should be
+                            considered as deprecated
+                          type: string
+                        datasetUUID:
+                          description: datasetUUID is the UUID of the dataset. This
+                            is unique identifier of a Flocker dataset
+                          type: string
+                      type: object
+                    gcePersistentDisk:
+                      description: 'gcePersistentDisk represents a GCE Disk resource
+                        that is attached to a kubelet''s host machine and then exposed
+                        to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+                      properties:
+                        fsType:
+                          description: 'fsType is filesystem type of the volume that
+                            you want to mount. Tip: Ensure that the filesystem type
+                            is supported by the host operating system. Examples: "ext4",
+                            "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+                            More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+                            TODO: how do we prevent errors in the filesystem from
+                            compromising the machine'
+                          type: string
+                        partition:
+                          description: 'partition is the partition in the volume that
+                            you want to mount. If omitted, the default is to mount
+                            by volume name. Examples: For volume /dev/sda1, you specify
+                            the partition as "1". Similarly, the volume partition
+                            for /dev/sda is "0" (or you can leave the property empty).
+                            More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+                          format: int32
+                          type: integer
+                        pdName:
+                          description: 'pdName is unique name of the PD resource in
+                            GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+                          type: string
+                        readOnly:
+                          description: 'readOnly here will force the ReadOnly setting
+                            in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
+                          type: boolean
+                      required:
+                      - pdName
+                      type: object
+                    gitRepo:
+                      description: 'gitRepo represents a git repository at a particular
+                        revision. DEPRECATED: GitRepo is deprecated. To provision
+                        a container with a git repo, mount an EmptyDir into an InitContainer
+                        that clones the repo using git, then mount the EmptyDir into
+                        the Pod''s container.'
+                      properties:
+                        directory:
+                          description: directory is the target directory name. Must
+                            not contain or start with '..'.  If '.' is supplied, the
+                            volume directory will be the git repository.  Otherwise,
+                            if specified, the volume will contain the git repository
+                            in the subdirectory with the given name.
+                          type: string
+                        repository:
+                          description: repository is the URL
+                          type: string
+                        revision:
+                          description: revision is the commit hash for the specified
+                            revision.
+                          type: string
+                      required:
+                      - repository
+                      type: object
+                    glusterfs:
+                      description: 'glusterfs represents a Glusterfs mount on the
+                        host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md'
+                      properties:
+                        endpoints:
+                          description: 'endpoints is the endpoint name that details
+                            Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+                          type: string
+                        path:
+                          description: 'path is the Glusterfs volume path. More info:
+                            https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+                          type: string
+                        readOnly:
+                          description: 'readOnly here will force the Glusterfs volume
+                            to be mounted with read-only permissions. Defaults to
+                            false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
+                          type: boolean
+                      required:
+                      - endpoints
+                      - path
+                      type: object
+                    hostPath:
+                      description: 'hostPath represents a pre-existing file or directory
+                        on the host machine that is directly exposed to the container.
+                        This is generally used for system agents or other privileged
+                        things that are allowed to see the host machine. Most containers
+                        will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
+                        --- TODO(jonesdl) We need to restrict who can use host directory
+                        mounts and who can/can not mount host directories as read/write.'
+                      properties:
+                        path:
+                          description: 'path of the directory on the host. If the
+                            path is a symlink, it will follow the link to the real
+                            path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
+                          type: string
+                        type:
+                          description: 'type for HostPath Volume Defaults to "" More
+                            info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
+                          type: string
+                      required:
+                      - path
+                      type: object
+                    iscsi:
+                      description: 'iscsi represents an ISCSI Disk resource that is
+                        attached to a kubelet''s host machine and then exposed to
+                        the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
+                      properties:
+                        chapAuthDiscovery:
+                          description: chapAuthDiscovery defines whether support iSCSI
+                            Discovery CHAP authentication
+                          type: boolean
+                        chapAuthSession:
+                          description: chapAuthSession defines whether support iSCSI
+                            Session CHAP authentication
+                          type: boolean
+                        fsType:
+                          description: 'fsType is the filesystem type of the volume
+                            that you want to mount. Tip: Ensure that the filesystem
+                            type is supported by the host operating system. Examples:
+                            "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
+                            if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
+                            TODO: how do we prevent errors in the filesystem from
+                            compromising the machine'
+                          type: string
+                        initiatorName:
+                          description: initiatorName is the custom iSCSI Initiator
+                            Name. If initiatorName is specified with iscsiInterface
+                            simultaneously, new iSCSI interface <target portal>:<volume
+                            name> will be created for the connection.
+                          type: string
+                        iqn:
+                          description: iqn is the target iSCSI Qualified Name.
+                          type: string
+                        iscsiInterface:
+                          description: iscsiInterface is the interface Name that uses
+                            an iSCSI transport. Defaults to 'default' (tcp).
+                          type: string
+                        lun:
+                          description: lun represents iSCSI Target Lun number.
+                          format: int32
+                          type: integer
+                        portals:
+                          description: portals is the iSCSI Target Portal List. The
+                            portal is either an IP or ip_addr:port if the port is
+                            other than default (typically TCP ports 860 and 3260).
+                          items:
+                            type: string
+                          type: array
+                        readOnly:
+                          description: readOnly here will force the ReadOnly setting
+                            in VolumeMounts. Defaults to false.
+                          type: boolean
+                        secretRef:
+                          description: secretRef is the CHAP Secret for iSCSI target
+                            and initiator authentication
+                          properties:
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        targetPortal:
+                          description: targetPortal is iSCSI Target Portal. The Portal
+                            is either an IP or ip_addr:port if the port is other than
+                            default (typically TCP ports 860 and 3260).
+                          type: string
+                      required:
+                      - iqn
+                      - lun
+                      - targetPortal
+                      type: object
+                    name:
+                      description: 'name of the volume. Must be a DNS_LABEL and unique
+                        within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+                      type: string
+                    nfs:
+                      description: 'nfs represents an NFS mount on the host that shares
+                        a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+                      properties:
+                        path:
+                          description: 'path that is exported by the NFS server. More
+                            info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+                          type: string
+                        readOnly:
+                          description: 'readOnly here will force the NFS export to
+                            be mounted with read-only permissions. Defaults to false.
+                            More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+                          type: boolean
+                        server:
+                          description: 'server is the hostname or IP address of the
+                            NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
+                          type: string
+                      required:
+                      - path
+                      - server
+                      type: object
+                    persistentVolumeClaim:
+                      description: 'persistentVolumeClaimVolumeSource represents a
+                        reference to a PersistentVolumeClaim in the same namespace.
+                        More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+                      properties:
+                        claimName:
+                          description: 'claimName is the name of a PersistentVolumeClaim
+                            in the same namespace as the pod using this volume. More
+                            info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
+                          type: string
+                        readOnly:
+                          description: readOnly Will force the ReadOnly setting in
+                            VolumeMounts. Default false.
+                          type: boolean
+                      required:
+                      - claimName
+                      type: object
+                    photonPersistentDisk:
+                      description: photonPersistentDisk represents a PhotonController
+                        persistent disk attached and mounted on kubelets host machine
+                      properties:
+                        fsType:
+                          description: fsType is the filesystem type to mount. Must
+                            be a filesystem type supported by the host operating system.
+                            Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
+                            if unspecified.
+                          type: string
+                        pdID:
+                          description: pdID is the ID that identifies Photon Controller
+                            persistent disk
+                          type: string
+                      required:
+                      - pdID
+                      type: object
+                    portworxVolume:
+                      description: portworxVolume represents a portworx volume attached
+                        and mounted on kubelets host machine
+                      properties:
+                        fsType:
+                          description: fSType represents the filesystem type to mount
+                            Must be a filesystem type supported by the host operating
+                            system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4"
+                            if unspecified.
+                          type: string
+                        readOnly:
+                          description: readOnly defaults to false (read/write). ReadOnly
+                            here will force the ReadOnly setting in VolumeMounts.
+                          type: boolean
+                        volumeID:
+                          description: volumeID uniquely identifies a Portworx volume
+                          type: string
+                      required:
+                      - volumeID
+                      type: object
+                    projected:
+                      description: projected items for all in one resources secrets,
+                        configmaps, and downward API
+                      properties:
+                        defaultMode:
+                          description: defaultMode are the mode bits used to set permissions
+                            on created files by default. Must be an octal value between
+                            0000 and 0777 or a decimal value between 0 and 511. YAML
+                            accepts both octal and decimal values, JSON requires decimal
+                            values for mode bits. Directories within the path are
+                            not affected by this setting. This might be in conflict
+                            with other options that affect the file mode, like fsGroup,
+                            and the result can be other mode bits set.
+                          format: int32
+                          type: integer
+                        sources:
+                          description: sources is the list of volume projections
+                          items:
+                            description: Projection that may be projected along with
+                              other supported volume types
+                            properties:
+                              configMap:
+                                description: configMap information about the configMap
+                                  data to project
+                                properties:
+                                  items:
+                                    description: items if unspecified, each key-value
+                                      pair in the Data field of the referenced ConfigMap
+                                      will be projected into the volume as a file
+                                      whose name is the key and content is the value.
+                                      If specified, the listed keys will be projected
+                                      into the specified paths, and unlisted keys
+                                      will not be present. If a key is specified which
+                                      is not present in the ConfigMap, the volume
+                                      setup will error unless it is marked optional.
+                                      Paths must be relative and may not contain the
+                                      '..' path or start with '..'.
+                                    items:
+                                      description: Maps a string key to a path within
+                                        a volume.
+                                      properties:
+                                        key:
+                                          description: key is the key to project.
+                                          type: string
+                                        mode:
+                                          description: 'mode is Optional: mode bits
+                                            used to set permissions on this file.
+                                            Must be an octal value between 0000 and
+                                            0777 or a decimal value between 0 and
+                                            511. YAML accepts both octal and decimal
+                                            values, JSON requires decimal values for
+                                            mode bits. If not specified, the volume
+                                            defaultMode will be used. This might be
+                                            in conflict with other options that affect
+                                            the file mode, like fsGroup, and the result
+                                            can be other mode bits set.'
+                                          format: int32
+                                          type: integer
+                                        path:
+                                          description: path is the relative path of
+                                            the file to map the key to. May not be
+                                            an absolute path. May not contain the
+                                            path element '..'. May not start with
+                                            the string '..'.
+                                          type: string
+                                      required:
+                                      - key
+                                      - path
+                                      type: object
+                                    type: array
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: optional specify whether the ConfigMap
+                                      or its keys must be defined
+                                    type: boolean
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              downwardAPI:
+                                description: downwardAPI information about the downwardAPI
+                                  data to project
+                                properties:
+                                  items:
+                                    description: Items is a list of DownwardAPIVolume
+                                      file
+                                    items:
+                                      description: DownwardAPIVolumeFile represents
+                                        information to create the file containing
+                                        the pod field
+                                      properties:
+                                        fieldRef:
+                                          description: 'Required: Selects a field
+                                            of the pod: only annotations, labels,
+                                            name and namespace are supported.'
+                                          properties:
+                                            apiVersion:
+                                              description: Version of the schema the
+                                                FieldPath is written in terms of,
+                                                defaults to "v1".
+                                              type: string
+                                            fieldPath:
+                                              description: Path of the field to select
+                                                in the specified API version.
+                                              type: string
+                                          required:
+                                          - fieldPath
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        mode:
+                                          description: 'Optional: mode bits used to
+                                            set permissions on this file, must be
+                                            an octal value between 0000 and 0777 or
+                                            a decimal value between 0 and 511. YAML
+                                            accepts both octal and decimal values,
+                                            JSON requires decimal values for mode
+                                            bits. If not specified, the volume defaultMode
+                                            will be used. This might be in conflict
+                                            with other options that affect the file
+                                            mode, like fsGroup, and the result can
+                                            be other mode bits set.'
+                                          format: int32
+                                          type: integer
+                                        path:
+                                          description: 'Required: Path is  the relative
+                                            path name of the file to be created. Must
+                                            not be absolute or contain the ''..''
+                                            path. Must be utf-8 encoded. The first
+                                            item of the relative path must not start
+                                            with ''..'''
+                                          type: string
+                                        resourceFieldRef:
+                                          description: 'Selects a resource of the
+                                            container: only resources limits and requests
+                                            (limits.cpu, limits.memory, requests.cpu
+                                            and requests.memory) are currently supported.'
+                                          properties:
+                                            containerName:
+                                              description: 'Container name: required
+                                                for volumes, optional for env vars'
+                                              type: string
+                                            divisor:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              description: Specifies the output format
+                                                of the exposed resources, defaults
+                                                to "1"
+                                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                              x-kubernetes-int-or-string: true
+                                            resource:
+                                              description: 'Required: resource to
+                                                select'
+                                              type: string
+                                          required:
+                                          - resource
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                      required:
+                                      - path
+                                      type: object
+                                    type: array
+                                type: object
+                              secret:
+                                description: secret information about the secret data
+                                  to project
+                                properties:
+                                  items:
+                                    description: items if unspecified, each key-value
+                                      pair in the Data field of the referenced Secret
+                                      will be projected into the volume as a file
+                                      whose name is the key and content is the value.
+                                      If specified, the listed keys will be projected
+                                      into the specified paths, and unlisted keys
+                                      will not be present. If a key is specified which
+                                      is not present in the Secret, the volume setup
+                                      will error unless it is marked optional. Paths
+                                      must be relative and may not contain the '..'
+                                      path or start with '..'.
+                                    items:
+                                      description: Maps a string key to a path within
+                                        a volume.
+                                      properties:
+                                        key:
+                                          description: key is the key to project.
+                                          type: string
+                                        mode:
+                                          description: 'mode is Optional: mode bits
+                                            used to set permissions on this file.
+                                            Must be an octal value between 0000 and
+                                            0777 or a decimal value between 0 and
+                                            511. YAML accepts both octal and decimal
+                                            values, JSON requires decimal values for
+                                            mode bits. If not specified, the volume
+                                            defaultMode will be used. This might be
+                                            in conflict with other options that affect
+                                            the file mode, like fsGroup, and the result
+                                            can be other mode bits set.'
+                                          format: int32
+                                          type: integer
+                                        path:
+                                          description: path is the relative path of
+                                            the file to map the key to. May not be
+                                            an absolute path. May not contain the
+                                            path element '..'. May not start with
+                                            the string '..'.
+                                          type: string
+                                      required:
+                                      - key
+                                      - path
+                                      type: object
+                                    type: array
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                      TODO: Add other useful fields. apiVersion, kind,
+                                      uid?'
+                                    type: string
+                                  optional:
+                                    description: optional field specify whether the
+                                      Secret or its key must be defined
+                                    type: boolean
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              serviceAccountToken:
+                                description: serviceAccountToken is information about
+                                  the serviceAccountToken data to project
+                                properties:
+                                  audience:
+                                    description: audience is the intended audience
+                                      of the token. A recipient of a token must identify
+                                      itself with an identifier specified in the audience
+                                      of the token, and otherwise should reject the
+                                      token. The audience defaults to the identifier
+                                      of the apiserver.
+                                    type: string
+                                  expirationSeconds:
+                                    description: expirationSeconds is the requested
+                                      duration of validity of the service account
+                                      token. As the token approaches expiration, the
+                                      kubelet volume plugin will proactively rotate
+                                      the service account token. The kubelet will
+                                      start trying to rotate the token if the token
+                                      is older than 80 percent of its time to live
+                                      or if the token is older than 24 hours.Defaults
+                                      to 1 hour and must be at least 10 minutes.
+                                    format: int64
+                                    type: integer
+                                  path:
+                                    description: path is the path relative to the
+                                      mount point of the file to project the token
+                                      into.
+                                    type: string
+                                required:
+                                - path
+                                type: object
+                            type: object
+                          type: array
+                      type: object
+                    quobyte:
+                      description: quobyte represents a Quobyte mount on the host
+                        that shares a pod's lifetime
+                      properties:
+                        group:
+                          description: group to map volume access to Default is no
+                            group
+                          type: string
+                        readOnly:
+                          description: readOnly here will force the Quobyte volume
+                            to be mounted with read-only permissions. Defaults to
+                            false.
+                          type: boolean
+                        registry:
+                          description: registry represents a single or multiple Quobyte
+                            Registry services specified as a string as host:port pair
+                            (multiple entries are separated with commas) which acts
+                            as the central registry for volumes
+                          type: string
+                        tenant:
+                          description: tenant owning the given Quobyte volume in the
+                            Backend Used with dynamically provisioned Quobyte volumes,
+                            value is set by the plugin
+                          type: string
+                        user:
+                          description: user to map volume access to Defaults to serivceaccount
+                            user
+                          type: string
+                        volume:
+                          description: volume is a string that references an already
+                            created Quobyte volume by name.
+                          type: string
+                      required:
+                      - registry
+                      - volume
+                      type: object
+                    rbd:
+                      description: 'rbd represents a Rados Block Device mount on the
+                        host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md'
+                      properties:
+                        fsType:
+                          description: 'fsType is the filesystem type of the volume
+                            that you want to mount. Tip: Ensure that the filesystem
+                            type is supported by the host operating system. Examples:
+                            "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
+                            if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
+                            TODO: how do we prevent errors in the filesystem from
+                            compromising the machine'
+                          type: string
+                        image:
+                          description: 'image is the rados image name. More info:
+                            https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                          type: string
+                        keyring:
+                          description: 'keyring is the path to key ring for RBDUser.
+                            Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                          type: string
+                        monitors:
+                          description: 'monitors is a collection of Ceph monitors.
+                            More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                          items:
+                            type: string
+                          type: array
+                        pool:
+                          description: 'pool is the rados pool name. Default is rbd.
+                            More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                          type: string
+                        readOnly:
+                          description: 'readOnly here will force the ReadOnly setting
+                            in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                          type: boolean
+                        secretRef:
+                          description: 'secretRef is name of the authentication secret
+                            for RBDUser. If provided overrides keyring. Default is
+                            nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                          properties:
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        user:
+                          description: 'user is the rados user name. Default is admin.
+                            More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
+                          type: string
+                      required:
+                      - image
+                      - monitors
+                      type: object
+                    scaleIO:
+                      description: scaleIO represents a ScaleIO persistent volume
+                        attached and mounted on Kubernetes nodes.
+                      properties:
+                        fsType:
+                          description: fsType is the filesystem type to mount. Must
+                            be a filesystem type supported by the host operating system.
+                            Ex. "ext4", "xfs", "ntfs". Default is "xfs".
+                          type: string
+                        gateway:
+                          description: gateway is the host address of the ScaleIO
+                            API Gateway.
+                          type: string
+                        protectionDomain:
+                          description: protectionDomain is the name of the ScaleIO
+                            Protection Domain for the configured storage.
+                          type: string
+                        readOnly:
+                          description: readOnly Defaults to false (read/write). ReadOnly
+                            here will force the ReadOnly setting in VolumeMounts.
+                          type: boolean
+                        secretRef:
+                          description: secretRef references to the secret for ScaleIO
+                            user and other sensitive information. If this is not provided,
+                            Login operation will fail.
+                          properties:
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        sslEnabled:
+                          description: sslEnabled Flag enable/disable SSL communication
+                            with Gateway, default false
+                          type: boolean
+                        storageMode:
+                          description: storageMode indicates whether the storage for
+                            a volume should be ThickProvisioned or ThinProvisioned.
+                            Default is ThinProvisioned.
+                          type: string
+                        storagePool:
+                          description: storagePool is the ScaleIO Storage Pool associated
+                            with the protection domain.
+                          type: string
+                        system:
+                          description: system is the name of the storage system as
+                            configured in ScaleIO.
+                          type: string
+                        volumeName:
+                          description: volumeName is the name of a volume already
+                            created in the ScaleIO system that is associated with
+                            this volume source.
+                          type: string
+                      required:
+                      - gateway
+                      - secretRef
+                      - system
+                      type: object
+                    secret:
+                      description: 'secret represents a secret that should populate
+                        this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+                      properties:
+                        defaultMode:
+                          description: 'defaultMode is Optional: mode bits used to
+                            set permissions on created files by default. Must be an
+                            octal value between 0000 and 0777 or a decimal value between
+                            0 and 511. YAML accepts both octal and decimal values,
+                            JSON requires decimal values for mode bits. Defaults to
+                            0644. Directories within the path are not affected by
+                            this setting. This might be in conflict with other options
+                            that affect the file mode, like fsGroup, and the result
+                            can be other mode bits set.'
+                          format: int32
+                          type: integer
+                        items:
+                          description: items If unspecified, each key-value pair in
+                            the Data field of the referenced Secret will be projected
+                            into the volume as a file whose name is the key and content
+                            is the value. If specified, the listed keys will be projected
+                            into the specified paths, and unlisted keys will not be
+                            present. If a key is specified which is not present in
+                            the Secret, the volume setup will error unless it is marked
+                            optional. Paths must be relative and may not contain the
+                            '..' path or start with '..'.
+                          items:
+                            description: Maps a string key to a path within a volume.
+                            properties:
+                              key:
+                                description: key is the key to project.
+                                type: string
+                              mode:
+                                description: 'mode is Optional: mode bits used to
+                                  set permissions on this file. Must be an octal value
+                                  between 0000 and 0777 or a decimal value between
+                                  0 and 511. YAML accepts both octal and decimal values,
+                                  JSON requires decimal values for mode bits. If not
+                                  specified, the volume defaultMode will be used.
+                                  This might be in conflict with other options that
+                                  affect the file mode, like fsGroup, and the result
+                                  can be other mode bits set.'
+                                format: int32
+                                type: integer
+                              path:
+                                description: path is the relative path of the file
+                                  to map the key to. May not be an absolute path.
+                                  May not contain the path element '..'. May not start
+                                  with the string '..'.
+                                type: string
+                            required:
+                            - key
+                            - path
+                            type: object
+                          type: array
+                        optional:
+                          description: optional field specify whether the Secret or
+                            its keys must be defined
+                          type: boolean
+                        secretName:
+                          description: 'secretName is the name of the secret in the
+                            pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+                          type: string
+                      type: object
+                    storageos:
+                      description: storageOS represents a StorageOS volume attached
+                        and mounted on Kubernetes nodes.
+                      properties:
+                        fsType:
+                          description: fsType is the filesystem type to mount. Must
+                            be a filesystem type supported by the host operating system.
+                            Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
+                            if unspecified.
+                          type: string
+                        readOnly:
+                          description: readOnly defaults to false (read/write). ReadOnly
+                            here will force the ReadOnly setting in VolumeMounts.
+                          type: boolean
+                        secretRef:
+                          description: secretRef specifies the secret to use for obtaining
+                            the StorageOS API credentials.  If not specified, default
+                            values will be attempted.
+                          properties:
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        volumeName:
+                          description: volumeName is the human-readable name of the
+                            StorageOS volume.  Volume names are only unique within
+                            a namespace.
+                          type: string
+                        volumeNamespace:
+                          description: volumeNamespace specifies the scope of the
+                            volume within StorageOS.  If no namespace is specified
+                            then the Pod's namespace will be used.  This allows the
+                            Kubernetes name scoping to be mirrored within StorageOS
+                            for tighter integration. Set VolumeName to any name to
+                            override the default behaviour. Set to "default" if you
+                            are not using namespaces within StorageOS. Namespaces
+                            that do not pre-exist within StorageOS will be created.
+                          type: string
+                      type: object
+                    vsphereVolume:
+                      description: vsphereVolume represents a vSphere volume attached
+                        and mounted on kubelets host machine
+                      properties:
+                        fsType:
+                          description: fsType is filesystem type to mount. Must be
+                            a filesystem type supported by the host operating system.
+                            Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
+                            if unspecified.
+                          type: string
+                        storagePolicyID:
+                          description: storagePolicyID is the storage Policy Based
+                            Management (SPBM) profile ID associated with the StoragePolicyName.
+                          type: string
+                        storagePolicyName:
+                          description: storagePolicyName is the storage Policy Based
+                            Management (SPBM) profile name.
+                          type: string
+                        volumePath:
+                          description: volumePath is the path that identifies vSphere
+                            volume vmdk
+                          type: string
+                      required:
+                      - volumePath
+                      type: object
+                  required:
+                  - name
+                  type: object
+                type: array
+            type: object
+          status:
+            description: 'Most recent observed status of the ThanosRuler cluster.
+              Read-only. Not included when requesting from the apiserver, only from
+              the ThanosRuler Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
+            properties:
+              availableReplicas:
+                description: Total number of available pods (ready for at least minReadySeconds)
+                  targeted by this ThanosRuler deployment.
+                format: int32
+                type: integer
+              paused:
+                description: Represents whether any actions on the underlying managed
+                  objects are being performed. Only delete actions will be performed.
+                type: boolean
+              replicas:
+                description: Total number of non-terminated pods targeted by this
+                  ThanosRuler deployment (their labels match the selector).
+                format: int32
+                type: integer
+              unavailableReplicas:
+                description: Total number of unavailable pods targeted by this ThanosRuler
+                  deployment.
+                format: int32
+                type: integer
+              updatedReplicas:
+                description: Total number of non-terminated pods targeted by this
+                  ThanosRuler deployment that have the desired version spec.
+                format: int32
+                type: integer
+            required:
+            - availableReplicas
+            - paused
+            - replicas
+            - unavailableReplicas
+            - updatedReplicas
+            type: object
+        required:
+        - spec
+        type: object
+    served: true
+    storage: true
+    subresources: {}
diff --git a/charts/rancher-monitoring-crd/103.0.3+up45.31.1/files/crd-manifest.tgz b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/files/crd-manifest.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..6f4997beff10146b5fbaa7239e725b9097ae10a6
GIT binary patch
literal 201592
zcmb4qWpEukllF1U%*>P+VrFJ$W@g9C%p5Z_Gc&UjGc&}@%y!J*N$%a+cmI5~d#Xk=
z^Jw}hsZOia-I55uLjnH&KF;1=T=81sD54L|KG0hwCyCt$uoaWft=tmsQ{whgmprb*
z8sFA;?=@3x#^L&HazS%L)3wjv&vOFBdQ97Kd+jK`tEx<fQ`UF1UzM|!$CG17W|NU5
z^>om&^YHMz&86s_eDJ={rIeh1s9tpp>3KcvA18d#^M2a<zL~}AbMsp+=L5mp-4?AW
zHxUL1W$#3G;(AU#K3Wnj_!2@jF6w=3f|&`I;xTm+k!)MZVmh=By1S&<Mpk|7&JFoK
zpWM=QoPInV=VW_5aoq`gzD5NK6ci~2b8~SZ|8{B5wbYoDv{=+dE-r?il7s1U%ug;%
zMAb#|N5|~y(aMtT@nGcPA-=TJH7>kNlOUN*$Yd&S&9!2XX(iG=sd;5=yyeZ1{+zQN
z@XjApn3+YaEq^16T>L>^!uIjGBr&Iwz}H1c!y_a+S@HT6KCTlD+FkS@Q9*>`<?9!i
z67}tdDWv{L`{4VUqW3R?9<2dp*vJXs26Gt>qNd~%iX?D1Cvz2Z$GbywLpj8WP=*^l
z#T;=khd;3mO_IGskOnw7guDxm@gL3ViNZe{61!<+=Dml0U5!w$91eiheDe(OFkOB9
zDLdl+J-H+V<8~-g@_xM+l&)0yAdiF^e9~jc=$$r2yHpL{8a3$F*oKdYQY#S~!`s$3
zBv#r@U^3RdtruE?PiT0eQGnH6sm&v@!7!XqD{~}%Z`lWySQp8~$NhRBp<=QISu$K2
zj3!Z|>3lm+`4W}{x%t+Tck?lGhea~T6m0vaU@W*QnFu?wwq#;TTE2)Vjxfp!ak2+8
zvRPpu7P$r`I`SNjJ@H+7nFj|=ql?#R3oa?wbYP3zf{>z=q713Tx)(98n56_cN+FUk
ziYc2fB*QGCLCEhjLNWy<Cy^l00=3q0MV?}GWEkl9EAWDka(k)5)+h52bo-8CkWn;b
zI5YF$hIl;EamB=478GG$@TAJ%DQ=RIBXUeI1=d3|7Dr8am8`p<L-&zV&74#rDYK#-
z!R$g~k$O}KOw_OO<SJweMMPg(b5VsjnM%CVOL{P)*@goVsw}Hq3zR(;G=1sC%#FeC
zpaqpL$zICwMVMxu)jV7_xO>_~7fL1!ttPwE9uGuTzWQg=j~)mwi)6xP<7NgGftN_9
z`I2FiTRA?PaEz7Bp1x1Tix(|fMr7kWl(aZ%6nfCf&43HZ*~`|KsK<Ni0eI#d^1rZJ
zL9b?d-WqUytKw5WbJFi>p8BmKfYRazE^(Ck`M_$KROoI^8Ea!c1Y2VVeLvr$+_QiE
zn$4~F$o88jYZMmehKCoZ<Dtn9jb_nS3P#Cs4yH)ud=AVb7m0+TzK3R09$SSFGqN@A
zK$JM&WcCUK%QrW|`{-*GF6Y(0g{ks!w&nQAQV%85HQzP$Pc&M0DeKf8se(PMB1=++
zzQQfcW9fZ09bT=U*swWNN9s9E(bpmCu@9V1b;`vzgbpC`Feg%R{QFpsMJ>b8`!xn_
z*<u>Oe=6uwDaLtrkipqEk>x+bV?4(MY&k_8%!m0niHLhY;2c-S=#8Sf8*UU@*&C)^
zNSG~UzHY?*{$5-YTD)!2sP7{6k;A&AXv=0%LPS?2DAh^g5q}oa&>73v!0ciGQA<LK
zjfMf6f7Y2QQ@#0ZqGhA^cL)(<&Nplpzi)QV>mGNGY3E|KNN(#dLHMImUDpA{Biv;i
z?v8d%y1n3|ZKbXuX<R>%-Njn=%t7BR7!FHkL6Hp{tBbNU3b!RRI2q6E9Xy1WE$X+@
z?z^8#<rd;M(~a_dqu3h~@x;d__NFo4a908ZJgZWi_VRdP*2zvN2dSl*xW}N{i!3cT
z4#spLx}iVb)vQ^)-k<K~t*>!O6o|zI75kYHb&>ryV!_=*5tL|Nn>=y|+-qk!3^QfK
zbxZHBUd@Rr$A=(!1t338Yap}5-cMd$KHPe)`F1y<*i&#K6_C1PLxdJGzIl~9jOrpa
z%a1YLxe*q^bd@7FzPFNz(l*8f7!)d3&1~bD#p78N6NlAReBR4iMBi`z+yfmdnYd>j
zk-hK&Yfxrl=SkS&dU75gW}s>fQlN;UumV{`_Aq@E7($T{vE}5|e*SfmeF};I*FTPA
zM#{!SZn+<_s$?;*iHco1yh)uWz)Z?$-N#t{N*$yvaEk$@9fh7L;J}2nL_>5|l2Z$t
zS-Qhr>XhL))oUf0v;YNi4|W*y5o$QaO;MoR&uis*6n}4wB4AssNx8L{qfI{|41H1%
zA3(>p;fRph)Vv>+WF-tnhhEkh%fq~+Xdy=G>j!o6H8%iiRLP={Y$80b!qo;_t?6?3
ziH>U4rM7n{RX+4pjlE`_J%s;ckf9w!)FmHBZ<qjuQ_7adB28=iA?JZ;k?Yj>gORkJ
zpnjV@{he#{7OiIg^hs)RJ~w_r=vTu*)dd;%z_-U2wp5zIwrn%jXTG&T8{P>d6A4wx
zb`tT_&6_sJ5`5>T1P7)FYz_IrJBuHqq_u)2i=S4U${-_eIi#phSRpX|D2Fc1bq~yr
z!fmmJBP?F-$d2qi3-3PPQGbJy2o8=QcuVp*Wut!wATRjXEh9N3o_L?E*y-5V>K<iJ
zd2*$Ll*~r;a*f&SFM)kutSf|j(;Juky13AbGTyjcW~`obblh)cZ4A#zHV4jWw~P=y
zemRy2mA*Az2l_I+3z~E6*9a5t3Hj@3bVcfG{C*z;r<>Qq-q!N>`>i_90Wp66B$9xv
zybn(9*K~rn0iTPv%<-Tn;wANsUBT%y@93q=4+X}XcS4h9pO`Tb$^}me7?B%n<V*Mb
z)_1yH>X+|{WDlV^1abtv@3%ACOJ<>=W{)3P1$=m2AAz=8{-#1l$Fup&2X<-NVb<VV
zywR#rE$Aa`nG4Ik!fSm-9{g_xA-o@kl+&5ty?$`m5G(dupt#04EQx+kQ1NS-Jy{Kk
z#>I_ZT_k3IJ-)l1;>(hKf4!Y~8JP0r%;J7}IyyQlnHx#DXz_LP{jHbdYwzN5vTjIW
znvo~Dan6jXwve%4wG3`EB?geZ+d8nCV!TO?#jRTV`5XEd^?JjZk0;?!Ta<^os%5+&
zc@crLl%hjOwPf;6lfv93)n}UWzyf=LLrinJwn4{-s9Xr0O!WkE&m6}G-6Y}e9&$?3
zn=Z{{!R{Q`XI(>;hyt{lEI$~p=OrX2&9d;7tdG2$OB<QDikIaSmW^#0i&8}0wy6)M
zH($B;m#fnTrk6R$>@&SFAu@5nqlh~i#~QOzA0M@vN!-v}Rm9cphvtgGRhmWUO<bs}
z1IfKqQ&x-5<2s5_*KIy^85c}g;bHdi+_q5Vb*OFIIhqPqgq`2cKvOK;<4}rAHHS(g
zRwJEjh<`@8x>mPYlqEm6Bv10NtI!0esE=yVa_ffDz>rITDL|sE$2P&+l4nv%r`^JH
zR(7Luvv)3vA(4_L(T<CHzq=H`Te!~`Iv8*yj-uyEET7?Kk_k(4j)f(=;;fluxd-WX
zxNZJU4>}!Y`_Z5$zZr29Y=^Qjk+CBlA4xV^C?bpOp%G0s#Y|5MRe(Neu4&LtoGp$S
zF}M5bUsy#<(74_fFdj}MeScuIk;p`XrBFBmEyXS+p0@|Bhg_Gx_pq1z9d{HXL909&
zwF7=He1-8#58DTHYRT!+lx|MmEweMnw<5AzMj=PZdSzKHi_xLaDvP#*q{_2*r`PiM
z5g8UX#kTAwRsPlf1_SU%%`o3-pxf&`{b7ZZI39`L>lM?jG^xM6jvAY5Q<0GcNvjWw
zndM64tt4dmy)llK*iP!n>hiwKGBII{L8+Z>d-66PY)8C#O$DO0?tBKQfmOFc_fS^<
z?jj>$WDq7CpY3v)qN?WIox#f}5+=$l4j7JuD}|y;1}o|Myg@{~nb>c|@L1eb^sDFY
zBx@P(`=>cxsan_?HDRdqbhJ0;s5&HL5qHW4mUv+mOY1d^o7^JzxVX-CdKOvXPTy^=
z`u9G#x@$wijoAA-8Cnj(@~`!ML9H-`ud@O-CK<z=14KatXbH#0#G?gxvDI@-FkDl0
zyJ19MBdLS0$loHd_d=b~=p>S_#aZk36jk6RS8s2fohOb?_V3B#4`9}Oet#e3ski#x
zX<MV$&Cis*h`a2N`tY;~YhiO<qo*x`Vt#P+{8J^Em@R#Ry82gBevf0KLyc&Et6=?C
z7+N$cY=dxh%!pL3j7YM@-2!$LvZb&Iwu*{Cfyzy~#3pukA+jmeZqVtB*x_L8z#SKh
zMW`vaGHH+6!K3(uM`6q8;Mo_Kl%m;7?2NwgCQTS!+T;t-m=&$=qW=D2T^5n4lJArb
zYWpS7Q&YTzEis>3@<}cY#ftTwkV=G2W^wcw?z&n}p2Z)H&B@snX?)7B(~pTngLebU
zn^aE}Gb&n1`ip5H#L>sl6lQbp%GvA<yW2&dQ80-SZ4sJ0TIzQwwQ|v@&*qnjA}2&x
zJk5ypgD5-_DYT2~roVA64LV?jQ>Yr$A({SuKsjOY3!KSEw53u*vSAb>Vi|PKJ=X3+
z_=agCskX&Zb}EFyusZl2-CRu#)lyFlweXE5$h^f`G9UmIV?!pLhik;1!QQfJheIZy
zwR*EbL%{W^^06QX+maQN{RJ@q8{s!Hsf)$fZfgZ!-6#EqUQ;pRUyj%enp<^TH_KsD
z7VB)PplskatC|g_a@CsAD*Z|X%_~+_nG%uI82&K4P`LqtR&IXvAj)>~eck{n_F4`7
z1|tBK8-Sd!07f>AOoDQF0iMQ(e&bX;_!T>;*f6|eby0O3z6W}~+-UJ6q*4fFzFB-d
znNVg#x?$#^u|;v?voQ6%{SB$Q%P%7stW_R(xSzL~b{h6{4m)ab$d9qyApxkv@~=2Q
zM}k_7>+Omxzi1$Rf$TTo$NGrbd2`)<Va@$b#oKh_DWNz)X>~XIRW555dE%6$hRXd=
z<fm!Da%<C=MFU)H5iXk^+NRJ~PsF5OF6CE>>)+EC%e_aA_@orkNrzVC)6i407U!cU
zOYxkV!HjL)OTsZ71hB|Ew4*$9hI>w3FSlKkgE{vCl<&`$L)x^mHZ0?PB+~0&y^-87
z$BLhY@zP7Urx@Z3d;8JO%P*96s4UFGlgdo?I9@dMN@15(yapn@`P5orp0nhbBDxaf
zX{ybP4^uEjAN{4E3H+p>?I=NL$-P>opuykXC%%g(|9;EBY*JMoQ=iygJtuzXt6kGW
z_;Rgr8>3oAouJzJr5vqzK;+zmf|IQUqLCkssT>UBbmAMdYCT#&jrobujHBy%-|V)7
z_JA1l60D`)DR|)3j4oYRHS*PJI1F`fCX5+uOX8%JGq?~BXx;G&<rIT+QBIsia3Xe=
ztK3&Psh6X(1KXM!I%+!OmT%+P%4{iRuXJZ-Kec{jwQN?|m^iP^1%Yqis8y&Il$EW=
zr<DH*3ifnV6n~<1zvCt|&*&laez!g(U;A9l$|s#fF^aJ`kAK`a2U*N}P577%O%m3I
z%cQ8#1RFOfor_u}B3jUj(?=Kt5X?h@36?*?;-_Hti$_eg$?xRBrdo!=Xy?Vqy5kSD
zj>wMVpl#Ud4c<Aj1%oAtt}<^(>O<9*T>C5));odJ<WFkqp$h#={5%(9zNyDn{0AhQ
ztq}B)If0TBgBVkF^1(&s+8gm%ex6;!m%;9RPh@4?@&J%+-3}BMTv_o2C|1GgWkLA?
z=kok9#Q9y&5yW^xvJWV~J;dBSP|0`3Qe7!<!c5X7X9GV{P%((;GsvxB#0=6QEV4oE
z_5-${^TZQuq?eW)C<Y=HblO>4ugPk^M8}nj!7d|4Xe0!V?YI>%f2;x~7^J-p50D!j
z;!PHS&+SvSW46ib1H44p^cq$Cknfy#$3jC5%Qdk-_SlflcL}Kk_)#ABM}%;g51&hV
zI~qpb7`*FK$2UcMYAX?ka`mIkQZfq5gThrFJ(Jo*-Cr|b1}nmhHrinDPrP*EqrwXe
zhA1{VBRbEb3~9Z@C`wi0W{y0g%}W#t)CW+`uRpP`P9*Zr6mMb7kj}EhP(C*?g0I=p
znG&zgFbj9oSagPmU7W_VuTF{BHzxcH%dZkeGvUbBsT6C3%pr*A<d4p$jT>sMBOnP}
zXHF(*xox&+vS$8y6N=?a_{kJ;yxZT?@IkHP%xLQ_!_HNf@JXX$J+vKmCakZ{Ug(!5
zVjins!{-4u<RE*ZNKk`J20waPpgp0l)m@0{`SIz+wm`ktLh`&_PxQ9qNM><`K14D<
zj9vgk8?896-daw-Q{P|N>*L_3_t#KqH)Kw9?+yN!?t8$ZsKk$2!}^{;8$uPNE=vP7
z@spB!tRBn`_9LyOt;m7KG$zu;03^{3-iXX-tP-z%V|X8C`M#`qrB1mVU*g{#O^=Ht
zIGvEj8%q@}OC3G_I?&C-t0&U6X;2-up&tB00W>6!D@}m&)i!{?7(VyOu5e%iIhYTw
zEXGwSq9QoKJ>(Dlz5)V--ZMT0Q$&J$pK@N07!P@02(--tV!Pqugn?>r93(6}eY;3h
zct#4KBqJ1Dv_N_9mK#4D23)iq!1N=W(UYG2x$JovK3b<;A=mRn+}}lgENl`@%lM^T
z39NcG)08V6AvP4uT|73F86q|mjei94oD6g0`qTOJJ&7HBe(Tv=;uVY+{TIcZV6*1-
zdp?;WWswca#F@-h&9bBG1f|5Ub-m#v{Y+QAAWYTyN9A)P+6-!M@48TwU@Xum$Un5(
z)#OE0$(V}rW!6BQM%KMOl`NNr)a!_jZmt>HUth6wcsWE<^zbq~UsCigO!NbW0~!*;
zQg@bA*rE?i9t-eOcqy{7v0tin*R2<>i}UkU#@ma>ebd?dE6W<9beTwfH)rq889XWw
z-?gm4I;&uAJMRs(cgpPocUNC33uFSZoXnbOvsqw*Gm?1JauL+rMW2^`VOr!B5p<Lv
zwG(CG69{4$m=N3)K`VlVlA*0a3MtowQ{tiD5ye4Ij<>;iXn&T9PZprLx@dUtkY1^l
z3Acf@T)!2Ct?93h^B`Dt^mmp}e-07PuJXEbF1`>e`Jw4j?Vi4U@@*-HpFL8w8XVfI
zN07>$G9D}KgDvxyapJo2$eKrGx@pI%HA5q&d)bxUP&vU#$SQ>eGZc03{qYT#6<cUM
z;d%L2#mX>+1H(aOYuKOoA(Da29ulVtQ@OuT+Uj2_kGTX7!>EFo1nk;H_wbV>^LwhA
z*ngT7d#M`1mI+5zHiBCoNw4W~G$%;fP@j0ur)%Db2-L>nAj+cYVBbg6J=EPlPP13{
z!jjA?R=FNmx|HepsFvUJG^$qEL*A+4rj6oE+(l0;oP@8+xi*mvFdhJOa4`vzZ-hBm
zglt9XSJl{XPYEKo6;+_o`X9z=X(;XA!a_KnH`?6$Zvz@yN7`AP6M`%FcQ<O%R=i|U
zCM@<esdnbBrQbNHW~8rh>vNFbOrNR2n^ekizPLw;nOA^WCy_vVURft$1f*m~Hbo_y
z0;5?Ibe~&B6Ih-B)i0Ydlh6~f5FqKq0!(Cl{6El0iVXnBN@1yjOk^Je({Rv#D`H=X
zo&;`u4dV&ZiLF1`8E*~u#`%-FQuv#S6V&Hnqc98MK$?f_ft!bbO~kSS$$my*{Shn#
z_(@U;08&nI{l@O)CHDP))r9^5l9V|C<J}<o4?v9A&ci%}8GtnCPml1&+|1>Hr4zFN
zCSr536)|)Fa(klvB{KlTcp&*D6oJ^)`-#2z|JLX&AOPD^xCGF@K=`c$ioN}%+5@F$
z4*-FShTw;=9vC7I?A^jDgn^6xGxE2fAoU+|C>kIG3v$Y1*0=mj#eqG%i6uh(TTlW(
znS~;}YD+C6_4eEZxP#|utk4vyBwv-Ha?8D}Zpx+GK4jkvr>?Y}cWvHwTw2m+9(Ttu
z^&a55PZWvH{fxr|7D#4pts;egYQ)ag&XkR!EiY=d7@FcBBEwO)lN5)lOcz()fippS
zUMe)8858g{b8a8Lu+hCEj>=p&rwa!)87BTR=b<zA!!}{_Buqh*xT~!eR$L-tBTYlD
zItgYQvvX=5^}2Lb_oSWEcFe>~T>llkotplHn6Sw#WV;;ojc&;1byc+`bg5?Cp_*mg
zboRW)>_Q!*h@y4=+3M<jp`c}b17-YVhf00Xm%DcE&i<;v7CcRD`~ldCav|*|hw0)_
zt^vY(ceGCBM4Ikf4V$_Jr;~{bYy^{tuiE8>gHGm*NK$2KTes*2lKHn|u#L~Jz@(B=
ziMrAzF~dWMh4JBNqqo?iEmyE}xv6tiots@q;yyM-`)(h%a=ckf0N3^x-eK*YArdaG
z^h4xO@^QQvrUAZAdvC-dhyKXpurvg=>|M!SFr19KL5J2jJX5@vs2%?9x7hThh06OS
zWPBCyNtwDC49epD`GSy8Ue25Al;l{8@HkQFhwsRUv%@DgAl)Hhqc*sPKLW9WB0-QC
ziHupd*~pAl$?AI^lRWozaf*|=wLFDd?i(8`X}?+)w?kS!%%s&PN_n%oT1p>pbj5Th
z;@69=DK1V$%N*f%D7Mp`l~9tqtH~qJi9c%jd}o}*FrOH+`EXf^3}g~X>j_Vb+YO))
zICow%Qm&62F3xA`AA#R(!Ir=z6Rr()_5NC`C|t{QrxzOfPd<Y%W>HLUiEp#nM^=lE
zPK)obD#zsI@#g51?`+qYPKCg+k(#Bsfk354hiax}iB8WvTgN!{*-*<zO@YEUgw`ey
zpz|yDdj=uV0;nQSKR}TO_|V?^L<p>!{t4gS>c0mG^pQSL6JDo(TBH8s6v5%O2|+vA
z-^RlKkzHfw$7G`eUPn94(9=I@Y<~O|1P3Jg!F(!(nFT0=`=iJs7Scog0VqHgfI}4?
z&=3m5{O5!)TR{B&8LL3o0D*k^XBEiN4usCH_P^~~TQ2xZ1`p~s9|*|&3h$Qy&V7RT
zW9k#ZJrQsOL;9_-0mcb{&>t!`Lccy_IDI>20HZlBFD*70#1N5+z8yCa1T2IYJD}l1
zIE@Dj?@ihJ3<A>0K9JVt--#7CyMkcle%IOytmd~Awx3nwxmS5q9BD&J6jM#^cB;W6
zU7@AWMkg{A&e{ri@9ytJqykqU3Hf3BM6=^4a>nxBF5IwQI=kqd5cDMLssx(L^G0h{
zl_)HY>t7--TFd5pI#Pxao>`P_{fs0D&Q~~z*=fwcY}pmY(dE~m$wO~W7H^_pmnRJk
zGv!h8Lz%k%q(H)J9#>&Hao+QY-%=xROj_fWAaW#r&N!1CqB<v^YAp>iE#<M_U)p8O
z2R9z7K35TW8+{X)vuDc(U27SYXBu6BsR{BwAl?N`2<5s%F(W?dPYCU#J7?lvC&y*d
z2M0@Bi#UwfV)tX4!D@t8dsF2V4Of!}&$K1+4+<}n{9e8|(K?9|dKIE`SU`@K<eKe*
zlR&9^6x9kKYs`Ho$d|36U;oPd0UIk0qCGXoRHsMcekC~d0|XEbhGK#0LyBU72%ljb
zf~v=KvSA~m_WaY+e8Fh}iFu=Bgxk$mCVl+JS&0y;EZl+uBgd(9!+<_GHb#09qe=Ow
zXESZz2xESYqL-Pi&}JKPO_w&7#3%;#@$@C1sfU}UYpLjxkgu7By+Da+9&mB)yq?qA
z(ojqOn~LcBhR-|Z7)Y10c^&SRzeZW2ZbGb$fIB&YFacWS_i*hr4NUj20k^GOj{I&0
z8a~**q~r<BeQ4Os)M#PKILXBDd}_r@Ra$xf;CzWRgSaXM$s%4m@+5<*K9)Y{B#0%e
zsM=0@fgjqZNH)KoH<gJxa0J8?B0sYYVw)t3%w)Q`qMJlOS%t8bvHGpZCWuHV-MkdC
z#N@rewMAwvPx!k)Sr;oGD35--p=B4N<OKY*y+H4Z;3x1-amMs`by=KTHu|KA%ESbM
zC@Rt*xZA4$nqY~~YGTh&)EkA|M!B=A*~190d-(%_U5%akvCA+ogUj4VZal?%rlhsB
z;If~Ww)C;vwNj{G+-Qp4X2fdbDXNW{U?1o4>0%cTd2(S(046$21|SB;P69MyJ7N43
zeHyF-BT+TX4qLNiQsY?R)=}phvr_up%_<pZ(YL){s2^q|w6sjHF+I~F+A>z&h?vYS
z5wfAaZy7lYtE0LsBN~)$#^CO>y(jgVA=rndRTuH}FWRv;moL=CRiUGfE)GFKnssA?
zdBi9suUhF_w)GT^4(bO923<SU!L@1RVIwDrge;MXM0PTf%--0vTu{b2_0^J;E#koW
z^lSlhyr|}amxjDUsgtID+b6b1qu?3Qj~29G6%UVM!a?M@X5%l3*t4Nc;0Kx1^@O5`
zU5k()9#uj$&V0SWaILY(5O&0%w8s23&Oq<u8~)##|MosSs%-z$`_MfFdLK)icbbHd
zM@<*tM@<M_i)=u)p(w0Bg7*MF!3hCC6Bn-EYL<NIlYio6&>tW;o$Fukqx1>rG8{GW
z{txfNqlyjCwV1c$ftmZ4+Y{|C+5g7-0Jh@);C<+x0(<zM-p8G0j92XEOrEJHz9Zf8
zEK92m>1cUv4&7L9;xUSjnT~$aVL>@rTANudmu<={oJ3so&S!%*`Cy{=MN0ooFLC^F
z;0mzqr<2@Jl3#0N<tAxU4^2^^meND|9s(;qRMVjgDlmf0F%O~A7xS-I3!(>$v8$*H
zPge^n;+q4vgf({skIPT75=)PE>S?f6z|2Ph9#0D}Bhnmml_-50C;qvlC===H!rm?A
z<aH1GK#N2A)vqr+bO#|l$|<jNMiq8V-NuqUYCWAE4_RgP$9*S~?Po=LV5*YS8f9LF
zW+~D~`fYV>_!W!uG$(=(rwe4cvrk0)MUJIT7m#+Leq3a5z4)IlkbtkgSX5a;e<~1w
zu|A*pyPWimP|>XnAQ}!2o1M{a4}o0%_?Hl?GH0md;VvL)vI}_S%|3nRFS>0-{wqiT
zu#;hg+B%R1wR421mf(#YWBLoE8~-~20WmOH#H2|`KtKDx&L?LgP#z+8mP48I^3z{#
zqZq+It>A^*Qb7D<SI-Ri6G`$R@xlI?+qh5g0j8S(dQTwqm&zLeAx7`lHv<^Xwf@~|
z3=AX#mHqp!{jk1b;cWxP-%(8-^zH7H?(1;z<d5-yJtRQcBNq5mfb0879>yWI*O$Zv
zf2%Mo(`2?V*mGN4sHl)d-|R~KPLrG&r)I)SN)j+C^@d@1z#@Fe@>4lK(b!1@OkyU&
za4JZzt5YyB?{IEN&pYptKRSt$yZL}zl7p)h=KN$`uqc_C{F;IFt(s$Xp<=mPZS3fq
z?)2X41a+0KZbp{V`@w?l!42^OZOQiqOk`$WYZ!@~4>xC`8FU@`N=bp(8Qcm7Z#_3v
zvDsjSCYU}{5}AP9ca<cxLu?&kXk8_b?G7aGGA*AL4>?;CrR{AotyK+b*5c2)AuBRr
zb_;Z<&G`Wh+Jrmk81tngwo|^H&-<^(bBAhbJzkHmd_HY%4;V8@_`P~0I07_Kbo?|>
zrQpbbo+nKt*EtB-zNT&55god7Ep*!jEp`^X#XP33v_UO5F5tO-qxr}$a<L*_3lD4u
zMa|>2=9(m=@;yzLEIMF{T2IYNUL+cZqn~~Xj1RkuPKw-3pKB4`r)$Qc)WB=2Tv}U#
zVr=uG2UHx&ZF2Y69D~~m{c=S~4DbOI^}^<&`6<@IcTj`-=foAclk`7y*4ySrG8)p!
zmnJ6^o;zGc%GwJ%NH;w5>cldf+kR8wKqgt|rZ{AxA^Hwi!GY;6gTd*0TfVPy9cejt
zsF-)o>~+$v;<e+jcD&<U;a1X}J3^;U@4ZEfn=|Kw(d+JH_%L5V{gR%2YP3cG1M3oE
zyPsx!Q)z?f{IHPoaXvQW`~Etm_x^O9GpSqsWzc&MyJ{+UfhmI^QU_D@+o#9#pQ}RD
z%p#2SNbH+MgsV-St_75<)4hi6`8uw{IJQx$Jf6N?GvyKv@Usv-jxldDCv6wj@gcCB
zRbiP9bzzs0s%f<79&<rPIaQOU+G!C@47=5X+<#UD`XQ(Wo>MRQ*O#x$Yk5odO(&Mu
zsro~xUj!oFd8nSasD2|y7^NB#mdyLQIlmDo-_x`37#0sK+_Eol)8pV&B!^b)8Jx80
zp(D=6B#^6OPPv%uKU+IpTfM@qh_7MiOM9~r)YdU86%V_8>6tGEbXmgAh7r$W3op=f
zqPWw6&>f+1KuuGkaEd&G%#ILceT5^+f}0)5RVw^2I6{NYBFR%C6ZiQuNANL>AZC%U
zfdCD}-w2f}k-tP7apkXUG$`384-ga(Vq`niTqWaQVL&OT2si)*6DF9vdnrgMH<-x*
zf%rA?U%<2)wD$}bV2TLDK9z*Z#(@G1@St}2u^{`|@g;%spnpkSKsZGNONQ&j{*vKA
zT$MtCuxsD|z5vYwVOS2(?G*qJ+#>)QYyqh}K<F<OFCdT<t9Q#BU_8z0rTzcQFCqNx
z9`QfHDKJ9)M9*I`JPf(ZCDQE#kAyY?RJ3bK=yQnhU@|&)9HF5iAIN=f=kH1jcJRl#
z{OV~hCnw!Mc0TX7oP}O<ZypFt8ExwJ;7wt?(61Bl@n;P2%-`tE2;29;wn;I35RQ-4
zz`7$Yyng!yvi~YpTrbMhWyJI0k^i7Ny}4FR)m$0!&FI*`dQolnxpM1lu(X4fyg_5?
zcI>;wX#znau?aIogs~evV$!r<|5Fzr_%_e({qw6S%;9c;hhub0v~g(BlcO4F3JYb?
z&J&wyiU^XE?w1`dIGX~TE~?I3S9vP8!-37Xd&J_t*mW=z11C43#i8c&X=Fu{IQNSB
zL3YYd>!=yRs^jEg1ZX)h1STM<ZQ%sLS%=H^!uNFWOvFNwL*e*^az<fH!Coy;P)f>G
zISLxaZs#pTY(}rDn{g)DMhdoA1)XuqmoploqHCPsau2fj<jhkR&PnXC(`uidCFcR&
z<h@UDlZV8BLnii|yqX}Oicy1jljqie{kMvFle7M(is?ZERqT&+B<Nkz)u+28ziyNa
zAkmH}+#f+<KyT3<k)LM-d@qkkYvMb9HC6u~K<fD4$peTXvGd#|VFCVCFr>j_`A^>D
zI6$6hwS3rrxOrgyko}<d6XSvE9hn8N1Ct-`{I6gC%u83Lu7Ff;pvLwU{6lpGf`!)y
zoQpt-0-LvY;|28X;1t0jhCmH#_3eT{>0jg$R|5NH<Q9f(?D+Mdfj#__s{EU;MDqiA
zmK5eaYNyxsl*)GoFMk?}RDL{2aT94fQdSZPmD|+T*5l>@u1+5DW%sx{U!PnK9qlZz
z)x<m~dM+dx=ULfLxLZve9+(uePgSxjYHHXe1eeAT;~+Q2_(SPZjbhk0y-&eEmeTqi
zw3=5%>_Cx<T=@)l7{$P9H9reAw)4Ay>xsH5lu<*NWzrzIs~M-RG-lfz>raI&>ltkG
zFrT-QH;^B)bu^yY)och2L=&zFM>U`F8^Lp71R)Ec{#{&$A{)!!YQCw_t+oV!>zd(}
zxLTiXPoI~R4auSxXf5RDsWQ(;RD)QG1PVYy>?8RBOY-@M2R^u_f2tt<Sz-9{`6*BJ
z?lS<mr0~b<a0o>yML#FTwG<JmI<oiEoY4hd^3)!vxvEY;bMl810nloW0cQ7@3)1Qd
zz?>i$z6bpa%vAnsPJkHD258RwPjjN`1S(IBV=3YaY!Z+gXiol+5&Un=iRR4z!JL$$
z!#Cys4|7s=Gz{tZI;oBPX!m=PyX(iFjVobEPm!rGGtH$n9d$Nd9^l9-I;vBt+8_s%
z&-M~noIIlJV^l%QcHLyuO7YQh2btgTDwu@RJQ%Z6Gn9(U_=HM8ZpG3_cF6?^<=ggV
zQ*c-kQHqAlFMD*myW6X82JSrMX4VvqlSjJlzuuX)u@vsdxPP3Zb(xCZG}RK1dwrei
z)Y6%=#@g2%)n5t{mQ5=G2DfR;>5qAoo9W7kh98NStYtI%)Spr<gpVVl`q2n}7?@D^
zCv6fHJrYQ%oR#j04rkF9vC5{sT~VFzpk+cSNsyXyYJ*2n(<7JG|18hkE;mh$I98(x
zyi4ywo0m&gKUb9d5WAVLd+SP>^VLjX)|J`h<rw^Qp-G}AH|ayQw+n7?va|BL8;V<?
zHTRLY@!aY8$HIQ_c85azbl}|Rh`Pj)0FF*CG?@V?5i}%#Y+H;H8eZ;Bw|bc~UN*!c
z`=Co5xwRM?GdO0#b|z0xkhxpfnMh_j%LFNx3)ac(8Z^j`C<qk-sox(70r<)Xx32NG
z0_4B-kZbHe_3&tNhZwiLf!{UR-tXe8F7N`9q2_W)0rl_?BQ${G90|;Btp%j@9JUCb
zU^rOs4<Nsq_pcrTF`yn^eEpw#$R!0jodw?B-~{rQ8>okW$gux6dU)~m|DcCQlb_Z#
z{>{1mGp)HM4@2tMCWh@40;3I;kl3dB+DaF5XGGq{^m|>Z%64RJ&+qNvJD&XKs%Skw
z1l`GOwrbIP2D7zO^rbhYNFMx7CRrYamREm>pJekz`Z)jg3`i+A1GPD3KM#O=Aouhz
z&!XPrMBP^>AA3Kpd-mTe5+C-r8Wl`Ucbly6i7c&G0dGP`EH0e1(?${nQ|<axB&5R@
z1uYdclL=Gy8CxT69Hpl#ZYW7KlcJquiTMkrG;$qIrT5xC$C@p1`SFOhSWrsQ$*a45
zM`~I<rL3hyQN~9xYE)76hh4NOr^n;%Z_x!RUXy(Q=qZMJqc(^_a(XYM*8DSssmrA@
zXn8Hdw6--p*;v{<ToxtS@z=Q?LvC`12-;s5{VO!OQanPMW@yYZkff|03E}k&?9DFY
zE=>48#7@J0w{8nw)&E`tV4j`l#BF1bNMF>rV@@n8-Sxju9%-lhPu(F?5BGA+*r_u<
zPsIbB5ay;;!pW}=cjlZ~yn>-_z%3~L=cV?^c>!x4)S&D%CSpTjCxPQ?%;d-RRZu4u
zOeR$lq7II>>lmRkXkNc%z8zF^+JQ9qUeWZ3U@w_|6>CX7A)aWmE+DVoa7xXq7r&2m
z#fgR+ku=&$lR3lM$se!f-^)7iTkUsy`CsHe;hKm&-w_T)L?@>U=x)W{LL$sYClcSo
zj{RDQY&h==vDyL}LV0uKWcO`QEklHa!y-9KTZQhUtB_2n-Yu&=?1-ob4W3T1w6gMT
zS6>mEes9+C3`Xx03pjL>pcnub!|{_W)k#S{zS@f}tR~u^7z=Emqt}IL$zC-tf^Tq&
z8jo@p9mhh)Xw_uq^|Y?a-`BjqS>Fd+e7wdmrbcB)Co6uV7H`~Z@i<(CAIdr^KXfxs
z2x%>Zlg#0%mC4XTEjXRG2DREYkXaq`vjG9_09~Wf_pm(Z>LJ|5?Q%GxCx1pvU&D{u
zDRlh7o)OzAUyx1RKk8-Gi|TaM^Uis|o0i)X{c-Qhz5HPY=NUVA>6q<Y)V8v@fPs^d
z-kX6fK$h-^DQ#qe-puCV9f^3zp0EdnO{<@JUTDx<;JG7Tp)RI$SGggi$#Zx+DQkT>
zxJG^r)>K=@t63He+}<gFWEAvgd*=*9l)>jy7&9SBo2k7OaMnvO8pqz}Cp?`%RbrSr
zv7!4SuK`hL6v>)a60=2h2{)TWUTrjN@_NR@NV6srAq0kJY&~RV>WLRH*s2M$*F_Ht
z+cL6MU2P=tQ<v5x7Y<XpbbABQL*a5tkLLsIc;FUutfEYD7rWfpuipc{Wds@DO6<=s
zQiW$%5|=Tv=_YD9QE18RVJOp#tuSx9k5#O{$4P3SxZf-sems;+#e}eq#(>dWN3{L|
zd}E>{!CFktA(s50%p;+^P0F^Z&_7g;qLN!}lzXB{U?yK>u5u2&9K~kfZ2-%7vIF^2
zF^>DO5?T4APpa9_&#r($tg?94gdFwZdH<Zms#w`~S-xYd*)OETZOO|ewBj{~<>ztP
zEPViyIau5LEa=f0*li~kC_JXoj^n`NJgLGqYpCb=`5TMquJlZDZd|9(3{1J^1t?F}
zM4P)7akA|>F+P(mB&2oJw0EiohLQ=k@iI<3;>y?GhHV)t`ipEqZ@fCQU!7wv_4Qrz
zu@6!s(9;snLawz~>xk=^c4@;m&I9X99}(9KZ4DzxeOP}d6SG(&e?iA|6ZmE8^SDi<
zVVJikL85r;i~7q!Ve}a1aAm#6-owM=xrDA~{=@sVgidblgU9=IKY`Et{%4NQ<L~cu
zJ>1?mdlhs!Ue{c2OEtV7_?+uQ0B?E8;GdVWa`vJdQ9Oq)FJ-~cJ&0gFdeneVo3d3X
zxhe}mOd_d_&-`<GE{fQT|8asMIrxr;NkZ6TNAg*zIrXzP679X3&&q~-j?CwTsr1+f
z?0#_aOEiO7r@gKxHdJRlp7*nm`a3ut8ldBkd)Vf?SZc+gpnm%4*~@US75yN(=Exr=
z+eBCzBS?ltDlLgwDx7|}Las)(B!*C~$vXjfRALE5hbj}(EG$XmA+4cC-W9LQ=uO%Y
z^38oWj#KCjkt4L76qUMuE5CXCOR1U5gx;C4Rnyko>}^LCUsrB5ia=b_Co|l6t;NPY
z!7fXRG$Je8GpW(Y+LP|Pw2E5&Ccy5&^lD0mc%acNrK~{HmG@`^quD)X^A6|5{VLQc
zE9PtH-Wkd_P^WS;my>K4-=?t}p+i?KlFGx3%5gK{Be`N>%lB#%FVTc{&ff=SZ0}Y*
zFU2oXF9tjZ5wA0JumN-T%dY6EMVX5PNo;RqTTVPTZ`NMWW-k7Fa(aaCAH|}!AE$aV
zeYo*<$<vXAkYaotp=`V=JoMZ%+c{h{AuLx-&zAy(70bO&r(mvewCzWY95XHQe9brV
z<#u_CE)&1Y?wu6EVXSE1*Lv@_KCPB;I%zlisz6zmLow4PTc`MWTbmHph8PybT?Nzv
zBR0ZpZD*e@Y)GrnFXwuugRbq!t>cnq;?$Y*mn>Ec7tt^aDkUr`7glQ3QVW@`@v0a#
zb)Orrrx}J>(b#yGerWQ1i>Q`vj<EW9swzy;APg(|p|V?T?Y&0r4O(I#2gfBhQg_XL
zpq?YKJ4T}co8vD0&>W&GuL529@1YE=6`}v%p$tf4;Gv8fmkjQs8JU)O2U0{)Reo6T
zZ#AoGSyH9hN27)Ax34GdD@Ps-tY(`YEvJ|!4PYMq6d9;yAnBj$aLiPeOOrg>{FRd%
zGO0B7e;hTX=a+~^WV|D>=Cg=k!twm%7|Ax2xbOyvbTs+r1P09T!GM;iXb~=4RmwzQ
z#WN`<bw|8BQ~eL>QIY$XIN8nx27=T|0yB9g+lI&~S%=EaO=pCA`Y)+PsAC`<x9oVK
z<`xKrY&Y}!=IbTMlZ-yp$R-|>GV*8=hF;9@8w5smJl{jK(1M_FJLT~v+J=!urP|e9
zJV<P>M_?eTRuu+3mUVwR7Mwi%IO0mMXQ+{SC}EXWy}IMap-oNx%s{*?P32E{I+lln
zh`^8?e=8u^9Okb29rMkQCy13He?0825CX%i_i{JJ7=2KOO8mKU{?=Q?_qSo6+uP~k
zrMP1G4DZI83JncagGl|j_b{1O2cLQU{%;+U1QJ7?AQWmUok3$Bxv0QWiyyJkEopU?
zDe+%<ShFq5;q+vaGo=D*b)as4qVJ1hkW3D{IapV_hwie_#22eZRUs>eJJ6~y9g<R%
zIi+FIa+_!FX&R9#5^EehJGKPTCQA~Ka*``Gh(HmX4@}3#qvpermO5^0aZPeMIM8%X
z8<3xhPIHzyX?OUsJ}O=YMD3fRCP~LcEA-#yD|@Kig_(VuU=rTfMeEdFcDGNXLb-OI
z?pM3Ej5>_V`XQF|P{1dAo|w8)pM6lb=VXHW3QGcOlRz@gHI)(fo`bWV$6cP{2v%g8
zzrbl^u>N~JiwQ6P24n0r0>V^h3jW|hR$h1ygvswrw4US5#fy0f153pwCSS?PoRv}q
zau%;1nhs*%3&v!WP@f!@Vds1E(=df<)s9I#<P4GrOOYLM$&U=AjV#ZOfwOhgiOulg
z806&mFY`fKpe_-?7Y_|e7h|w7ZLSS%c|tcEY$2K={_R3G4e5YP@moMtUq=5-NZ3tW
z!RZ{yqE!J=WNA}(mZ{yMB&R4AaF;eqX#m~DLO2gZ5s|7irE7;ofdi{LQa7SE=-2_=
z!uj=?%vUb4K5+$VLGK#1s`9c8`%YU+rfJ$c|HiQ*xtaJuWpMdUg*j^27f96nD)B^3
zRbk+^tf3=xwP(JmO@%V_aI?%|HSIKC*_q9xl@w$OJz=!1Wdnw@R#)u^N7D%i9)D|G
zJ=vL`sT;K-u3Qb#lGcun3NnS)t5}r`S}U<C<Xf!a>Z__2zBHf6lWb&Itj|@f6R@=J
zngb$!_}tuyeGs_ApNk+0JTQIs|AhPatpC}Oklo}8Yn|4jzS8y!7Njb1n3PdOD`^xJ
zU!Cfqg-C&OzX>}rrDRk)?pLJPa3>hx$+yoGUknB0x5v0vb18~R7+3G}y|hjCUOKkf
z!nr`=Fh3cITA=0GT1mf=PW%4~R-5+chx~*O<&>)n0G344{zyms??XbO*#2&hoUn_5
z==;(yGtby;U1s-hb2M~SuBweYj{C+pP4*LQnOgoU0l7m7LnS5M>zs!qL!-v&+}BMv
ztCJGPp|SX^7EfeigbhqQ2kQtLwjU4J5pcgKNB7)p@wJb@Xjiv$yV<>QwUzmi6251l
z2G^dnW?0CcsOOoKu-@<nG(<QQg)w1jO><e|h~Gn*vJr?m3)V6(L7Ns9XC9_2jw=65
zW?3mrUq_w~HEvJMpWg^Bs~II&sT*rjCS#jnq#gH_Muw>)h}n)qH~71)(^v#mWvXDr
zH+OW9H&jkB)w0`NlPBIlNT4ahk<+|@GHS+kxk=ZSfSK#~KBJBT9tK@MV^KZL#N)ww
z+B9Q0*BqYlRs~$fDzUx+)>?XcFndyuXO77cA1S2u0DS7V;kquQ=UVWA2ztRlGn$_R
z;WdeOQ(Z06QYpad*&dML1J+v%nc)*?Q+wP8eCUSsIc4Sf!NLz&4&s!H48W(b<Ie@<
z`1em3%zkBe%0)z3f+8N`n@O-XD;Z+C#8!Rv<2HxQzHovr-Z~z}$2!fF{Y|zDO;Cww
zq`iw1_kB@3Q)}vl;Th9xZ}}I^v{k>`i1pj=fRfM~b0SQ<i|M;5hF^L9T+9Zp=E-i-
zMvPp`Fn1@SLk~&m7-BPUmmh9|kQuJlyjxK?T{`Q<jBHdH=i3pgZSpJ<bR9-GNqCDS
ztc7cwYv9PJ9q1hCO34qArRl+SZHQglv*avP<_po)&RDMp-k3GqHEOrrmmOHt%_y}U
z?81@guT$}1O*BIqTCVp+_qCH`^9x9FwT+d$!cmb;Pp;tsc@qM*B*%+BOsFW884vBT
z9{q_7pX=a_Ab1JN0v@Y<Hi>p3x$zEkBN#-ZNJlRXBlxj*BL#aDQH6M@N?@JdloTiw
zhBBHGVqn&bOmr%1V60_@D)8=#cc~mmR&A;c4pqozqbt6x`J=bdu{d$-5*o%CdaIi|
zhG$j;r8_X;5>yTMvAx$Q)GQ*1>96I?U0aD5p5@v0b~Mo`W`&-5aDS;p3|SY7n)`yX
zFH1|(_&o#ayt`(1UE~OqIVI8wKX3h6VKDj^g<$iH*irAA^VUw$F2c9=s<yUCGSSmv
z`@FWvkGauc4*m~(+I0qWMe66prnNzZCnL=qSkVf~e3aw2#{M+QRI6Fk3Jh`;q2NP<
zWP41T6m89kA)IFAd@(lTw<EU%I&dQ|r#^y}(oGD+a%c8A!~M9YwSud_&5}<;WzAe1
z@_~dsTHm_bNq_Ll&{Z_9{B{cFv!XnODwe3UI`(ufF5#d%cr+*vzl}+(RB0$D9z9ML
zz#fBV-oQFMjmIU=*CNC!L+XP5JkzM)qS2n_v8q3Dq}tZ%GYoBt!c)%OcwTK7Q!GOn
zU+Q<g{qb^HuxcCBP$`17JgQF}Sak+jn*{Gy1=q~@=Uol(&)pToYX6O=`->I_uR({k
zeY+Q;)*}vedXSc*bzuAYn8mOmLPKnaYSWM*g5XMX2-ga1Q`fKhjsdG(8NQ!Rh=cal
zhPDQTEg7J(Vqrbv5ZD7(NgeplI;r0Eamw5A?diPg&IIZa2o;F|*Pm0+TQ8pQ!K7y-
zqKYJ#DSqoK&CxoYz&XuAo^UsEHkGg78$>SMsaPdQ6`i8!&+3Sbq`otn(cV%al^yIg
z4|j2?Ep9Lwv5D$6=x!^?Gl0wm_UgzVj2Ar~Z7P>3UJQd9uwn}~5*(xPu$5Gb<i1zv
zDk-gSNA`)G-O2A;p)i>B^&5t2VzqeI1lPrV-1bTufE{WG@W8>!BMu0(5QMl-IE-BP
zW07KI#AD|LGfc-wF^U#2?g-GS>Y7GiXe5kVjEq%=>R&MW3(0jCBYhd0*fr`lw$T<J
z=+im)I?1T@Y6xbuuUu;}?BvUlGNnD0x!Ph%HkgOen6`nZIj{1|Hu2s{%J#Iop-Wrl
zon8ldG3-jnow?eHJ&9e~dqq`7)c&!IX2}1fpJGQd2}&OIeKy|xgExYOUw}SAxdO_P
z8{1uq0n43rK8Yad$(>LmX9hcmuyJFgn?wy+p~5b~`>~^UK!KtauG7femOdIy`L4vD
z>t`(QYt~j=>x`He$MRX>Itf4FbMa+%KJQD+Z!lrcUrR1w#vT{1qKIDXqe?^8BzDol
zZd))`!wG~#=*vfL;}><Q!}skeSmQiD^e$)~Q1D#qt`qe`9ree_m%V#BZZPU9_=Z)^
zkF<Zhj0i=J3OKQrV_KNM8=z7{=Q4eLtj$n65;>jV`V}1&BsTf%fN&Wv2bHW2t{?6W
z_{zZNM-GvUrEaJneh*ML#04ZTL->(DtTp`DvD|-Y_{CYQp1M+d$YqfIqVJvdP2jVV
zp6QzSVmhW-&+-14`fdI?O#zKOnFxKe{2*Rjp9|m0x45)#1`M|IxQ_&5nhnIJbhB5H
zO)jY`e9+xiO%wc%y>ZaP%4?&7xA|S)k~Oyw5TpWN#-!JzT$K3j`HPP(z(1{V`Q%D&
z0nXiiT0}%Bw%wQ^Cw+pX_vya}<r<sT61D@g7#hG*0^UoKx#WeXfluZOx$#?9k^<xc
zrDUxG^2o|4aCZO!XD~>4e2{X|AX5Jms9n;a6R5whZa|3NIS9l5pUU3A(r7>uSYA94
zQ0h}{QlIL@r+>yP9{8V8+xfSIYj(iwRo&R!m6xc6%>DCiBT$IiPclGW0*MOx0Yn+)
ztcq-T1OxBu7k1X+<lIP#FYEy`7&vz+sCZ=FV2`R%Kf=-jNX@wxAPOvDqKT}_;YAnF
z@Um9QSM{xA`j89P!8%HTAE=*N2FfcTS;7d)2q5yy2$UMn0F>+fBr)ViK2d4#lYh4d
zK4%Z*#s9?MCx<OHW`O&zuWNr$0i@u*GSvR)MFEwv!s|u3<wi(e#`yCGFVp{_qFjb3
zrG#Pu&nwmkMXV^^8YZ+C4H{(_fF;RxU@iHcVoLloX~Dn~VO<rz+K~{U1(96yW-YtK
z6T;ZSIdtTJ`go~v#Bgf3Q@Mz!Iy);*BwaZttzxyQYjXFXCoO*?O=biyC5=<4W~D-*
zuPKeFI7;>B%-W)-EgK7lX=u1ume_-NxQ(ho0@B6g_(Ny(Wf=$N;F4&Pa6n3gI#+5v
zc@}op;^Ozr{FWMaQrisLW_Em(uxBtfO?#0RClR6rl!oNQ%CyXV4^WC0G2m&gvxuXF
z^|W8_4KnH+@*>tdI<wFoEXs=Zi3-B_t!h3su4do5ER{cH*sD28brtfg5fw3RQ<Hem
z_34Zw7p&ARxFwKF*dX;-lWYAXD5U@Lty0Um*Mzgy!Vtf#U{xlwq45*~-}rF%V#a>x
zkVvsdi1`QjiM>Zi2S-b03IUI;G&5xQKGNa7?8WHya}C9?K-;+so*4FaJX|_n&l<z>
zOzSo;9{y15x9dqYmjSw?W?mNFech6+NlYuybw3bQ)m$H(Yz)4;HU`M-C6hxHi=pFN
z&K*N-+YRjR&NbHUlMvlp7xK3pV-T?qZPTCDjX<%eOEfBlzV40siJe_oHvHgdZbq->
z=lQ0UaH7(R<~pP$r*D`|?FoO+%4;MPXbE1vu;t`uX#!BL5CAN|_*<e&5tgdvYOWVp
zs=)m6{odSwije*BL6_6h=JxcuaR2nZ!GO7n$dHdonp5u9U2KR^dR~M-8d*hr`@asG
zqZm2}zj*aY1#J93!p<tFj-YGTxD(vn-QC^YU4pv@cL?t89^73v9xS-K1!v>1al+yI
z{`yayyK^(Ox~Er7)zn<{n)SX<Q!8sJLa8~|Nd5s*i!HXBv1K;X)ojg&T0kj~SHLD$
zZ<8Nz<UzN+HWhfdGc5qZ5g1*R(_CAfdO~3zRjiLaFDF|xs~Zuqy&YdSfk1^c3(dj_
zFodDXxnPC1!_a^BrccP|9y@_3Oz_IlYinB4V^7pzYhqnQ;#7Yo&ogd&C>f}Xx~_PG
zhEu3tYrygPmTqAHL!84caimp^tREIrjz<Y%P5k+R|6WMOp#8jIEXW_w)G#B<h8(=K
z*ei}jx%us<FBHYXVY+a<h<rWj`~WP!Eq!3Dy`AFKQ0fx2&-Zic)ufqtYB;1$E%9`d
zV6q$2u~9hd8n=@Ma(*OFNFtp;hSV#aHecxQ(oE}5MYC>xQ1Rd_o(OUpDYYQ^c)BgX
zWz!we(5W2C4e5y^P^oYl7^}JYxlN8BTgFBU^I_ni3$i6gr|#x{LIpm&f?8IsPX(2X
zD67*fjIHVyXEFZ^4as;OJB?`O<h*VwJ6qk1>q8-59f#qJJRGF<SULM6JH^#)gpT7u
zF^<4i2S{Ayu?gGRN$<O|u=y=(oo7u+IxQer!OB?3O3!!0tTh-hJmPp-kJMD&gRPbG
zMx_m~QT!pxVetb~CWt~8)z#r=H1ZU6XWDPtE^#PI9BAk90la)IGbZsz?vlCaH8HYt
zyqSoo%W;oVsF}`;j!@1G(+|g8e&@=#x0D9xjJu53;CK;IL!cqqG(ASB+e~Hq@~}Hl
zHPNDeym<mVKmHs?n$%|uoRUR$2MlaN0O1!U`2}Tw>Wp48bRNf{)?S`5*bIE0JAvm(
zUU3Y7jj8?x`MW1PIp!<aYNFJ&MmK2HsIoV0dHMN|;ORjlIFAQmtXX)O7H<FI3P8DH
zgncPeKO|q1z*HHXoGRb4jQmyo#?Tq4Ub4z;*vLXbE{nQVin^u-CdryX1l5~)7Ub<2
zh*B#U7cVpA!TXkAz8$hEYQFBtJNeCgHBg&qs@%(R{{Q;5av4Lf0~Z5Yu(<45Vvh=h
znQd7V^z<D%k0*M(WHmd-RJ=~BU8eg)5^?vx3|rzve0G0fwS{RDjwPuSoa+!6^ys}(
zhs?zM&10gnanG5r_7?ZGF6hRjsCc#m5`#IG^2>syWn8Uf{yIHk3fOor*A>lFs@FCe
zcdJM2>?P`VA_!ZoC(8G&po5GV<ic~M48pG_ImP=ke8Ni(?V!{tLMWyvTkVU}aoyp6
zj&HvvNyW9JEePl-({A{RKk3SmcgHVmzYb|~k1%6596fzZskU?ttOub^xeTmDt^HzZ
zIb=4bfpWlJt3?@_&W)OfNZd{yllGrE?<G@a;4BICYP+geCSpVz*zbqmyLp1(eIMNK
zNA~(&82+mqe3lBEx6F689(uZjTiKezkh^L!hQbgtd^sMjuHpF01@OpM%)T!*Ui1o3
zc{BpLRtup;jL&T??F|L0ao`*Ool$-3jrwtCCwKQ{hK$dx!|TE(H@4ujWPvlNJi_w@
zh!p;)H1BYmgckBV%G^!$#edpoVTKCo`1j?Y#I>$82Rs_}vXdF>efE|szPi11$aV#~
zE*CPH{JOiGY>T1jxX_6AQpTv2{lOzzcRAl{gdU+SIrqY^I44K0Em>41hG*&!=G;ay
z(19TR3Ca07*n!ZeMH1|cwZ_=E&IYz?_vKRi<(wX+TX?RKSu?Nx8%w4hJL-Qtv$afY
zUAwh*s)K%CUfCpMl1K+IEJ95el3;{yUoZ0lHyD9fbYiSBRD)Vh9l`B~L@Y_%6TdoH
zko2!AGIKmT88)7GYSo$qy&8h%9Xb+ogTU7M&owi{u(rVs)H+oO<56BwW0*rrD6m7z
zxKL!;zL@^a$KIX`v(ii}pA5t5*Bu|shD~Sqtl&tfWI=;u`y348gsAYDq+Ji=YWlz3
z1&r-QW&tvokw)uf_vOV%@_bDnA+!q3>{O?G3P)Z1(%$t`@N*_*T}<)pe>f_|;jL(?
z<RYML10W{tPOJWLYuQ9!@>qw*Io>zRHj!(si@l+j_=I3sZt!L&@U~+bx=%jf?z7P^
zr<_K2kJxvy9VVmu>(Y_0;k`BtFFyT$y$Piv-rOtW+@K4<_vALJbUg)mP^;Q}tZq#B
znx_^d)Z(%HMkp(J+^#$1uJoCNM=??d;lSF>+zsNS6aQ$8_v&&0uunLAx{H`t+S&fl
z+341G+Q=cb2t2K~F3h(OWCiJ?ZI}#TmFj`i2HDbK&4NyAtL+h-w61sCOuN$K8l(<B
zxP(R(>2p0&mY#(gC2@V&V>@jK4K*I()tD70sxQS;ysAWr504V=9LL}aR6+crO?|m0
z{JM`nX#pfppnF{qmn<7{LBFac=hhp6dxM}dEb_AOu<vL5B2K0KRk`KsN4x9JM&gn8
z^|0B_gf@)l?cCakHgXIba!rUzyv|lt_Q3cg2jhfP0*+8*anHwR1eKVkh;1x%+tNuI
zCZ0*|x5lyZ#)|e&%&SZAw>Zqutojb?2wNgT+&oy=DE2Bi<qogY@q#7a4D!E%Mz&7W
z6FxZz<bGNDUW_VlCN&P)clF~o;!2;2_kJU2^#zxB7?xOM8V}W4ZI!70QW{>cA+8ZS
z{`U{Jg(RN@uV=Tjr;W7McuEP?i4XQ&uX0b?!={)g*?H<E#~RGoGz#g~G-d^-k)GMT
z{qA(Ou7j9pHGPoVml@~85*#H?@ZW8|??`XlOvMUUEjp*}4DLK6o~EF(odQk~7*Fcv
z7!Hl4p~*@*!fqSbQq-Aa*(W`X@`rjqn`%{l5xgeY)JZx$4BCD6&HldP6Caj-YO=Rx
z%H&<th;TDz-&Eh(cDPH!?m5(75FVRo{spr0T})f*D6PlT)@L_Cvy{qc>uIZ64|5x7
zSwN<((>Jg|yUje7`RE7=vVTi#Js!>~@&xM@ly`l246i&ayYv^Rn*Wnpr=qFhKNnc4
z66S(HcUG0jZBqv8ade4cb!kOXAoOr*3tW%s&?%sZ>#MPJ`4xuL&hyRlKvST4Q?mF{
z;(X8v<VoKH*T(ysk*u7t{cPBRzmzwq8ja0)6UhFeaAM+=`rv;hvaZc=6Q3)lMDnk^
zP-;S*eaWa)V$37{{-SPvxy?=gM^+!1{RtS?r8kt3>IZPpV9l3@22eE3SDok4#uu#D
z9bg9A@w{1(xTdaWSX-07gEz6c(znu5z8bRP3nV?7K_JM&)L_h)ms>Y09qydRR^%w{
zI}_!z<Q!XH>(0(O&+BS8l1&Pq!$LbvnmVCW^N{jIY^?~z`DuG-nYZVNlP8!X9CLW>
zIrL7i`(beu+d{O0Of=nYi>kltOJbc$OS9INz&<kf@P?1PS-a=lu)mJ2LA+vo;}N4T
zsef)wDWzbB`&G_ldu9$<1+7RvsR?u>1a#Gkqj0&q67V}(?P?FLGIW=$En3%Y8%-15
zlwl72xNcg~{Z{T;;OO-5?;DTuyCT#CuX41vfYg6b7Ix(wdiaY&v2^sZ?a~0vlyZxx
zRB8b0`&0XQVwSo70oykxJ#1*4NAKAcZV;|qVB8AeLI5wiy|yMWR<q>4P^(|8@r72Q
zdj#R>XWq_366ql&Pd?(luOi4Xwei$h?YG&Nz*BBrj@5_)E|&Sa&76{p4q-07G%^QI
z!(HizPP<0kaK1s5nURv#d{LqX$}d1sm)Di2qEc_mL_|KSiivOylW5B?M*_G}Ek}^z
zJc_O=g<xI}B^mn1{!QdPPd|V^=;hr8wQC1-XcUsYQX;QsovwLEM0on~AKmg6?|0_o
zQ7wyp?hCcCsffFC(p}fh?9?SoD>?>wtu~(}KR47PMMUXM1IGLkYrs<J$1uqh9F*MT
z?-&-t%XAS<gwP|OFz+^bQH#)6yNfzo3Abs?K(C0?G{yN+k=B0?HhCN3E=nm!{GJ|o
zT9SK6LU!iaB`2?&l#WbWr0N7|<oYvHIhF#_p^S~P9FD@d2Rq*W07R*C?2Nb?I$!+;
z10pNr`))c$=fmi9hEz-jLEHRg44`lh<rn-wfo3f~L9TaNIgmwul-5Ae<pa|aLoit(
z#ZsbxQ{^Za3^unxKDd<XVos!CwsVA6s-aW-kVsCRsoL(!e3bLT=+YYH^rZ&K^XdBX
z`ggf4lK`pY(Ipzyi4~9v(-mGwfJ9F87oBX&)Y}BfJ(|>sRq+xm6Yc~itg@p^l8^_t
zAPze->Mu+fu80t`*cyG51i+;reMPP6WCvzESDKK*GZ1=nvSky=!^VF`TV&5E%x*=&
z<%hlF?-!@eZH-USA#sa;tm@XJm$>RAAB*R9AvBdC^NS|T1wuhT0&b^A?s@#^=*`eu
z$s^oQhdYFZZ99F*qE@yo+v_!KUwNoOmPDS9HTHD<^#&6U<REAq3h41hkt*ajEDEO!
z0R#*b{ldTN6zYPwVau}_rng0Ln&SE1x1@F9vn?4<m-D5>n@z}Uu-62G_ff-MmW!L!
zQ9-*-!b#XI&Ke!K?Haod)#Z!35IJ))n6TA=<uCOr0efPfeNuMGOQ$^BK%FEbOErqm
zchb8Rrm{!BeGHXL=MzonZ<owGy~4>Cfh~T2U*^Pyqa4C~yvh*@3bb}6lLEe)2W`D<
z%dq>MZz>oz{L;=qlbl22m&L(BlRm$HB%gsUH}{)KLOTHGP5_ABD=F)JmF|FU{(=mu
z!e{VI?L=-!p?s=FmcCY=&&aKcnHd;_E!f+MG_>j4*TD2i{hRF}LgK=Oay$2jzCkl3
zAGb)(!>+=`rLqBd`l+_+FF1}3GPJH0#RP%xy)rdp6w+P<<k<@Va?eP*xdyF+j-I}W
zbHoLAhD!aNveWlFh`NiZonaUA&ILhlED>Di>UvgxcWYuTlL(g@9Rew`p5PV-Bl9HM
zQa-K~FMTcb^wYV2ZaJ8i<7{3kCzK~<0frx`m<lQO8m8p`(KsXkQNqdV3p*+WB%KbP
z*7+-A#5QU5+v|A+<ep}7&#~ZpY$77Us<e4(pZeHP9i*d?w4&*!NAP1Dejy|Hu<)zP
z>uBB;IYzbK{^Q?6B{g_lMitK{|CbTG?L~g|@I>pFwibtCTs=gcex%#wj>G$LXf*hX
zEnqu)GYL7d<KQ-6PX7FLR-~_xQ_djrlaEW}{kpUvaYyI#`Cxv2e_v&{_x%lYbYFNj
z|5m7*y}K6FEAk#K_{oPlF+aaLygIxww;z{Q1&@Ov0J4^iX18drhTk{>0IDn`h6(L$
zJy8sVq%pOi0t8dWsk<*G&8|H?nZ5bZdu>Sp2OLY#xUeq7{%$jnm56hQPg_OnBJI(9
zaRs=0r#cX3!R84^JG`d9&KVLAjMMP6A?H)}qwcL58_lws6V5noVYOe63o2Ko0f_n5
zcqLQpiea4yd2nVwJW`FPQT5`XA(d<=o${jODY39)nny4{DnFepGZDo#BJS8VT5%_g
zt3ccYR^#%ajcJ0#o${TmK@*Ld%Qwg%gk2;GCMY>sc}3wH6ntxrOperu=e#;br?`cM
zh=z&N?5h6t!2pwegI;8#xe}}qu7wtE<u*4~PX~dsPp`Pmm1MXE^%klZ0uu+Fzt?oq
z5b>?Bd*)7M+ZXU8H1-tRUXYi5&i+Pl>=hJU(l!io8C?IM?D)lIs|wgPj63bfByUXP
z6A%>t3Idfuty&ST*XyX-h>6zUbOPGJTq3aj&GH5vquziyL9>y8DEhRQ{l*U8$CGWH
z@qtQMy+*mQ@H8-!H}#y$IS!m*e<C!NapW>QidWev7*hDs!Pf;aUb2jB>m@gvbqq<J
z8WbIlX7L@>3oGNy{j4Q#7%9xMw&HeBAEpf3XN<57H~Nfu3AygC0wm@wvn?|POaEg+
z=+Qsk;bmV{K)m1h60t^X=jAqQeRWy&&|Kq~j~hC>TlIHY{hVl4^Ln~<+&!%5!Lr{D
zr3D&>WX61*Hltu~@rB(LEE|0NPNqSAVRG(LZ`b*mq^0gDwW*93m3cIe5lMDe^O|qy
z6JMRchWgw14XiXWF^j=$PUbnQ*p($+0(t2y7&7#_J#`~n35L$ci9t(H%nl6v40{TB
z&I#pmgjTz!<=)NdWzEU}l{{3F!QRlHF)AxtX{a3Y9KQQHb6k3Iw?8hQ9~&?ZTNAp;
z8{d@BnWqBiMwFBz-Zb3J;ws_x=*M$Jjhe0SRGcX3vrDpT*vFk!hwjNa-c}v1Z==^N
zfvY0Q=K<{VCK)vS&i^a|*{Cxmv`Fp}DAj&Q7xYueP1Dt8M`IYM$K~Gdxz~+)Ckw5z
z!9@Gp?ba|;3vkkwP7z9ZNl}agrS*Os)vx1wLJGv!{aEB`E%(c%Rw~^yEFKO^4J&1W
zRY^i5$yOi8;L=*1K8H`@WKrDbOd%{gE^xornsuBbluN740ryHg!j(%%8vt>s-y699
z(of59h50V><zRJ*i;_>6W3q<*qj-X8wCSq=8e0KK#)bRJ`WTr|8W0FaD0X2w>2>u+
zh86Ue{;~WG_5H}*!_G71$QDi^Z61qH4?VBy7jgv04D}~@XylCJ#MUNRNYq|L)%?y)
zRC!f#b>p#T(9>%772)cCFg>5jOE3oWS=Ee?<}2uIC*->{L3(a@OY6l7OqqX->D$%w
zZ4ESUm09_+kTC_Na56O>NB~P|vp0+et55n=YNyHnwkU#>`v{WMM>?P?j*lCeUNM@7
zOWKuy1h;YP86}4N=sh~7Tl$eB#}5TncURDK7xNz8PyUtdkJUs00nSEt)0IMv1ENWF
z78V-A*+fY@5Ft$+&&(uVr>@18F+{m7XVSwAxs4Jkk--cc`@iumo@5*y2qN~nawS!X
z*IUT)?sLO4i&{r7%cLDIX`;Kx%@RA;58Lmac3#v6B{o{5$^=Ge1f(kXL0hI6|B;PH
zQG@g<t;mNtGwNvf8Dg8=(zTFqTBO#ld~4~R&nLeWXnbuJ+F7g;I42D=L0zx=Rb6J7
z&DCBrs_b$@Vq3*P3C@N#1z-NNOU3ayMfN%_k86fA$KI0<!athSR$&(kej0MFBdNKv
zA9Zwsyi%(wEKD$U?ESt0+lQXMCu5pXfogcYyZo6U+6~UK#peWi9C=$?X36*(gbe(p
zc%bc4@yCK*QtI2ZTkRGczZpC0Uu_sf$lwT+{jO+teC64<FKJUN;%sO)Wt9OWjwqWA
z^}mTVKkg$z>!RD0e9%k*+>~A?80J?ARk6w;0j5_3H};LaMPmqJ^_VCPxIr$qCb&11
zGvj&oPMBBfj)rBlOmbSbz`GLeWS`CDGr8G$(n$+FJ`UXEyWhMjlSBAq5ryfYguvv~
zt+;bu#-G|K(X4L}YSAFswocN6>Vg#H3Lvj>$Wcm`8`dF_)&hCo;n|=Vhfq!_3zRY(
zeN>UZ;dvH;HeJ7^jWl-Jgq<Fz(()@_155f3qs&{0n{s!C4XRoi0N<?>aRSAt<L_8K
zl}*Uv9eAz!%=7#RwY*C@@klBT%nHh3``ky)3MA_X6Up&XzsFMG5oZvAj$(#|OLRP9
z`ksYPM-~R}4guJh0PoJ=?Y9Ik7eLs-m*M0qd{Q+VycNFT<=q(rBfRGFSM0-c0d#;9
zUhjFsj`<;zu(-pHy+L{c{79+*tC{*CD3f*loW>G4yfQq6UT!T+-P&O>gW#Mv<~4B^
zCo@ijr@dX<2hqd(eUs;*VS;p>AN`~5>u!4bi&jx=;jDs%4Q@e!e^eg{P747jyB1|8
z?6O_(k8<rF@nmkRCy84(T(4X|O-(E&XHQ4)|3+TC;(l<PKZ!ZL;z%r&v3;6%I<w6|
zqmzM#YX6Y7U;GVRRS-K&u`ac)b?-A)m%e9T-PAfSmDKrxs<y&k_FeiQr_puBhLV%2
zd=9%DPi~tijmkK?fXgxk)r`Mb^EepgEY()&yV1|5+co)hbPZ`WpSvzE?SS(sam;<e
zhihl%!gg<3D=frc4kH{KkZZzaKX0EsdpwCKSaZ;R8vJQbeMU!%u+AQ>Vp}o0Ug%MG
z57nZB(>HCyDJL$m^E4vTj|SpjB67I5hg$tA^7-1WLab`f2*Qc;ARz28jvJ<OhehQi
z$>`L>yh+Ol8^}-mqZ^Phw&*-tGq-v$7+x!2mUFuwg@*Y?Mb?(n{2xB{f5_Mm(jA{X
zlg}5FW9n$dTsUJqG|{8t>t;C>GJ#}Pxx;On1+DdTcCXdIqI#b6pf=lzzDQzY6^eFd
zD7U|j!ehiAd{J_+P<~f5a~QrE5)KEad&)`7Sj20#u$tmaeMv>ijZ+D5$G>6SrhMN(
z+1sJKAsdqcP|ltxTfd<lJ!=o!{Titk2GP*U)^&o9cdFT8rqygjsmXCM@T1`2hc0-)
zFa(#$5HylZm}h8kjuK<PwUVkF<8L^Ka-2uTsvgX3`@4AE_5Xy{HVdQYHvLQF=^%Pk
zx)`Cj>zpS<foE)z9NyxQHtC#pTlG}Z+Q6^SlKZ>!_W^tP9auNi!k_rl->L9{y7Uq~
z)x`rb1%9p&CB3;l+#DR9Y<))^QL|XzPm`MMgc9_tZ4V@Hcgvg<fIK9H+EIZ<u)(f+
zvRx$oF%q6UV=)r!EG_l!Bm9O#LJWzyZr>A;g+Nzhj8e=s{^oZwu7PVm;SqX0mn->~
z&hO_9MTm5U1FmxYI65GPlG=`raK_Zg#&;WiF;MN^p_X$|D&Sh3;NFe)!VRw|e^!@<
zEL6V*QN*3c&%nv`<~4OyeZOLunq)L6ZEn20%N5|}{;?&<9!Po){5E>KEMZjIjTveH
z&lWQe(s5jl<Ef6JR3zK#av?htSBXA86=qRnKrB^?8WcPsFK%&&|Dr(KKbm=PtQZ)C
zeY|5Dp{>U3#N5QS{Jey77Lne;qMY|mjWgB84&-kG=-;brdMMj_nJ?BPT8)KJfn<10
z7em$UZeP2r^SKLd=1YFjd(jwx5^JdEY})HH=US8TrR>fLR{_DU+}|xi;_ddc%C=J<
z3AhJF)HPn#Dq!zR+~*yo9C>JZhnA`NEeKsx^EBD3SA;WL4Komay=M?9QIz17(ki(e
zbbB>*e~;I#8=3id=C*0OXU?W9MG#e3emRfrsp03O0ciTQBs)AUQXh#OknEBGw#N7T
zE>s`sPx^f%CK#4S1(U-r6A4<{&fu)v-V1uWUynv!b_@D(Z3PojEql00B-U;)hZ!=w
zrBJ1*N<SHmJkA<N`Ov4}>zz-R0g8|Vl_hV-$eBU|RBT#d9h{89wHj-5h6VvUr*72w
zx9h+Y9qQ?3)MLByX?E5i9+RwOHsV8lG^KeygU!qfwGwnoO?tEN=6gbI@OqgFjr;z6
zQ!HhTVy&syzq&06>8DNdwE32G(Wa8wTd`sQ7N2vg0XT{Sj<ys7`VcI=IjAE^MmYLL
z`3%}I`!pA_KW36zixk5MD)T&sMF9SjR~y?O2h}2-YlJtCiJE^>#=m51pN}t@6uvjT
zn0wBDk9@H<9hYi++JH4E3vewiM86=r2VimboyTKnTen?a|2VjgMRar{6eF6rOk7IR
zG}z}3gZAliIzQO>rGmt+=S<?z?w31P(1~qO+MXOFrlVe7)C%1`u)8}siLvak%p`Z{
z$XneGjvZNkEr22)0m0mn|IDuR29%S8T;PRhFCpwfuLjJ^3|_q5KO%FTk8)DISv_Y8
zw6V+VxcemOcwQj5{T$?kLZ&~QnS(H!THJ8%_w{yJS9+C`TT|xi5Wt~TDzpLiLkkg1
zXZ_x+-(-U_+YR4HrxO-wC~rM!bGk}ihRPqOSF}Q7tg|6hl*u~(!at>DdzFBufE7TP
zXF?~At05<$4%J<e9>JAyMd-_#ihsKD6~GVBqJoOoM$vp^tIYX$<ae@wCj<~d0Y%+*
z7QzdUg%It)(0J}rEaCfi1&4&U4~Wpcv@5nuz@N_Q+k{GLgP0srK9l4nJ6kO3p@mS5
zI-^#OY1pO&>mrGAK8u|H_ww@0DfT~eFJPko2@)YKa!|l6a(3gz$2lXv^y^8s-?EQ~
zXGP0ja2H^6MZvR=H^H)xlWhB-lWc_{P*i$D6z_$D72W^4`u|?;3#_Hf^p`hi7<*p#
z=w@Tp(H_cu>#+MWL{#xorhK24(!yK#jCjF+nE5R!o;NA#e;8e*WTseTCG?c^%r{jW
z`=m~8{~l8$7FF7C#Uj8LIiD)HKj(^lUbDitVY8m``W;6>a8}(#Ai>L!aWJnh6l`rD
z;hv*88Bky;c-w(@?$&wU^JtJ0EXaaYU}?e0jExF&I`uF2(QutnV(8)9Q5@+|nl8|`
z_wX#eV0~t>AW5>*S!AlA|FYS^%|zh)a?TwX3cn@wa*Oq*rsoiqO52JBz7aG?sS0Q6
z90MokH$f?(sn)ekxK5UpFIQO97NBIWgFZC=S7VW=s3>W5Lfz~jNg*trq@_a!1-q2H
zJHLNC%sNzHrt1&9&J)Os16&~Q5I6JxGM7GI#-3738&FWb2-5E_CnCiEPQKU|{fT|T
zz9t_Bi83-@osWR0yX)1=*`RWn>mW1BK=V(~zZ;sn_Y+Y{85xt$?`gFHYfVOKZ$q`(
z40%<vE(yDML@*}+i$Bx__|X@9c<HU&Wa}nUJ0){rM`lxvDkS5=KVJ9^1eR?#d#;vZ
zatZvp{=uY2ooL!38WOB9iLpB!sxMF6yI4<_X_#BS39iIX<-8ZVDwMJ}7-=Zy;AEer
z+RTiX$%C`6j2a`yqj+NXCd#Iyg;s+!W-xttP8BY%GHb3Blu0s}Bd7i$-wsi~By@%9
z(>*B|TUAXIvShoyWEoLJHwR*sj^hg192|soGN?rTcztgvW5`1**Uw^(@7<R6Tt&D>
zn9Q~MF(GM?1j1FRu43yazh25mBA|d_hBlgyV;pzS-kZ88cZvP*2Mg1~8sw<bQVI|s
z?Q%Q9l7P3e388E85|2e_YOUu9&_!f?K+tq*RRfIfWVse}8NN7d&mCQ<vi?J)=;%LX
zk>i}b8S<W$Zkmaj__=Wbcl+7&Bs}G~rM-KqGgz6g^K~?Y=fX+$inFsobsc5S@AlD@
z{0^S8#o!*&XghcZoSu~I+_&xBK|U~Sg)0bMdHJo33q^Cet(IqZ7ngtkl!5C6`e|7P
zGLr`4v3}iZbta27quMOv_ZoYS)lsD+++-pGR1DSQllL|KCZC|!>yrj!lRh$Mi)qzE
zA0}OP>v#riWxJ53ke_7BNO73;<3c!H0G+``Bzg2+GDcPMjQJFCuk3NhzErnE5x523
z+1We!3|>=Um=m<Qy2C0+w+X(e@hSFdG6M?>H3KErX8VJa$=)jY67G#rk7y@B2JUs<
z-w=Gtr=SJUBAi_DH1XhPJK?<1Z0`noe7*aO^Wk7qeDPkf_8rPRo>Bw8&S3r|(tg}u
zrn$0`n@#jyjbi4MRtT%LoUuBjr^8+eSg6r0$D(+3RdYXmxI80B9*16X`ymeq*l#QP
ziJ!zSR-KRd-I*?x`X03XqHh2<vAJJB%7@X+ol_b}kk+rmPGRFFxiVwb_QRs(jM-UA
zSjSVW;lh9d=Zo2#(|nHeQioQuYsi+PfJVp7VB0$+naQQq!8m4;C7SNO5gIi6?Uvf}
zy*3DYiCA$HyrH4J9l}dJ#_fUCDLR99@x6|g`?{>Q-{oh_MBY7<U73NhyJ{-!T*3Kv
zumqN|aKqbEO@;=<*rm0>z?y3fzH5D7tpx@k#1pfYg~h~Hcpje?SF)s@TQvm`CWPr;
zR$B6IT$ohHF(1J&Vc$*Gs>&`!!zKLTs4=w`^g8RV*N}oNVit_)X{!t<@<wd@Jwm&{
z#XC0{W65Yu9(x{~KsEGd&)d^ytCOX1nSkzLP|>PZf#9ZN@d=t*QZjA?Lwt@b$q?+x
zv{d)!I+oV3OGls6aqS$#c<j()k;VKwdSAJMw9O@NYeqQyvZht3x02h$#)eh(_}iq8
zSjy~pH1Pr54R&jNEtM6s)21(?f-u4=MC8wL1nAjtI62MKx_9GTZnEDN9i#Z)o$`Br
zw_s6rU0&k3wwsLw=041<`x4r|7&qCaHTr*!4=w1NaVC2GLSYByEOS=;crGgn{vo6$
z<KVS~Nrc)`eEDr5E_NMU4WDh;-0U$E=T}U?u+%-8JJeX0SUt<0TFN?BX#OutJ(u4+
zr^f*>ndi;J45{Ehun!SO%D}Lb7qPIq46l*Y8HQ@Zgn5B*C73G$v|uVHQ1oj=v3qom
z60GMm540EBknrkrd<=>(h>aF*J6>+hqQ2F^jH6f*y{XW{t)c>SN`F&xF#KJo@>;Xk
z@-cAd3m5Wo#<zPoXae-SPM~;>D>y1BY0}N~s8^4)sM@Od&cCrHwu5sr?h<6v!!)-j
zL}?o{v(~9qZiMfBrdKWoQ?B(XUJ&rJ@hC07lL;<K-gYsO4?E?_U>35MLWA*-@}xRA
zpFR#dCU8p6?0M0>ghO#zA=D!RSuxqIjZZOC0Zy!|+CePx^W|Q^%_(W7`)?q9{3R-l
zek>}v@8DVEUAmza_Tu!~rhhy6k~?e`i6A+0Go{b;o!Voq7ICM?2d>TA_M~z?a~Rwn
z;<t<7f_F7yZYh#Bn5>IXzLYXshZ=7fi8Fu5U`khbDM-Mc7gHfv#-Bnvqf>2%3Y?nk
z;;>3FleKn>(d~p>78@tI<d?p=y-5Oa2CRLzG#t&n`f;d$bw{%?5E%RWWq#x1g8>f7
z&bMkcwAQaS%Z7~U&WUrf1KVDcPk59W3`FIi`UT?T`@mksHB(%6gc8@?0LAsfk5Pu!
z`Ul*nZMVA9NqLph<JL~*;eiAT*sKc>$mhwG)mm|dJ**!ir=d%|34rj?WqqHX)^SJ)
zM=z}9Up0f&q5?wtn-pq@$!rg=sHfH=X^(4hYz0mba@yl++vJMbJsBL;<6A>=S-!qq
z%>#c1OuqCrXPjg5XgvMxw~Ca$Iu<4=u0(HcM@YG#bLmcLt?M^JnjCdSS^R4YcBM`!
zp_p?cN%&ESG(R-@8QCC>fnSQlAeJu4Ub{k1j!Y>aVFjvet`?sssMUY4i1gxD^2v@m
zzyWfNx&W7|oAwl4p3#0)3+%*u7KjyWTdzyQn_XV7sVMd?i>j^F%+9B|g6u@ES8wqR
zUSBOm-5H1lw&Tb4ij6>UhskB#G7@U3&k>*UfCtwQmWoZZTxMZ!#iP1u|BuZwO;}4L
zcc3WZ@$<z)dfd{`WdjNree714GOb+$LidZhvK<Y*c3e64U#2X$%Bm=M-g%ujLjpV=
zi%m;w`<#LPRya(H2JU%U>8<7#nhpNw{a{NBL>Lj?J%co?IJDiaD4YHH+TvsN7k)lU
ziXB4keZy~v<FBFQgZyz)(VSTo)SVQPGTP^SbxU10BPDh1Td){RGC$3RIzD#XsB0@T
zVjbfT=>_bT4sS?1Gg#tA2F8u95U!l0pkQy8^)BrFqd&<~Cz5;YQ<W}z0d1{)^eOky
znh+~iQB-xO`X+y4vZxALs3MW(#TKsQd9{BpKPcbi>~rbeA0ecBi-WTTuT{E|o!!t6
zz-M4}RV?e<qjMUFt>qx3@L(08uErhbR#n^9#S=x)eGb2W)0glZ2-tPzJPdvd90*9P
zKLvjZI5mLXdV;)q1Ap57By`#BDg268PEsZKh4%VT5^w&ya`)xy4oc^BfXUZnD&$qq
z$N!A~Co{En9Q^4c_^t1rZ?6wl_|x}%8vLpE+I=8EWUr6pzls0*h~5){LB(HrC_^8=
zipsOtquZY|r*cQg2PpJOhYY+HQ1nGxFQbrZXuzh}0Z&P<BBCprG?2B%xfH&)kBDP*
z!x{ZQ-M{KLS_ZVy2W=$S4H)dMhVYTvAKJ25(hUPY$F()#tm0XWB_P)G*u*R*6uo26
zM@E`W!&kVbwTDao8qiV=Ks&jMOgn2Dv30lWb=v>A#R|7d*Bs7mcZ$i$ygHI(lRX&|
zSYRSN%xH}+!FX4&nVfnkOI(Gv`U^#BylUAyXvh<WpkI|^0c{;prc6jSgfR3*qpgKz
zHTp+U@31I3vyEJgGQtz=*)GN1vX+92thIdzg?p!7z~RG%8s1ow7yrHb6CXvkS*goC
z((%~_%j4|ZP+2N)=iC?uvEcZRKuj2Ah#FMSB4C=md>LXxDEaEAABo^~g8y_{iGnBA
zO)Cms!=8gP59Hdffl%qU+(Er|AFZ+KQeeHSpt4C%gSQdKnrSd2;sq<tCiKMEb}iH0
z2D)?fxq$c~_!ql5TPKfcJXB%`tBh3%RW73BO^i-^@Ht-Z`w1E<zE$Xt<*2xoI&Ao#
zf&O9{N%)qS7rR1l!$GMp(!2Fxm~9KXlR4N<Xo%DqzKNnsr+(uqp&blJNl*LG-v8Dw
z0X6)2M;BL9n;o`fnJoq7R1%p!OH<e1)%0#0Qh%3Wb4S-63W@K6Tyy~$&1sezMXS$<
z)9a09@n$_(O1&p^ttA-`84qmhuAWf~7MTRj#Tnm+OU5@^Oy)|m7B3#911U1k>pCmx
z^?r;Qt1>O?#CKA;;dYi2X_IB@`!VKjP?J0{(Po(BDp1l!_M}>o_}C}pKwxo(ygz+I
z{60M3t0&_3*t2`UM%GN;9|VI}ZWjsxZ&BUHy4p(HnvV6Oc?F%jFR|(A7|0+0Gga$P
zZf?I_ud6QoN(@#k{E8s2!X++qu{p(d(YOUph4b~>kuvslPOq7lV4J=A2|Un}t`kDE
z(ub_YASG91MQl8`9jF4qDn*%Z<`SMS8N<b-z?_i<ZZhvj=rq>{iJ!Au{6_%Xg?t((
zK3qb_XBMy#dC{DC<E+?53_T{bk%Pn|12BKUAB0Elkw(w&zr{?RL6Ry8K&7Ip!PL=D
z3koKRh!9P-ZD;O@RH3;l&iD1hd{$@8rs#6B=B0x~0V}E~&p%_x&W+rgBme7=n39p9
zSI8JTMtF{Lnb&Qt|2axz_pWVPL-I*G3?^M*!8>e4yG_tuTDCi4B{6VqjYb@|B1C~}
zv*c$AmwJFRmgrXC+MLdK#=c?p-F{{>@pWWO|0S$H>`j1ue__tl2QeLNj|exb1<^JQ
z2hVX+bX;f~RewVIkmCWB*J~PBC)S@F+C^-JR=v&bx)*g6Dp)8K^!T+=z@5&p2{@2s
zD9Dw;%lyej%+|g--brl7*3nsU!{7+j+%BbLv8^IXwV?k?N6B{smb!p-+q<gX?ifYz
z!+R<@dvo|&ZhJg@`d%n>pzv-Ujc?GI*!)G4vQE&oXZnFfI0Mb0rS7gH#m<13D{D?)
zayjejgA;%q^qs+XtY{z>r!_`fW;w<1U~3#u1&`qcNHLq1RJyVm0aq9RPCf%uQBJN&
zr3q^ehs?A%KBd=F0)w!3Cebkz#|N-C`A$E;vu#ewWSX4LBO>HoZij`fq)MN+&Br4#
ziT-R?_7@>oR%4pniq-E_=Q!{<R}7%#rEcfM?H50FO(mw+?B0Zxj_QuaY>UNYO<UYf
zd18L691Id{;cM*=>%rb?*v~g3vDb#z2Q>JS3VE@2Uv^BqdF>A1=i$^=H|^^}|3t+6
z);x@a=mFs<dF7(iNgiscNT=`kKxW83Nbh)K-MoNQv|HiZw<(dq(hg$@DYKlf<=H3`
z(bsI!+Z6%Y+O8bHX0k|cLIe}{(c`SPTDH%Aszl3Qek*w*gCwu-mS|V~E7UTHH*FVq
zVrVOikdxqHK#=VKi?L9pt9KLkczfVCA}fv6-E1|9r$!}(uIUkJX=3$WW6}d>gQ9hB
zv@G%s%<3$j?I$KoU10%EUbV1+*(RpO*uN*a3W=SW;V|wc<!#hC3I@Hy_BU!@iR0Qn
zYsI8VhECFln&L(GehmjH1G3*EBCLr}M!<Terb!5JGaJswOOvSqHwn3vL6ddo9tRcv
zOfRJ4^b@V3Y5m{dlsebUR^dr5ROdkvJ;nN7-*CD2>VGZ=pjQ!Y+|um_oQe6#U$`QN
z`|alM(BnF_kK6V@LE&G8#EN=%{WK48AZM?L8PuUEyBcu~#oWQ7$~K&hZ!wx4=R)1q
zMZQkZLSUcARO1@`7I_WPuK?*Wtk>c@f-kiL;TBOlUYGO~vjv2-rJKBhUho>RQCNCN
z<lrByM1;ZyRnx^3<EqTwWhkj7q4!-U9J7H&eFVwI3~zj6!g920lQ^xlOl0L79&R6>
z_}5}qjYk~I?kgRc5L(o&`$IpKLEaU-I|bmUc%lYldCO@yLgGK8%PZn%(+DrI=aeV-
zEIc0G_mO*m>w|P%hJa)c7B}an{Ykx^c9Za!X~#!CYj9et%TB=TR!EF|kvVkV`Rb);
zV;U!LY3~#ZMsX{nj_jbQ^nIY<!4d3K%wYn=*(PTF*b~%4Fj9TiywAtc^UiRje1sWT
z3TuAMo^B>z5is+&)gC+8VmDON-+J}WU3vStMT?<WiFR8#%*8LABAi+nSriQZp%N_#
z79O+JNL_F!o{oh#!!|PK1?`O7%vMJjtwflkd38`i%NvI|qf%Qv*GO~~N7lr8Lqr?u
zN0-mrIg^Jir>bhaS!_A0kfU{Y#yh0^2>bx7itO;c$Ti+!0&ZHqfZVS2F-+}Ijx|NS
z3=^aQ>Cia1P~V0B<_g`S;F#vo49Vt3m@&4o=yE#dhGKG&rq^7BXoqnleoF4m98e?f
z+(g8!3X#}j*~KJ%B<x~}eew2-BsnrFO7a+w)l|kBi+ApSvr$?iV7a7*D2<l0YJ~t&
z<*Y@Dia`m>Xx7Q<)$(P^D3}h}*)@Y)K%2s|Z8-_ob2fYr+*xW*tn?X)K~7fM{u8cf
zhB4?zaAu&fqeQ2s#HXrK^y}7N!VR949UVM^m23(U$YqMIB(>rpag0^k5x(Nf9AFJ+
zP)o{Lp2Rh)t1=^(lPBc$5=ez>S+B!!B^0NcxCVi*snid<DitQb4!ntyQ_^QzbVxn8
zw_C3zgCEI@#SV3~BCX^n&OQiUeL4c_1bVg>n%muPSsxA;2>+?{a@!R0=^|b7k%XOS
z=XJu;Xzpz3q;&Goj^8VBu%n0`R;q0aMqiJKq3Z0mEVX_EnhYb+XYgc)9JK@P?13y2
za(uElzR#6$8J<@=&1h|CTwm7R8@$})QWL)*euTvK+A`u4Ii9bA8(@XSG@h(tDb4)Q
zLxyk0<CIjH8N%z_;aJi}p?~zViQ>A~W9wA9DbX<ZqIuzc=>$g+GiB|Qs3FQ$*`6OX
zbB-rIsfc{Fk(RT#|0C)%{T4>4>J5AK4<2b6veAKx^SBHts5|msiDL!~X0ebuqUKo{
zN=ZGkJ%8`t5JNzh&(qgYBAL!kB@3oW9+L89vSHtq@zc;<ZCPbKWdA$t!_7dKTQK!*
zg;Xau!beKkNk=~@6Jv$g=eCRE#4UR+q@l{{R7gSH#U1Wu>FkWxPfKdNqm1Uk`FjOf
zw?TbAy1a>j%mkZ<zT?-{>i43X%|pRK>Ob7({9Y9hK<o4JG^vB*?8MyP3GjZR6?=dx
zE4i9xmv)jVUz7(mo9XB3jEsu)gE*{;sD~7Lau+Gx8l4&2jalY(xu?ewf9K`E&5!j;
zPi;K`6v-{jW2|S>(TlTc1ATE6!VhJsmJC_YN*?dds9Pk#Fh>aiEcAE|J$=Y@PzeYp
z6ITbv<{Ght=5{Kk1fV*mij|zd-L({~U1w2_r+z+4lMU;~M6o4e4k|fVjEl{MTg}KY
zMJD>8u8KchJKZ`MQv_E8#OtVlO@nn+ummL7c!_i!G{;6u_BoR5b>UBF{x#cQ-=;nJ
zdXh-{8(x<Tw^P%YaCVfDj6R<*4SZwO^L`tIaqAp-l@anpB{rD_WyBs+EJbKyFbpB^
z=_)YTZ*;QwKpXYDU0qn>go$pD6@tlTImMic!@>tzC@sca*c%n6q1G-D$>%LFw*TMR
z^Ru%^*^T#`psWuPf>#tNQfLz2;$O0#)PklDmG_LP@s;~(8VTG6a#|+FT_g(GCdO3r
zpuUEZHA!=5Uk0*A-V~CJHSX><9fx>RJQEujxMO%v5yQ5lGKllPtyT*oGeX^d#Fv55
zg~{T!-(h>k&_##Jvqju`dkz;K4Bu>92xl6Y9ajc06usg!^(n9a&Qj;LDi!|#un;qr
zGXBaxuf=2zR`ga7`+i&I#>%X?9Fw=lVy(AcM(BQj$z?EU$I&Fx>^8EpftgjUubp&c
zW|Abo7C<8B1=FP<vIB%TK-JT*6{=d(ogk*wa1uGNNZm|M6E=80bMho`gW8_E6~=`t
zucX(aa>K(hrHv7ARE1L0-k6njO}iJUw?HSL9va)XCX6zC%03)?qIblu-_|5EPmr=3
zmVR$cq$*PC<mmXpBbZ3GcTiFGW19Xp^nG^XssF>)_w^(-^}0am^QL3Bz+WUR=>7O%
zwnAi`B+$>-*X?e5wV@x-)%{E$@^L0GU+a8ZQK;N!juWIn>GqXrLW6uQh6;FYLTsJ&
z@v**+(B|#lynxpYn9{O<eK^~a#Qhh<7`si0@r>6UP0dpIyD%;L`t`>^ntp(d+C*Db
zu%aNy9j0I;^dw`0DVCdNXm-#C_2WHK0EKluWjyAFvL|hCkk|Vg@k34;eM?0>srg^#
zL*1)*NPVr{$o#YT3?!Mnj<BEFrtO#h8?BIlfYs#6Rc%0Qo&<^jW|nBDV{kNoHxq0Z
zA~Yn?oh|GfV#-6OZVtZ#phpok2NAZ7TXy-(k?Da(OWrD&HW6Cro7R{jiL}Y$CRnHH
zW*!!qm_S`}B`MC|8EnKO<cJ2no2gDOPa6@fXYH0^cztg*!%m@mS9uB|&!ZAh*f)2R
z9Ed$~G__w=C&$hKP1^*Y$!3(cI1d%sDBFPrdw-OAoMa5!&Q>qrKK&I_UL+Ummme6o
zUS2n!&KVfm_d*OQ(5v_M_%PbqlNm0kr{t+w+j6B9F52L@SLF%r+<TD<NC_a?Zf=M6
zyJxX^Wnr%GNvQFVB;uBTiDXNB!s(xiqEQA$5N5AslEh4oH3OB^w)YOZZ+Ml}m(f!#
z$75JP!q^uHSkjiHx-!k*&eGdFbm5!bbZ<6aT8fl5?vS6&sba~O_8a#);s9orWIXn%
z(3z>goRwE7qZVIYJM5zm8zswKr^__$nQ?=`Mu>+3rzI#vIGTLl!SA;hG^?cGLpX;&
z+eI~%?0(OHd}IF58%EiPd}}=cuR0u_0x=XF(!anM9nCYj;GW3E207(;tvXu9A1Q?H
z*<c4#+vvE6(U;59VFJx`y5@_Je|-tx=y>$$v;yjo>pX1U7~bFpcos`ceJX;$L){l8
zAH<X(d!h-ptfaLy520(o2$r*)iH7GuaPYCtaRTey=A4rj>AA|z08j7v%jl3Aa<S^9
zcGX%U>>?R@lw4n`Bc_SNZpPrCklta$CKO-??R$bs`Rnxg6y#~7N%+-~=5l0!#bCmg
z1<ppar2&zL(qx7HkWW;X_Lz4v#Sv~;nEyKWdqeNPPiPz@gHwrU>6F!JhT$KRiAVrQ
zC``#9kjTF*uoJ^SIeCPIM1@zp-YJI9Wnpyz2Wlr^QCippS@*8OWP(w9z@S#iYW(jy
z14~VcQ7L8hHZ#-l-}<40^Q*-Mvn4+cpDPaFzyI)*zxu^n|DDhJ5T<5)dy>03gjvEC
zSl!Xi=sgNFgLI1<hhckZqaEWXbh}MnrKX^ct~N}vUQ-4WfYN~O-BzS=Mv6eBD_<j}
zj<=$iTBHk!`fWUH0pJmA`vAge@fOqZ_%x4hS(N$9o#A!}Y=l#9PnePRs(GQyH57Z=
zwK%b7I7)L~Qu}dTDd*6&qVKf$@Zfn>7L-Ku_^47iv-9ICNRQA=9B_fC4}PKJt!@bj
zuRXx*`o(h#ElDrr2Be}P_fM=nZ{bc9uDs_8`a-&}dorl=Tc)s`DIcWfOIPs6J0TU6
zH(f}=LvC}V()to{ldOoP3Q9+)>zBGT%e36IDri^N`Tk0a*tZ}QsX$1#nN?+%=A~={
zr`|+-i%G|toZEBWgm9PI0rc9s3zPySKvJ*qT)zG6%#d})yUop>SbFX`+dGT&uo`(Q
z{xgWgHKpXb)+TJSf>`Jnp*EN7v-vIPmy#S2P|)f-IdCtbcM$%<<tX^l11$?L!u}|m
zEcL&sTZNUE;x{x@D>_7|KYfOTika@jIzP$HSkCM%N9yhQqVDB91FD|~f@OZpV5=*X
zdSu!G$*FuGt<w=I?;EL`AB^&o9|%KxpLJHU$+Fa~%jE((nC>NK^Xk59r?z71FD4-p
zoBoI(rc*%>KS5}rH1FQ9z|vxHpdAsu(<j?!$ae0i52IcvSM#tai?4L|VHwY3>QePI
zKuyJXLILy{@)>5{ka@3G#c;y|vmI0bdXW=RKEoi0H+YvTV+ltTy&x~VP|go3a+>&H
zw3FH*0!6=27{7NJ?W#qZ$5L~e$ec(66Xy<oU>u3Q)Pe)3F>7(~b|>&l2NrhlvF9zq
zyMywdFaYT80w5v0t_l<4-GS{3bOA&P!;ba5`OEiZhaG(VNF==el7$W4UI`c0yL=^m
z{v^7dZ_vF4rEBjkx&a#o?8i9{PBUVaow!qS+j!f<Fl-Rb9i^LHtvkLw>}*}R{Jq)v
zpp(z;C{UQSj4q!}GL=R1W-~cDc%jo6aV`nEqw`Ot_(+laqtvXzUM1G^LHSJ4;UDj+
zM7EA|_JUWcsqvm<L}KnQbs#+M_-PiCgLx-X{)UZVL`vb*%UQ!N$C%r>J6&yNM-{t=
z2W)>i4sFP7v(kaC^Sd%cZMs~C8=|d+S6E!s=AZ;~R5NbeS}LkNC3>i}ZH{Z&at<Y;
zczv0QpDVr*M!CckR}3k+d$FF^im&3BtX9k{HtFl}J)2OauZ27MtBl<Uf!SZia=_ZN
zKGTZnx76{cz3Ue1d+1EDNpAUReQ(XFG81lHZcH*&9f?$BMP-h`v}TR(q>ahYAF|ML
zt+^7|I+c+7^cJ`fO=+@;De)pjd}=m3v4nbLn4Yc!|M=CR7Mkbr$<THpKU1lGh`~p<
zk>*V=YF3vLfOMRKaYN1vV=9ni`t&*IUVLVDMRU1!AtyFDcTrJe-;B@TB$*iWdfz*M
z-`su~ty5k(W<4pU)KUHHbpNd{vS5c1<~@TpTEpYC@?Rch8Ahm(3dX6N&?H^^?UyDj
zg*lyg?G}=r&dx+$mF8uJ_^bRO84vkL0CK!RyP~&cR>19CkaXhVw60@JIDVQ=%fgOD
zkxrXK+Y}(Bv)RV0L$XtZvQ>p-rIAh@z?i0F@=JY}znhG|pNPL3i~rV|Bzug%?j(xw
zFdVOXFh1<>f^ygY3tD>=MvK)HJ^yhn_zz75vY4NNKEMom+ptA3Mv(TX!_=RUh2DQj
zH)or26bpHmZ3WT>UAB&3-cSYgeL$_;Q;Q-xsvz+%6lJ2*m6_G?+Vr#h4n|jHHYtta
z+6OO4b8#gS)k=MM;dSC<ma*7m1sseS@fYz}gISc&RFhd0V@?UsP%KiR+xo}{5$BO`
z^q{jaCNHb@u5JWn;oXOan(kpktJJWP>$tSb2Tyz0{3@4*qXT^?Y344*WUN#?>2vg4
zNxbq_M78(j1rxkMd~Y(w>cXzUV4N5^WmEg{(((}3h&4lo%G{s|9E1>CPRm_J_v>_J
z&GektpUR)qunUs6&sTc2n%R=-HUdta^FvE$%3D<n6N9TbKNN8!(^sxlGSTNdfDtK(
zRMdy8CT=zsS#N&m`=h!W!FgSs$nz^+msL5Rkn#RcOoa=$L>6-rg$&zny}?SGKhM0N
zfVN~M%P~IptI>8H5*F&{q*pN*2Lo05fZo2gHQW7g6lX^4D`lVOv37XQZ09X(ae^vR
zwE;fQW>Hx-EC)HUHdb+TAN1W2aOPylJ6A=N49kkS%LMZ;G1zcMv~oBldP*w(AW&(F
zs!m%;$<2r5%b{F?CzgV`)p@pE>!fR5yAo<oVg=cd??r)$NDo#}eZSl9*I7Nhs>ls0
zU6)<^XjSr=dl-Hv%dJD|`#(&bV{j+U_x5Akw(V@Zv2EMV#<p#2Z2KE+Y}>YNKl$BN
z|ElNROxNk27gJMn`s&ZQ&T*(ot<#siJ(Z|^b3CO}-KV290D#|1G<?07b>8jw=PNDB
z9wcVi5^z`l3YJf#{9Enk8zxO=3;b?mo-IZdXGNNj9O8_&(whNtKs({*HEe(^GV;gy
zS7<nDm<^KV5cI}-;uJsia&|e$UZk0do@{263jBe;#bi#5ZK8!dInuVWBkZ2sN&>FV
z9wfc$j$rG5ezFSp#feu{;Gt)UK93&T{BBW8pd$48?*>Dt4#$ZR;<PKZO%u2^y2m_{
zv!#MotC4(qBvVydOiIg~wxI+!akRo}%)g?<T+EuARDUG0>XK_&T)Gl>`LlQM$^ZTP
zK#E-^`$sr^pZ=oFgA{-U^223Z?l@^tY&nm7uS8V(t&tu(2d%r4B>1v!7z4CsN8ZV<
zJyD;ar%vpI4a<Nn$M)RZ$R$IV(-5;RKf-z^ewXlp9G(7+U`>A-@TB5}h-($Ak!$}*
zy)2(FPJ2`4pb`%KuF)t(%W1Yr08XRZeUiY5^yh>TGXeerY!$WT=XG;xR4(gFs&+Gn
z6-M!FbXixEO9mSqUs#$7F4FJQCQ6TB_FUAX$ANJW=C<uA4opqyGK8x8jBCVki#mCU
zdqDvgPnf%Ro(CLOYs~pYDB!hz%C0rs3xW)vq9%&+piRPC_=c4G+{ef&MA#_rjZ)KU
zj?0J{98E61k(~Vx1cS3pcZ;Yp=Q#VUtc;+5fLdE-+^<iTTYk?<Q%|^Rl5CW>j9X|U
z3}rkGBVDlfh;4EOg?eqVVRa8EhPOZC;CdbWwZeY+4671-^nv_m)OIMP5LZFg6|Fh4
z`VfCyQMxfXeMEY+*>%@E6Hy7?JdcoN5;5Z_Oy*v=<dt~-Bi_<?gbk5#{{JosU-145
z*qtVx_dfYSyZlz5{)_)}|AUDAOb+Y*8AL?>Oq0#~Ws-UA`-6!6ESCKf&U^E^tZe^t
z@00ugtu651te++LwxKty0L}7Ru8+6UZ46nN32sl!Zm$L2J2d1OkGtj68ECLwY?uq!
zPh}bHZ8Du-42YxBqcCIrH79n?7v$cAPHpQiSO>tZ`LZ@PRNf2VIe*@<P;v}P0=kZN
zyyG++0}~i1H^K5n+hD}4AHno&!F2B@?4CUoN9eZ9%4l~lyl!<pfzDl&=RJA@9qWUc
zew#mTzgmZAhRRqVqy!>UoLLp7JxU!ddz$iW#|D$l`Mg{De(I)~X1%XLSGFfmy3e%v
zt4tFB>RtO%CYqPPVrmlKN?PHCefE?PZ!wZVwRmDF9%Ao=uFd9%TBOnT)I=NVlQGaF
zprE4r>SMTGhK~g)Vw`@UFyNUDc0z_i;`APSmYNzA5B^?$0%QERx)^D#<th}$k?+6W
z-|M+0rGETeuUD%Nh<@*vqtC1_!}fCD-fu~tyDg=ql$6^(pKs$?l~LWd^SNE9lW!P)
zZ>I-5uD2~BB&DT(UoH+Bh;_yt>X)2#+Iqi~b9dQ4p}666$Hf-X-C;PL4op_oafBMW
zM|`A}5K|+V311%cgXLwrrVvVTY`yg5n&<E?OrH^I!gcPow0G9(o){AA62{Nva>BT@
z<K<+nFYZrpGMZln45j-smrJNA_0zx~B!gL5nyG&q*z#87-!^6so~WaZXGSh(r7103
z?B_8yk25ZBhDGyN$sk~V#f+dNc?;JNF&_GoXOV<`yo&jcL$-?5<9yQOjrbEZJ>Chf
zEujX=<@#}a#A3)S5ERqawfGnzin`a9x7)g<$u@(Z9=V&PLHG{xFCntn?BKLkyx=pg
zB<hw$WAw<LV!Xcsfv==UVMtYGz6A#tH#|lrM8h-`=@`gbSVGe}cb@iZ%}HJRyA*<-
z26q1V%`mmy4VK`imFFYfT?cM{>vl^fhzh3d@WCo&vyOzUT|v!yK80eCA1%$^rOxc-
z*r}W^KUCB&!rpzLxo6SrorKAbOv{Z%(%jvBoLw*bb$-3SRxYR6kNnhlpn2%QrcP+?
zM}{P68Q2&YO0a{HhR`}qi!xlRGSLMkir7QJCWo6g70u{UIAvWI;k_aTvQ6DL{!1iB
zSb59S?oCHqci~gB0inA1EO>7)6$KAI?5EIj6ObLx)HLDg<Cj(oYuQH*^kpMd2l|t9
zOm|%+e{kx<@~NkFmj$@U)amT(`VcVQl7Um^&w0$qxhdxQv(VnfDry*(;^Y1p(V;na
zPrAik02?zqM`WGRh}|X?8RC-rK$B`Y81AdHfXD6Q^(IE<1l+8Xjbg9wPH&M9Q6v*@
zbu6@^Jyta8?c>(9gdue2+Da)g6<if_RJILqc%3o<m5G<o+^A`bziQJyuAMNQqB}$T
zzBB?p+L%&O^(N|T9el#69(|-F5;-ZQRm(JMD!WKOev3(=aQGLnv)w5CF9KiSJQutf
za^AJ)yt2BwCp)<Sk1txgfP9M0k2Z3Whx(jRC*O$W*gFd6G<6<tfefap)RS{ZAtY`3
z{OhygFuBL^eHDYrb)!P;ZzUt`Dwus9KKS|gxO%3169f!ILRlqzGTF5O;vn8>8CCZ(
zrOCNW)2`HArX3XhPwBH{jJ)4E8tYT;*S*eCrAdDr7Ey?9CMqM<76_dqbEGpo!b5`*
z_ISof0e7BpL><eo99;s=D_EOHF&H1FB<%A!h>yz$p8#lNWaHalBxfix%pSfKDm6n_
z(M6_>>e?(W+6S1sf;v7bO}6gf+S5d2Egpnwazi2ZlvOIdB%KBTAcN-a>rOTPfYqsB
z*d68{cr~qcL`Kv)V5=`NuCKYrkhnppmz7uuWzmGTd$~jwig~rVUMyYvnBmq2T++_V
zOYCp;O8quP=N|xpxK@{X6%IMwwm?JOgDUsrzV2zzM7tULq$NH-HI;#``~vbiKD#L7
zfQ>~*5Zk_y>+fW-iJSEF&qL92qiu&-?*Y7CN4xlQSodTT*AN49OHB;CTljX5+}`5$
zi<>c%-`U`=Ld?|uq6f~Rq72JCK?{*g=Xr=z+<{afj|eb5^IQQiuEQkmQtL?3Z_s=&
z9gDvM(VVAXl6pbtGX6ei|D}u1p&^QL98|bA>1Cpyk&{Y#DLMkv$77|mrEon46MHCS
zE2VIHzM7EKU)tpAjd?wtpdOVh)<_+7@lchtwTf*AohY;gf**etD~SxaxIigLNrRQK
zMyuc;e(@teV<UnFFrvPP%1y{Bv-?3IvMYMqMUB+q9wQHyPFMi@$KFnot>d<TI%JW?
zB(T2dO7Rm5#$*JZ_i@98Ok`kk50cg5PBbrWM=3R(ZoY9eDvtjX?o5Sn8C|d!l~mFI
zqHtnJ-8s#Sk3>)ZWhZw)zvevLGjUX`*q)koS+L3`#>#T@u0ijfaMXPiiRWX?Nd>a=
zoNV*~RpdI3eG>HVkc9Jf;cK9<(J8#QjD2bZ66oups0a40lgMt*B(ttmy9&p6kV@2K
z(XA|43vq+(!YKx&IcS3)`5OEtgWy?ZeP#1nbkx)OwXvW_#QoPP0gICZq4t5c_X5pW
z2EP_Nru5-DDI1Ez^X8ooM8u&~m}O^WllZ|ueMVFctkCE{iw!qI<tOv*TbOEEz9F9$
z9on~sx%o0K`kHa3I?`2O3NIg@Eg!rI?4;(2o$KHu>lzihS|PuyRqr1WiVHe0QXXBu
zg0=rbnJ?&95fNs{xE6@A+5*EY4n#(qW{()ro1Ko94PM9<3(;Q9)|q&RrEAO2Hsa0G
zq+<&U))^L`j{A0tUHI_vmMB3XX)GNFGU7q?9d8tSNsn2Atbj+-g8DhY#X8BDDu$yd
z&IeJV)PTgdALB4mZgyhH2<9Mj(NaxGLOHjP9hjP}a%hr}UZ05y%FFVgtp$y79S9IX
zDHg#1(;kd6zUG47!?ktq32u-{y96y)QcjDmj3j^(teW!kS4wdS%92W@%@7V$OD<Yi
z_XPKU){E{6=?mo*om{o4H^^9$DJ1iO=sVvj5*25sUd>#EUwF#&lff>QU!103D$D=$
z<IhI^QMdnc^m-PwZIqfcE?RXC5EOW2*6(;_HFN8;N0jm$l~Z=L_%>mI)^>U*G$yF(
zd3L@~YqQ1^wq|QCJsy>6IOy8@O%&z|)la+qm{n1GXgyP({>lHc$;ogRVlzsJ{*BW8
zlyejP3lq6Bk&BF~NrNW98#zdMz_01drjh|R0{WcaAYQO&Dguxk3SQ`lS3NF7E1jLt
zG<ZS3<)66{0C@ou<!WaTLvcVzM4;nZBkJDfWHQTz+zQ7^gXgYKUtJq{;0>JO-;8Y}
zN!z}Z)=FX)acnb6EbJWL)PWL<?#SMW`p?W=cFDU<h&)H(Hyja%m5v1WKNyEVQ_(BS
z=A}%qNi`%uN#KDjIMo1q;j3ANm6o+}nBmwrQ+Lo(Jif#BGcNoOYW0Iw71Db4_z=D=
z{l{PZAYIP_Kcv;w@ehmj_<9g8_k(Qplk)x->Bj#bgXOiY{xkT)f7$&n@;~hBhur!i
zqjma^*1GmaXuS@Y?#}W2p|`Hz|9{Hs{~mGuD#xTueH`TAM_oo;B2z&BMSgEq4|Nlc
z5q`6j{SbtKWXnU+e+CWI2zSj_^o1DDzBme0xqK9^_wTdMajfppepe^(9Cu7An7I?Z
zKL8LQdPQr<Y@Lm+6f#TeK-_?i9;mq=wH*JO!(0YQlLa-WK*X`04lCb9wsEnp>;*##
z+96<lL;fCDRXw`K7UL?@$s0UhlYH@}q&lnMsMw235pM4FHr5#yvW?uf-~{X&WsQZE
z?{wcKAmbNs__B+pJ=5}JUZ7e9g=ViNQ8}u3cwOMlSA?o+a7I0gG6t8$o@uoNQbayJ
zP*>)G4)(c(EL3&%O;AkBIfAypU&%mB^jL`Qv+g0#L>uL+4MSXhEpXlTAg0rU_Llav
z-oVnfyVyM<NdvUrE4CjmdCO*hSNS5Z-7U!J4pM#A;*&&OaNbMdA=+Q->ytpP)OC5Y
zUuF)ewt9>8XD98}cyaT~SG0P|a2!}f;~+c}gRX*ij-1v}{{REp1#huP9{x1#c1P&u
zunjx$4&c->s3M8^C%y`is!YDdYAYUK!J!!jy6hx{E|sD}`GorM<V9lG;O}nJUpLz(
zU9&CcM55JfOARF<+5>?R#apCE>~92jNjsM?pa(wgz&U=dJl7Qn=3E^-_fNK3BZpO`
zmZLMK1nl=-8Y&pP>txL3A+jX29&s~ne0UhO#dM~tXeaDnLVq}_GzwSjM3t{SV5-Z=
zJIQ@yT>s)1u&o{rX_uL<)KN7&U0^m*9kF$ECTx!sd(tvgNU3esW2#6$s*>78;6c<_
zhN+GeFA<EF07i#>U?UHgk5Hh;cCU(7#kVpGOMZjP5`A~}3#~BK=`Bs?d|o}f%Y;{r
zT;~dgmS^Vu2Fa*koM5Miu{9OVu4)dBxi-G&d~KIA-Ze?NJ36Y>vd2q}Y&IG+3S>u|
zQsN1fK3S3Aq+(eeJY9eHZA%huG^<^~m%q$h@aXf@gsA~SveFy5NIf`;b3wW*xqM3k
zl0lX%#lkbBOfZriPmCfr>rsCo2*Yi<_76RBE4!2XpV_-8>F$i`7HjPjamNMu2d;9p
zc&}pufTDjA`5LQJ%t5HXCPC!bo>#PpRT$ZVP(*T+W-tZgkkBA3pIE^pvwHk$cRs?)
zqI8P@ybDd{NTOx~TW+ie6zHVf()>;8=!p1NQ~0m-!lGi+CCaEB=CC(mp3<v~rEbSC
zoNn}$vtfZTCjSIV?5R3zsprs3s#CZ6RivAD&0xqvmuV;noJRtzzJr&++rq!*e{IO6
z+oJ&*E1CCCg}%4-YF|6oJ72Lft!!)>TSDYO?vM~i7eY9PqGIbDNKW#c!D<c2uW)=|
zQ@Zz_)-(1+1~p+C!B#D@c)yI=h^Eb_b3aiE(8U_bwYGoFMjjt24w)Lph(}+tv($uX
zP0(Lae@Nj5RM{$`YCfYXL^P?LswU+;1w>HFaOzc5X1;>T3lRJ<IeNPBQsQJWy!VbH
zx+(Q`7LmKj8rI-Pm!y^7uw(s<iZcaUx2gQ7E?P?!ho@-5P-HLh5`eEA)L)6*Vy3#;
z1FtSvRBR?&{>8~+Z`C(|Ut6TXs+h#1<=BIA^TzV^cF_OI6OKGg(^jXkIMJ;LDB8{q
zd2Sd0LuIKObVcy=`%SUNb*fmE)t;Y^qVsc9syR#L`;2u*EE?v-dB#{KltDA7?j2v*
zQbDmkxlZi>c5Ko@VeEe5!*FkWc*gm$Q^uTHZ{!wFV#cb;+lU_mYIQ?6ZG&)my;B4J
zZ0%kO!vq2J&-&R#7isz_tLB`N^ccL->f)DLMv<{_l7t`(^*Gn0-TRZ&sP4rD7baJ}
z^jL^h)Fxvs9vKZp;EwCL8^{IR>E|IBm9S5ON@SWs*&0+1e6n2FRh1A!cTc*GN%g@T
z*fr6}B6fmwY~uyk=BVol^X$U|b9!RoCQLy&!Lm_j$EETe;$jjQnnCx^q|-3B%?!f8
z@ejKB@zsB;d{oL%%TFI~IcgnAIR&M*6Gl~S?!y-Re^1u4c&S}URy<=A#uP|aeCmm@
zmw*w|7xeDAKRv@jga^fv4x6t@#%U_l;-#sH8<w+nXC{Z7KRr6eCRv@7#x^8}yC6L!
zltq)1f%Jo2wwR9Q^M~g0lAC(}+<8A~>YLyit4^Eeeoj^C__3b-95dR?qAgeXZf;f)
zWbTs8IaKkX8Dg@SFIV|{S*3|9;U+;`2O|`A1||wMGT0Z%&b1|SQSg`B4BnOa*B!^Z
zpLbG9RoD+eW#N)xp$3Lf!Lqx&lzbH-b5%yhY>}eD`0&Pp_5fSI{sa5vjYd$z*(*{h
zTO~rA*%-Kpv71lHfR?ykJfV*p{CDJ`X3ZWTB$Hr&@)teb)Vqe!Ba)S)w0(KwNycU$
zw4m!Ro#_^9L|sQPp!RCHY{<DcrXo}O62H@OzupcG0#xEv8^C<ZX03&yI&KK3mK1)x
z77~O}SAt;Y(nWk>JV_%6t0b+NF40k?K}4cb-@bPdi>x*2p*w4}&y+ya+Ti&2X*yID
zw~m*{oHuwjR05E<c#v+^n#!dQWQ_~46`*uF4R3{3Su!4ad@->;@a14Aau0EEmh1Pe
zKaX<7_R_Uw#|vL~OmVV3xQ^{!U6rbGL+JR(s?}Ir^$<r%lT^Hlid0g%g)$HCsRLm_
zL+V4!ty$l|G?s09tEqv;rkqiOGS`{-gz{`uYm4W~XG=ctTD}mo^KJ7_Ba)&(DzhHD
z%?6hYF`H+yC(q*q-}y3tG8jXvTcajC(fWv8M-S9hgZLWq{a3noiWZ=GQ)}9+4+u5D
zSO!VUs!h#ND@y^))~c<9eY)w8*MwYiXQW}zTI<$mzX7uj0^W=Se3wf*t-*|hRp!u5
zn1GEJQ-O?JG<TKbP38|!xsHQcxqfd>u!hmjNC<<O=He%kD<2WM=i&}jyC=Q^oQPcN
zU94(+@TCDQ#7*Oe)QcAfVIf-@dYb>{kN1%hgl(5R%O_C2)NQfFwM_M5v_~h`C$s6N
zRump8kaNa{)c0I45RaRS8e7FxoYMxDIFJ;!O3o@i>IoW%Fm~fU?^?|#UE*c_*w<>$
zVGB>!u!_#6WE@?p;;)YEmHb!k0xiK~XNjW$u)az@m8_~fZ>rcuaDssFVh~DUSUw}N
zZd6P9nwOar#ReNQ!rzIg^9Th-dK#Vc!~x!nLg9ZpmgEFpVhA28WAdzXI$247G17f~
z0A1Quv|@|nV(<P)Z$XmFh)gKaD0a=Mk4pn?Q&NUZjPznfdc9LEkV(x-f&TRh6Lv1o
zzoR=?r<9HwbE*;E3?`{N6Wf9^p3>HS2Q5!QL!8D+@JTFd&T_01QTt~epvHOx2X$?g
zm2w^(U!vKZ{^8P{cdAew___rXYm|o3?<(;D=b-W=sDXi$exH+iOO$$*(z5P20)Nd-
zy7qgYe|VVw5!3jxzIN@q`Cfe?zF#I!bLIUS1U{Y~9u5vVYW4j*{<z$7`o7J(6=-hn
z$qQtA4>NqFN*w&m>?XjP(JOY<{d~Yh`?lo{;ODV^L-saAYa}`VnGwob>ktVAfYir{
zld8BTcd`C!Exj_G=Rkh2VYJ=ca);D=C-=C_UgQC^PP*&4wc09Zy+uZ+W+CZ1Ewqt1
zO`flv%;cmKL~`A>7qVor0*@A={Vkx+DMF;dh#Fc}qDAx8#ju$K<AyI$YX%;FpXa6w
z5KyaHqEONYL}|8R9=w`QyV8Hyfj~6b*DscBuFOXYjY1cl{p8NXl?s}O>IWL#w^-+#
zfToB@`m8`T&wZLIQDOnCCH>0W1^M$_wNilx1wPIDf}N#%`|pmUf^uT<(sC8~DStPO
z+)tC~mD377`%>%c?XmAp?$7(vs{~k0iH7o3)j^C8W0C7+0K9ir^3CH_pt{W{dL9Mn
z&P-(FzmqUd?U4%lQX4dFHt@U=<BhMrm$$9%cL-^-ruG-dp#0$X$mLHK1U;BSWeQC6
zxZ27gVzzlPjWB+7k;OHUpn>$R-w~Ev1|%6jf2l3tWsZD;;HGYV);m#qg+!mCH>e;c
zOSE?T5yZD-GnatIPs5Si&5n>rQ}pwW=ynbUUs!7mTc`T>VvBW*UyLZHAvvoN<$J&_
z34eIqZBr$(?oR|3gfS;XoCF(Fu+gL0rnUFCVXxf@a4(XX)0ZJ_RYwq8#pVSvzt6V6
zP9Y~6TdaXjali8Xei^&C9%X%*o0U(uJHHJ;Gn~|aKR8PC60(h={1fqMZ#@e<8qO%3
zcd#Ij(m|$D4QZ_@7PHV*_eL15+J4U&eQej(H-F>KVC@d6IB8(=T!V{#z@`)OIq#4Q
z`t#4#Qcy*C?YxOd`qR4<)}$3WMO_~3OWjs4(Yno*OWo5e*)elTuj5wG%^d*Z06)_3
zZ#h`~p9pO7QY@9o;6v``+B-4+otIz^Y3{g}1FMh6>lnDpW23%Ke?!8wS&4v2=K)v7
z{qMyHBX%z23j*ad-Iw+(d$a9b2rE6d<nhP0Q~D8_`G1me!19OdZo?%)CGELt&-16w
zRy&&c(LNIJl`XjcU^TPiCzoK(c?x{$acW=-jEs-cHqu(=&8$~cO|+$+cx?6-UznwP
z|Hh{E801?u)WmMyr{9)PLwdu~0KWR_UYVN~mO6~why2qgGt5+;>fsiea7v+_FWYW$
z!B?lm-oWf13{U?KDu5KFf;UuLDkX5K(%FakHVl%N?mPux)|?n55faN15|Mx#9!6Gc
zibh@K$<QCd{z;OTnfOV41v@kjG%Qo^#{dRw^_)Hiv0IUDN=vnEAm~p}U4G68DOW++
zRBkM18>rQ}v_1Fzg7X&F4}5*3C0X(n1Ivkr<3EfyLZYdG+;z$lNXI3qwn9u7;FZ+#
z=z5i2ARLvYqAf21ZI=5gZliJDpw;iH-xR-Y2p8I%D1eK>t>dhz3Me$sdW51VUCk+e
z6?c%PDl1IpJsWnU39mm2Q=5Hu&1tS~aXQ$F29QN)8T$BjhwdRJN5q4zVIt@epo!v)
zv}Q$X>S72zz0oXXVk-R}B7$wIT>?Kueo=hw<eDfioQJ=-RZ6_ZZGEklRWAjxY(=NY
z(doywdQf`fvK}_L9t0ncS06;G9mpq1T8HNGB!c;KuFX1_r|MHTd4(Xo`t_7yYIE9*
z!{HjU{o750cEz%?1NOIZyt9t3>yM}x1|!)bUh*7f*|EKz+fV*hC(TA+{Nwo4aao$R
z11|?uv$2$~4s@3dxI9!iVJW8Lqwk{@&c5qFwu$J0TY%RS_<)V&+vw@^ip~GiA>ev)
z_%$BWiT!WRb*RR^`)XyE`>lA0AmSv0<3)X?gHLf_ZR-^<*%~0S4Pn4^wJ7KY(;7q2
zV)-m=8g#ius1ujXzUn)1uHH7kFHm=waP>We)+u-+@RB1L4mY!q*hVjOd%85o=HI9=
zhek0dLQpeDXW98beJ)(jawDUq?8?~Q;GKJ%(ySG@fa7vFdI(?<dTtXCmixa7OWhMe
z<F9)1S>&$uOG@r{`?e8TOX)qZ>HvcWr1OqC%5b#{@K-$~PC*u1P0HT@*&8XtY`3!J
z0j4jarme~=jjZjv?Il<cv~AcOSiYrlj!IYRl@x3{c=XLxhcCn<*b8zpK65U2JtgPa
zKbSTk&+T`rGZ?1R8tk4SVYbaRiN69iIodFaAT>Z)LpTq91Z!f<dY9*Hhg#w*Y6t{o
zk~*_<t~Vf6-juphjD^E34qilOKY|4_9+=j6y}$_V`N-ya78(xYrl}dcFf-J2FN;`>
zcrar1Wjr4c=!RfK*{-Kb_STU|iWcGh^yk+`tv|gBqi8c5?o#r<dgW|Y)DTs@or64I
zWTB2cnDsHYC+X?ahzM5H6qNGH;6RvTn6{ka#zp~q#)pRrBarVT+V-k~xCzyX?D_sF
zPrtHO8&eq`1V`yB!D!d)W{0{6o{acpmuL%q5ue6bj$zD|C<B2P$ab|;356qlo$R|S
zpjfxsE`uuTz)Q#c8TO7sT*amM<9IvlII00|g&BRSLH;(`PIPPNw-t{{PV{^4>!0p6
z?MR?tW+5L%2#4@<b404OsJ<GUl$V90ZYXz>o7Y)a7ymUsl+)-zBI^rJej7AxsIxhT
zzNCk=oM&dP=V)>y<6_3{Y&n4o6kiA|P{aoKV-x83#)u)8EdM0$%H=BWdNx})?MemY
zDqY9=jJ~RgKtgq$s_CQJyw>Mr4_b>lIQ=)I?8M5XmaNp@N%c!q{yR*4=e+bF@@g<u
zV$5ys&>Y^-vfSDxRRa)J`gB~hys8ip-1uD9hD0H?bohcxQELCq9Wr4qI07hAn$A-$
zx^#u|(CP?HG-v2f?mFV^TwMPi=)4Cn{n(63dNy7IF)B0$4h%CIcOv9nooN?l4MIt#
z$xDsbF5(;AA1J_@_2#eLg}tLcMdVTvpuS5oYuN@mnOgHc&eMc{+=M#HN_+BIz@3})
zpn<)QD2CN`gh1t=zxY<&o1R)rD_+<B_HWpMDK#wBiNSp_DA@4v4DpAfb=-fPa+v97
zb-mA4w3s!xwXj|zeF^`%ZX~5bb>CO7zYzO!k~*FJDV<&+zAVNJryFHBNQ&p4JdXpq
zXp7&gbC7YL>xcE#Q*{1UW5TW=iaiFSH`qfTTieaO9CU7SZ-@JCv2;*HcTlq3+&nqx
zwnX%@8>^~S{AwsxgG`LztfMr4I8dyn@3-hS?Fo+ZVii)1SW@MPX>$(R1@m%OqFy9S
zIYGW9;GMs1{U(0$r|dOmiOvt0$H5y;B`!|)-nQ)Gk~q>j`JP-E;U>@2zM{$J#OUSa
z@cFvyRMH*B)`Xt6J^GHwcl`0h>b~$0q~|w$Mr`IbE2(k6o4Zgg2)ZWWhp&eHRNLG-
zxIywVvBEHe{@c4@50d1(WwZfQ5JdvyX6p&E-A+TTMsHc*0G<T|$hfhDnbV{MDcF2L
zhFTW3M>Ee$fLprnk-t}6>P(|iBfA5G%@|=|1H_-L&}){FS6q>q^P0VoR|b#-JzVD$
zKtkK9C1WMOfrIB!$z`A(2AgpIHu<0s*Co7m8aSXXF=(Xmlw2y*ei|<QZnf5C%lI2+
z2)>Pd+=FmU<C|u$MRE}6O|-J|*}&aSDinyyz2e3?pmLh~#nLtE;@A*-%iZHfC!vru
zN@%1EidylhkI6CC7;yn<cptnu*wP+Vl#q{^OfI5o#2OHa97{*LzScOBn!pAsc}s|$
zJO^*DTSRSc#WOV^_E%TTvA>Z7t0SRFH5>`Q84h&?==_C65ws?pZ<OKjV@OB>?I}cS
z8MgeEe8*ryc6Am9u*f_bqh7eavW5GS4J7-AWn<^c7HpicPsG$<>deb*jYV(W1qL6(
zEhI2)Al0GVtQvDJdW%Tb0(imkr^a@?c)~6A?@ox{(VEB%35!y!ssR!sHX>S*FF$|V
z+a@2aJ86x28d0uu?<%9fN9g(GPY0>CPd)<_{#*kuOOI(9qb4o(-j6jyXy5>pqMHvy
z)V_1zn>fY{1N3P?2`ie>8Ars1JVS?RPP?{CL{R$Ghvl|4K%7)!lKo{#SrIsp045r0
z5tiYOn!d>3;H-b#;RuP13cN6{nu*zx6oq3MB*+?ieOPMOczWp%1hRT}I!vS}p2<j9
z8fu@pjhSCyZ7823ly#YT=K#j99uWp0$o}V;F}4bU4`go0dG?=;NSqkr;GF1w*q7mX
zi+c!ocpsKdtv?|h5FA798?Z6u31NmIW3<NEFUw8aZ-22J*TTQ=BHCaeG?P`r`Xe~d
zVH<%8jkU|CU?{TnZ>~aC)cH}@)H}z2Vf*-<z^{09=7H1z(EJAHPRet&VGX)TVfU{w
z@sIW(7-<3u?|FcvYqA!DBcNKSaxpr$W+mK)ql%IiLAYCM(t@=^m6Ja~{CwFQ{+GBl
z{QuzY`7^mFq`(HHi>g)@FhI`04`6EM){=&a30$l>9Bn!a(iOv~Y-)rt2$;h}(A45C
ztD1qF1$x9Pu{}sD*?XJ<pqOCZ9L9ip8xQD29t<5I)gp>7Ag~f)L_PwWSiy$iDmRlS
zXg$V*g)!GfU97yg^3<19qC(Mf0N{!Uc=s-_&DO|^{QovCL2+WeiKw=oL5NtIO1K4U
ztD(E0^}rI-P<VRa`WoMI8FpA)G#Me#P;Wtb^OSy7B3nw*@jH!v?zzN6;}3`+cu+#E
z1$d!ZQvykH53ybgkpi86Ac{DT<Nltv5jB-^^OrF9R4Ea6VRvMp1I@AopI6myEOQ^n
za7elz8^p}lrDm`vjSuO7#m^6yl&-Rajho~v63x2j+gLG>T3bqox!R)6j8R5$gRn`w
zX_`;R(}U}T*B|HoTC{y!_F7=+di<oWBfN!GtO%~cw{mV-9**3)tThHy4^~mU(&Eja
z>2dlHSh>XHO0ZTwC9P--e%~?qYQE2+K&kfDd(HE&no+*s&=b_Hyg!CH(i`agv}#a6
zD=dN0sz_1e{S6V1YU<0(n#I)d$#<dfd|q!y^LC$wA9GUlZ1dMBZASx?c<+2)OSq<o
z)YLJXZ$ze3fufntbYH!z8=u55To>#J14_f37s@sF_pFt=#yh<yDrvjD3{j*pOLkpP
zCj&=ocrCBkEnNp#=7vVX+uP&HWK1*o6{81K!0LCC^Hx2$S&yr4voK#kiC4FPRI3zE
zkvRiBv+Y&3lFNMM+HlP-O);m;d%2s~f|1xu<%y4ZUAO(aWH%I)`>A_gp3nRIWJ6c`
z0G-*s_dt=J*B?q?B>>@oz5@*hL+y9yz!cA>{PThLB>mXZ-{y!R^!e-F*<m)=_g9eM
z(IE??$4K?prlR=JR_ct*7gBk$Q~#aBE`hTrVg<JPVTArb&E<v&{$DfREA<DXt3E!F
ztAk!AtJ8KY=V~(_Nm;u8=2Jgq4AW4%Fl^cv@l8}_hvkRqJ4%WJWQv=0?&&mlJ%&LX
z(VicHv&CWMz2+RHV*(4%AA@a~W8135b`jLe^m>0&rl0=g`=MEOErh}#24!d@d`76^
zO*?{-O{DNgj;nEAKD4bP5kO#7V^g?7mY_qTeYEl6^90^${+OxFk+5;-HEpV{86Go+
z*<9*bDGa&+*(1JSil`ZVPr&iq3TV~qV>abr_)Ov}=Z<6h3|sPpOc?MHJ~1P89HEr;
z!5PP~eF$Bkpp*TW>0l`)QYgl!JVWUQ(9-fbxxE(`VbB|26PB)C@|8M*XJpl{f6uAq
z6w>a{2_3z4D2o$T5i!>@b2)XL_Npgi#nO$WHDnje?p;c@ZNKu;v?9^?z@Kd|wXWPc
z<_i*yIDq8k_BNX<`JR3{MHnYGMB>f~c*(=|^-?JO>n)=?h*OV7?piuRL2ni=m;lOw
z4XP=G=xFR+yZdkj59y%C%|k_L&{I-5_gYQmBic*RS#f1ZqA%vjsK8kAjN;?snWcQn
zK@a)5?k}p&e4NC+A4V%8#1<zgup^)08>Nltykp<av726Z#Q<sjEzB<37)m30Q3sM9
zon9ENzW>BDk7h7k0b|c+##Y2=`K{KmrLVJ-vnKpY<9kkXvAZraC-Eo4SzZ^_f~>j(
zo9p7UE5I7s$w^4MFVOM0ex#d58)Fh_ThWS}O4nCI!7Txr9mfCawc}f<hU{p5e{}<B
z^G%vfQ*&3B{UkLM9mmLz6+VJ-#f4zhg8F&p;EM5X&(5r<8VY@bbDq81t1Z5ovj&5q
z-^@=$_8p)r%JvkBaRkg5o*-mQk2(Bm6oBgQ9KphIwqfquRdcZ#>`bi9(?lJ!7;D^k
z33OcBrDV*C&U?Ez`&E&|T`$`z)W17Uo^I=YMaz^k?bh$}kE<`8j5>jhx!u^-GjrHC
zzk!f5EluuXGgKa;;>gk0QojT53b196p9NCs*YY6Iq|4=Gd{lHMp)DIb&jDzP^8+f~
zo}wX36W6UaN@_hO9USadP~pzZ<|cz_w9*WP<dg0(<;1EvR(U}fO7lNfR&P-4kYKxn
z%o69WAN9=x3i2(N(=P<}5q*6@91+jn(w*}VJpGqX{?cTx?%8_)0mKWumQP89*`(X-
zLzMEwTl^D%z&;kXz$px=uM*Ev43T7F`+7{VCZ$^kuH@2rbc@?_2Y$u=g8|DK|FHa?
z%ViwpsyaUfF1Ubk$GNSa*o2wRbLXXe8SeIzxy*1=ws}9hz^1$vxWcz`;mQSS)yj$Q
zQ^oemSM=3anw9J01JuW0JFuOf7{Q%GOV8!>F5QRM-;koKU_>r>;Y}E2ON0lui)+2~
zvuMdH$Mn>AG5_);F9Hgsj|0=8a7J3S-`KYj<J<gZYrVi!_X4<Tw&8&J80=h=2kA*3
zt&mFp6qzqUoiN<eKS7z^yX}lu#$t9!C$4=#<PryjE$&^{K+01*TVR<7>od9coV7|m
z>hIb*$7Z?jp}7p4Q2F%Wgu8mHW#oCJb`+rSdk_{d1*-wv1sYMoEcdB~?u4fT#fom@
z5bZ{fe%#}g;+DJzty6E9fOz-h@`KbCQ3*eztnk*wZLc@GcV2lCroP)>Jjlq+#r}4N
z{+OVh78tJ2$jqL9Q*1&*ull5!e+<T|zyAQI81!h@k}2Dpz;}Dx4GxuGbS{+4r#UhR
z7L)&0jK&e>K}h4f1jN%iQHNJeaL2e3wyK$UT5xEb9q#|MS3pd97&ZgQs%7hX6&Yp{
z2Wr!8(zOtVqY83l(jFIhnp;e!@{(Gs(PyZIH7;UN;F8}@emw1t-(H3LY*4q*r93Uz
zzL)O$0;BKYQZaaY8rwY}Tv_q_Qc-bULgSA3@_Vy_82bKBis95N$L6Apj56)@hT&k^
z?W9X6BZ%QZ`C7f<(PFAXEeT{=xCcHmme!Z%+kU1kS1@<58!yxbaAjVMBos<JCQB`r
zV7i)w&U+Klo<V(KSd7kmK9olpqxF_HP!XgG*^x*y!bTcy)gzBy9(%<<pr{?M70y9i
z(eu9=hfT12W+n#?A&cW!cBj6spxY2STO8sKRP@TNt`qXNIw9P>!|E|LE3zN#mc;9j
zF0hx-+3&uBI!2H2eF<IlMqUP`LdMvxLsZWF#qw#MkDt19!e~sEIzw)h<G#F&@`CAL
zemNGwdhBH+BOS2OtXC)0<6bxfT0l(AQ69{|3Fa-ug)I=%mDXdj#7}qU<m;pt#%lNt
zWFkWN%N3FdT}9Fn2F_%=(KL8oD3Uz5ht6UE$TX~`eo)HG&7**vvo53D!2MV~4Z~u7
z45JnG){TymM!TL}lnXx@YD%IAqc9Oh{lsaKMt06D!9;1Jz9KX@qIgFD0`&eD2&6r*
zTriIJhJq!WI-44x=5)wtl8qz+z@Fx57fW7ioB89SbuM<}`3J&u(tFEd{+`a<t?HMu
zH&?MLV2^$Lti;H?=|DL>52(-$Fs01GghD3xOSiG3mP0%VCy^py&^A$)-`&m82X#XQ
zbyL(^cH*z~Ch+CZS@E$^fMu<qjC~Z-fJp48!Y$68mbl6!UY{&Smyi_~DWkBiK2)F=
zmPAGdhm-ysJFTA5BBJw6`Z|ner*bDf;`+)j4k`0LjBs*`*0AV5C4Z0vy7hsZ#A@;e
zyJZedHmQR*DJe(Z_dS|@Y4`lDDtESR<omomSPyk<5IvBdZI&G*3)%y|O#y|fVqrQ5
zxd>;!gU~7;H%$|ejFb}_6joL>adZYE7tzh#qGzn8&LcspNUvx&{Fxh<T-8911;|V+
zDr|XJw9|}|0nHPyMySi}I_Q%c5+ZTreQ(YMqRM0%=K`c|ono{b;j7vJ#T@hXQvyd5
za9A>uO7g|!pB9}zA5O!ZKu(!Vsu`o;{4W=6l>CoOI~k=!RYjQ+e4_9^+s!@~s(Xmv
z9C1kmqp+=RaeWZCHq}@B&CptJT}U6f@YY`Et;v@w!Hj&U6;T9>6bvX@3$&|r>KaU0
znGPK#C2&y+UW6cDY&sztQbDSQ)t;i#^eMCi^3@Q=9fhw`I>n%_i~EBR$utRBNGwxy
znV}<p01T$^L#TCCgl3Nl<Cmg24k#C<{HYzkoE<d(JKKsaVbVJ2p>#0DinWH#)7R$e
zDzVMaZa}ZLP-~2=%rs9x6EI)Hy88VG+TY=kqSoXweJcJ*{RLO%9iC{t#1f|bm!^C`
z!Xx#bF?k4>7&n}e-Hi%wRcTM(8@NN=kdeVF5jgWB75I0Bwg*-|)?n9}Fd%XUZeNc)
zUrTgrhFVEhq$v`?6SJH;&<s7lHK^!OLPE`0u?nb=CIFrQzSjyY+RzF7W?to+-}mrZ
zS>-df`~_ceoTm>vN3EZy!PiaZ@+`c*1YIM#YRD(Cz9ggvwE`41@jeOE;~nBw%-}a4
z_}6@rfk4clj}*lRS-QNu|MLTyhWx%`4mXt?^4Tbsd<T>qb2e$<^+MPdnsy`-V4lcH
z`GE|~F&jc5ONoN8-+4{QCK4Olk+&4TsU)2nxz`D2Cf?{x4QSXBsF<2U9fIla98xC9
zfZJ`>+)Rei+#u);cF+XcI!n<DTA7S|z{mrbg$!vzI&Y_dRoIYXIzf|VKa@<zi<D#^
zduSIM#1S#R$0+(xTtfl@qKl>dKygsEOI;&^tJ;|cs$+BxM85@?@2myXo%2P(1Kcs$
zMgaqfBFG|?nIa;NBFHR~o+2ZPBFH3gRRN{w@_Wk@Eg1<sAM)4?DluG)2&PmD=IDqJ
zy`4g2c19@8!XTW~+?ubUNWL>Y6}se!q(ZP5F;s$wl%^z$rvfA<Re%GIlL96xRlr4%
zLQtZ0Mh*!5iJ*j_F|5=u5m<2nD0zYLJ|!^rNWmxBd~_j*OM-7Av;YLj%t&H6bFuYk
zE0<UDVNpshAJ{9U<HI}YS5d*|g*H-Jv<(Zvq6u5UC}oV<odH==>F<YElUZ*uLz|L<
z7d-b5{itC=*m83;skp&y$$IuABv0OpY_v(H$SKz7j-=ndkQvAGe5>WUDoGBmPdzIU
zkSjy`=S9{P`;IO{MrW<266zx$?%d_zbMKni$iaAsuN0ERG5Px!d0S+PK3FVM8l+}m
zBy!w1Q>~_CNH17X!K^s^hIAluG;gwyvlJeEK_i?U7968&gpiMB4}G!19g<@0*wB!o
zMpT>x|Ae`<5lA;|x@j|xfZAmRjAU6B`AxF)nleoy5rvwuBP<#rGbewUq&e33vw>wP
zp0LXwaA1XKG}i92Sh)=qEMR?P1RIi(EL<2(7s)V3$~DIDBw_r8C7ypUnj(w86fgFO
z=YCvSd-ysn-@h>xGah%2H=f($>1L{t+1r&KOj-q%rtocx=}V}mVn)tH?2E^4wjf=l
zgXg3mrus6NNEfHo48}5Ynk8|iUWIuylLeQAd^1q7Zn`O~muw?SZi4K;%QDP$i#}4O
z-~YNF!?aZ6Y+^F0=V#_~{&CU>ssNy04zs;-RvQ&zz1S$y<pALmji&HS#qf-UypOiq
z6CSi*;>B*-Htj9lm{~#1B|qj~&sEZ9ZsOdU-qUVa8_QH)K35_#%Ict<$-rpQ+xCUJ
zMbcj;!%i<cv1aWVJ&1iW)~umiCj;hO^S@R{GUcLcAwt8UsWspl8yOV0rVaP9{TuK0
z2BL1+Y|W@EDSetOiNPD~fjFsUsE^c(MVIodA;g<I0D4;RRo33=@mrwTP+qU7Do*$K
z%0Z~I@_nAkUHD<imko*1wjn)zSq%gSRZzNKS!-McvLdh~v;xxQdLARdv*e;$jmcmb
zX*npwI5L+FqqNkS3JY}g{Q^2r-+`EcZfZQ4r3nq?T%kh<HX>6MMxef82LFZ)nW*F4
zhROmig`Ywj#~!5LG5OBa(4~2w%S81VKH9Em)^*4q>#NiE1Xym=^F}O&0gK<?FZkY%
z?Io&{cl$T(6x89_i)YnLR**qf&LDF2qZ|~@3|TlbL`<sV9atb&=}^*wsy?ctTphcX
zZARJUt~svFpl{pHKw`}DwiIxx7-k_#ytWp7okU#Kt18_$_1VFmW}GP)51tZUjB;rr
z<{?U6EUhlHYk9;aE^yU2mc{)K2Vmbs!P5c}kJ>*3pwmY|#_@$zbtXIdeB>-1%Ke0X
z(o#$m-cH|u(>d9x&+QV6X`2|}yqG4~f}81&H(d5i_%pkpKvYnlbSB5*cI_Fo=Df{d
zNSnBdEI30xw5}kL^XN5-uxwdiFA%Wx_}xMMn&#BP77SiIm#HeP(*p8{I7Du|;=Z+o
zeHd9^KWBI+DS^+p@mD$DXkXg!o#M+|+iG&eu=xEh{(#qYRT`U&XR3tP07?<WV2PzF
zL|GjLmscVwJhQocTY**dJw}(nLC1gq!sS4r`(Iiwv_iN}^3JtkBs`VXEa-FGm$)i+
zTw}<aZ24;T&QWjU`>DKP_FrUwRdG0DSlbw2LsuQ~-^7@MUz$?l?_*xICiZOd8%;!;
z=oN{co`ugTb$-^($VGG+fb2$kF_um1s9JDg+ny;lOTG_OWk1?fwe2I`wXQ}rNYS1e
z6S8{?d7)*bo*krT-z0<+dO>70y6t~_`hCg&Lih0QRVX24e?;qp*PC_+!n6<<XDBi}
z48+rC!QXF(WA@kClK4ny1W6?!QLVZ8`DXQh!gl#0f{i{s?0Hl~)$O4X>{wJXi+~z`
z$R;~Jn;&<PeLU6~EoUsjji2tkO~|43kt~qh3?u8K?=nU%)~xPt!y0!@raN&=wcNTN
z%gV=GiT#S3-FM-OOQChYrtddp!tVh(O7HV{jf(=ke)Vb$t7G7KVH!_Cg9%nAWDzn!
zQ7BkP3q|K}Dp2t~TN@G>@M<g%(%Q!*Ht?)?+HiP4H?ZWRn4Y(ZCaX>|dJ1j8MW@}Z
zM^<&%{kh3`Go97_O=w6u+c{UAU5m~96D})PV0a^|#2j;+Y-1l-`M2%((b69V2M00p
zluK>Mh_z&xg#H}^jdunoI>)-kIeS!8aARVlB*V=#l#|0}-H*on!79@9TlFC4$$p;B
zj4O`>^CqF|_S1sAqH@=TIrI2})Iqg}roVYI4ryxa)0u&47@eMt&-_g`o|8=xY-PV)
zLXMx5*Vpt%X&CCcIZVp!@sm-(SQ>e0G1abGg)fWOA;VqA=x+OXAIaKy>RInFOS5I6
z2$!-y6(X?<xj4+Cw215C(VdyOM#-VsRSn#DE9K1(zD-lW0H`*S*1pFqX;qMQ9P~0}
zB-10%yd1n!kC}&mm#S9&uKh!vK*lygI#=B-_`2Q(&!9Rm2qUI+oPvxxn6JUI;?=G)
zsF}-~xEPfkOgcIA@htmbPB=aL^_Bk`ml#RE8@+qFdLK-FlIwG%K`*U2a(L8Ug*B-!
zm4609*0TkJI!6ivCFBvD-`WDg&Lo03=s<pr3<9);z2GX9K`XR8XCWr-I~<Jr$nS|r
zHlr^Nqri>&Hssd_E@mx>0aRx!hDe&7K$`)XK2IG)6%FXXRE;+IF;NOgHD#|{(h2^o
zEYO^8?gaD{_o2zw(8pF7RV1g=A3kxVS&u=+ETOr*r_-dBmfL$okEI4{jLfSvM%NhE
zv(qTH@6%|^k<v=4(#k8>vXm&91~W2ravzqTDT%2R6+OdmbzqpvK=us0C6$)(O4f2o
z+6!eV+0LmYkSWNNv94ASN^(I4p;Nr8#gZ*YM?c?D()qGrDHm~&)zgs8BIdBX4dBGz
zTGB_Hf1sfg$}68Uca4#zzVo+t^=~!`HpD5eCiECW>tpK=&)Q8d179Q}%>TRMHF8N?
zvxvV8iRql(sX<sf&2tq(=FsXXTeRLi@Z?M1_#F%r29L;dUlph;;jy0VDy{o1#K6+V
zLDO<7S<)s1Ve_pG$SBwh+qQQ@cbwr-6XdzgJBsPab(#gRV>hA&nb0Se35;V0bb_GM
zr0um1xvdFXb#qHJ>QZr{?0=^x{2|E%xkF<%1B2meXMPxkk`@w5d-Go01jpm1PLQS)
z1RD~4K)R5-LGt<6W%}bxcl^Tc>jAq>Vm=-zr~&Cl@XHXtRXh(Br^8t5=|IO2QKl1r
z2lRW_cW}Tf-(qqx@TVN|D_8w4rm9-}J<QN0ep&4iFv3y{AhEVp0l2RsAmK^@dV=v>
z{ps4pY7W~o)uf>~aOUTvc1($no9f~T`<3p^jyvoQj)s>2mv9E|S0J@`T?hAp*xKrU
zp5m$!IkH>G+aCvkbVXrG&`NH)j`q-f36W1%#oHNRIRaXee!P05dL@34HM7MV4owa#
zQo!^rLJ&Gc#zEZ<kGXYx!EK3xC_m5p#l<UZHEyALE)B=&D)#5qG3(ttktko%@d4$_
zwfRwZZc^@ue6UUe?cTTgci4wWiD$y(f>7nF_Z<3O28ZXPVmhk@ca;a89gsJ<h%_s<
z1J*gU-&6NxV<uf~1X^g{J!*O%bsJ>vcIH-r{w-dE=A(f;e=a}a(C?H2>7!WblM+KS
z&$|!jrHuBRJ@X{CdYi&ZyCo(o8jhPWLk|Pd-nNyEd07>r6<U|kYrGXx&HCuWnoxvk
z=9auaFAav!L+99SRdI3Xts=6rBqxpxVsm?q0+3t2W_U;aY25+!I5f_8|K@W204?gC
zmvRn?BLY_P|1d#|`IN?Bl6zkd)f`$m^!w+aLVnM1N%6)pRoLK5E>8Ussxi6ZZTvB~
z=_jKVvlji4xW}Td<A|1aRBVH&wlI8yXZ9}ZsWgi@k<kzhaXhZ5Q+UoBn-LVefLjrz
zp^{X1Xi*SQiT7*D0*#R2I3#yR)3CY3ht!cs+Ywz*qb}}uax^oT=<crtF`KqYt)U$f
zGoz73)ZaJ)PD%kyc<<nMIGYLR|I$}%%+C9A8_`3=5d7m0b730~fH@Z3Cc`+O5mg=j
z$f&wy<z#@OT*2E0+A~erw;UG!X>xv`@DGAtbOL9*&yjv_jA(($PsqIfR-eP)-a6cc
zy$)$hMrE}8uvZ|oUTsR_`93eozN8+gs*cCvK>d3&GnS3n_?HV@^tK%sm?dB<@=a|a
z3YAx$FDiAFqUF+*d)5=w7Om01sb5I`G^TlI_Lwp^iQ2=pqD^OqIZ*aN71biL4oWM0
zrB>`Z-0EGzjv7%n*r+;f9_mQ6^g_B;w1YBjPwHqBNJq;n9^s6etNz;}2~8eyHk|NS
z4ui$~81_WtUt1#h^qiAz?A8VE@#ZY8hx`>b15e%7&POc~&KcsK%=eBvEUw&o<&;JB
z(^y3L0Sw^PHo{cA$%t_z*_%A1N-uATHjipk*EFafid)wEB(yq8)AI2F1?~&;UCHeV
z<RmbI=M~@c^ts=S#C>&B^jx3QVc5a>(q-Q4LEmr{1g81Oe|5<t^M9^LS41mK+Hs@8
zVH$r{igQZ#l!&52Vpj|D#(Nu49vx0nIs<OrSA=&2(78cwA`Q9xPelY>uT9U9?%gk9
z{}vW^*jU{Ipp)?!Cqv5o2Aw{PX2i`haqZqgo2SG&qZ1^<<ik3VH$jasNdg|jBz+m5
zOz(G%L5)|Vro(g<(-9vU@7fNFYf=Bu*son{Q_j){y<@t<`ed=D2f-8y2$>5;5m`C^
zKLC6{gTFAYT<9Dd*=MxywNwil8dyZUKy9B0t(>?d74mIMfiRk_F!>i>@TcK}qqp^F
z-ek9|w(*T>1Km8En#^fIp=Zuc{zm`;6<&@MVN{4iM5y(Y!7IHiLTE%Ops&yHFujSM
z7fMdFxUqzHopJCA{P(a`1ICKE6d9{s)x3+zn0?>6_-UYX%eG*h5jI;wuy>2Kj=D%K
zE2(Nh*X(H6V1!lGoQEgTdL0ddu(vuQhgPfJ3quyek$bW`BCSpyP4KNh8mI>EtpR1U
zGn&h~&vUcydEW6)r8(1g&9?5%1zAwkoYP?l3N82f0-&5FGrcF#dxghwJGV`%Lmj(t
zkn)LDe@V@X!a$-}vmDINTDJB#2g+T~-0*(%5cG+e*qUu5Xd8@7f~{?q{7zqlNe(`A
zhOSsql8WU`0NVuy3Ag>Z?+w64D@HPsqs~SiA=38nA@5w;d;#(elwrOg?2c6%Qc9&j
zbbyGbO7W#whoa64n=u6zB+SklTSvy)Isz|_?1<;b^aprO{IK6DX84oO&z_$>-!bq9
ziTZ~B75uOD%G>{5E_(bVftb6QQ|F{4I_`rph0nl`{`qO^*C(H!eRlTzM9=xNQ$2gn
zGymE2`6&sM#C0f|nK9Mz&0h-BzVKdFxyb@Hn>a{T&&+j);%j@~!twJ??7akW10e-o
zli#dm#eOr)^p4J;?|jJh9TCByjGC!+2loE04qivoUD4k2tv$1uO(k0-ciC3CdAsIi
zZ}(MT2G+`=FgEd==?~slZFkoWsy<X*xI~}M_j}gJ%s@7^*59scTC+t{T(cUrB~x+U
zd1>3rQ`>JnH0O-avScDhmlQI2hlJ5cX>T!NpHAaiZrS#`IqGca>DE&=sGip)%UnC*
z9YSfj;@(ibfI216B|^&>sB8JqHmo1e8YAtEV!5vHx+_|*lC&26MGJIh{Ntv!6B<`q
ztF+TwFO&zc#+2_FA+H-%gHmBglH(VHkS<Y`3@25|k}iQ;ljgSlP@9B~3fbD6h6*rI
z;9H?o7Mro7wP?+t-cohClHbz}p_OceNq`8b@uu45_0~Y&c%Wsot&VEiHV)+sJfA&(
zw)ZlJ8k21mmU6Y-i0q94%e6ed_b9a1@KzLQ#`J4bV^CSlPe_fZ8aBaS-B-M32?bRr
z3tA{fWJMa`MAd1xLJqzXp4ME-f(>Yjs+sS7F3kZ1CTx$TW5MHL#i!dA(?6pA)Q*nG
z34ZffkxI(?bnopm)4cdtrj?{X<-8X9Wy+j~b)0rB0(1V03Hm9%<^`>aO-R4H#+iVY
z#Kax1B<Sqqj#j8|dhG^(ee&V_-QVAwzrHxt5+$I7o7uJ%(*DT3*KBXlFzaq@oE^8`
z0gz309$M0^8?B5M8^S(<d+cuCa~e_7>@C#$*MXjM`)Xc@FPo$RB`H6)0Z*@@o~-w5
zt31Af(?{2;Jg)uE&#%06i$U}*<qoSyU^TC;`|9@v=qUoqFNPwtt?!{l2<r#fN3Wsx
z>Y|{k=Gk8gnceESCpu>Op6tw2kn?Y^$t$jI<Iu3ClU4^mfm(PGZ3KaOU_qW-b_x4f
zN)>jw+O^piaoNEv-z$dGo$KiW=*y5HmQpyiP&X00qwaF!_pN7p(IU88aQIfX2WXm=
z-pGdBQ;a2mOqr1zUcMj~LNyg@>#*9_glU?QsirJtRky(NuxkbfM=WhUF}XmONu=E2
zh<&VocQheK9~VmhN7M^-G$WU5*Gi3x1*<CLmN_#I1ZnbxuZTPeQv~0C^Y+!-7oaBR
z5>W%$oxb~6RmsYkV&3lRYdT0Vlk2jQYwjU~z#$0%fhQG`fRjID6_6bsb&ps!^?uP&
zKBCRHdKmO_VSD&ZOg=TnuDEhv3X+^}?Ax^j_LvY-bj_d6a&~v7a{7D%Logl4BL~W#
zCspL=`O%DATTN)<&)a=3NO2)6HxO|1KRY5PvVsw1RFHzvJLCLCL9@ZU{L?|t5J^nJ
zAW4ZBB*B^>JzeSX30t&ZH74e~kX6Pk<{o?{xH^i}AWXRExG{cK0Z)=F6XLX}%U9{^
zWS;<26_63h<tr=TJ+!}^tJ~m0*-KZil)i~i&e!xuDagfNuFbGcf1yPSN}gEZ-_)&X
zP{R&XQPCfpifO$hNzrlN-d1k(@5w7#Q`B)l0)@QL?n2b+%N&3K;1N$rd4N8Vf!JTh
zI?i-?&3nj-?633)U*hkf)5Qz&MhX@#E`G;oPV~v0;6J~uc+G;+DCr8)EFS9y)0vQc
zz)t3k*J&u%JEgy1?xOHzQOLQ)>wk<{ynlB&Y7+0?UD`S5f6B$q@L`ByLHRhtAE~Ie
zdg>QjI%<2BzsAJd;OOa&j+>}m2B}_roc$bn<wMu}mWyEFbN3YMZ);PCWi{)hPG7I6
z7Nlg|6g4jcF>GR4UNabE;JaoOGy}X5LS8WpyXP-#EpU_rfn9rvy@ohLZlo*0utN?^
z9;bMM4oTr2qj!`Sbj}N2Z?t}JI_orSR<H~YmPVsh9;fl_cst37{@WRNQBSe6QdI9*
zv1&(QvJVa_MGw?p;&-u?xWO;He|PzyyIM<<^t)PryZ5e!KU}lwj%O@lFqlZ((_Pp5
zGgJPr%1l~y&ni}ry3yN5?0x9k2jZW)XgR@2BNrI=9yvF%2x#j)4kcS9iU^Q2<K}0d
zu+u|<2)`zQgOxa>_yKMgc=#)JjQbwqjFqcJS|y$S>KE5tkLgQRuE-bHPQ&)%g&{uz
z3|pap^;nUDFIWIkFbUU63SP@99nb36KB0H_o!txa+WRdfnJfyHMZE%YfeYbC_Ly!a
z7fH=-e-Fl+G1Ja)1J2%EoWFW~F<a-qTFLuqEvJoQQ(lK|#sm<UL|Bp(=#(-L$Rj=O
zrh2895cA7v@q)Zp=*|Z}*#Bkk@4Mr+t$lGkfBRKnIcF`&t!5;}adM9Dx$RG}omRKD
zqiZSYy}!0M!H}34L>yvDkdmjT=e>Uy_69(ZLjvH;$gvyZk35XXO+0Sw$Imt{Od(3Y
z_EJ#r5ZLNV^D4`5uFHb46W7vo`r)OB+HlesYCxt4s%t>;(ANO@Fq?A7ZR3+2w&%Kj
zr#ai#jo(AsBW%o4K*Ts;FwI4w_GZ!CORP*_5>6}0iYb2jW0~C0MF*XI$GkPRx~BFW
zn|IBu{@Hqd{R{^sFj|#MjKl}as}=`3ry8NOe)+kLMbz^}jC9YgYw6IlSPr)Ci9016
zv-{I~QQY!;F}dgEa-w~pr>ax(^mF)Epl`;}agnCl{aQ&juQCj{kyAp~T*vI4fU<i+
zDxUt{U%YhSO%ufO+N~tEI;-)UUOf$U2;D2HFtT1jQvvZv1+2LLmU6Z;O;<esXt+UG
z#xx?!&hjJA)Bag+nKa?qrU0pb(@q%cWA-J380kUe#tYr_L3f_5_Vlkd^6%LMzdl)~
z_56Q4j^n0L&Tk-M4`!4zp147#xlm`3Sd7be?{y;|K>GVA_5P@PbC2nalks+!Lu$Uf
z7Ld)UQCEYa7;-CPcYs_6TF@0MSy3bDBqGms?Thc$EWa*ka_jYqjPk)JFCXmT@HN{8
z6HIkxS{*2c2k4hPjlZzp7K01l&~=<8$voYX1?<lVVTHl0Yq18*#oj5v6m4I4Rm|Dd
zJbajw)_JMPvR3Ms880ov@w)?Ai8y~6T3zHM(O4^RsXIs>)<fsZ&Qnb!rAdRfaDiuM
zXJ-iI_4U_Z6HyRKQkL*l`#~>Zr10$gd`kZB#hcd<{<tnBnTc|#zp5T+5cU8zsrJ9F
zzk6GQqBP$Gt<g?rBShHW&9A=va!OwE0#ft1#w{=rnI<?m7bT$p5CvkAU$<RireFyG
zQkW3H7t2zoj;r09@ub8IL1djG0Ixu7%8stYq{ToO@CnKIEhBUJheA~A8Y36OVZAgp
zEFE^D-iwlzA21FnXrFAHC3w0e5$ZhY8vb=nc|kn6=S0VHK<Ec%kTfsWgr($#Wiuv7
zd0mK~VGH;j$+;=!rj-?`g>IAb?zjpJAb}D>LQu>46<x+?yVgg>rP`f<jJ9Ks>$q&S
z^Cj-3D&L}v2uywh8uDxCC^fYLoVagDThQQM`q`Kjvy0LQ%9E_D^fEyhrs^}35>XMo
zG*`5^RXU>P$WzEKkrr1B0srsNyR@PkH*YK0*Q4q52w8|Ih%9NL&%FBmkX0+*(6vO2
zcqPO_6$Swi4|UcEjVj6hfvQF59_qb$(82|)z_r}bv7?o~mA~8ZR>szGH|tVV8FMdV
z_ri@Jd(bNx+XGz8*oIusmvb*fs57rkCZ`X)D^M9;2T6eu6o=f%;V@@x2fmlF?RYz5
zi@l?<#og4{LLNSB%^Jbl&4<I+EEPH9+)i4=j6k8nwZlZF<c(&^c(~|HimWP;c+6&a
z)8y&3)MrW>0JFA_0T+)TTcbZ9Qx36wJ-k>(ceu(L>+VdncApMXRU>5b_;}472RC&@
zt+Z7WW9Q7gV3Hol{gP?FxFb2K+k<z47t{?zJtG7m&XZ4sjIs1RNM(#f@;FO^<mC8;
zO}H}wM3;HViaAZ#6W7AP)=Rcxg$M4`1Vfsfw<XO}4KkRp0vHK<U$R22#f$4pk{0}q
z6_Ol(<4aQ4pliLJ|0weWd?`Lq86G#RId_g+-EABt4l$&nS_{im?Keor1Xj2aRiS-e
zrt$@pu1m_kl-IgZNeZ@5DoEi#P$ERg-eJ1Cg+|vdm;PvE@0d{hQ7d}KQzP48Wey7>
zxTaED6Tww3rAW9Jh(R@H*-*s->8Md;(7GXGQv(H5X!APXqvkpnDZ8p>8JElJ!AAeC
zmofOts_Y?HMPj`T9kzeTa>+q1QMZedodAtSz%qp9r+r{VUAf=<>22NrAHpe~Sj#$P
z-{))h9g@&2lWpV+!}k3$x*`cGtf@-|u*bs82!w8+RAH;54R)eP2b^5wh5(fKHs7g{
z0sOr!m_7i$Z8thwK6z)$?orfrrCI8LoHXDIyyG_)k-4yT562slM|e@{DnK7WWw~~b
zK(0}$JFu~dp5VkeW)T)@dvLcIV=WYbJb*uX5L%$aBB_)jhWuEqSskwsE-D$Zbt4ia
zpr5;nwW+wz?`e@<T=nLUHAS-ec~>YkKNIykodK{i<}i31UfbTWU(yTKWne3XVr5&N
zEbo@+^m6&kcSHtmu^pUhXeskj9i3{UQ|;4ms$HT}&8^hk;5P<v%5S9`>bH1Vb2=1n
z+i72pBp#Avgg&(ODmt>g0onCe+#rKIAV4diz;ulHs7@h4I9PNJIv&Wi2$=P-fv^L$
zP_PceiLH^Dn`|hMEY~z)Ufiv^*^4#8yc|DK1S)(R@igY?9%N8GKQdXe6@~x&R?S-v
zmR48ek|<%WWC&)$ij^c{e$t4`dwh2u(A`ZNR5Mv`7$3}Cvu%UkSyQ>%EOqhHh*bEx
z)ecxV);O~dFx)r;H39Kz9=(c@iU_vd)DdjExDf;Lhbv=59q-zGcw#NFP4{6#w1_!{
zVd0}KV8l?35<!|`Mg-Xy_o3q)jBy@CxDOr4BFZ@%<34ocizqe`C4n@gj0m!ywENJx
zG_SNLaod#`F$u1H8|E3oA+)$Zt&w@vQPZBpn6p|m+=oX;)9Dcge$)y>Rn8~>PFS7@
zZ!wv=-9R4;S%O$qo1$Fj>B{tXkXsV_7v2H`7{0+N`gTX5s1}7R;*lP(1xbvSi3|lv
zGQQ#f9)Ok9m@FkZ#viB2x{Bc$`so#0iDGkN$*9*GboCSc#bxUTrDm$4V0oEs9#H18
zGZ#u`uUm6bYIhl!PaOz*3$_*&7D60XCcMk?J90-086GhiE@q|tj!O}>UDS=Z`7UC!
z5`@qnz~q|mM0dWm1lQKW>0qlOXATu5Y&H$DS)YxT%zN&K#xZS8%aRrObMpU=|N7g1
zPM-Y!`1mhplmGbJZ;$^vh5z`?lixr2r}>}XK6!F{{Fgty`NPfCtH1Fl|NKi{t#0xE
z{(1Zt_UdnuM4mkP{l7(ZuOadAyqt()f>Zw-u<9a+m<ihDywsPJWnxxJe}Jt%M8pn)
zw>Eq5;1YIh{K|)mP6-kMm)T1mnZjtEZYD02Y_%2zEjA?8rm@Wc{0j#FV{gzu=wHf<
zeX<x=EalZ|0FVYe@6O0QfYfU6TN6`(kNKUr8orz+x2PrA>70Vx<mA~teysiAD@H@M
zKr}@|AcRPnnr}l0`_wT1q6;<Rtk%V)L_ywwnDF4sN1{Oh_&?ZdCF6LVQK4Hh{%(xE
z5nBm=rkf^Gr4*oNYB-rW)XmBw;POaQih<4Z%A8f>2vl20eG#QUFpFl=Z}6t;b;c8b
zz6VVemf3Eb8^H8^4|U`#sW!RD^)p_o`o!1{-W$|@07ub<>6`j{NG7<pGg+I0Afwc%
zm$Cw7LyrLEUoS;52lu`eH>E{H-#Uyr&*D#`0kF1<P~|!hZR_}SpPovxVzQ`sI_%th
zltRvqqD}Z#GofyAC1~yA&3ny(gm$9gdWSRH5L(xG(rn*&h;OWwM&EbICee^BJPIZr
zyMbE;GC(G_D0i*vlNp<1q)PvBQM5p@)_E`~%UB7iE6n2cW7y0}+^Jpp*PMJW(ZkyB
zmzh5&^hqNvRO<53jHQ?u<CFy~s$8Cs*%K2R*iRUWWfm)^NCTLU3Z^C)0Bj1eA~L6I
zxfCVXEa;jhy!6yAENF78UIk|zbnk>DPjp<fyKK$eo^n};YSAyaQTuk1QE6tklde{e
zB}q3q4d?7)K%L}5yM3S^gpw<Zxr~mc7a8R%ax57mugsRlzg+v}WHdt-%^)#hD@5f8
z0_Jezkh5JQ@2eT;?Bo->tvdhQza0t)z%oSzSe^<epyT4|Qo3rqE~toK@D4r``N9R-
zs!yo82Xd(FdB@X=W_SZ&=X*)MxV}WPe6cJi_Y7RRc$wF{#&nXmBUAfNnS>jr)CN8@
z!$UPpx&gpE9SGToEeUAUdPjEc02t<lEtROGNU(;hrIo&Ft=nUSx{@_QxcwRLLM%C~
z6o5X3Jw|Z9tM|_hTdgx%#s_gc{<C8)cigV(Ow&A_&`fQ+s~=v3LImtdZNy;R)a6i3
zVIw7>4LYL)Hvn7BSeiN|X26DWpJN$i^*>iXyf`6z%BJT3yd(`7a}AVYfx-1Q*8?^@
z48bupdugh9GIW3XPc?A$=I<u|>6AJ6-B0SqDbxcIwL$b7Za}xK&-T-mNUzr{nd&k;
zKcPlUSY8$ZXss&&(N;XgqXK;{*v}?xLRWXyTri;}%Y%{1CJi<hC6dNkvM?vdU?wzG
zSxX^+?*K3K(!9tCd(S06py1rX(ol>tw*rd#q}mAv@y5SVh2BEH$wm1ayY)@<AlA$$
z^iFV7x=OKt94z&LDbTAt+mIEPCB0=+a;*doH)a7>GA97e&r(w5CHIFNsW<KSVH#W^
z<#JABm8eT`U9gD}heDgbi=k??ptaE9>*`BOiXmO=G&p#y_MGb@*$(1{v5P#ZMIl(&
z0FupHkbts{4i`c*fp+NREMZd8VuQt9d1->7F_hNdSG58wnqz^mf?;{&DuI=vWLAh<
zmfM^JbsOCHgg|1#0dQqZ=qki)2$C#mzF>6@_ll;lNB(3rfRGu(tOlJc37eO&EHfpL
zSXb9ya|>pQ?q&a3)l<l`-iwC}a8RsRNmE+VK_S_1s4bbLLtS9PoDi6}WKF9Hh&6|N
z5@*6-onejuM5&yTw<6NTijmkLDnlVP1Shj!LuScRl2#y%*UU8J42(9(D(P;}jNa54
z|4AKQ3v<yWYlgj+iXh8NUN8e_fYrlcqN^M?c5}+Z7HP$^7p#<ZR3_eMiZN>GMVoBk
zvV&y^Ql;8T(XANZB1)m}C3X9T20z3%hlSwYh&0ZT*Q(i8zg%ZsU{;R=yB0nW<!@L4
zm9kyNmMrPr?k471dY#x3Gti|8d~R|c;|qxhB{XfIi!CNm)ilMUuA}`yEyy4Hu4eT*
zV8ez4MbxD-jd8_-o|E4+1RO04Ta6wwagL3OKh+CjK%<(E$9Sqq>w_Sfb!(|QV<^sx
zXe56ni5Fl?H@T8(Ll+{;Sb>$<QTvbE1`YTUD7At<uM=zjv8qbmStNbC8TpJ#gpo7>
z31Idz;fUs&aUR3EUswYfXk6qQoXnTbra^;G6xD?qmQs0gI?L3B?rc8W-{!p+H>bj(
z^p4H7rN;fKNk58eefKu#<K^2RKD807QG~T*?*K*WJhnOz*0oc`#V(Xvy>cONI!6)_
z$}u#U143va5G?NL7B{-Mx`daFUbuk&F}HoRci6NUQ|zFIN`i@YzcDyA4_osL{|O3q
zXpft%!d@`-rD&2c(kavjr1?fi=aoxdq?0u*$_?6RPHgX^3A_1{kuMDn1_{*=a$94)
zVd{*lO#4@DPy(!8^f>EPeyCB#Bxjn|7^Pct!&qEC(ox0-YXEEq_rMyv4+eAR-Offv
zb?g^8O`5!NAGt}fTG@<%iX8!I)J7L>_M4S;!TzAWc0zc+h1PA9<RYKwEPd;|(Q>y5
z9Y&i1&Eq6HEwn*zUGf)Kmzqf*=ORb8htI|dZfHsCRBn)rl|D=&dF&1A;4vBTi07%g
z58zq^Lx!x9ghd`DZ8mgEAlFxbo}LvglO>Zxim2^Q2+w6nv#c)Ctv7%GiBtQMTtPIB
zg*$2Y+5)=Hs5Vi}t31INM_z7*MCWZO3SiZcXr<$G^d!{Qg*cXKHWFCoHh7CJP03kM
zlr@atw<0c-aYmEdds?ItkPT?bu~gd$N^P!yl^-3&9npH3dES;Y-9aDMe~UY&Z5j26
zm3<|%#lPxFh$C8+Vns`yfCZ4x9q-!8mZva56mdrsL=g~{^kV5V*)6R`?)&ycI=c&(
z#+ie-RkHJh7>HUP(;dFS*b(rg7cBB{u9Q+oq5kdMfI(Q7sng-Dg^ZIDenb8YK6Hl?
znpd+-+)Gm43v2a4=`U`%=9(MHla@N5=_>J3EoBlaAZ{rFxf6BP?^%|qfBQIg!1V1I
zJzwOQ*3YFeP3o+g<FpX#b*!MI_WG0d=phWGxMLEcfK0ZJuP%ez7A$84Ey3}rp*#7U
z(5<dEj>66p;cf$TGMgnG$f=!W*A&2<sCIxkyphWVh)_?+_qz7Gy<coXc8`4^P6$F9
z0@?@AbE8cJQ*wNft(VT1BQF-qn{3W%b5`7bM^SuH2r1thvVCR{GlW<JgBj+iiI19i
z*YHM7ysP~hG;xQA?L1T~oi&Y%&Y*Wbz~rqcb)W)B)|3phfs!pPjRNnyr<-ZcN)1G1
zd;;&xcmGh(0Q$Jwv|8pIJi`?XRMrl?E(Knxb-V_=e<XE;fciV68V_P(c4nvKnwerb
z?x34NV9~S{$4*&Ec_!<-^rrj%jwU+bE*vtg&VBf+w{F=CxZ#$mI<eFVes&}A?E}#c
zt1h?e<(#}@iMV40Zh%+s*EE-0<lj=B#d?IyR;isrP@}FHpD@r1X&Jg+?v<VZ4f>^M
z>cG%-!S1-I;^sl;FH|K;7_!v5`jRhfNmmo9452qg8m|pwNHHxd*#uchAfVxZE^fQ_
z4<T_vZzG>=$7_NLDFN2Uxv$*2Dmsam7$jgdvufu|4GH|nNxc~=8GU~f3?$>SP9d=o
zRFHd<6ROzj05c`gRv^oS;S89lx|eAFd#C$;kttPh81r`+aotxN(ZyG*s#J&08!Y9v
z0pSj$y~6L@HE`fHiOAz`34%eOYGF-~XoGH~HcNKc+}MVQp4hepP~ab6E4CYb5Jfcd
z<gA{HwMeHO8+|xch;|aGj^r&H+a<Pcf!i+CKyOXpzU9pHj`9q$(0DF+I&}EdIf8>;
z9V~;Bfl>puXpz9})c~i_u;?Ic4QH9+vfwehWt-^jKWJ3jpTjP%Xq>`~34O6$8xBL-
zcsm|lf$WH|Kz2h}ARlX<U$Y$m(12`-v9A#o1%I4r3!}+S#f;i`MQ{%8psHjJ?1~mI
z2TNBC<lfU2&FO+oEZIq&VCt>l@3z4Vz`(hT=i}FVKHeFqpw<aNB`<z)ZEpJZ326YW
zo9_)V?}!yIOJ*`=?8$&o$21b7)oq$5fG-|XWY~LKui3FBfzkG!dlLHEtrU<IxLRX5
z9XQ()qef^Sbj>HC$$k?2WYFV?6B7qq)Y!1*MGfCdXDlOsuUN4m;?7n~k2Fa@y<;Uf
zVxFUp?1+&Chf4h*roVc>E*L^0?xftdi8K*xVJf0`l$}P`x`BxW4SPpy2!?7GZ(qiX
z_WS677kb^h1~EX8hv~C4fECyj1MAr(w`>z{F(5igN7s`#WHCFfQ3G=T$uRDFv+bsm
zM%6fUTVK6HTpK7@7FSKqZCHmxFA2bmsA&@)KtCgP&GwiEyX+0Xh+DP^!2WMHggz9x
zT=KQ4@eb!)?*{S%&G?XA<c<&xqnG&!c`HiwuUC+5IB;L8_EIqUR+RAm2U#Q>{vJ!D
zV?ng34KjiOj%i>&>b}^xd%O5tlFOWkLeK6FM?iNHyJuX{b>!4g^T~Gq^n#0`v4RKd
zs*RTlq=jxbqyxS-h&Hq-gi!I7mTVCbl-q18RxAKQG>NK_Shs<96t*4r^)AMk-Hb}1
zDv8af&8GR7%upZ*y@sUN52L#7u%_FR8+I6_jul-iuJd0?xPSxn-vbm?UdSoAAd=^c
zjJY(73&{CgG+EUnr3n4K;&(J-nEOt1TNqT#x8%=wZh@7+l}KRCz>ja)=J83JFGW*)
ze3?J4L82Qx$jWdK|MnRE7Kw3BbXIR$1Rf^ZKBV5XZ@Pl^>AlD(y55KTh1(Q5swqaz
z)3rmV4y@293tJA$D3W_RH36O}E@5{NLqPhW;z6c$l&k{ab_4O%K#`1qNHLA~&hii7
zk`{CFZCr&!haz7o30;GP<)S1!PqHdSpDB<>&*{TV=}sHCe%0(;lhI+FiLus$F6;nE
z9k9`@NgR^EpwUP2ix|;h0;}VBAmUrWN9MgS4b57kNmFV1md^@CUMy*zv&_L5MvGl<
zpJ`drWQpM(lqgP+vGPcgr2ubfvgEl%f6OgXbRa`uEqa-MjIuqj>gtg$yQ;TmUAGjE
zeO-<9O$f*YDuuP*uM5g)HULwDmoStDg=hVnw!aQ6xm;OOD$nPvC~$gbOuyiz%jcxZ
zos4Fz1GyCUBo*YIL8y(AMj&=x#uS5bMh|IciCC=*vEn8U-0X?Hv1PN$TkWU0!daE8
z<*kdTeEWiwv{<lG(II)YnlUeI=V8ld4X#RgWXn=EMzMQMNkZNkiV!mZDNJ)wBqoT_
zRKdiWXlmtu(05~%m(m;g9#^jtr~l7?ej8s$?5KXHZ#C~lk)`*c*aQqxI#z_9_(l?;
zkPa$x>Q}k$?|C|4GT`y%B$(V&H3>w`0^upkOLe#lzpQ@@)Si%696{%RHdG#2&3IlT
z7}g6AvR$cjWy}+jl?aOkum+-B63JIpR??h_N@g4HcKVQu5WZY9_8t#H+$C!tZ(g>L
zn8XvaV8OU<<2S2wO4Cz&^IBLq_MRmgPGp@`3*HO<^g&C#*Hx=43Ha6irF4qC?|Vh;
zR(<``6a#KLE3cE3tyvyGtP(l-w%(^WA$!lgE>ZQ%S0O$!#j+YVh7%*V6j>?>dtVmR
z`|(7qR!Wey^yY--e%2MGIvh$ENIzj=Kn^b0e<a;9{q-y~evZ>HP0IG5+WjGlYbvD$
zn*?U8PnK*#IXJcQy(F8xYvijo>*=>^=6k7z>gmglg4;M6e`obby+HV5as5xbxc);|
zHlG6|ZCphh{cOvkp?}mumSd^tw`TNMF!Y(#x2XYZGat~navtth+;NktNQx@Y`xh-r
zG@~VztPGjsn(|rwj^ZBf8PR{j^86{G0hXcBRmtRcTFlEEROX_v6Jsjr`1!913W9H|
zIWAZd!1s;X{klire}DOM=rpN!j35aA-JGfjPb*Xu;eW4O6%0V^?c``$`;9VqiWUj0
zO{Oooyp5|cwe?!_X#L^EE24jm)Lgplgdsy=KUq;@qVHMlXpykmIgxUCyHC}s-A#{e
zeZkaLsEeO?_uEEP<X%H)Ydz(Lub-1wxvUCS*Sl$bCbWkmwHERU(bVO0qn~&Q4>V!6
z&6Hl+hu#g|k44!_+cwdVmhmw5(lsqgP`BbYr+vk+Lg$Bk-`#mRH*v-%8erHKaxxG3
zm28WWrfwm32YzcSkC4-p-JQymo}WM$V)9X&<D`;2K7TwV*L=k@T4V@$WpTgEbAFS!
zC~QZ-6@T`a9E$>al+c`H%s^*p4zoe6AfU5-D7HrqZvI}UgG84jeBQZIUGvh_%i38L
zP)q*s;?<OVuT>d+EhAS`<5zncp7@Xx8+CN|un@%P^Zq-arR#6|9Da!j^V<``nhEZx
zon<OszGLg&Ac>YFg%7vvzr0jG2+5&JCoKs@W|CAH_4$p^`a2~rUtPU>_2S~@)ywDP
z5Bdw-6`rT$M%3nFkHTXU6?DlA+qV;B!i45^i9o>Cr#ZRId1(tc`(?i*6S)q>R#dgM
zdcn&Rl=Sc;>d%d@c!)x-s}ddSbkco9He1~@UP-X!RSonGI-ly_@k$CBigRJ@G(;3w
z4o+85pH7da5J`G8Ju-q=#`R_CC93bHx-)KtqUOe%67rqNx$#SEeC{UdG;mJq>Wm#<
z2=NxMTU9f+v%1{Tg5PPh!o6+Lb$6nd*g2d=4Se@{|9;?U9MB70#7g%e5vvu}TUlCA
zuQ&)t%Q^NNLzuG$mp;s0vChrB_sF*Rt9iVoq1vByrkp=?0n{4cSA&Wo>mpLpARg%}
z?bLSa^xdnAmv3H8SLr@1isk8A@Z6s{+A0xkUNL*e{NU88(g;I-naR#$Db^wri|+Em
z1192gER-;z6E(y8t2O0vh(=Q`&4kn=v(kLIjE;f)#Rq<1p|Cw0A^*mV;lY9mc;(Wm
zGqq;LietobLt6CfNWGHe!%gtMLZm%n{bFW+f%zaCR2=Ebv$>mVYo2a0!F9nVw!X@o
zXAJPE&0X8?yUlA;kFm@dJ08BBZCasxG0+|catBdavusnBy3^JXy1?2eh4z%J3x3Bl
zw(uDOmporMI8iS8ltyH08uH($|EsfedkMq&c>CQAl%@rL@!pD#>WF7c5Hguez@&8i
zvyz$9><RfZ)87|RYq#J@N$!`z76OH_g;x}gDpoYpZ=Wg(O8&&_u|bEc`wvUUq4#(%
z`FaNqZLIB9Ds*<_G^QAk;q#Qp%_`&hZC$2kE;I}vBkB)k{}zn;vw7RM!(KaJZ|+|X
zvND4~S)H>#8aAPWJzQn}@naZWKw|%eM;@Wt@4<7qOeBwExbSF$+veo*`o;BS(=W1P
z{B%SBwO2vz^NaLdrZAer$g0Vbt}m)``I1Y38H^WDw%&AdFt8S`_C^q{Cfd7EYZ@>9
zcyUE&rDm_>K_s@ga23<jYs}0VJVO269^*3<9%6Kd4WDoLu>zKNTJGS-^3&8k8|=sO
z`>#GgDE^)|4V>tI72g%ldC6%hia~yZ##`2eQpr-R@PvUGlLxbH--0pka=uNl#xMsR
z2<H4US6WF3nz$MNd_r<|ulvN!`{X~hSrO`4WWReJU7))z#%F4pYFkkv@|-21vaoSW
z^7nYQ$N!$UETuTq|6S1xr|<0{%zVx1kMCXMHPg|08QxlZNhJf(UNqMuD+`)SwQfy+
z$&q$)9+BfRS$q9^2hV}Ys@xS<u%9=$9ItH-jIT=vb^^k#j<;y(=k5Bq{l9|0k=I;8
zXili&Iy}s!E_@1-+m%u}`T9qirp0r-gXdb3D!lR=v9)#}jM8|qkIT(kSM#}faRpQ)
z`S-8RK$3g<#aCzE#s9E*Cxb0XAJn_Jw>UFAwzv^Pti}XV)-{ILDqgA&Ic&ZFLrCje
zBVJA$V`D$@*jSU^hKwnC<GC+Ey7xAd!%PqSZ~xI6#NQkq=B0WV{&o;WpZ~qDs}ptE
z_5RJB<XsH~zJu31aBirIPHO_cFeVATe0%-l>x*w*y@q+i=oXJfvRrDZe3!V#_*2_=
zzJkk^$2#rumb)$|Z@;~6c<Q!1a{U&Rwx@1i)hVC%&cFlNI~`cehLWl#1<Icl(}%Rp
zc?L{=A$OD-InGANb2Qu$6&5V^4z7!u(XilB49UPe!sm_5qRtO8pF**J#rT<&F^Dnk
zUH6Obti24r6FrVy+5EbzU}7AH>wFde^V-xosrjGhSm_Klv=4Vza5Ql=bmi2G>fhgo
zD@#)Uguh@Vk-e<Pio&qyQ2R<d`M77gLJG<DR1zx9t*gV=+$`mX;LLl^HF+?;ZQ1sp
zgIS{9N$J%44x{shd4}CHJ9CDmC`G<QW=+?NO{e`8Jn;f^$}*n?#S+2zW$Q|UO1k<^
z6uEIKHC;-3oY7xXTKyqS`uiT$bvhuCO+9Sp{PLxiFij?!)SHY%>@u>w(;oarPcL8Y
zd@w~(-iu-gNJsOPRs@ayTRVxgUmN+j&fYbgy;eoJzBA~Th^^8(@Cf?-AlC2JI)We9
z(cAr&44^XDYtuWLolqI})<1B|58yfG1#QSs3s-X-3PvmEEIl+AF}>NDlN3Vzt^X5E
zCSsmO<2}~S$TGDmB6q8EXkdl@aC<B)v7&1%bWT!npWo9W^^`-7N^`)C7=p!YCOXvb
z=qmh5*-jam@e(VGVVqs*>e_x+NnSf86&q13Lx07wi{(TlCCyCnMy%cMrF(XEhPKDE
zufP79K;4p*C4AK;Lhz|)=jT)Me=pwnLi&j=2rCh>3VQ?#;u4l8<bPd%_qHwusQ>CE
ztnqWz9<kFoB`=-uJJ;4n%Vn@GL@r7~=X2bFrsARI3<hw7FP5gnw%TJE58&T|IR)*)
z2J;5PEa5x$CV?TGkc{6lGM7+X+n-BfP=pI6mB^paT=fb+RPQdyydXq}bw);1ZEbpp
z^kFt77<5e#6G)D{AaEEWoP3RMURkQR3>rYDW;`?#`2tog;2#lgun|jb7Vl;q@Yuvx
zx<DrOhDMaJZ$?O&_gt(ULT92XO#}n}JxCVu9{`F6XDIl_usR+C!0Maf25>zz<&zV_
zXtE@?Y%>AY5JeTC$&JP0r5bFb2(44~`^A7+BPRB_v9}=c&q@2DQVW8y6akSucdRtJ
zE(?TWE5$<pj76Iwsa|enrKyw1Qbk;Dk0O$)9cvxlqj<2sj;q}H#*q00>_Z5%l1wMS
zQ&Y#q2_#zbBy@glM<o!|6wOYsi+vIscvm;c%4&_>g)lHRS|%mous$nV+%f}zMzh#e
zx>A#8u^_R~${ohEDjw!0LB^LeKblUD@M`QxoQ$F|sM<v12*06giS;p*+zpj?1SIg5
zOMP)iQYC~&U>&+`ms&#uD-HG48Pem_r)fxKkDW?%tRnH-JG*@Zazq0d&Po;oXp%k|
z7oC(EwPje56Tgsa1=&F~qlDf;6s>?95P}C0^$N_6P&|mJBS2ryfthqBDi5OR>OJNb
zfjY`fNqP`XN9qnp)`Q6Ur0|xcJ&3MHDvzyaNCt@MTf^F^7HP=!-fm3|-pLKMmy}LN
z+HFZn0cBol<~b#A^o2KY^H3!NOOaKjO;g?Z=EMdAGsR{QZNQMMZ_~lU)>mTuC9Gc^
zenAYa#5AN1lh>!*ZiDMD4XeHsU%7r*pkL(ZK5#f7wxL0Rkz`{+2eA#@k47NgVV%sY
z2AayI0yQN0$N`FiC>{;Uj}f<ZG28*e4w;3UPe*S2eX1xK1L(!o<v?qK^Jb4d!Fl47
zwJ2PoMZqmj`?4O^4@1PCXpMe%<!P&H->R#!_E1G%8}5RZLYtNA%eMw_j;3g0Jb=+W
zph5=p0|Dvnwp~RWZa;Dj#aq!D6W?oW!h`^)&#`zL&2xc8wB-rbl^sxYj_BJ8q)sPx
zrf@ujgJj3u>gp2bei&LyvN6e;hM6UqEZK?<ma|m*R;|pH7BBA$UX~0I6j`y7M9hbl
z0VNHu;^VvX0p<3v?OZf-Ziceg)LuDB{%ErV6+0WM{17K%%UaMBv%kZ&`#{q&yeg=Y
zG3`_i7L*4S`y_kUFf?sHi%f?l##mPdt&-0Yb7I7vp~{ud5@W0@!)PAB{kTOl${jg~
zWXKW&Yc+^s*b?JfR|b*xSYo1mn%gv^e4K+VQhrMeNh0KHxBa>-F^+g+Zq0^OX1Jll
z&B8IJnL0l@BKEM|v@^#VWkk^cK|DH|PLGDHj>VVJYFky#C;v`Zo`@7TyXto_u#-wi
zuWbOXMGM%Zwe<`?F*v><1KjCqHBmF)?kzCaVzNbM8BjadGz%N0<>fl6C*v!w0hSay
zWpbdO;TQ=_lXZ2XiA`5*C5p|7C8+*5@M5cbqp3Xsc|56#g5_nl`M{F7oxj*hvTkcG
zs70Se3z?O{2Fs6gixw_VYIBVGmF0Kjjuze+`>wXLaGmlyE`>Mar>oI?^WC7MK`;+;
zC&u1<dxt@`7V=t)2xxZ~Rk^N8eOC=$O3msFMv^_9Cstn?Oj7Ar=l)RB?Y5?6$%_0r
z`G3cM{p~*|Pkw)V{Fk%IfBfyY$A6u|fBfdj@1OkB{LgQnJUKr8%b(u-;pXbq-}sY%
z{w1$gxA=emJpK!N^|weOPoDh#-v)NHp%?JHoQPtAOZuFYMRXhrHZ$G(o$LDQuOYOC
zDF_6V1jX(@(81kJ{R>u3>FeJwqWukbw|p!vlmWysG<TqlSyx@_HZSWxrnL0e7Svt+
z*euJxM64RZY(!EW1Jyp^K(%XKZqQjRh(8<B*N7-Jj6aJc8XKhsF7D{9KSrsA+Zd%b
zMyZWaYC~v_QEFq9+8CuaMybWLF-mQWQaeDD8Y*oav1*Zn(-?|%pxVDuoSH84e32xg
z%F7#Z%OV0$TDF8O3IGGxwk^ci62SVfP3~bs*l3k<rN-~D$IPoP0B@eM)czrIi)n6B
zs?ko#1u0m<*IeBn00{)Y<E}FmAY+x-QnGBWtK{WwS?5|Q*2>`?T}E+8n5t~1gm%Gx
z*8b>NhL7XFaeC8;8iFadLm1Xky5<@m>>>CRd%xxdZ1!uGh&<iJaJ5CF7MZ{u7Hwil
zD<lKiy)@$~FE=(KOqX@1c)o@$%!RDioY3{U5Hwjb>GV8Y>91}YX2d2SXVrq|s1yKY
zB_(DXQizh4(K~2+i0-a3pHv@-q=+J0S!@78OX%)6^T3^h5N}!%S!&>y|NTtqzllEW
z>W%?G$Wo9jK5jtWPII?cjZb{>C0UB9kkgmLd`hJt=kO+)l#G5|l8jMVlJhgN;(4V+
zmnedc%JS8h1CC+5vJ$VR^eQN8tVpG`6y!RwhB(-7Sh21ZxS_AE;aepy#RG7xco{!Z
zVviPBA|DKk@<Bp>uf%Lq#=$A+XPY=m|6BjK1@YS3@9koYHNtDpOEI#_q7aoAl%O#d
zc-m;l#-orVOu`-dvMyPk`+bx^C%8lp213+@A7obK7cBP|oRE-+U$6z2<)E^z_(F4Y
zN}eyUHr}erO1{qQ?05(9&JfeLr0X4_j_I8u`WM1(uPOI4-(%YcmX}zHtxy;7nikYf
ze<D^ZDxaVehR`H%3u*jHbuSh)t7pN9ec5+&mMo{a*LT`PI)}%JxX(?k7_9f(+?6E4
zWb_S9ZdsmUU3ZwAbd%GS1}C=_uvyxo9f*`g(=>wU7+f<HtM;9#N)7<^RS$>wk3`dd
z!S50lBa14U`wrsH3$M2|46~fhsQ~_N{l0(!PBX<;{Q8(dk7{j{+2#<XqGQS%<I(AT
zz{^g9_iQnXLmN9PW@(d$y`!m+<eN++x8x-Qq5YRAd|b@Z!<3O5i;(>b6d@~Sem(nB
zDnYiQivima9=ApZIGgwraH&HTnQol6&zItUQi@3>*@Syz-=YS5%Qg@Q7(HbDLPPf}
z1sHkZcO`7R`{w2MGGsS$#OhO4CZ`EoFHbe~-I>vWr)MQ{UW#HsMRxNB-hzq9GL7aY
z=HvxiFD=Qzl?e_!{tsJyYAr;3ft(}tbn{rjFL<h)jZ@6Lpsycd8h?qh8HX;u^}(j;
z@I}0i8dbd91fXUaE=}66t~#uXT+UIeNLfn69V-f+GD$3dsyCsRWX`h>F}q_Wu}{8|
z*dTrJ2o%N!gM?qU7$i+sJdhv#QLxB}I$%n!>iw&^RCm?LWI{7``CXJ&rk`ypX4m>h
z2SY!ghV<2O_><i{Bo}GFqhPGz(A0>WU60W6`(D}$TC#f@e`o9G-O5a@dQ4`Qc!zj#
zbxHn!r1q~RQHT=7&zE9Fd3+h!_KWSJJF$bgvUG?h<P<5M^F^ifR;^F|g7E!YBGIP<
z-@i}YQ^zi6QVi<qr!mV5myV5OAd=;hgA>q+WdTtN;*)KD0E$(9%j|2h;JM)rLVLOA
zlzZ`LM>*(|mxH9tUgdO_`8}=84Q*c`-)3|{82ry^%BA`@xxRi4o|GyNm*mxn@0$PG
zj8bF@`=3>0bc2dBIPVair)mgHHt^&06Tx70YSV8p*l5Pc&5|d#SB~>U6zaF!`6=3n
zGvK|beWr(XHN<e>ykl-GBbZ(5S%SY&DMi9*C_o7I0$91~Yb=FpZ2!@LuoFKpl%qOs
zVYB-B3F>DZ&aKOHGdFt=2KUvVdVcjQ+x7g62W)_!$mE*o#WrH6F1T7RcQ}&Vsrjet
zKRmd%Nehm>f43KQ{}Vp%L|FOpCd77`TUw5F{7t);fVZs0y2^Y(Xj`Qf_wYa9_xEu_
z?NT-8$W6@Y&hCmrzUs*4im9FBr5OWs)t8{<CENnGIs{l%6gZWsof8>&a`x4iUj{4f
zw5#ca*+RI|PDeIX*bf;|X=h0G)Q;Iwhb^@e^e%K{pkI13&`oZ6U_PVr&IjgV_hy@i
z^T_>l-5m3SW{(fZ8F#b6y)<Jo#kX_7gUi*IA0Ej3_Vd4HR`_A6lI&WGWM~Dba7K4z
zrgnT%M^sk!p>nYYgx$vFT}NkI4?v>y=2-XSO-GPD=w*!U0j^|hLoQ~_c8;0X5LRR}
z$2o%Hkh>V}+X$KmzLBx*mBl<PcX>z>KwJVqbawI(Fimex@^+qa1jUX_<Y0Dj1X*hc
z7?e{S&FJEC3&L5$5t#=EOD2fRG#!{<T4#>>rJLd94~7`i2N^Ps>UTQLGX^&*C|>Az
z%o<X?6p9Bvuy#!1_G#FLfL|58qDGgU?z`)j6V?8_V;%0%cj{@MNd5a?WfAUuym+#K
zt!a#Lz&t=q6SJ5K8Nhw*`MbEfBuT*_bC_mwN;>dt^mKcvYH88PbhIqlYF+ww$>_xU
z<ehj2aR@A{70oB=1cMvTxmCS0(7r^bM4wf>TEX%MDQ#H3J_aO>*0=HjeI-C|hxtM2
zpmpjKv5uM@eX(jgf}JaKz#Z|!HSUBs2MXF(kiA(`Xrfi2qDHe!+{<7$-HTkUyBeQP
zC!aC0;zc0}?agtA;iU<YCrVFb1*%4cj!(E|rQRa2{YpV-j)_JgTY(7-h2a}t@r*6$
z9T!!BluJP#>pwkKcjZR-;k}Jzx`N~eJDaj&&FpT7FfymY80IGIJ(uMcIlEj2F8_fg
z#yh!IckK_}6tm_LaNlT3j(6Aar(NYnjdFk)oF<v%myjL(a%0Fs`>U24t?xhM$>#Fq
z@R$L7&)h!J#tW$5$v0F6*x(zQ(*+tCj<2u2dGkc=6tEs$zHED-U1<wH@OJ;S#?}-J
zx_!6ae1K^<K<1{oze1&{I&RLZHedw?2N-M|X;?_i?RmFKZ}%HWI4Gd*^==H-_k{_p
zMaLh!H2ZBr_iVQPnPxdaFwo%a-?JHJw&y9yc+SW?qYDUW%F!UF7}G_@igE>esUwff
z&x4f|k3}`Rr?<0bf4sT5B5PXE6)RbR25!|;9|ThPDp)d_GGF>wqc5*@T}S;EZc%ME
zrfG`I6*^ilxfZ$f!N|m^QQA#;&629%<pz)W0B03QI9S9~(U}-R6U{JiC}E#VYgFX>
zT(VMK5wncuxBd$%QsYq%B;`#(bE)n`)6*RWdkvH(mXsZ}9&SiO+gil-aLHB1sAObC
zZ`B<h;7U$9v(ov&PlfmqN|ppv2rkV^pr-_E8v&xTLflK(hJs{*rsS#+D^@O9C9U%V
z^;Wu8VgL<?J76L@%3N@}sG9~O>VTxIX83;+L~EF)>yV+{DD5e`W0~6X)0OxK&oVj{
z#p0CZlkcxlh5s{~ohpi_f5h{3+PjX2*lzFjkx-%?`XYxofz4L?KNEAZ6rG7Cbf{xR
zF2GsH(i#XO7c%Gb`NK_m_lUfoV|nEbl~gy{W52LDA#cUC8rVUW_FHvL?6asqV0$&A
znL9TBYNDwlWjO|<sIw*tz6j-m?YFj#fj#`9zGQjGC3dZr3dVhqrT;(I*L70MPHX>v
zuCFIfUQE6CG|P5h`+XLz*`xiZDZ;j>y8A_>ScJj-a5hfAFe>eoycMMe>Ck`S5)6Aj
z5x}a$a6jI>zMhglE4lOL^)*V2CV;69ls?hqJ!FmLL}whNNR-`arzY~&Mj_l}N%Mt2
z41<zFWSNqMt944t+MHGve6e7KPh}1}9Rf>KW^%9utwwkA`noMdd+zYCh?=m%gErOZ
zhAtIX_d~tQ=a4XAv(7?*rqMz(R_q^e{%w_ir)0T>={2sJFmPf?iv{z0oE|pt>!yzQ
z!tz@O4fu*f82`AvIuC*w9)}k`V5Z}7!aEB2HG?+lt&ND^5yRO96FeRd{7~^U(GZ=x
z;)%zUB5O$z;NA7JkdKE+G=pF)%K(6<DT%Ge3lR|j%WNp!GH-4)wvp}pYqOoLDgzPY
z`PK8B2=WPEFIjP2@zS3%<sJrOxvT|jq(UT+0nVgkvOC;>zTJ#Syz1fe=@$@L%vS4i
zb3*<gtc$ftT&cOCXyJ=H$}><Sw%<)fQmt6-<Pk1}{gH<BJafz!BBS{Nw5|2+;xs8X
z>r$MSnLPb`eY=<>B9|r2OHZBQV4}bP<;xeknPi;h<&O#7MY4Wzu_ag|J@;pyTGNDO
zvbY1IT<*3}E*~$*5YbUCALa5<E+5%We;eiUPlo5j$mJkrT~y`LA6(Wv4%Z-Aku|#G
z9dWHGh)p5w)F*oi^1^li!+|)HQ}Qh&0)nHdq&x%og8DfT_K`)%&o3Gy@89<k`#q_O
zJ9bqAU&T)2t1MIhoge`nn&Aex5^!OYS1(@v@s)41G*9J{-m(+*!rFF(h$3ah)YVh)
zLrn$6L%C0NiJD;bt;?6cylQgGHrIi>H*oJ7>%Y3@4r}!fUbhc))$VZ3Ml$~J_4+Yi
ztq+hr5jk&hm*wz_60X7UZiu-gV=L=~E=T{x7<DP`av`qhd%bv(jNlD@&sWvTH8R!k
zPY@QNm}-q6<G<-{USFR-4Y^mn+hoP_fdk<Afd}x#UIW0Z38jY@!!3d@L|zsmYa!L4
zEP@<R7b}9R{m3_*m5`<GPSG+fo{$EIKa#D7eYPTp3_?^E6{~YuEW!GUJ|PqeHx^9#
zgP`?I3^%%Bmpb<xDqXn7)f2V0e#2$>82gX#1gvsBf3lZt=ieh@fjj=#^9NbdvTE&}
z=H2o}EnLB{sN)Q#Kh>|9E60rqCP`Mwa{E$$XDXI;-b)K!F00uz5i944I@REi<>qvj
ziP`CjD#Gf*DhocVN>NCRsyUT>F`-4W<RweWs$i#d%_oV-@01)Zayeb4pUX8%CNxhc
z*!Sjr(=TXHBlo>y5KGx{&YI$dC}~FWYBj?>X5S}kkxEQ_MFGgxo?P)<&CW*GN`2C?
z>S&-a*&<v<O?e2M!Usm7dcu2Dge`F@sR|`=z^-7On*#UUb_aXK*EY|>&bYZnm;~W`
zuwV!aC_^ZcHqpb0n-xW~!-iNF2M9@}8I>5#41ILHQ;;oT(>2((ZQHhO`?PJ_wr$(C
zZM#pq`?PKU{l4G#&&9+{MN~f6l~+5SipsSzSN85FXsT@0Wi&%j6jq8?<Sqt?e@#Q$
zyj(Y`EIN0o3$bR2Cgi$L@_^lxqb4mX*OW1y^0PTfK2?D!pkBJ<_fF<_>|U=EM<l6i
zc3fgR*pr0regzz3U2|9}?Ar9K?zAtVQd>w#bLp&`y{9cLcQp!=yr`&;7D)}&tP+Wb
z<OR`7>qL0V`JTT|%70ZBvv8Ab#Xr!?jaLuOeY1?<veaY@>V30q=VH^J{cu>o21pZ8
z-O8R5a8X!Qv^#HX_V*ZLkL|+nHuw0TdJWz3fEF=1qIU<0>u5g(-OSZ)b(OKN#b9r_
znx4p~;VG*>1lmLOuT=3Hom->B<ScSO59Ud=%*b=&4{=_8CcS&FnRNeQQj^}FY^M>t
z=rqZSCB1xmXM_CQi)_8vs;x-W2X1@m%B02g@&AV{l+*~OZd5#}tY)mhhI2Dk>!pef
z)lU~%)nyvO<xG=<1Ph$lkf?cp#<9S+%AB#S<l2zMlN#l%)Mz;3B=HVXP))1j5?w2t
zNjP?#co%5wJjx`g)-1z<hFY#z=<X;HP(AsQB7zIGJ!A{h=oSLcMe!?GhYRl9UlL61
zDtQB=@2_G#Qu%SN#Pzqnt7Fyp&yx8UF1+)_SmDP;?DnE>A?K5UjziZLa(cRWk6nTH
zEe?wNC!ka6wq9ih>K3elPesDd`;B-WuZnbPGsUrmQt@rvgjR9u=Wb|iqp<hk<?nT2
zHn-e2*XQf{@B3G1=JRr@OppKT@^i{;ZZ?<i>wII0o}Zih=RK+}&sS^~?(R;Z%2+aL
zZg$pubmt=%`s)iO>+6Mlk*_T^EO1AD;ax#e?X>z2gGhCaD~F&qn4<Hys~g+b`Pt(%
z%E`H>X(Gy5#g0CYo(!@gL&4G6O59b>i#byUPo?b99HfrZbFVRHsyll~-z@(2J&%u^
zu1X_HmD@Xv;3#-FcU<&oogC^f?kGp@GmgXpWLlk0qrs<2G*W$_ISEBz%je_9#>=0V
z%fD#<treL_s#BAf)IHfKzNsqsSJ654A;A#!{7@nChx5!AVj@FsF_9L41n0+3h|3i1
zJ5bqybdg;G)mLS3Ay3QCeWnG|FGm%02J1`Aw;2Ug0Bm(v+hRuM-doY6*<R061Yz&Q
zBj&XbqZzVPg@w#B^m;Zys?nGldzbvT=(4@@bN|fc@MN_|{YB3UqnO#pTnflUVR|2~
z+OE=8IHakA$CQ7C*5|844le-@OZrJdq4A_q&A!W7lM!4*HyIydv$lj%62P?+$U53E
z;lWR1v-MR`OuF^hPf^_}0ef!?ISNOIp?#t1Z$X$vnop{@Q@N$nVJw-LR|>9+cG({-
zm`klWsPdUDijCMaOV`2}<)`hc3v8>pb0p8^Xyq(|b5aFlFaSm@kq!jv{E2&KT6bNp
zT7NV}%^9`sWCAn>$aP=kdms*2_Z`LV^xtf*?tJRho_yZ;j4*8g)+NV6GB#UCZL$qt
z_bruLPK`Ow0^)_>xyX(bqB@aERUq4GK!W1L<SCKA4K<d}O)*9p*`u2kfSPBrC;qMP
zo&gLp5Th1mg1GEU<f)ta9QSg<vToyxv7k@aQD;kL${;<Z%noY?;dj__54yjk&MqOX
zO5v35L;|@jIe|9hkvlkX_gp(cxK>EpmwT}<dE6MxZBu%WnwCNE6;87_a-0T~Qhno|
z3^fsd6y{)#pn{M*Jl71dz%#4fU95l1zvIEk2pOnOQxfGk>YP5chGyF>h{^)4j2@%O
zM;#Eyc(r#%zQB{1n!+3L`;o_}x~J4%nf(5s1%sA{v($MP7ur74w?ge}E_BT9t7*`|
zIZot7MtIXm*X($@NO(3;{_;P^{Z7H`DLKWlcN`z5#Caspk8U+HTmg_wah!yr8UaIs
zFe+vrDZPdz4cRWR<@$8u*Z+WgYo#7?_sYe}`ULUH{IV$*1~-A5rms5Bk>IM<R$>)?
zOaR4f1u4Q0q=W!f&}myA^|wMk&-G25K%8&NW$u+@ydxxvYV_;mgm(HnIWFAeP}iO8
zszu+$?tVlzw-Gxh92`gfMp|P{CY1zBHI|B6h(2n?t*;<@wXE=0;V1-Z15QV&d82IC
z(=Cr6ioTV%D`OA!Ox_81ap+s9(uofIAl@`|+3yl8rmQSaXWTu;M?xw)3uF}m-rHJx
zA0UPn5MHNeJsrnCDUi0r;S{^f6*XwWA#%dOr|#D)`wBZxe?jQ=?0$}z((uS&m^u@f
zde;iclnPPE?+YsS`1EQlhPf@zzWlA$EQ-Z{3tb3A{Vq<kD?fsS8iZ8Ef|+Sx(y*s`
z9-_#txS=Y=9odfSWsE!AhUjTVgWHz_1@`XR*%@+cV`gcU_q3^OCf^SH$i;#ocK>>G
zT1xSOGO4XdeklyEoAF+%4G46zAB?tXNX_i#*8h-V(h=<F<y1W!IkY$&Y1;jaL6^U2
z!#h2wAfXoOdIomDT}nx~(8unW9e3#zdz^5}sker3yohNx>EJhMpf*@ob`enKk!597
zqH^s2(?7j0Tgu{#9JX;BU81C}zXvz$Xp>R+y-97ApoIpBmr7!wbgwxo0|+_he4pbQ
zd!uYZ+kcA}ya8+KtQh7z5Bj9Y*cQaxTK<Nm&37*_eW`y;G{lPYo}mtMh&9`cv3K;n
z5LUhA>Tn<e^+l!M@>~iVdh&~aC8FL`@|<|UJ6eC>bkhuLg{cTpdh2|a3t%Zbe$pOe
zO3RPCq>x0H&|E>dvBCxf5>hA=hrseFos*aZmfowlNPQV4-f>E^Nsh|#tN(QADs4mw
zA~1>*O$~o>r``+YES77&x4y~2%4vrwTj^y$CY|OGeexVc^ZWedqJ*Aa|MFHH6#ekH
z?3w(lb4kXO!OOW+&BMZ*K%cTlB#4@$U;Ym1CLsxMuLrrr4Gm_%V#<9+hCAme4s<d(
zZj1aFNg*W`E2@uA@1+3L%^v`S>1VZhCv0M_75HS!?Px7^!y+m(=~t^J{I$MCmc`82
z;>HOPm^0I>tUl1BBefQqjYNKO-@A7k{BdzVj%;sneP7QLzx2eF-!Au04%bhQ^S9UW
zXPdKMn!NAN(XQ*$*gi;)Q9YtZZ}^sw-QPBZX6Rs!PF*vIQ!qX&NmFY&o)!W3Uj4<g
z2rvbn%<PT@eC0O!?IY(AWTpC#z@Ru*4JU-(#v0V}&b?qN&;wd*GXb2y1Zlm}zjd9z
zRZQ8p_|TUZapM@rH@=w|yP4_Se`bXn4X9&STUPmV3@`Pkjy9S4UENys;v<={=F6o(
z?6LX6IKJZ-iq0B_Eoed}@)kP$<E`5DZx)nmYtQ|)%4NULo$=3fabzW1beo6@^cUnM
z$*yO94DRLpOH=!`(LTC<Bzx2Oz9x6G(if2#nOO;M3UfP6s&m*@e2?V!#TSKw@jNhn
zjU|sANk64NgFh1{kF)la>*Ly#2RGvebbiQQF%+UONaCX~DCeWnJ@e5Se_Y){Peu96
zUVQgDZi;fFSV(F_v`oG_vez@)kb40g;vZM3YAo?JWpNAxfx}R50C9<~eAviBR&kqu
z3)ivhD*=ss#|Xf7^L;4bB+!#j7A1rbx<7kq%E|dASpH~1YLH5o!Ros6e9a^U`6F3`
zwiv!4>`l5o{pl>42~e8(XS7a8qQAu=Js9I+WJTvdL~!Ibumf&R=B%RzIus2D1JfjF
zHdFE0_7EgfY-|PPS|j+H_l^s+RBU{BpUW7oAZ<Ru;9~#E*$}>F>HTwf%HVRFkM0{%
zV-(K*oR1AEo3-uSKnZakwm4|eELl@dnc2<23IT}OpF>yeUya=9!kP<U(B;Y{4-A*R
zy(p_>Y6d33^|5-ielcVZgw9<WT<$d`LHn%=C3Kch^D2aF7;S-N-r;PF_m`2Els8NE
z!ofL+biTzZN?W_Hy_*D6IWvW4Az<S^c)ni!DAxqD04b@>gecPftWqoJ13KsP(D44}
z=g#h(f0pd$?r_(4smwP6?TQ)l5EjWw;s&zVZR@$PT)Lqb0g9}ux?0)1okU8SDg(a&
zg-EkvL&X!B5*Fennn(2mv%x!a4ul+Qy(%x@dQO2zCZoUwp_wYpfo<xBZn@~0#P{dg
zMTEl5Zg(gGaJ`U-p3vvav1}eg(Y&|W@?gG-@F2YBq8L%9BaVC2GoP685g$yHA4%K~
zLc*0q=K0(FJ!mi0sGx@5v@O8`9>5M4+Md^b_E4}EA56!O-TRBse67KKjWK);n4!*1
zd^2un(~qP13w}%rE~ulA`TTo4*H`D#0v+XhpX2jqv77Q7nZheXVCqA(PtIaa!nqMY
z7j+9monsXBn%&Px+u-+AOp&>9WT3qe_)aUxB8nlLsUw>EFm7UJ`e*eibKz|Iep#SU
zpXcD^M)!tW(_arcFR^@spf}`+wORvQ2g(dXY<+{sjCwR0r02aiJkGRB@FFDhl#@B$
zm+P|$AiA)(^?>u=0zdi5fUXxfdaORPSWG`K9)^Q|`f}1CE4&BW{HB*uXig%$>O^rz
z4r|g#J9W#YOTyzeIVlq@Y;Q$w=m&O?&9VVg#++QlOt?bCWUv+H9LOeD+=eqFDSwV-
zA^(%u8EBas?Ynd@`{?n`p;f|Q)C`Yh_YNZSsjR9R%hbC(gIAt$%8}bNEM*sxXx$k(
zPohxwuDiQX67<l}jV^L403Zml+>Tv6!oUOl?9U;lN5$cfJtD7xF;JiEqzPf=NFygT
zcU&0;#+ow<?xJzg_Q%LzY`c?Cl~T3&1aeD#B)mjh9M-MT?DdCTN#Z|BS|xPy{&5|4
zg~0%Ncipk_FB(&E@x>d<{YAjTzC)CT8o$p5?Ha#o;85RB&1qj1XJ4TgSg8Cj5qO-)
z<!HfkWU?{$h8?!iC{FmeJ42)HbqxAeQM+h#?8A{!cSgPc4h@XD*3sw>eN3ZKEt_?`
zx-j-##L#}*f3?p}wqO0@dkD3WAYp*my+=e)&1x6tkhthI_b-8xzQMq-Bua=oZZQ^R
zskSA#aewsab81@$o;H0SX51cpA6%ll*&{YuYl=-;>C!vh7Eg}6CdL;Qv`~&05K+L5
zSaO~xP+`Lm=cXbk$X<2IG$vMQjFDof9JVf>T$VTtTEBP!v@U#h1@v~Q&l`Y&yUWbz
zQEE5~^DIuM9fNvtPq%QXUvVn=3ucz4EE6-+(`sT2;sV%0d1D<!<*<kF#_GpvepjAh
zT#aR}zw7Pih`ZAEdhu2I<Rn@~$RbSK3|O7za9f~3Jt`FbA@jtEeFs$WJ6n_+v2V^u
zH)E8W)-8%1kN<HW;coLW{LdNSNu#NNa`l;7<M-F0(^~hMAPw%dkl|B54SK*$K0EmL
zooWL{wr%~e)_G2H+xS~oEz${r$3ylnI)d|KW;Z>3>7xc*YFe;uXp4|zc2^okMsybx
zj0;k86ACZ^Y3sYivfJ<arL0!eQ@N{2Saq*9Q$DFNzatpp1FKOrrd`verl^gG{Y_NB
zRv?GtM&>CF892-cN?vzOezSeQrOmx!RN(5g8dCkb+RAhMAi?n@GeMn*HH0uM)jQZc
zL!E7tv{cFP0~JPru>@51sO`G=A38M!>9!M<t#bqC1C9u_cDK*Q$;~s^QZqH)v#WU8
zRBKa5F`jTn1zw<mJb5q`T9}{!3wdcj&vinepf(2%EIzRc{Rc5Id`wSWEi9c&hBGUD
zs~kZjp(hoC+OA(qs-a!A53|+6cH5G+I{8=#$6zudM4aY5D`iOAO)F4uMB4}8Fu5?^
z%dUy9&`zY%*Tst0weTUCC#@b7*={6K?v9sZz14zp(a_y;>TH4=kg}8IfKjA|1VyXz
zG-=0lN_)Wx!1>#uczn0wm}7!G!QC{y(?J{dql4B8``-*F{^PuRG4^`sBhv|4@D7#)
zWlBlvbcpg;dFfV&bsx2A4TeTF?^*Ur_>AmM`JBLroagP~M1`L{q1%vDILT|6+4X0g
zVo=Pz6Y5Si?w>vsuTa^?U1M1f!m^`4iCp@|-mjb9f~wl~VN@Nu2(1wAOhz4O26CF9
zsp7Embi3`}tTkUslBG_nDJ9Y8JK8NCK8x&lyvXzYsZT~--alcBJIV;BZy4Xt?wu|J
z&+~BFU5JYobNFEr_goCjLgQT(dCpYOe>UV~<)XdINI$|-Z#v;`i>soYE+C!g`JrZC
zp4rI|EMLoCXy;Rv$Zcg)3-h5%{obst^L$ciEEFe~iY4~(lUxW*W#rhMQ*bY_|0DOK
z$M048?eqQA#Qd^rW_Dtx=jY)2z44Ydmz%@u^S;tlrswPG`n`f~rsw?&B&-6<|Nj69
zWL3XF0(!T$T9Z_xkQsvva)V={5P4{T+y6xpE|Yt}YZ@;yB$bNGI=#{7(3eC|WF($a
z@N@nbONdebzgU7c)6$k7c-7|iThX7~vbl*UsZ_(KSOdB-=@Huf-^kvORMr9#FrQ^k
zG(w5R5kUux)M&(b;J(7}pefRflG?xh?QwhK@zdM$8v-hA=%Y1x(kW40^H~BLDFRR6
z<P?umuA~>5@M2E#MOb3uQGUX)uzqnk*m;`#6Vz;9$_MXT&!Wn&($8zAh1TXjaDt3@
z0x_MaVs8z9B_GpJ-z|=#<l|u+ivUz0mOu%c%Pz*J($llZ+z_szuYg2XOb@D6s-Cva
z_w8fn-2>aOKkK=qS)y}c_o{WV*4Xfljnv*Ox)g{*%8c#P;)Y5LcA3RLRosy>Ydrz1
zfnANtvCvd~lo3Ufps$5a_7R+B^Y+xzBP<&CRsmU}du}y~7B0l7?4O~<RIpvJrTRZC
zgwA|rTovacWneZE1Iy|XDcq0Ify)LZy0?osrN0#?s<Trwl-a-dXL6%^W+QiMj#O{@
zJdx&oBB_aLy>jP2<WtXBP3)@22O<1EwP&}uVdy`rO+c0(me`?1|5lJ~yoqmgb#@UR
zEHt8@FNeChrCfSIEC=2Bz_D4@Hgs+0I}W`qu$wA3BGVRE8-ZS9(fbXOy;W<JD~G8|
zjC=nJK_v3N0+nZ^BC|F)NbfO?JrDgUtToW%y$BKWQ5MvhUeQab7Nfh<w`80%%`P~k
zJ!V35t2VFFX^Kf=SwvC#h!Nw`{lRa>=FYd^bjl-Lyvl$UW}4qjN1;)@5d2^n!SnAS
z*37EJO7X@G6nRXkqe`2GW<_Od@`$nS>U<ubHjBbMSdOY^dd2m?uY$hmpY00wfa1P%
zbzXT>=RPWi?mGDdEA)L(n15zoh6VS7!@sr)Z4+mfLD^}A+_4|>0~U4pFx2ZUNF*<B
zC2t0jKpc!L9P>rmcR$aL$as%5i~y|lc#QEtXmHABf38Kj*2h#N2cdL(Y(eG4j*tyv
zqMt*zLBU#zxN6!r^R=Qn?xFB>U8z0Z^qEZs^J347qg&={yiZ8UVr#s2#h#p`u23oO
z-G1IH+x7P4`I5ty|8alkA3l4L6edX6{*@4T5w&w2u}%%F76}Pd7%;Cq!|2uqpC3TC
zIcCVrZa@(k#%z)izk1DFQlJ&{pMeQvO$?TtFw3#+-zbe4)fb=&6I*#~%;434Dd5eb
zitPc3l_AOck<gd~+>q4Q{j@fALpv}*@g-ZBBk0T+8qjX~3K;_?9gD%tM0=+Z8{!#Q
z8c{i{z$piLqYq3y*f8Ud(sb)SM{9f4oZc%&q9WBh!je}_vttk0Hp2!cXytX5rzaqy
z8NKm6hAmzeEY8_^j0IiQg}x0HMG1(acy9FqFf}D;L&)%1>loj&F{9HT`3rfr`0|8u
z#X+cpf^Qw^o3H6|$|-abl2cr}mEl8`6bycs18?31*?Pu@AMh*0L1wpb1uMA){0}p&
z{GkvF?v@8&wBsQP*8C(6rk}Ie_gyfHct6t(#FC9{MR&v)LBt6h!ijz#;8)Wpl@nwf
zC(!UYkily|t*3uVcl;P(-4Vi+6QUj`SPd?SDr`S_NMO<c;+VnR5rd5rCLJeK3Jwbz
z=ytpdkl3r8tl@6kCyWRTh7%_01XREm;`DG^FphXq4J05IALPLOx3N%A?}oGszQ!R#
zr3u8OyBWe^J1;Jz9uA&3i1FRE{s>rXyBo`pLF7fo4Jj79!rwrGYj%ojI9Z-zCJ7!K
zMm&bN2xkC<JBIxIZNktZW%dtc79xNUw=g8KZhmq%c7%NZs1Lf^fdI+Bj2)<SC-F8%
z61YCziy>N?=!Rel#pW5xKfm>TosCLmSl7i(iRu_dR;QW7mF4DE4>Uy+S2Eq|W~wNp
z7f0=K1Y3=nErlWSuo3vM5lfn6re)MrD}EOY`)8&pHhSQ>Z`V~LKLo0;Lu45O3h8bC
zzOPrFyMU2pFDjbwT?xhV<FA7G(c~E8f{Gvl6)%Ix&@$%GLStSrdZ0>qe_MYYb&m{)
z!i@ez_E%#D)*^?YB8o-c9*T$*h+GCDA__fuLh#gu@pOI^jbHi`GBX9r2OwSsV?9{y
z0RcAdd)|iCg7AmZ`BX>i!{}H(ej-EYL{`my+vkIHtr^101lN7P?^D%z%?Rx~((7_Z
z^bNl6w5$ZFuJmlbfUZ8SD!{AAzbwnX(6EK}1P`8LVVaow+^x`2OAwUHg>AB&XA*})
z%}%NS(@7+*v+&_g4|OrsF|pB0!ZXQGoaNV1bUr2IK4aRq#uBN?$cuof=S3t8P|wRU
zzd=fVH!DA8_er?Bp?WA&dzZn#N1DM><*Z}_yHs4W0jn<W?P_EdZ<>}~a@%$f<*r$-
z2Yjf9r9Pl@UC=nJLX5l2$#P4qYS4A5)#J9cx%D)~(YoH~q1KN2Qdp`iVk#mB2%wPF
zLQH;Sd7J*sH~aXW_7o7p5xvIyHUjGC-`BTz>U#;A?~o%GIT{XjZ!SorIo%`A0&O1p
z0<CG1g(Nh8IAZ;=OL<hgOAjQaG4WVD^n;|1XQTP<L^p4AYV1`t!|PE=4R&6hSRKBy
z0x5b!AYNxLk3Gc~oMrSxm|-d#0xSZjg#jP}UIQn9QHapYg0R(O7y(2AuC9+{j1K{H
z8Nj~mj}nP_Zvoq?X2#v?+vMs^(^rw)G|xX|2-HcYE#s5rf@50M-HXVr-lt1o^%zy$
za<sWMl=LUJ2#waTEZl>xHRhNR_wM49-M23<vcoAqidBAHmgoQ0s9oh>z3#_n9l(FG
z;`g8!itpdZn#W;aWr=nG(%}EZuTHI1dc5xNc~MwRyPGp~buKPSBkuZXO8+X)jXQk_
z8n$E$V)=++80hIUYOnqYZ~w5DSg%ey&yU|UeXUNr9z)f#(xM^i<6mBF9*^I8zsnJ_
z16Gmz?Tp3+!Y<*$Ey9ixX_ZM&vev9%Zu^zZFVf~ai)^LEe+0>1gMTm5y9)0SsCN<e
zS<wCD^c}zR-XUOa_oYuT+$PFs*<TR9i#Ah!3=smr%>o?I3paC0E?hA1lvIFVuv9pb
zBQRcX(G>y*9>=yr^o?M+WGECN3mt}%^$(Vo?TSz+T6T+fxt()8yd@Tb_Zrhd1;P=8
zcx=8WpkQ3EGe+UKM<`J?DtA#oywQR?j0&DxIDv3#Xbcl^@Gs}GV8OJ5QOXjoP-al^
zl@uI=4IGk9DBlh8fwfk0W0&-}Q#^@7U}2GP9&tGwY%H723xUNF7)oqZ15|wbp2d<Y
zd?6fM^a(eZGJfC+Ug)t%$W*X;Ngqm#ML{A9F4~F@Y>-2VB^NhGv9YW^Ar`0&SXwP3
zZ6yAc#w3}yKQ==qBB>3LNV3>OR`?=YDX(+HQhOphqDlm16f%X6(PsaB=Drd~&QKI>
z1Tw1tg9|)W46>-&ng^y5(b%*3I7z7VzjU^CXSrn#ZmGZS(x)Pb+jLEbv?a)*O?7|e
z%p`LtA{R{D>YL?IX7t~1mxxTbnVk7YqUghD@v&*vmM(QgayHr>K&D>P*+?8~H$uWQ
zb{o3o_Z~`L=k}QR3k*6${SBwSK+IiHfFo%>kO?m7p-`whVGtPko!470*y8}1o$~C4
zfll{8i3!g8gL4Dg1Aq_-0XIj?iU2*!Gcf}6S^9_CO>c`fNtv(MK7&o#X!>PC9TO?&
z8fyqA!F17Pn6T%J>zib>lWw*OaPs6QdT71Awu<yzAE#n{HO>D!X~o0&YAn)g?Thi<
zSfJ;AHxci<JWa#>&))B2t@vBJ^w4S<fD8bmfh{PDSsF%Kw>)Ao?BOY`Mx=L4Nj{@J
z|Hk$7*q@A(-rf6*JCscZD~vfYnj^(9F!ah_PBgBh(e-H9G0Nb1JB&g?NrSll`oM5h
zOgvtmA+}Hr8uJFOc>mRBCAM4%*J3SHi;313so6wri9}^ISEWaYo=l)pU<ke?M3GSf
zoRxOBcTAu3Dgt1-&xy;vi3S>{@c%XA5MqGF;();?iKMCnwRUgs;Po~l;l%VEAS!?{
zU3-zF_N_ch;^uUA8)R5RPFY3)2{<OC(K}N_oNM97Zw-!Rh*M1q5Ar}$$g)M-piGip
z-@R)X6y}<u{JrrdHAHwkT|1;#xPMOYTg~i&1kB?+cLNJb=Oi^%+S?mZKy?_trp$~!
zNVOV^MJeTzh(i2i&h@#-%CI{p;cjD^ey_SbUgaOYpZAT7kDDg?*<Ro0V|6`0*YD#d
zGc)--->1v7w7i@gzpvw_IzD1E@K@J*)yCqH-<XKS=*DL*<l8rN=KBNLB5&)XBL791
z=1@se&D_tYs&Hy}`11b=Yo<|L&;Co0o=F{bqeMc={!*lbE9$;~H$CFWk|v7YS3PTO
z8UDkN9^uK@{ov9qc0Gunvw6ws0x&Ieha$qzuiygiuf?fV7fT5$S3~vdFgn0+q6-v6
z(ELwObFlOO4r;>Vi}i26Vf7d_7gydnC#cKMpp<|uV2YfI<52Qc^uW_Dofg01Lz|a+
zib?;34?^kuGF@%A=-E+f?KYz(Z)L0ax=yr@bxoD|noWn}d1-|dxVLPd6yFgi2rB!%
zPZGi${N#49_F0{UvNpJ)MvLJQ;5@(CHC1XIUxTUc<$5>Kgx{KxpOL9kC&rbf&Xsv9
zej~@P1$SGkpzC)dSY=EmiAEq3T!)ZXAJ!LhuiI&_wufD|(OEA;phah+FB^%eDcM^5
z-(9tM-O3_7ySt@n;W+Bz-^VXwKYbOR5ubBElCe9Cq~-U~CF1hmrTDf!lRWeMb9Z@N
z3`6H{nO|PZW7B7Owzz-E7DSV@rKDF|6#QI`*MuIhluqxQ9><&{S5a{G3kf<XywDNy
zEFTXizbtg@Z!6dQcee^@dtJle0ni#<cA{9P=xgcx+&#BnJ7S1*z|mJY%3|=>GS;ip
zvBl<VK)AX)2?f|t$ySJc%D1aYeB3oF!2`HZ$+Qcf@W|RoTO&D-oPv@$N!JKurAIm{
zX;izvVo^zH=7>&y>YGh+w3KXtM}YMvD`J<p7Z^>?c`EDTsoYL86nf!&>;|Nr#7PZX
zDjjug<@P)Gn<`O4cw{$lr{qZWWXuz2JSGwwsn#iV9w420#{}|Je;bBb)Ubr$dEi|G
z{4&H<0%j}R5&cgh*dP5}>TB#zWa?21xjyM`<h)(FK&%Elc|(%>aLtX7k`6Ekw1thC
zHOX}4il2m}Io<W;mn&MhGtN?UPWOSe8qa}~*E|ivbpDwZoQlZUZ6LMN3%>5sBTV-K
zyPm8Kw=FdT+H%aT#ctXt|6X=vvPi0oCn9?*n2tXzzg99>+pKqEnajaA3p}_4ch<5;
ze2bK58MKY7DR$?x>5`Y{lk`^&S$orDrBamn6P_u)Bd46#=g)gPJ{P}Km=&s&sb6?>
ziKC3x@s>CBTQ|iX_Td(xQ>iBuetWE9XMS?ivdB&RAT{mWxFUc)OegLT0#F|jD7KYx
z-Dpgo@a)fINdD%4!4Tgxy5Z1GL{)0)>{n;<%+*fZXwz+^+sde^aUqueOtp-Yf*0AU
zdtOBDFcDEt^Bp0<{-$WDCBqbO$_zIhL`Dl)ml~#CerZXpCY5%eDcxhvxkKu1Xbzmx
zR;)$^mddc17$NgWEpgXgiGp?=UiJo6H?e_EVWh}JP(!p#J7R!1bD{^I{HkSGKmxm+
zR0maaM?u@SZt-#J6+b9VDS8s%Mzs4HIn@<-z!NhU@S2Wr06X=YZ`x^mW5i5?vrvHl
z8?lqv`E8THiuy4#-20BL(-yqO!ZS?sxAQJ@VgcB$Tg~(dc-y_-TK3)TGG*=IGpysm
zoA<PFaf|QD_roRLW+yDH_iGb#miI+(?H~qSe-Fr7X44(G)21764ExreT_3Ugo(>Cs
zi#j&N<YKUJq)><^--G;B<)U%EEmtW$A@8<(xXPRkYOpkl(%5iY@pU$_%)+d3?Kd^m
z!qE;o6tt+46(yz7O=VIk98&U61aCWKC)-JA3WTFdoRp%Ta)kz73bL(@wvN$xzQzd@
zS#x5vJtZI~T<jiL`2&t7fEH_8=z<IO1NW+`1%5R<08IcG4>J^o-)K@IP8H^L{wZIy
z4p=c^bGo!zCS}b)iPS{n8}iE8hsg<24Yb3U@;Yq?ZqXM6Q+}uqI+XGZ<s3_{F}SQ6
z%6U*{peh+!6x~t9PH^)-ICh<a#A*vgtk(6-H%<6UeG2_C^vlK5u&KnE$Lu{x_h<-i
zW#wN13`z|$b1p{KIlPyVLy#yfF_1$4HzrF6SE?2ZbgrLAnZSUBL7+iM^(7`mk5&9o
zHGJOnYGbAaMA#*z(k2T!vJ45^6CNXZSL_UWDH9;vOGBgm$D!K4Bbkc2LrQR~>{xYA
z7FhOwxw&wwEKU!2X;Fjr+PseIbDX2Jl1}rxs(5Qw@jdDC<5qG*k#E|HS<%RKLjXbw
zq|Y|RL+nvQYb$mXLvAmef>gq<HqJZw#kU76imn;X;RLr0;2ijI|8z0Jr#-lCthPwR
zk-Ua2P3HfZY|Q7mi7b7@uhA~PENmnGlj9L_jGGaReueON7DaWm81nvd!`^BE*cJ<J
zLwAUgQsW&-Ag1mrj2^wCp1;p?E^!jxp)H0ys5l)h^iH^+{}ErM&7_TVB1cXKS#2><
z8u!EUB!YAO<!OZTp@e;Zr6BeIGDEeb(@fw=6Urq(K^x-r02dwNhtBceSiUYLSkXr8
z66x}iWuSIqO1ug030@-BUmYK<2K?7N(Sf}|vPP|nxozfNjnw<#Tgt3LN2w$eeXa&-
z>QSlq6&f!$*X*cVFY7`89^;n2@8R69XWesc2K;jv>ZG$I<U+ccN|mZYF`g}omWq5X
zsRD!*p&@sZ&L+TQg{Ir`?vngh-cd<!YZ1XGLReSOrjq@dZs!#p-F$OkmM#5>pP@wV
zRQXFsPYJp=LyOf6G>TOgw^=*|a@iJ&waB=V%j@7o)T(eyg7yUG00Rtsy&C4+TcsOC
zN3mFgr2Bh`LBg!?CuBdl4NwvFQ0~$r>Ia+G@U+SbRh*?TjmNnbG}c4`$1Sxp=yikE
z`w*;U$O5Iv;2=o~!!ms<TmI~OVYPA$wZdYja<GOnPUEx{k$I3OX+@4iFk_m78bE>f
zohJ)*vWP;7>?hbY@(7ZRa>GXP6eMe5SD@DMNYeGzfvjg5jX)cX4J2#e3zGN%QknV|
zLClw0y}}PX^$}x$k<Oh6x@Lz(8e^evg<SW_VYikw#bfzL|4@1{Z%P#FtE$>E7^sd%
zVvDwSTy+?eaW&gz@-zAfCja6;JfsR3CIBm@kSVp1w0;yuRW15n+kYxRwXamx+AstZ
zp@Yab#r0wC^ka3=t3k*md8$acXxs-PEz0qx0TOE_8ShjLoZ}AaSgg5mS_xeY>qpe0
z2GEq5M|n6;K}6Q#9Ps0?Ng;%G194A`;scsREs_JoFwOsC%9~=C<|%+<m=G{c@^23r
zi*N+o(OKxM%?GfIWj>fUF}GHkl~K*Mq_DG5Nng{U`q}j}m*Cz4|3Qn*lAoBF0aqIE
zd=Xii4y`a4x~>m5NP6NAWjt%P!3W)LpJ1*}O%;38xzMrTpx1JjQwJ^BY*Ob3J*ric
zG+U=<y+vy35jHAMOFquC=+-8OYk#0E$7YH>ZwhP1iNA0K^am+XfZ2J{sa2No(8K;w
z+cq_I<t=8+rmRV?1&E+blefQgB$jR+ECd4ml$I6JwEpDdaUHvFEYxfzyo|lT+N>0g
z$DEXY^tpykUE`|}o;2@U%5vJQDoTkoJgukhz{3m9dED*_qez9NLsT>`n{g#C>ShJ`
zH?>N?OP3MBH;|&trOb<5>_Pk=iISKuxPI(@T;oXxB+Z#-82rO6_bsjUg*t=H@}-Zh
z@+Gg|F^<cpYPU#^|NOB?Zg=5(#pQjWj&V|;HHIm^EQU$p$X^UoqD>JD%OqbB?4I|{
zVO#)zxDIhCCmjj$&*-eb$+s}Nj7F4m8A*DJ1TQCpdA1xu$Ev=wtFvs5k*I{16^Ty4
z@mKJt@X;lRBQ(K+QgyoAyjIks2H#l(D87?<=ZX7t0j87rfuniqGCAV_92*8o`a(mF
z(xE-d$nCdyzsvk=%bPzYt7X@@EGXyA(=)@$<bvwVV%5L&Zgz0X;dITMQW{b#H5q$q
zD5evSO-3SS=-!UF8G8#?m-wa0r&?AFZ|+@E_q?qY?^AE|dBYjdt|&o}=Dj}k>U9K%
zu}H11Ci`AS)-}i-18pMxNG=LS!y|<pKXiHw3;0f15XI0K6N*+>-c~terLZi=aH(k9
z>G3h}$i1AZUDj{|DZChFdRRrV0R&VwMpy#QVGL1MCW(XsG0H_<BvvX~XqGGGAc@3K
zRx5IB)D6`?TO(?sn@jp>J?l)`u-Oo6(<^q}SQ5<!=bLQ$uz%AkS!s0f4HH5)>m|G*
znkz(bziFdZ`v=yZ>FZRj!iei_<}5T?!IUmf_2OJE6m(Y5YO(!fG}JHH;a9}+0!ZAL
z5EFE!MT}p3c>ijPfMrFG6Eq=W+Hw&M&4?R^B?J*XVg<Szf?ubOV)}Cbf6J@gwQ(PZ
zs08w5y6Rw!;vIU^WmcafriomYac2Uu;RlmjmZ(0p()x`$MSYaS%cKpeMAD`m{SQa=
zP+}e#NB=N(`m}W*s1}Os(MlM%Z`T9iu~j4eA9=NFV}Tf7Z?`3i1qyiu-t+iMbSRtC
zJhsQf)J0DQ!urL87wcm3Z1h)NIhKXz1S+>mkL8@jMiZ4`$8Afi=vEg(JmVPr6K{ar
zm@P^Kb1mpDk4-q<nhH}M4H1m3$OY}hu~8u}5-X~>GFFrcg0Q<gzpoc$EA~Rof6ms+
zDdIXF%PB)P%P9pho%iL`asM${Z0D0jwLIsOGryBCuTO!_`&)k-^~2>mJPpL;RGx^n
zf7&5fKT~y#V;1AGHC*|O;t9?z`(lrQD`~hr+;Z%;Ta=~X3b8ejJ)+xn?BWRc_Fu5Z
z@xmCs6-~lFC}nxgfmF^4X|*@pMlLuSQn9iU0rblSww>XUK?1t>5hY6CSk<CfZ4+1=
zz%jRg*kPu^Rp;A?W9~O;)#lM@S)MZp*IFu^%d!X^vE7j*l^mR@KPx9tPrMl16h2R$
zBk}<TKnj0F$tj}#stiovvUu<~Dkc*Og>NOuO;B@~$bqlutz-(_MR0)e>z9o|nI!=_
zq4{WD`iD69+0#U;ea?}Cg&^XZu^t%cW8X12TOAnmTaA-`^<&^gvKougFo3-|x!qAM
zNwwoG8`e}-A6-<#{TseEF(*vFkl0&Ks`HdcGWmEt_0%V&Cb752<&<uM8KCDuiBSX`
zihtWTq|+O;p|IM*`in7kUO2P-PeDCr-&c3F$;Yec?K&1y66GRugZfj0?+zMQizF6V
zuT>P8{)(>Qm_$kY7OAyRBsl#xZ#L(Jn|=iX5Rhyl5~743!$X?kmIvEP3LoX|4M8z4
zh?tL`VrQa&M;*9Z?T+f>x}*O~x115vU3^Wq4xbY0vCP)%EuPO?u71q!5s@5xNN#fm
z__2W52ma`ZvwMtuaI2`VHHe%!{(;+l?@Jf&q774E>2M!YS>Gu4lS4@#{KLrgWdugM
z4*YI_$N%Se;8%3q7yYqJ1UsA9hi>8D$96~?VAp$4u_b)0sCPQYupnc&mN+a@Obmau
z4=LhTbQG`kC@R<l*dbh-5Aj`YQ*HW?&jF;k>~ymtGW37$w%=%qwc)=emd(<z=6~-W
z&&+j(>QDRRKf<U{%Ghw($Y|r>7m?agN*SF*TRe(Zf|=Wu>J)~w60U9Gt>e@d07g+J
z)4)XQcx0Y7`bS#Xb6L*sJwA$7r-pDyF>xAB+td4!5TaErxHE|2WJF3f)KI^!yA&<s
zxH#w_sOTB4@u#H__Wj*QUBDon+`ZtW^<_7Ya<|FVRZ2s7umVt*1+Ubj@YXcK<l*^Y
z=0k%VAR_a^%G=z;;raj~^>!;_Bm>_mSP3BFBm=miQokz+==t#2{H^d<hC<?DWXuJ`
zPhy+}L^0=JL|nr4{|*CZd;jxmvpf*4fd~@Lf4$59dnW%{|My(}n)3f1SGyKPbv&12
zMRnU&MRmTvhs25c;@JOrUeKC2G2enXaW9;Ng9y^K1yQmdS+X9Hb{(4h6ua0-5zZg^
zQ9&esfFWDoZjHCOjR6T<AIfu_Z5|BV0Ln9b)jTMO0kntNY91`i@ORAyd<piuU#`_W
zfT(OgjDo`m3T*Q`B+#6*5otzCpb;mIgc~ywX})fS8zZ`Vi!`oV{&#C(S4`%AU04~H
z#AL0PhyT}1?~2LN+`g7a*tGojZ~kU8go;fMw8drw75|S*y=@*^Y5qwZi*lfJ?>e4@
zcs;n}uU2iTa|b9bf&NH$A8(zn3-->Rg={*Fg&~bhHK>y}bq}Zj(L`-j!;wkSs$$N6
zPPz;vJ7Z91Lff~zT)Am;qRtd9friUyt8OxVu%gm>tf1PY#1ZS1t9nFf>PQabJlz0c
zH~8k+oWZqk@YV4<?d_}GrzbO#u4NJ0+B!sj<!duuIMk3YJP9=NPvxaYjU<pWsQiB3
zZr>UWCu44U?)3HL%(7LElu+OB=W#&RH$X46L{E`(1I8uBNM?^a2~0iTxnYJg>XHLW
zscG4vE$KEKGN~xlJc%tGlTyP76Iw~JJ&Y^|2Y@y031S^J4HbkN7oxDpZmC=)2%qev
zN3y6Hf(%B%m03w;p{uk}Qj9poZxvg9w+eAPi>Os*ezQ=iY0CFv0wDX^Jmgc2+EXWG
zWi7T0#|JE^5j?UYx%DoT@*}v^*Bo8^J?JB}bLhw}C-U*^6UqqEa{OU_qBCnVZuEU#
za&(I-hXZPfGgUIev~sv?PC~XGxuX{LsPcY(&ZnH{Rw`%Ub04e_HrS-40|+aRdWSm-
zi8_=;utcLYB_VC6h_k`t8uP7q_y+jbH{gn*`vZj0mzf2v<s6*{YLHB3qGpvKm|7+#
z0E_5b?9ph|9E7_H6UZPCa^|F%>nxE(<wK&j-Q}9u6@2AeWbc;mqul|8^v+tlO!{dR
zW@Gf<LByzhyO|5Xe^vj>1_x#}oD?=fB^jzg5>qEQm57gEW3=9IERnVkX94pS(>r#L
zbPMC!HMnBi{py1|wrP-RB03@Q5tK3OU~%gBVRLSep9$F<IScbM0uQ{4{cZgGlj|`j
zqg-s$TZSPtP(Hhz^$=~Kq%YB`PW1Vecnn(_HsMy=VQH6yG<8N}<VQ30guWpB*|ZV+
zgYRWGh|?BB8~u%%O#UR9>D+cXegChs)K<!9D#Eh+R7>h!mNWxHwy?`V6bJ_(dD+AF
z=L>Zfu-!Qcq@46lW?W^Y#`YdzYG4EX43At-PdC>O5l<Q-OK7-)6-qwoc{)+M->%>B
zx`z+-0gIKcI&gup-7Bsv-_)sgJ#tqJ9>UHIjQ=k+fbxbuDzRt<J76ON&I&5Kdj**C
zTE%+rAJD(32_1V68c5r^R24F9lId21w$K%X>K^8VS|Sn9%xRXfLGE(VSoTI|#zSKH
zKcIhY=k!IX)U;JwUkBWW%1an|%o=h2*0u5kzZmt44=n#xXfZAANrpQmC>+qH5gL^(
z%^zhT%}w&d<NI=VfBjl|^ZR;zTX;U5I)9KoblQCFw(y?C&U1P2@_9U7FniIRlIe>#
z9O2g1@Tq!x58Na6jS>X1tu-ME5it7RyC2RxI-_X#2?^-{nu>OlPOrf=i~Mk#LD91@
zDkiR?Ti;j)z-P(l3J~=cj#^k;gZ?pIT1Zj)Rf9kx^%m5CzzG$n6yhcVYF7@ZP)T(N
zsTT{rAECna5{99|OAwf-E69&ml#*hRP%te-MRiR3!YZnd$0#Y`lOm>q<NEps*9nbT
z(HEakP}C4m)MpOK!GaaN#;BNgN$#+)FqOv;anZ0KQe-%k>g2`^n;~%`!sS-y@SOXa
zA?M5-Yb(}ARY1s$u(3o|lXxZMp_lC+d|`7Glg}XT0X)DCQWS{I!kM}wR#cC>%YjR9
zD3e}#WE*yxSg8OjVKO}+2{8Y8clnWoG~Z4}s()aNxK<1TqnAg(oRtjVCM(r1!u3(>
zC%(u@2{>?(rU;bI^r8fusAUXhcH7H`Ks;60dutvEfSyTOVu-HZ{fc(^TJ-ND(aIi*
z`$t}x7a$UobbHKb4|R)gI931OHF+noy0sVL$Of=>k5w-t)O0wftbw}D8j35c`|som
z^IJSr$3y*QtAVg|*PO;6l+R>6HfFgr657W-61xGbU?guS1OL;3g2EMUfQgqMEQ~!l
zVvGOQgZt3s=4Ak7TV|)b%ap1}bYSG&E<>i4i=$u8({fFiu2g30ijAiLQ_@&hVOr~w
zj#GU*!sMww9~K=J@0#kwUbcB(Q*7O40A((NfrYsHBA<21m2@90@{t_-)P4YzBrr{s
z$Z1LqbqZqzcfeG*ECUT^PFT-a!mDO>jt<N1Fz^Ek?GMeF5j-dwJ@riJ`hwd_6=UK&
ziGkLdk^i7L<{wO&GX^WUJS(9VIwzjs%1bR;Iu?0q-4x>zHkc0(VJW3a7a&fq-vBul
z%A8v&LwUWuI*MnbOnSz9B@p;3=2Z1>goI8y8RI<^P(G7bIpNrv3T~AW4zc(e_vZp=
z`4UM&3By>?(%_J0d%{~=J9NE=FEQ6Zh)HF6@aC9gNsLTkOcHbu(mwG-pj$i;v8JTP
z{YSD%Z^NQ)FbR5xt;6D$dk3s>BLmy8gtbGXmWC8|>Rcg7Q`fk0%pq^JKpR>I>ayII
zMFY8w*!^N#O-BojzaIQXbb-)Rlqbv)g3uBDX=Dq9sozr;gbbG4bdR!Bt$YV=`sS<g
z-#rx|4Frjv9;-!KlGSGzF0O4hnYSUzRySEr=qIW^Kdr0bwZc-CJ61PY@0zDn@ja`3
zmQ}sr%)gYsf=y(K%9-U6U1XMvo>M`}N%8Bd<X)o?y0m{p+rD>wGJ)0+QmQuTN9ggb
zw6QC^c+_eJylET$Sq@>j98AFYw+5>^!9vypr<_w2)vFv`W>=G>Dw9mrq&R&2ekD^O
zn)F^G+5jg(9XXB|JB-lT1#g=XSY6n@X&Lv!9q(YKRG^Mc5CJobhZ&0vQ;T}Q9Q0%;
z_D+9<>c-ysjd<Yjo776-jcs9^Sm87*-uaFy5+)`T@VP<WN4PPKc3=#_jheq4=;TB(
z2E-i-<MHDX-7)OLxxu)mkI(wCZFET65837Z6Y+;XhT&Ceo!7uZ3veFl5OkY_!peGL
zhD<K-kO49=ckbhy<bzC365xbPM&8H(nUv4_Hw=+H@R>9=!P6leDhzTEGr{aJ4wHm2
z4QZOfBgHpySnVY8JpNmT3nb)Vf0@+AY$=t8!JpNgGm!C_<;i`>#Dd4ie(1YkCkzSe
zO5>#mf6Q1;${tyHRTYJNyQpKEOtY31#Xevh`c0mrSg0bS?ta>L4xRN!iG~%5F!jnl
zIXIHacef9P8hY#FDsYRROTTk+C^p_1GX>&LHTnnR6Yd{&nNDRgPxI&7H;i@6E&?-7
z9XA5gERF9NOR@Hzrei0YS#}dqvNleIg|un~m`p@h*mXW%dw_X3xaxjG4A~cp4FDi@
zunGhq)yj9dsqcR;bbJ$dwFMwVm2PerY0m#TG0tIUn4}jRHK8s^&V$ngDUY?a-hHK#
zWQS_?$1+PLK>XXWENS@L^}!&?#)fmQ$-dT@sJD%k?g7^(6D#{x@vrQDz5qYU*;WH9
zEnji%4TQ#~NybE3iw>bm`F28X(w_5sd!md~!A*Vy9$k;INo>C&v{tHw+?{R<JD1Er
z9Sq#CfnX}X=V1M}pVS>QIwAZkHSaPZKO#zE!gR<|tnAde?&0aL2ZvF(86vmq&xIzo
zXxV1%@+}CJr&42_Gt_jZIt+{_*d8;bK?ev7?Yp5DHSo0COvp#AF$j`%f)Hc|0|ITY
zIF+io5^)6rV3iVx^x55pw^g9TYB{fLMs}7KI4M(rL~F5N*$7G_dCBoDAHNtLPAqCQ
z$Sfw8!!+f;|AIFa2%UHQqm(XxuP3;v%~0ZTX<+yLYA17rMxAOENd;5t?NkNG83z(s
z#ok5dEb9&gPPpr&AwU9eY;T<<&p(c~HrWV~j6gN=$up_tMM{QZdPt32pcaB9`G=Xy
zJWd~9LMVilTR-ycaLwCb(|f(8Cv;;P*7I~Q<lfpy!j3X@()Do2upRKnRd;+Atd3A8
zywXK`X)Xx4g|4Bejd(%^qb20kx3~~iL~L}G{;tpcVey&^$En{_rVwRu9Z>Hfxdi&2
zRu$*bp)89;CTR|?kJsa8X)B4n?CTBt8KZtH5Ne7~N{2Gj*Bu-jZMU`~5y<0d1B!*o
z`w#tkFcf!h32t2K2CKB0><ndviX&a*;wu7kR8kMYZ<c~Y;v%RAr8M`}9A6M7MQUn9
zQ6Qc=-$OPUq$9mHbp}Ju{NP+qgSCiVNI}~i<gdDw$GzrZ8Tn8VZE~})&|q-WRJ%c>
z>5(MzWMKBDTT^p`Lyy4zG!$6O>bXr;2U}N0ir9Ypnx&e3(K_v#Sl7Q5==;LWwnhos
zkr-76*cJ76jEo(glF(UfvnPy}Ru7_w>_}(1?Xz@sbJtJqwGI!ts;>6*rH-9?nhRxZ
z;O$W(rzEgV(yoSK-1nvPXyRc|4{BJ0HX2IWo62(d=?XpM3o`hl$E)KHzwAD4FE7ku
zu%3Ki6{1kAM<XTr6bR)Y-F%<_E)PZdQ^E_uzKX62knWcA(I5FzFvMZs(TfC0#T0{d
z!~1xt28LZwLfo&GCq@-3R(DwIYY$|>mT~;9?B=%B@>xff9lmH)MHta(3mMrR{QCK_
zjr&o+m#;<Li5%EY6VSFw2U@K@q4h)=^qq^3M&!-t<#%;+d$_oLeh6AmtTI!IqUVfG
zUG=$GRq0Wh8oOp&cPcl7(sNokwU%rhXv%#FTT^DLk<G{Xc@qQLm5~A7>#c`pzGA0I
z0N6;}UF(wphRyGq1~dkrUm1nUjpzaMbKh8&dh&SA=5e#u(t}>4CcL9xgi@(0V9#{c
zz4H+rAu6yzwj%6q)6;hIFQ<e>OH|nA`kJo1*wz=StQPmmmx4X{@oKJo_vaHGR85Mk
zCiz4bE)!ft4y$_kq-NIiN)9fHRMMjA=-EBvMpZq1qLDUUDC2o+r>(pb*4mNkilDl8
z%DSob=iIrR6_APi_vTaxmriy(F@x4PnU~M8p}i1HulNUon2GT#>6tr?Grqs~_Uioj
zzsCIVaXw!O!Nx950w#+xIzWHh0?-D_WRSu$GVBAAi|6Q9(6}d?3(HoZV^_><cs!XA
zE;T(+w8wn7__ri3{8sZK{OUhlPf)p%Y}98Dj;W&o&Q@#;=Ss=iqOgZT#=~Vy))+H2
zl{KN!)aJobY|mJcC~Cb8>=-~2Bu>oWH}t~gL?k+Wg`}KuNEiIuVy(R-mT`ko)e^lq
zpcl)kmNPKvR(~l~#8XlYo}(6J)F2RTtsyW^yvq)H&Ux>&&BQrKiz=otitXs)HtSH?
z%J@k_#ZLXBs$UzU;yh#e+wlod{e}2+mEdJR%o+FK6JfR{)rQx^>?~-h)Kc7#D*s^R
z@Jw{0e$Yn&VLqkSNVJd&7Y{|$!3H%_F7M@=H4&%eGt&w)B=rAqc23cuw9TH6ZQHh;
z9Va`sZF|SIy<^+9ZQHhOP2TrAXRR}9=3>@db#*<})pw1m-}5g-THkZ(F3g)RX5#Qy
z7YOSNecvFODCIL%g~NpwNA%W@u2egxBWKtCdUAPRtVvs+myi7p8!eBQexP3;Unk@F
zF<&v$G0|}F-QVx&)pXOcJ_lm>-RQ>NK|WqQA6c1S7?1}iC*!$EEssveCL@oB=qGf?
zhn>f;to9WxtHe2P7%B(g52toSk@j8`QJvcIkYmlFWgSAwap&jBO859>3m?4Uld?kr
zq37&2JS~z5DWeW{+sgxi4)99;G47Iq@OC3L8>iq8d0lY@u_CGR^ZT@?&m7lW(7e41
ziL%9T-27MR;2k>LUvv)f#(~fzDF7?nGAKfrxO)<y`pZI7{3D#U?_oIzJj%flkN%#f
zK4M#k88ce39TPD0V0o%kt+1Og>Z1^g8e|!7zR)kE`D-ty{U@-UXW$wXNi~1N0%=E@
z(M&p%)CSL#w1}-F=8!g*t!^fiuC02#X`U-ZgpM1`T<!flRK`kC;ew;BsgGW>yw}H&
z5m79jIDD)ltQ|kV@8YD~DtVWSGnO^>g+t?6{eJ!Vb)J9Rg&tn{!e4>73LS6#cX?lK
z#$%8$V8EX$1%R3;Uwq`oM7+k3x^cXE*8a9PpHL18Ulxb1?T=p=6HC=LhOr&Qt*iJ&
zxA&dfZ>Yn~Rdv@#OeRM8aiT@DKb6SH(SQ<sDuP2$?#wM!l!?=tgxFn8?<uvGNt|(h
zdguk7zpGg0)-NjNNEwX{=)KVj#69wu#2LecM`_N_st>9obs6vK#^i;#J&CK!wk^>H
zyf9|nQjL$9_Qk8^3pzDpoyEeL#(x9G(2j5e9vqRh=W6m2+pe-IGCMT6Q%`bAczqtU
zVrm5dK<LIDs{qdiW3+*tZnVdk$W1l^wxH9^q+(Zb53YL<FJA-17lyw)XEqb;Qzuy^
ze60alPo?RN#g^Wi@#wsH%5=sVC&8VgY9S2%Aq)aTHjBzzG?NRNBUTE)h*tS+O;?e}
zDr~U6;(Ucq7;BPbOhd{ut!{x@ZY6mFr6DPzEC?)Sm4}hngLyX$i)ucEqAs7s`B+(q
zfmP%{XXav{@0Gg^+3>qOge*)cmfo0Tz^Enr3>mnB$iFPMtyqD#g0xALI%qdlvMxz=
z27?y(1M~q;C$v4s`_W!!cXXpm9sj%P3$hDiZ@e}SzTH?n6tx+3N;666FVLdYGWpbR
z4tV(03YOUDS?&?^7aTpb3(BuldqA<-LNj6YO|9fcGz$VC?y#r=t=fU#jZqfo5@j#y
zI0?A<@pG~L0s8^@yuh-5A+z;{IAY1NZB%G|kK6z+{nQ*{ry!b5d7z34f0v<ngKFW8
zN1BO8<|#*0dqSJ9l?nG@f_~oY?Ds}8B;dqhQ^LW}9Q$h-ytzKsRnmm%)uJi1H;N1)
z+tks{FcL`yP`WL&@ZdPOk4Hs>hWS&e9#HBb&9Mlwj=r#RZ!x5$!gBQoq1<Pu#@AYE
zLOuV9Bqq{>x6mQ3+$Fqqc%FigUr}hU7G;zEdb_*(pf+(H2@g8RhvBa@wjfphihU^T
zR{NSUD`ZPCj?~gt(_R=!V&+VPL17{_J%+x6S6_>xKV@21ajQ(jyc_7c66YY>mL5sj
zvlLYv!5JEZgx^way^X#NY+VpNGTIMbk@2(lz&%c{=h)xBLZ!Yj<7$ETEP1j+HPtO_
zvZTgjB}Y4jV5)<IMdu)l0E+8sw%<}?8sighyP)S_FP?{OQ+2MMy~UTOWWEgm)r(<Y
zb5+HLY%f}C9*Xh&>th3R7~-2;QZqDlXH{hpT^<ko``3bZzUALIP5BZ1#9`gpU77uW
zOwkZ7C!-q5W%5EeFO?#l5son9X~`Ef0e8hz@)q95Ur*Jh&LBQt^VwfF#h`HWLV5lf
znH{{Zr+e$@u?8sh<<HS_{sg<XouBkOwI)GC!=0H>nAqYbg~85U@gnEoL&q<o_rTKQ
z>(@~PaAcHpMh>hB-sR_<v?GTRj)8h2N6puC=POe?Z*t?mbv+87Elrtf_8w8Gr4r*B
z3q}`Vl_{Sn*gZ#?@y7CrQcSBcK(e4#OVq=TE0|RBvQCB&2>HjTj|p|<v-~EDQPiM8
zd3MC*SAV6UHR)=H^12>h-gMqs6<8@{`v>!2Be&mU6JJG_7~<RtZ+KMc23&}2s!%xV
zALvB{;HFdknlY5uu1joKpx7$VNdGOa(WhPrbjQ;XPLp0V#qS#3`6tz?gHec~GN#v6
z1Fa+wfR`FIeKoZn$AmQkI=4~L00>`?Odvuj01C>yjC7T;4X$5V$rj^pxnA>z8Hgv{
zd_aJ^8;yuAbsB>L!{8yqvL8&j(iTLWktJQjHX6-%$UC@-ZdG|3U4O`q7d7=7Xa#xQ
zuUi{j6XGM-3(zNIZZFl89m7tkV<wnBD>_6@8qi1%W6Vv1mHBY!wA<{|Ik6ZkvF3Hi
zZdhnC?4|ZWJwaoZ)s5+67R;@4OQsIl;OEhsUzl6u{qIJu+pT2(9Aa=Uj9jl<y_h=S
zwG(zb+kTO*PZ+t{>Ll#`xPC4;d;1gi6ZXx{)&XvNyL9eI-7`G6lpU}bOFlJ2t6I5Y
z1+sjiKg;dM#keF!!tLm6&3_$vi3f)h-K_lv0`8^t`$N~d)hdNXzVVb8h7p9`sN9o-
z+nDAxszLTwu(d;hHj_k4Sd%#0WfY?)yHU(WEo(4okeQ}Y{}e_bmSKq1Iz~S=R+GTh
z8oJ>?0pYu0hc)9I2$TQ$pn0Oa(dz3b9eem`)CAbH+PP=vuK%&I&8+fz{y;S~d0v&#
zZvxT&cm@np8iXt+iUtw4A%*0Cy4>ZN`XVW$p&aCJRd7N6@0t=(HRW9|wgyEt11OM0
zK2Jog#aNDd6%iiT&$G|h2r$^7BS(J0)|Mp93V^|M8fHAvX31qn|9Dd720|<D=xRvh
zKdI^|Xa<8%QvuwK1`B_~<5*eY1s4p3C!0$9q3o>-y<n+BP+2;C(Rj?XfwUAkpaDWf
zP>`Z%1{#A7cCoZ7LERj7Eo!*&mjAkXxjjK(yT#468NyebEc37ESgAQYZgGOau^J|(
z)E${9(xHb<#L(vLe<!7C;T<bs7gZeWogDGh%C)G`-#t)F40t1?2&pvlnio*6-M;>j
z+s>hx=+S)Sy?8*&?X!*h%OM&JH#RLV%+<Gg&k>!qQje359pii@JgRUTomnJADtZxN
ze<pl?fjE_M8;!GaUBlzZPA*gMaECFK-p*|^#A$t{HhOtAl@<pUjVO~A;xNOb@uM@y
z8tya_X*V>$WnhrO0DtZqrgMhjM>$5vK1IephR41(D+m;4Y19ljnS*N+h#_`m8ql8n
zNjp``v{dR3m$1_?%%${;(;NZ|Z~lUG{N%}>RG}b1$-6jGHYfrM-zm+6JJen%#4WNJ
zpbbF5R`kyWWClLR*h-ZJNnPG?00!V_KzTbxDyK7ZR}#B$6%6u0EOa-%80>6A6Cn(7
zsgU{mL47gaOtmEdKmuq(i4Q<~IIuHce>iX*Reh5^C@kG=QlhC-YmF&G7Swy`@307}
zZS@a<l<tcm;Z~h>1EoU?*i|z+U6_bn!u!emQcXmg5s7=K`h9u2k#D_QvcAO^Y!q8>
zPJx^_!kffANbYWA^gFSDg2KG3->Q9nVt;zounHobiog!2E5>Nn<Li2KKAfUqgQNRt
z`@!=hTmbr2hfgeK3+0eF2MC0hbsOcG@q|$)0|^@v?Q&n&=)ww52&turq4GHqd^_T)
zcE_zG*;vXgo)jEd7c|#(Ufw`k^{P;L>u#jNS)BuilWW)gNzrWL8L7sIcx1+_o9dLj
zGa|+|)Sl1wS83`Bz6gMpXek<vtFJvT8+LtThSWS;xi?FEF4FlE4x82l&4^hcP|k2v
z8~A@SqFYG|G}s9v*&}WH!O_JD9`48D&_t-@t+Ni>$T)}aBH==blYo#X`lnlukW{i4
z5|(x#ibWu9MGD03Y_wc#R5WQCRxJ2i@<oD0Id2utSjhpHg>w0P?SG2kW-+U$fzQX)
zyqn|R>FvVrhtRkXy<~C5X7;`MbmXBNSO_JJY&{J(u4%Y{1YmS0+tPcxd)+n9F9Syn
zo7b5y9U%t-Nds!s<}OFdDL{Qy&$%VTQKtY;Wt_YP3yeZz0Yp=^!OOOs0G47Z!EPng
z7<EheNw$c%;Tds4n0mfmJplF5K!cX1{t#5%{n$xXp<t~l!q5&xO)m&|q*dZWjru)*
zGY@CDTe5hxdwf2psM3nY!c&y@)H-9b9&-@JlGP0fL6{LdW}%;>q&A@dn1RwM9c-*o
zSgj_J<9{X$737eu#%9=v6D3kb0Lo8JMPjuPR2LAn@*O{!soU@8t+%S--yDfmIgLKt
z)))J{?#Ti>+~lL|RDT{iqo-Rhe75a<tp%{~(`bpEhSJ^4ioBfbM^Q9rE4o)VwHOj(
zYX^;}kF*{z%-)_$9NYa=#@B55h-F80M`>TFDHwh5k~H>kFKgfM*cNbVe{HWS+GG=%
z9_z{PQXn8ZTc*_YMQJvJQzqKzKJ;LRGCr7=_kcBJT*PT&0EA&%4W3sQve|C#nl0m2
zZ6|6<Ao;Fvd8nw(6p4CDD?r`?VemHX0uCSb6RWO7tgN-xD}R?=Q=ALr|2}j3lP}0m
zI1gIq!d=rqCi#>MFo1V;-Iqj-O`?~<ODJ9=G&_ensfw}IyzvH**uy50l_4ljjEqUa
ze64nVpOaa2x#L))zXh6?wO(SYlQm7lP?F<yOLQS=?$p`sX^(dzgU$M$^7Nw$GBaIp
zt()sT>|j)gT@vdv*whI_W8->nk&v$&88B(ytj*7ub_X6w`i!WGx&b(ABrB&#le|nL
zLOCg9KtxN@JSW0D*MWX!2l9qu{!1iHHttBV;Pt=F{&AN7a=A^j{%iFwqnK~GNXH#L
zWAFYO)ovNil1()Eew|7*8RGl34kjlRcl7=f^^@#c`zKe=<2Cu#kMF0k@qgX`_Zh~H
zb$gARuI+6nXd+^c;ckmhg;BQvUTYYnev6NVG|pgfIa&bMFec57HQ6n{d)#YJAwKd>
zU-8d6_Y=@nh}zW}ADBJB;*7}_JB#N6XqMwQ22hrMfuFIXU6)t|hk&fA$R<dxdhO51
zm^H|b4XCvH0o!Nsq*0O$lM?CO506`IX8<=HthR}j99^0|*cpw_=gG!C3L!F@V2NG`
zWKrwOx~%bszACHpD_=>XttNca<!yHLrP^xRW((Fk2xu;JgtJvYHXT`x<kG~noLOb1
z?Y|cNa#<YpLLET6zG+bTkex+5_3fCfBbz8eH7baeG=rR=L^weCXDh)lAN%_R`J$X`
zV{!bm8yU~Vvj{LdE{LkfaUA%$_%XB5VkbkOtihDG86WpIA=7+QF<m@7A77^*-QFJ`
zHzA;&FQ2o?V)&o<+4#7)c;4U7?7G@n*<T|uzr5+kKA^teTwi#(KN*pJR4bCRVd2j4
z+^y0VyMi|@T9_{}r%q`{7+8`E88BR-a5(Llc$&eIFRJ@&#V>jtejP!|eoNmh44z-;
zmnAe^hnHrh1$1e323Qg~+Ejqqpq_&fW2!i`nh(0Q)PwFWEa+tqm&K{$elu5?yFRY5
z9v-;G31ka%5If=nfvgP$P+@hisKadKsVh*~G|?9@Tr@2wtqmndJPFC*Ezt$T_z>6i
z5Ns1F$`K!U6OYpby}T;;j)K>SG6y)LA{g<*t+~0;TiHSi<WF}?cuO;rNdeDso~%pj
zJy+h?lysH3Bu`d?sZZXn(8GET+Dvw$VCw-NhwI))R<4%Hn1QXJRM%!d@cU}ZGtH|k
zG>{vmP<fPNh?fvpj)5KpqT$tu&ZqNMfGRtKcVJp0(4AmQQZl1cXIr1!x8gt%`XF5#
zk-w8kt6*veJX#@~#S73Z*ocL$)h#zu5Y|T*HV2xp|0%a@HzCH><RhPs252rNL;cW4
zy^A2O%T4Rx;QT(_!$;@K?C^AaO6o`qCLFbF&=aS!)~eslLBqf{!%(2-7vD|Wu!|eR
z<~>OgkT75mge?dqZOEC?ChM7e7K~1V2V#|(-&Yz10>7}HVbzbkyHw#-@dTi__$>RZ
zYs>@Mxa+6V@Zi%PPZQDO4z^C3fUzA0=J+(@q60i4kyc;R$nKeU348F^?X^8`uypvk
z+PnCUc4M~x{c5*n>e-V#I3a)jwnZ8wP3`f0kq}-#Ff7(VFVfB;3L9|1WDM<qcL;6C
zw>qL$6pr}b!hpl&#eNXwdko~zszJFWz1NtRdX>u*Ag2klJEcSxeWbbdI%EMcyDrZw
zpg>k&AD{1qUC>RPilD>^WO<ywrqQtKl>AJRZP}f3{8b4EHkuF>RM9T(T^YE-PA#fP
z2{dW~%8Cv1XSB4-fYN&xM>%m8?ZU%5G&y(w__ChhNpA&C&8xDBwI{(KF#la&l3_5l
z=vuhRi@wlJnUqS@aLR=u?h0d4Kq?Qw!^Q;|Zt>=hwauryg3)-V<<kHfgUhB2h5U`0
zbX)+gfn3ka>1l2+ERkP;5J}XUkkqaENp2)I+W(IIDexjAY)xByYlb#AHHnd_wEpzE
z%s}S5o{zq8RhZg)099cngwv8^@Ek}|D-y`M$5-dy+7bx`unGku4NSCHa>(O5kVa=>
zAKrx70M|X-Plc1L7bGTh-Zhx&1Ob8$;Fp?35ks3`B8<!V^<liRGpJkAE8brk4BbA*
zHj}_KD4{44sS}0PsJ-BV_{G*qr3Bk49XNka3Ajs)7=Y#+r@}al)|T?~N}d<JRx}P8
zVJZ?HW+IYV<2v)FwFf{#x;EAY2*=|Mk*rFA*!HC?L{sWN7cK(VnUx{AN!w;cqKM<R
zcqwXZB3u#s)@K1DY0N^37QwPmNGoOJXQ7vHWqG_t&Svf4`oW`C@RYD6yM#>d=Lrgv
zI*#&N29Y})%p-%8JQ7IVf;IIG6im^Nuxs|&0g_HjeTnKZ9MBIz266z<Gv*>9RQH_%
z8UiVeW$<(wffQhmWPm%jk^GqLCVuV`?W7o&$j&I<<$xfgC-KH~{-AP9Tvyy&Y6QQO
z_)YfXbGODL_0@8+|AO9%PeR(@Fq4;)H64RUJQTAOGxc~p9~q@OdC2rI@?~<0V3x8-
zBBi1qOK2!NqQKk5EWxozZDV6nfi={_hL-(6gsi`ny!dav!~UB4B3&>ce+MT`PYOEm
z!N9Y|dtSwl=rd0N$IGV9z(8>YvnO2GoLu!gMY6b0?X;)33i=~4gU$!BV?d?W1)rk?
zbkH#_Ep4F(p7giVvft~BH-K*bR&^RZv;`GVPy--Spj*;AO+y@Hg28bizk_mW1Lik*
zo+HqTne?9Z#K_0ST=D8a=?Jgab(GHPc)~`Z*m+Jd`hb+X#A2QSa~l*n+bc~+hMy`c
z!-!Pa_xFSj;=@+j;d~W{wb(Plt1ad(!4e!K5Efp1rU-P0-tb&Gzydh~Z}lMRLi9Ct
z-f%28Y`%u}x2`y(*8nB+?U(l)neA;qA==)}*O8OCm}Szca8kt21q|_+r`axyb*-qd
z(71-a1mxPDNXAsbc>C+0v;9n0c0oUN%S27h3(~E5oYp1hj1@e8k%vKd@%srXp|h34
zoDc3SGD5@ThCA1Msu6BbdF4EqmR&(7uD>^L&vA13ZH4fCV~RjaAvU5STmwj1C537R
z3oKQs-Z!e}tX<!twvwPB8IbyFt<sx8roLO*mbh;jc>Qt7JcoO+*B|-%XIhC4eiaFl
zgaYLJz66n%HlLV6aH}c|P}qqMf(8uVjfu4bK<O;pgTOq{oJ0zQ<4VQK3}@MDk`$o!
zJ=3Hp)ajjL1qnfr$YRZ#;VCp1s6IU|uPx1B#G2pbN0>lPd1Mvg;GB{+s9iMshE-0=
zQE+2Mg8g2&0oI3@KSN=G1EbOw%oUURlra>bhCu9`%{eDZhwaPBxxxxUu^D4}r3y`L
zyg7mqvR^DN&eEd1_U|SUXH^UC<7UQuD?w{f<d(ABO+I{D2u^5Z8GJq7dbO><gZ#xv
z?LASEXAa|BbL*zP4k}_<mk|Zow57LMBbbV(D}e}69oN%_y<sb9S<f9CBlYz({QTa=
z%1^=wZ<qnP^;2G{;sg81;)3zOw+MBUKEPSE2qR(A+lV1#SkkJy(5!J3Ae1u=D&Sk9
zDjCG@)rk7W78(+;3U+9)*6;<&+B5||{XfC^9U~Pr3s~Zr6FSS-Gt7K9fSrA++%CpZ
zCI>!#JW8{zU47$jplDIZz!MC)c~o1b1<lHFf2#?QXIco+lx8=W?4>u5=vUK(0?mF<
z2T~j}g~Nxb*hxDfhpw$01X&6t7=kU!4Dq#YC_Dc`B6g)imH3=du#F|9*ajuJpcRHR
zo8vV(!$jO*!tc))I0Yf5MX&C4vk|3dud;VMt=ZBmk8N$m&F9jqccte}H)*Hs_2r+n
z<F^B<Oc|%`cQKAduk5p~pU=yGVmy{B6*paeQat|?RQCSs-$lN$a4Dzl;<js#f4n<y
z&&ak#ZP(iWGeq{^^`9Kk9$>_Y3R{|2^hFlok_jaVKBIM7m0)%QNW!k?Ixhm+2-eHQ
z{Sz=y^$*v)fnU$QPOGDGD%H`5yk5^`eSf_tx04+)wYGChgfV{hO<tRws~=RMpfxXv
zlRer!LTQB>2?gotyzYSkjU+`v5<wqrDE>90Tf!t>z(})t6CZSmmGFhu8uo6pZIF*V
z`US;ajH4@HmRE4K-SAICqbwPDk{|=$&8X21K~n)deCj4Sm)3DUVbWbYhiocmz)~lL
zcBrkjEJp%6-Y5eW#Ay$rwt}F;=ST!~*Q8?euLxAUt3C^6#ef_<fUdMcRi<-+X&{#D
zhu;2YTmRCtSUf>~-|SB1<T4AC_!6PZqW(Fb2Bx+uxc*YOQ?)U@Ds)y+n>~t$08k!;
zv$cIX=|nhagBMXb`qt|XtLp)F5vz9nJ)opV_8rvFlRGnjHj|Xu!}h~eU359u46Qo*
z@U7C_TGZYU!-^h-I$KS@)&&^}enWoK2sV5Nn1x&5Z}6PFQ<G8-%{bH$Uup>bG<{Oc
z@FVcbRR3G<#=dDoU$YiSEamXPG>z~;VZJURONb~3peOw7ujTAf2g_DVdSPl7EORpz
zT7#j1wJXF}tnrXEfgA6j+=I^>AfER<i&Zq-XhmnQjg@9MvgL^AB2upjo{}S%oRSIG
zx+p;fUA8c*1K6al^PU<zI%C2JCZY0M>WI}EgF=&cOzF&Hb2Aa%6Wp`?y!{V^!U#H-
zB|*vlH}SY-Q{7n_&AEd!g{~yaPnirVQe}?|%tj?I#c*n(cj)DX{;`8Ki5L-c&l~$?
ze}lJ1L!y8`ExhK=<Cabfq$N2}3!b)oh|UmJ$&V4mJ|EC{$V8~G<BFjSi_9dy`4wsV
zC(M)7X{pVOSdrMeplh!qm&xFQ@<qnR$9>dVYqP1aChHbq9Py~6F9A|!{PJyLjp}rZ
zuctl^HB5}Bbm}be)>%s*1DorNw1fmojL8zH<J<5j^+wa%&Si!5!}&Qxt|2u2P&jF!
z=$0@5t50CzT;#feG0?UN$GP)%gfnQd0O4!zqTLqZUybQ^n1eN9sD?$(G9oRaM+`5p
zdLePyqJ*)0`U#0DF~j|y1pcB(nOD(Lexo^KU;%*^si$9D@nzNoId84x`=x^gaON?)
zyah1b0PsI9v@m<oDLy0MXjE{l6BZ1LEQuxTFowLXyUScMTX&bjvHo<}7vX*W>H`qV
zGG*wq|78oYhCE%)T}7yQe}#gVInzP-!?MO}=R4Ya9{|od&7n>T-3HgBwvu{(l|Ol4
zNd3`!t@i~d)ndn>rjab+yN7#{au0nPh>mHs&OZXXiBx7pIR~l%LFG7^o+;3s=&#H>
z03^3=z1M><4(itA`t-0&P|1*nJNMQ^ROxDiXQb6taT{9ODKKEIM0?bAMd@jr$gk2|
z0$K4+7%Hq%W@VIs=Y)zJlVZc6teQOTk>$;E6gu&^Yb&?e6S#Sg8<@j+NG>}<xaH=1
zs_0j9H*)Db&(}!{)Hvxpw+&_C<n~uDc!`K&sNq%dTjL|j`h+zAgg#3ibt0N6UTbG#
zq>d#p%(ALrB$eSHjS8+21j`GPkNe~4fcGU-C{-(^;_OJ*B71H-LuB7L4v?(CG~yHI
z;tN3f!LcrXL{f1s7e%XM#X3GQO_vYED>N>bD*BB&T#ioimh^h?EVE+N{r(9Fr<Y@O
zYV-u(J$dwlU-cDR`nW_fiP5kbok*1V)!oDc2>f7&FJq0Tp}Vu4twr~fJJG>fb{9Go
z9Yd+%dv1xWbKt!aAWk!}b3oY6)7hs>2nN71ETe!E{RiRmd&bK!I7CEW^FQ7224S~?
zB=rU1<mAKVxsbtfk-0*B1(3Sv_xE(U`?_3Rug*%CH>qETDsg;rZo|2s)00OeQz!w?
zHGSfx98b~Ld(HMU<V<Au&rr=5Z5E(YCKoq@2{;F%l&QP{Y04i^z^Bhm>>4w6pJd$Z
z1SXT77tIzHl&sh9v#am`_mLR%8S1X$9AvU?UT<4*1DA?rnX%5LMxfj7f-6|~#f-h~
zUKnrIN>I&p$<gXEP_{7`z*5(JCSAQz^{6_G$tsn;?~^EH{Zp@+_s9R9I{CvH5|uIU
z@A9JA&+!KJ`G89$mHwlJYu35?m7)C0r<1^E-93CkWGt}4M#ScL-CilB796P}uFr0e
zYc-BWI#IR?Ic!tjrUR0=xWk%ynRGxJAe^?DByn><LUJNQR8}<~Ds?=b8g=wEi3T-a
zRfRd<;JnYdrcd^G0ro(tEB*|yrk8$R);l%&S!cCe2p;LoJ1^YhG3#)y=DK3z6Hi+c
z*Rv*Jg!QH<F61CBo}hpVtGTN=Az_6O;qNCjX_S;vlde-yHjZ;ohgHiyHer_%LX*ZV
z2u_L$=3nZ*!8CJ%sI()Ip_*wia48!eY3kWZ5@l_2h6Hv;^7y2*xIhcDAURaj8B%uM
z&7#_3nYh^j#XsyMV!MCxDAbt!qLZMA7Qj?dV7UIG6mCr<FW5*<Mec<e2dED*&@FTC
zv>~*dLu|(M?2_gCvp>Jg-eQ%@8Nkw%+$rv_uqy6Yk?YcY-GmG(R<QNhq@3ND!Xl3+
zDnUwqlg(d(ey0k^E;5X{@GMvWo^j(?elZi6Q&tS*rd&PwP!~Z{vJgwA+Qi{0lS=uC
z<_>mbefw)EG@6LEi_O~z9`AtzTA1LM_ye|*wUSz%g!v_tE^uc947xkys{R$qh2X%M
z9<48y-Tr_D(N1RNarE}fXy=^C8)>SNDUz-Kb=5R}q+my^{YVePs=?C!S-<X23Abs^
zJS||t{kI+1%HN(G8v-&3%JNB%nTs5)S^_w__1B+sfHnRe`Y$B@o-(()UA}DZfu!N?
zZ|~dv+2pGC+ud!xuGg2v;qjPa{OOpNWHH^ZOSA6FTLA6n-ydmo>SzJI$5NA<WcxDW
zvm;yqT>EX<upSU-P76p3fFoj2rXIev5bVxJ)CE@t#lLfo!h4CeDone)F;!8$x0Jrz
zCT0rP$W8z7drCNn1{HR39DYsOSYLk6udVU6^aF+pG1^q}dPq7xVG#jdwRzA*=ja$o
zshe5pC)-_`k8hzVs9J3`8<>e9siv<1&fA>WTE7$My!buCAEsLXb0-yy;<&TdK%r+k
z*O-D|uFiu>V^|sMoo8h@|5AQDeHzz^n{42=8~uG3KroHggHlPv^Gvj=zlY}7N{X-5
z8_zz1&Nnd<;+Xo@-3Hh2dlWo$>uYC%3M<{otJc@yP#uh~-N{?m<k9OOc2mRX4C^8o
z(VP^U0itMxjSq#E<89&dNn&(^b`E?*`on9PgSm)*=!;K<GZqT!kQy3H^xflc?nd~F
zKbT2>OC6K1gI^M^FFfDMHXjacPKQTC;9`&le8aWrcbk`JTmNq0_Sx9tl{18DG>(Q}
zprk&0kAhBpezZR&;>0@;oGr{J$EHsn(y!%It+|STa+lE?yKu$olRwO!<i3les45m#
z9j%J&3<Y}O4YkR?oh~da+H5-njZXc|&7!m$Y$BX#qk?f$_%1{oVIxUYBT*StBF-9j
zc1>I>QqQi^6v7t<X^W*C%dxqzl#?ls%a_J|3$_SEE;T@e%fbccsL9^S3pTRDbGaD6
zJg{VyR)n5!z=;^&ID)j*LxjK<<3LXZlaI>V;_{(ieziU9NRm50%+wyq@pJ)rt@mTH
z=VP&Q5x@~j-b>@Do4i;?VQ*S>2GKJ62d?%R;Sfzx`9Cr%I+&OfbAceOnV0s&DyxQ7
zM<u6N8n2=YGxo($<Pe)pSF~3^wF!2Ci<ohP)o^7%_Ajtr8jb2fyUTpt{P|{RR(669
zq)Bbnmuk2hICohzj>=Ae_i-)bgQ2kh=J9;HMQCi9j%gCpRmrx+%AOxO{@I<d^-__(
zeV$J*M&<Pmv&@v&bLw*m^n`^cMT{L{)#S)vT2MWQi!+t<Bjbfsg;}4B)>9hM;_tSN
zDs~AFahITlSo)F{0m|8{qB<}P{%72}f3U?Ps_=3`1>?)3n`x3YPe^j%l(9dpTfwPX
zKG_!sidzGom8U8?us+wWR)<7^u@pV*0y@c3Rk>lOGjzYmCe5DFNuTooqqk=RKGX0t
zUK7%;uC5vK$#bE>AMP|4AuT$b=Tj1h=ttx$xljVE?!D(yM!K$5OwYl|YHyBz>uRj>
z5k@pgp=shatv=oGcrR<)u0FMW-dhV+694%S=|C&T{Ud{?{rut+OHBH!v)#@1%tf$E
zV-XOy@cEbN=7Y(Ew<{CuHnURe<<`{8uQTrIq}JtnmNo5Z8+9F{hVuAr8*{4;`1C^c
z!2uV|zO0aN<<`J(<M^UKsZLyZ(^9yi@JRZL00S{WX2hsQ!YzMHhU+|;BfU!c7dVTX
z(LavyHmrs_IH&n(%~Z~T0|d3%O<T)jHv<5tQl@JAou#9&RQ@V3OShC7{?3^5m;<i6
zEAh*qKppKN?Z^e{wwDpVWFpu9Y@1f(p!MK*cLA7PsYLBF1C#1Dq&`#gyYGd?<`M8v
z2J95k66Ep!9QFvbhrh7!lkRu27B|XD2FgQu`(*N_ntCi6-3>3S;`*9s7ue*Q9ti`@
zRuov4auU7~p;=|8GTLklMBWp9oP1yAp3<24O)(;rn7EU6S1}w18LoKQjYy-fp$OWQ
z!;0)&6iK2$nS}AqwrOvhyj5!fJ9?~EZb@%080H#k<MsLkRHD7@;AHbHYT+1fUlve{
ze9W{6KKWkmTW(Wro`Le#7$U~TB-zQ0h^*Fu<me2y*X+eAcYnpa#BywR+pYEnTu+#b
zC`By3#}CX9dEXsjrvXbE&g*k|T_p(A;{bLqp*Z-*7S5Q!iGT==5e0Ar+~~pt$dFZu
z-jJV$%V?$d?3V<==1lZ7<aODJgIHCk;ylIv+JvLVMD<FO;V1WY=g*H>^8BU;yAyO#
zPwM+nYsn=tc#>R?5G;0O1c7cW`$ITlR7YnFm%2kz+uQa^SIAArh?XnngZ=7QU0KWp
z2;|itU$~N}upB>-KG%#GETO+CgrzenRF-~SBNEmr?t_VJ+xGSLmnCg1S92p7SXnbP
z=ls>V4B%a83bhi%Eqa)NCBYOM>eGhK`dCoxQ!v{CPghq>2>E*8AnRjHpJ$EiEHu>b
zg3F_A8#UJXhB!*ZEhc5rwpL*2*Xj@0w%5M6II>dVy*pP2e>MrZo0@^#O>RZGNhm_)
z*<*o_$<!4lca|_2Gc%8KPIiJd5RFgg0v`Rf0A?y<I2_<Oeh;#$UFKvHs^%uO@AYw?
zJQAa}BHf7^u4IMKsQRUlN+(Ug6-Vpi4G!vyPmj}_kBeWcZRAZbDeUw<c%J4geZrX>
z_(IzpaTIW#5lA^vb~-1*J6~Hm`FEOu$ibd&Ju(k7kb8Y_zqr_laSzWr!{{CMw<wrU
zOmj_1HIH$V%RY6gIywM7nsRx&j<*3dA01dds-!u>+_lViY1atXR<R5%4P`<s|3ddf
z(=L*Zvg@eGZzrC$44)~%uu{d~a$Tl?eU!(F=ZJ2G_LE03wzMf8{e#M|+_|{}q?62J
zY?JI$T#n2cVtb*tp>?D%aoRy0NF~!3*tFa}BoktqWIF25X+Bu}q(m^D0{C=-w2AGU
zRPYqdh9xM_J!(;SO=K*JeFfJ>>jH24%=M++4Pa9}?n1xKOHOWnhP9lSRyhXqIpZ#1
z*4r%-&Jkd8%&c(tFwUKH08!B0Fu+JX#<@E^l0i;PA|wfX-c*{aHd?>5*;VeZJfB-*
za6a6oU_lO5og><Sq9XejL3#ZwaTx6!RGksHFy&@uT`@9E)&<2f@yv5e3fBC@Zpua8
z{LJi7I~KXt$y%dbG~DYtqm#1tMz1_J{3%dgXB0yu!N1yK0k9TL@oF7xnweo*v8}@N
zQu<bWnbPlTu~q8T!t$7i*W-E26Kek4cZI?{U{JhC1w@`(srN9cz*Bj2`zcE)oGv_S
z6mM+>z1mICp=e1CgK$;PIKDt>hG90kH17GJPoS-2B!uqjOJ86smwBDo%96|J$$wh;
zge%2mT8BWxIjrD$ROhA@>iwr9;gz8zvK%g<Y(c{iSzO9mTE`vLBr!^FR4hv}08^qd
ztd0#Qv(Pp{xIT>g+y-COpXjWy(aV2!8Np7UPD+&?^yOJQ3;OyL9hTRNGP{W*ANp`_
zUfQX5Zju&mo~r#$acS{Khifm7BFd1#>lV^gy^WfofJ-|zxvru9^MaXWuD(Gkh1de_
zho={h7y)qK)d-*b<BtjF{5#5+*qs`t(@W;XpLQf+8jFt?6VE!g05`r~tN((@CM6Hk
zZ7#5mp!jJsHvWpe3f(LpW}|MaDHZjtM1t8Av(0=#7{&&r{cz2fRsHvTVg{!8=MPJt
zw4^!3E?b&=Kcvn(WR~4(>CIVu^=H9q_r;~^?lwck#h%(xFn#3L>A|hEqhD81yExWY
zB(X5WbZI-N>H@f??h~|K=7C>ESEuK9%)N`LEq%Zb82`stVn8myTk5P3N#9}yx*_J@
z(~gs3B>9CLp9WqfqAaWj|E*%A{Stw11D28jil3<4W--!~mgqc$Unpheef>7)Eum!s
zF$$k2N?JaWg!l;3lv8f=^6_~mwT&!WmZh5!AyhsrbuiM3_}5rIizLPfB(=;hrx%B(
z>*MvRrp4Fz1@Yp-?JaDkm_p6K^QEQkxhaX8PED0>w$8*y{Q4T~m(Kc>asFUC*cr}1
zu!$^Kqx>7CkN{q4Y<oxEVkSrc*hoCwY7zhj4KJ&DG=Q<hL2|=7K>WP-=Bg-Ae`+xu
zZ*(YEvE71H+pDpIo!ss{(b-f_as5hJA)1i4&$7@|6eggNPn7Yt*^r~4Y|U<6n!Kj{
zY2BR3VY67IDOwFQVXR$u0fVvEBQ3Ao27ypJxWvo~jkwu%($r;r&%apfYL9WTW5A+%
z<q7uRD0qBFTfCxJ3B>$ynV6fa<2(*F8C_P$j{~jb%b}*lg|96-T4sGCx_lxGi;2mw
z>Ar%OQ$(v&X_Ra%m3)?Jk3OD2SD3Tla2En0&aqW^JLdjR$ex|$AIP5Z>FPZop!@6d
z0sq^}?q)v(1E)G0oGRw&01e?ngxCn`7WTggdy+7kAU`o}>6^iym!-4Lr~1gl1rL<X
zzBjHF0((-<GRhvD*xmY?c8ur+?0Bu=EOi7xz~I^%`m&R>58&WvrO}*?-q*p~s_)!p
zhbU5EBK`$#5<uBe>nrh+suZ2f)T1hHi@k&Q5ilX1ew$&*9F;q|598Va@Qm(ex@c)8
ziLV4@crOqHaoLZ4JhY5zXG03x|G?_8h1yNOWL2!xY?S@nP|wbF5ujVzwnd`Y!CT?^
z3eFLZL+rllt<EXm`Kv?Uu*A~KaNRt_Mz2K1tDigmq3X4a&(-2ephy5k<h3+|3~CmY
zy`o6OD7%j|M053x;AK08obIgnka=HZa--TC0G6SEgv2&lBecAoHTlQ0&n7N!f=%D;
z#kEz5rSJb~$DgB&_v53fxgGyMGxeVblU3(BUNg5)q=JprPi}74ZbH&H)HY8LCBK4E
zVM*|uqIS@CgfT?!<gmB}EeAKm$~wG8H7@_*>N`0?70V8D6XRQ{h49_Zl3{2fFlBig
zsL^WLUM!jLK&rP}ZUGE`hbaY$ofd+?4;gW`EL$2#c=0)7+LBd;z>H^l^V6TPd-yoH
zOTO_=wNDAkGB_R1m-fTOz8?WrFGqJrWEf%Y0zr}iJVhf9%85Qh>iod=J!PMN%FBs_
z@f~WNF|S72Gmz6F%C?Q^7bI-T&+8Q`jr+_Oc`7WdkBZ>)*&i%&`ZW`GYI?dR9yRC)
zVQ!VQ-no*^!>%mZTusVcn)LXR-k0)n9W_`wT6%b?4;P@og@#qCEV#}1o(3TS63K}u
z7B1|+*3j0EUf>Ui!whG#O;TLEc!9>F44aA7ta;LL^|RsS>&Rv}ny{u7@>jRD)pc`M
z!r=$7;&KO2vY7NMqAO~^0jN`YLY=TK91Z@1+fNTm@QAX2NbK&1^@}9aF~|oGJ!0p>
zz!46O&1FyI`T$TikXIvD{}LkO2{eWt$~)Jo(z`xb;~k@t2vTl4gk8O9+#HV7uAc~l
z0a4t#BWy*|2-T}aEG;AQZNIH2kbdhxd66HbG3*?)gBX25C8k%88@0a5+fi`PFR3Lz
z@lW-xR!4Xa2+PxMZ%n3dBe({M#g_V;p|5jLkqEXbo0Z<n3gLT$>K2`NAJz+Y6!oU5
z0DG+ZR(_V@93yw<eej0MUxtL@A${0OJMt1vx=s?oO+{Ws8SyVr-zGuT^*E8E(<`Fw
z)V;`Gg9Upg=N@Q*&_4@RIvJ$g5WGIXR(rX@2gLheo>cqyhR3v2xuT9Xm%3l6zVVQN
zwSl3=x6(3edL%fU#Ski-o%<h_{!L{L@Gi=md^t6HW&r((70G~UL-sKYPz6yy`FAFu
zDm=8ti-iJIKeH;LppJlUG0YA6jE5`XmH*q~uv-wh<GYF1NBbN3i$N&;aQLr_BvL|^
z4oxBIQVP(r)Rh4UrtA}C1`3-<RL=k6=re3hE_(Qh?P9|jMTp1FmPY8RlJF5-tFhPh
zps$V=fB1Rg1!OKBj$a&W%s0ZRH{$hfRpaEPX#DpbBTWp)z!eo7Goqbt>fr?vyQ)2h
zwG*L90~8vp6aKcjb_rB*cA^4&JTI;c#1kZ92cqG?z~ik1$tgIxomSM6L~0d53pUnq
zw}I(a(0?LFkSs&h6r$ZY4jz)Q(GihBm8(V+dkWgXyoRb*Z-ZwitY$EEP`jhF))iWc
z4RH_wJ>>4O%wgfflG|NGL;I4}yavJC;8&@a{<yh)p)zwD4GP}LgGEi5!;9;(DS(T$
z@oAJsS$YHh-^h7E0nxUJCS{#+lVG0OY7eC7Q5R&UqL;K;6sC}O3qO}gBbYUoEygT{
z<h79us||#8N(P(ieNRU;Q_qb~15i9^@Mk~xMZBuL3(d*Cgrfl>T!E;!J*}NUFiVG~
z>i<7*{xe6k{L*k+O!Wjm7Ds{-t{~(xn#qA0inHSGg_>)_+_Pr>M6Ng*hHdcz0RTrZ
z)tzvkB#D=PR}<t^+Bj=Rp*Fg|>i-3vr#PEwBJ4Aqe3Oj!;6`O)i=U8yz4RoFSb~q7
zt`#<hgSeBMOBWA^PSuL~yRB0vSPO#sHI9A^(HlNtyRE%co7wy5r;=6OIrrYkjH!0}
z7LHmpHlp#<p$RTS(WJrdI>3ZKlt-MX|LGvh1`YTUSd@+2kEw;Z=V1#40#H_Ggm{X$
zfwAGM@?-J-U+MV;o3yio)s&UYZ47%C;mt+xv`~-dN6XmGl69y-y2y*l4aq0#vKRgs
z5vNg=IfZ=J1Pf~-QuEOoVU7bgS5$R2=}f;H9FJ3`Rae7cJq`ST+XfmrNI-Y6O<Cwc
zHJz8VT|~kLXNi>>7#JS2I14#}lemi{qu~=S7*+YsUWJp3B<v{PX=8UgIr^Bw6H5_f
zQK%wU)6C|h-;#c~C&^ZmK~L-cpzC(uJ!j)i%FD(t2pzV@BJIA9!b{{^mHk!&9e$lX
z-bpOuO{`=r)KgdV{R9(7NOAoNJ)w$8v$Vmyl`T1#->H;d4<pWh+B0v~YxL^$J2hd*
zltgpyM|nMEe$e=?e|h<AnCt&W<1_z*)UWi)1V3l3|3LLKte9Kn=ZbZcQo+whKlZ<z
zeRY*=a?1}$?_=2Saf4>t8SJfYU;B8h$9fRP{AXO5nhm>`_Kd5k6S)N0&`Y?E*>oA~
zVQS@Sw`Z4|eT%|KLz51hOj61E4MGT}7kZTne@X^Z(wq1)Ax1wP$2>U_$tLedebvJd
zW*c^u*u^SJUz~6aZMB9OEO%&yaGh=FCOp_Ww*6@kgVB8C3&U13lEp7_$K77T7)9OL
zyL&v!z@50hmwD-mdlK{^Q>I{MCgG&bfoMrv%?|@svQICgmfv+OX9n$OxS=-OSg?-J
zbQ+U5Mt}^34lV@XXMY}+zH-p>>WmDlyVUn?#7<f8Kx!k^p81LD^|UUF83k%qpo2Xv
zvl?JHySfQaq)pd8BdMf`nb1lVR*De3JoLO^#mbhOU9qR>{eL6#nNK5Q7ZjJ4YMd20
zr=Sfx0_R9OX?^Md{4{y7W=4duWUvVsjRdk<#PZYoX-L)d(|G#C^h_Eq7k;RpSP<(G
zu##0<+`~P&HV?^Kj`ftu5yD5qXtTFI<5F}nj%BclDh~F49JACYv?|cu)@DsSpWg)Z
z;M6yt3gU{)hL7h3v~A07Z0=RO;JG_RN^UesNTcI&1MVDA;-c-Ic%t*kpJ;|phVnDH
z<?EC>42w_Y!VupLGPq`WJOY_bJBY!bxM`+0Cc}^^J9&cdkFKKA?Pb!rRUF#e>rD#$
z3<DF6a&cH<R1z62q6~1Eh%*>#qf;=*C;GYc@{+kk^}_4Mqv}Va>V~778)EqnuvV@4
znax7535Vj|S9h+AeIgtyBAv=|`bju0YvB@QWw89KI$1nMnc6z_!ca~L61OS$6?gN7
z#4?Lk;S4rr^zrs-ed&A`(h+ezfR4eVnVQP6!YWQ)2}JqtcFyQTO`<m=s}Eu0sQW=U
z5Bjc$<%L)(ts(k<pUJKLdc7zGe>lei=rPKD>|asFsd>j#!HHE)ZH%HevkPmk;3*#u
z;tjY}T9Flz&{BGx+Jo==FlHwkdt5`yr&6^X5p{euP=kR_wZ)U(47U?fNmEV1jd2k8
z0*_!vtQy+RalIdh1d4+3t45JtdChEz<-;O*<bAU=Q6g;9qk&Zz;!*^@Lsc<OvKCkW
zJv&v~J7eEs{KBtv3a9sShM`T{h9W@}f)RM~R?cQI6i||v$`IIuM8~4LPFjn?YZPQI
ztj_`t6sxL0>X~Xi8f>CGsUuMp>~6UZt=mn2KGB#bhL$B>I~0BM!sM)3Gtei^Br2jF
zIBfp9sFE}m<0zks{qv>DlP;39fG^zB23pv3@t9ei$%b<?ixENZQjGl=<ArQix1pj5
zVO;>`Cz!b(js`(_<o`2V9xeJek<1?VOfRWIi6>5cfbp!vpZ24b$<eDCu{<Hdu)v)H
z1-p9K)Plz%7Lr8vJu}9>bVdlI4D960^hIaO$V3gh%aGZe*{ODvG*~DASoz~=pN{U5
zen&FNdp#~BXTC}yJem*vkJv*QkZor0Iz^7}7}dZ2TGk^-tLtAaDw^lfdI<Z^cb9{*
z)v{mCZ|*s_9MWu)Yo7jcIh6d=KQaS|5)!@N%3RlT`k;<IsmR*f3>0nxz&-LJ&%2Q5
zyacQPWxXCqNf*hKc96{!(*ZQ#yOH$UnL7L_#<>Kn$oW5%u4{ih>@2}@xS4>=02+Q@
z{s8M}3mZ&IT|JIF_;Nxq^h@=&y2!keI%2&9PWkg}JsyhSE0ZNnpdOe3z58xgT&X6Y
zo~RzP$W&!iUU22VRgOrM1rqG|d0O!T1!G2nvei_1A@qYpC6edk4Ln+E8?8Uw=;y#&
zA0v%)slU9R9_V#H%=zKG{{nq9c5hr6)JL`Hs&43d#Daweom1e>g8piQ@ZqgM3~I8J
zxL!nau`<dpN8p6!OvWMO^431Zse+f4f4?+6pnRonCG`O%J(})UknG6kRoU(jP9t7A
z=Jpu7R6MxAp`pS7HR!YXd1|!SpFa^4&Rs^}xdJl=e_5ff^du$lIzR&x*auX)el{)~
zRdVB8w)H=@J4lKHA!wRTLqV@CgjS1F5$XWs53}*?ta!Q}KzSf)a=SF0=|18b^O~WE
z^TyaHK~NaA@juysCoLI`e*Iwf{h!(^4#oi>k@e&xkj@kuZF#RyLhnhM_&G=`MI#A{
z6y`=mz{W?omR@)b^NqNkaBLIp{0olQkCWr~si0t}4fHyJUX+zp&&l*tz?<gzCiwGs
zrGxlysSlsj3)gDV6@P$H?|!PU$$o>dwmQ}h4-xh?oR>||6rze>zO@Ix_R9RZ3DPbg
zEy54)(h4aG-F{0I1RbcfnTe)73*tue{}AuRzwasMJpYB?|6{tQ7X6p&y7fQSOWF?@
zUqw0h;Z2<J&jpVEfb)t4Zr{8=Ts*>z&pJT(Pm1rKsGkg-KOjAR%h%^XI^|r)`G0)>
z+YLJQvjD4(G~WkARPj4v-Q=-Ex88@Tjv^lX&QtW3-b0E=6e?cU7)uN<<e96Fm~0<h
zT4l8);^lu?h1+-x>-2mgjBCFS6TszQt^KIB1jn@XI9}lk^)N@W)L6kyJ%^%_pPZJJ
zq!X}Ev-NLjaQh`|3OHuHT>ctmN)23xX{5~Xq3;@pBbb&HO2))~h!AN3)F}V%YE{87
z9tj+jqr}kfE2-38a!l1(NwnU?wG$s$f7-uzdnX&`dTKmWsT9T27dQqI<mH|jI)^-F
zYE(dGX$wC~SFpwyLpF5|RVBcYQ`Be4UH)t8%$^U{nx2QSM3t9V$WhE6D5R%^yB_Q3
z<B4OmKrt-JiA0f>e*eXS<q!Blw|B;abWHrP&$xCAvDxz9I#^#fufwmi$sr-ze3{?N
zG1>TEHNNoOd~bIr`QQ8Z`T0M?F2BEy%E#~L@n2_$uSHUIcXjdMyG@JvM1Pcr-tOvq
z^*4oLtn1g7Ycye9ig^1uJ3%pnkLpmsfMxxN!DWJvmv-Vmm0xJXc-5wcd3H~`A+y?C
zGkK+)=AN_}7Zn|6lFMD}q>ZMc7JDiUHuXsQCFs~IIpAHI2r|;JF7DM>nacNlf>~j!
zb=r$Ec<7l<5+F>Cu7rH~*IngA_R+Z`dNo-jB?c#-f>44tpVk!CUmRw=M@IYC24i<^
zh0!n$xQ(DJ0yk`pQVS9IbfFkt0hY{6W~zYvVMYYF>92z>X$j39UR6h{&4&Wb`MJQo
z+95BxP`7@ngO68rt&0TZoOthre$^|Lt;q(!Ry$g^mRYr|+>4Nt0O@<IPYHMsHPjL&
zYvE~6fiQ~3wy4CAs7BJQJsC57z)NQC^&yQpV^_ZH`LKPUUWSy$M+S%W*1UAdLWBph
z{+l00+XbUk`Ia?Vu!7o5p+Rex5b~N&Z)l`OOSKP4GZ(=&PS(p-Muz9d2djuXY>Nf{
zd=-M;_QGsR2|vIHpZ3T8UU5RQ?bKF$^Be<-TNE12k7Sc28_oidAuz1a87Kv%RsuGi
zf?GcLCev^6i{KhRl-fWvl(un@mRFq-`Fnw!A#?W(D)k-TPS`fGNcpbKvf*%efS^v@
zM%^YAC0|W%H4)3}VoUXU2&>_m$@tXWOILtmeCc7*o{R!YNzHR)*EhO2Z+e~=>r7|q
zscr3y&uvCqGB`?nnfFNem%0>A3+?Upf*Nz<>ufIt`=pnb(C0$4<e?J%Sgj%}fvJ2?
z{Y!Fe%yA_~1AO#gq2lY{4#XQRemYg^!FKTu6_$BkB@+aT2*Qojv4L67aqew3SVDL1
zGV<SJfh;l(4YmOfE~Lo*RAPFUo=Tb#Z0%QfSqF}n=nos+tUUy7b+xfh?4#9*2=69?
zW>g{ss}(sW|BI<}iV`JgvUS_WY1_7K+qP}nwsG3FZS%Bk+t&2_bMKw|Qn?~4SJqpu
z%7`!a4ho><SW=@Nrpqp@U|bLMnT5Y&bpGt}`7?wIvjJFHyVL^at{83a%x4W*!oKjB
zGuCob%v@U`JZwJo21hcFQ^*l6fucWqW!smJsoNv^a+AhV0)ySEXALMcDwDD=>{o2e
zF&6L)QdK*ntI1uDL{2U|P)1Wke6xfLg)y%n|2>i$pTnfkNi~kuLBhPiC`#(W`lX{X
zb>{bcQp}uXJ{;F32=zg423zW`qaP8akOzzY4|*6Wl`#Rtqz{TDG^GFT^uEqlkH4~2
zaWx1dM%`?C@1}HzIDHq<0drO!6bGmuv=3Zr8bwsCEOF2Ft6RHass?|SaVIDd^gzm8
z_P6y-$)GGD7*dC_Rbew;xq-7a!}5N5ZBig!Zag370CD$EQw=i`5t^GzcM3Qj^$Ji}
zh<He_nP@O^hcxT7ZWb^8kVtDNronY~=U5{PgyYIO)4p{`>=*56cjFWN;yu>%BDvw)
zG%)gHiMW|Vmy8dBhLfqe<n*nC0Fc&`Fi!oJfJ#%?6x^>T(G-2g6+tl|3%9VTpO0e2
znicJYRx~2E8CW}eh?vB_8iZ@=ACZyz9s#avC;Rdl%{ImhM6-Y%c^D{tK+ftiag!c4
zaVm&L)u(=uD1_m>ZDIiKTtsrC6>51oi&l_ApMlr`I~IR@44sB4kvafL(NP~UaOj~h
zs4;78#zn6T1{mnaqy~K6a*qBOqhsTxq33M=i0|ZMWia=f?QH5s+gV8V<5H$la-tMd
z3BrecZHY?D*nPn3x%Gh1GcO{cVSm>aK!v4n&=RnS3V4Wbz63^C`9K}h{hfdJ?HXm*
zVSD+aiL*LL9M&Tq{Pz^dnF0c%x2B0(uv<QDu?eEH7~W{ea^muaCHft=U_t~+%l0{j
z@hc=F>+2tZ2tMwuN2c3W87+BOXBD*VpVj!{P|$tC6T_I)I!p!Xp#cZi!n*mgZUAGK
zx|qQi^=ovQ@J7x=z@2evfocxVRyE^EE51R$dgZuD(R_dvI!0jY__b}~I@~T!`~4a!
zs6h&r+VOVzw`M_5++=(ZiZa<#M9<FPDne!G!Qo}^xFPa(0a@@_+CltZ_-=ATY(TeD
zv0k<=m(M-|burDKB9(n0_Uw`H9GvcGI)_}|i_jAhJer|V&9>)6%)9n>nMa){NO37D
zG8aDiJp3nFZ;XRbLVpzz9zV84Qoe>cbWKf)!*<;+v=`7OWC!gtbx;OFaK?2F8raat
zu0{oN926#De94%n+n4j(puD!~jzlM@9NE>Cy=&ey@wkltZeRpUK{+O<C`jc^Kq-N0
z4&o<S{;5M$_hFN!X+aHsX4D_n>0E*zv3PDhw-J8z)bHHpgmo_ERJY&Hu?iiy7)%is
zl%O>5)Rri!y*Lq{pnr)Jz(?GI7L3{h->#B@!)I9!;5FCe*MvkifXhO~;uK@qNTkTK
z(k)pNC(!YYO#vyYE5lUvqxKOf#lI{rJc%iGSKzA4;bVYsPMKpVQqQcY1em!C&4NW)
z*sM!+VwBZZkPiA0M<_{FrVX9Q>enHiY?mhBr-D#ix8Vs3e1XOD(SgF+N1-uoT#6)7
zWrPj1CPZim8tmY#fF5rdyOy*$`D8UsmMNPy2U25c`Zy^BB``A>I0LRS`!ksp@7<JH
zFSS{Aid#y}Ts^Itt!8p~2B&c@v7pJ986B{+&0{_{22Gcv`k7vR76HE*Lv5w?V8q<k
z(#&T(7Z<Q<!qpvimdsuAmh7A%@5eAH&5n<0l@MJ<>^tXPkUyk?JLi-k=r5=vWrD9e
zv_!Gb=jG7yC+#;g^kmwPua>|`qN;RG7CmF1jFy3#s!3Fyw07YM?0F2%o2T|_c~Vm~
z7yU^WA4bW!qUO#~+gIRV=#N3FtUUY?{n$d8c#mofgvs`+`;w_eS`(qQPom`%j&KF4
zQy&a0Q<1%m(STtqKC^;_vJV*&2{_~x!zA&c1}OV0%NJU)DT&0q=D(2%m6!@ufq*5t
zaHWl9S=BH|f7pw+BVZ~1i?O?5!DgKI{POETRGdpbH=S1hmwIQb{pI05GJn~4?Z4W^
z3%|h+#4iK?%eZ&{&zhSKmx>SB-z~m>7yUl~UQ8q5Kdima&F?I{_K)xW^e=dS@&7OR
zpZ66X+YYn(MT!$%lV8KiG7c6<F86dAsg+9rvFd>kc3aSVWzYpzp2q1J0tTty-C_TJ
zaO-HfFec8I7z#>nbXC&lYu`Q`X@f4fP*Na_Jjvd1Y<QwJQwH{zIme4|Yjgvk6RgV+
zrl|Bb`2p4v83c^`v%MmbriVF=f-!}XWcbQ|y9FTa11?tOUSe1y=QhRmj*}0lAY_sk
zzp_%(GWJBC91AdlABf_r{=gYZo%7FOd^0wg*m^c-)Iu)~VI;dxLpKhqv#FsfTL>ja
zHwNU%ViTmI2EWX9l@V@6H)l173n0-&lLn=rp9AhzN=!5_#6CvLA4K3;cj>vUzJH4&
z87s46b~V3ciV}=-9@cPLe~D2QUYz4kY1UsiUmjWZFDSFc8q$gLqx9F%*fs`h)cd!{
z89xnh;dOz<c@H*~Sh@1*Tiht=_OI&Nf#pesLdJY&ZEGw$sDO8nTpY9KO6qnhY@&l<
z!H`UXxu!>L1s?{vF8=X22w35#i9<L8P-fnuMm3{q*hjDjC6H#SA{Lta%wtia_bpX@
z^?*TuWfLfrOpsTSN{BxlRWpXoSCH-dK3Mp9XVS2xak~mJ4-qATovsj>N>|_D0a7%2
zlV^h1uBA`z!qfFP)6=HeC>V5@sENb+V4XemoSSPZipv0B`h-JC!H{cF5I>(JO^E60
zpLfGS|1(oeZLDBw&f;srfTdcsXw6qx{=f}eT?XDQ<fHAJjaT42cQm7EZlTUcasPfv
zm1!cCsjV}y;#j>Cp;TOC8OKwYT45*YAY$ydm+7gVp{;dRPaXr$d#x!i-RmlC91qt@
zHf`%s9oqqdsvMAcb44})7jV_!d-oXU*KZ_PMCj)Mg;?Sl3Ib_fVUo@<%~)vy8dD`Y
zFycn=oO8E6lyBc8?&0wUPsR4EBvPo+l4&p_R9ub&fXr#X2%9MVeDS!I(W^aKHMJ(?
zI&IWR+MIi<ni_3I{_Bop>?or6QiwtAq2%@zK`xC5QF@AFKow6|`m3ahNwkaF-M<HS
z{;OB8&t>c(hLRoLC_=PLpt{Xa`%ch%3F<u}f1z;HCZ3a|FpcODtwY3~KUk6=eqhHg
zT*M;8@Q*h<F_2=qndE3^08U6KuaDU(Y3r*Lx#iysmKU@Af<C>N^RcX-JQyxOSuUnq
z$*jpaZlF*Usu@>sQ`^|PITH7=yr0%=xlhRz+fx2WCs@n-UK}Hg{-H!D(`D%VaUBi8
z7bi0okSm|wUcbZ^bYQG#Cpa8Ehr91B{s{(IrLn+D{~u^Br){663~%cYzE_;7od8HQ
zI54RTMM(KBU>ql3f}C5zAR8=*_IxeD6l#$UerN%c8jnV%(^kd0iZFEm%T5_=bi?*v
zoO3q!8?y*iv{6WNN3{rbb~-3}GK~e7p@l8HEv904bA>0QwhC$N{0~cj3m-_rm}E+f
z^?YHC;XdL5Z0Y&AqsQz*+$eTJJMSlK1y*{US5FWEbLr<HB*zdJJiQMkf+}wNmhF3K
zt4LnUn(VulKs9X~($qgqkl}PzzjM8)-g?+>)A-$Cri#Ed1<^$4Y%Gn`P<n^y6ci5R
zP;I5*{8auzx&yPYo!l;PJO}b5=p>b`PpK=V_pC<qE^5ZU;79BFzd>7gc@e&{t|%TB
zlAOtbQD~hq4T=vJVR`TjjLO3bej<nyCKNq~-Rj**EE;y(x`9OKWE&h9UqUyG8F;6Z
zeuZb)E)$HVm(PMj=A?SF)^fZ4*q>oaSz*tuZYy9fm42m+@?d%HE8iFEBHR~Tl{J6=
z8REBAc$Mpn)dz_e;b$ZdCz7h^a1|f<9$k{4QRG`qgw!Z)&2k0`hpkGIuGIds`I8>2
z&Gm!%nveNVR<QEvEA&yvV=kSH69aa9IPM!cyBTYla&t48{aJe*K9A8CCtaiGw(?s~
z$5Hir10_vsFlmn)b-FEa_4W~3`c6JEhrnt?;Xu2=koh>U=Q6??&J9|tK|lhO1nC@a
zA?|11!i{O2)0*k&p;QqXUJg7evFMjXS;B&FN#1q8fZ;a>mr}iQ+GrS6a#SB{BGlD^
zclIyIG^fb#KqxU7Opkki=M9>Y|7aO+97fZLHFGB6(el0%Yjxb}F8D>JtyN6Xrn)Tb
zRKchAuxAa_UgLqa$C7pGU{=R?V~3t$afsJwguNg!{A_i$CGmuuXqBR+=Ep;eO~7==
zdFPiUMtr1aRusjb{+o&(@c1_<4{jb0Fx)g%g%ZYMPeU{2Zpf@*8(|oDyrm6EbM{=F
z3wSO(7g(&`G7u?y*%Cid_gLCXXdYhsdPBCF-pF)0@hheM+}DO2hAWiDXDLDxb>EJ%
zDPD{fAf0}yNGFWO3n+L~R3y0+d@A)5dq7|9({{+Q5PCek^&D6m^0?(G4QgrLe;M<l
z-UJuV_2AwWLRFU1X1E-|x<dZnlCF8o_E-M=Z<y!je03Yas5%2#IwQ#@Rh<tZvuTtf
z6Ur^1A86T~^$Uq-SZcl$^sNu?Gnt@Pf#fh;ZiXb{kqeI8<qN3`bvv)|r=I;#8LrX>
zt4LxOXl~FKMwry#&FMKa`7shiQj|I#@bU6BtIHymM@{(aW8e2Zv?Gn@!tjKqvXzoO
zlQagcp%em4hDB4_2w}?BeQRau3fVeLf=h{5B1<ilt)RZ0H1RG}eczSFme7(kMMN+u
zKZAth_>86K{h5==wVLW}TE(SYmsN|>(<>x$YYs-pojh}Z#k3a&l!p#4Kd?0XxIrIR
zt_K?aJZ^WySBkPcwJDY|pg$ODeEFf(#SMPA=fZz%<@gcUEvXr{3K(j^OI#Cy*?Ul_
z7;~FC)=hi*a*2{T2@~lp=^W^;n_|9Hr*qUNO_O~oUVA4(vu1$iKxI|~vzNMCKW1`7
z^!3GD!7FDLm;{-quxi<aC$m{RJx=6PX_MHxX#};&lM`Il{9%c#NVTV_>e`_u!;`5|
zN=H1}%`J>&VdczIpHfHfSR|l_ohsa0s)3B?yAe$ZLH8&op)Jzwqnnq^J6B5T13$Sa
zI;epPXPLv^OQ~j(zi}?d5hNe6+X21nr=UIFwR-oy2JUr3X*T`xy0y)Vn4*K`H3UZ7
zTdYbrUk<E83~uxrLnCp7x5L4{V-Ah!0~fTUbX@qjtU6U(ar^7+ZsNo=mXU${evJs`
zv2vWxD2ZP`{Drc+eAdj6FrD|Cxz6EWz{7OD3?a>GMJ6rEXt#HAm8IMnk`tiRG-m+&
z13zRXyA22XX(4Lu3=B5|)U5yA%xS_=VZGi$s-t~~9HrK#5|#{)*0u6Z&|j$0c)l(%
zs$IFT*bW7_>cAEK!_p1D|5Iisa;4f^F&DRs_%kyU-IX%(?c_P>(uZ#Qa$juxUd?R(
z(v1cl_NSXU_Ja#KMA3O89`TcTcA&VZlH@ou8?th=jin4ps|k2#N+BSxMqdo2id}DT
z)TH^wyhi&$Wl(Ax6ATUzmgN;%-7e2i@%%zSv6E1Bes3KAG`pN7xB~{%RSZ=dLxszw
z>{w(hiUALw<-u|doa7(i&G7B3Kfz;$`dFdlV2m0O&#VIHw;zoM81eg$xInwgrJVMV
z@2ppr9D9@ua$CrxOJ_4P2(f9O^t<up5^igDLRQRTABLscR}xi=52IC1JZ|{&G1Fa9
zWPu&tM5J7R`z?sCSHr4N9ZwywHQRvM{DTpd7)$B!=3Y|5+qOiNNR{~b`S^{T9dt=s
z4#u?aPJB_<7cNFtlIk4xB16CCrDO9nFaJdPg0kz#qrtK7Hr{oZte3#~jhdszcr>0o
z8ZA@W=qmj|u(27rRmLyZ+;bs+uopQIh+4Yl+5D9X*H-<4Ywp;OGz??FUum|RCOXNU
z+B_eElG$1F(p?ReC+k*NLSG`W6aO@eE%@_(95Ygan}=tKHDf6CU|s+H7Q~|x3;EjM
zq^?>c4|8x@dH<bbQ1F|r?s(RKa<vkd{ZXTIoKAN2L~&=T=T|l1v?ycH5$t>*A!eLa
zuyb58Kp?ZccL!wMN2>#S7gE`<-icv`d`gn%gM6B{LOS=Vl_(?oja<F|GX+nvs28}2
za}>^Jw*#w`XQBDj)yRge*K~L<%XKrO^>Tg6bB=htS7W3kZqng(;;cMc((d$6Ib;C;
zP@u@zrWv8^TXAXf+G2B#y5DOsl}G3*TP(jVxP$>?iPQAowQu4oIK)zBt;m%ePa2K_
zWl(LJ6zg)RZ(ZS;%B&lu=j!{R@5rN1RVK)d#BDCf%`pq)cJ~Ugdy>R0E?3WgroxcB
zvW}1IL!GG;Hm!v4Qme1cgl-_|JHueRZ5VF+eZ;WdYlgdk@7@11N{M0E2;DTLyYb^1
z3EecLyUjN_us-@kd8|N5vp(inAsu0@5KqVzeE#plFP!`)xK$}F8ITLXpz}$D4U^C?
zWhLNphRsJdBc2q2zz~#@5(x%>=Vttx(y%sj{x}Sj!=}3qm>MFP57NRnkn&akI*k9V
z;<B#NB+^722bAyg_HaBbwgG9d#Eh-##bo61?6*&kLQ0P!<8Ne&vd*t>oayNUJ_uv&
zP>-QGO^VO9h5A%LKL`t$zjsPLbMs%y&Za2*n}Ly=q7Fy(88tX4DJrQqE3zjQ6$7+G
z*lt6RrmW&iYJYuj4ZuFd@@p)$BwVKf3>j8_MQT}hoxOIEYPfW3ziIhL=lS=Zz3#Nq
z%QlKktpisu7eMJ26L|@6p}~rxh8ZQDD={q6>%dY*?WN9rHl#+B&LlotR&Jx1>8&-z
zw286gezwCY@?2+IXK|2cFO*`qE<2mMt_pwE>VObewVuU+zg+O(e0)>sp;Dr+cW~bj
zgJ+78H>&DDj(b4PCw`YaXrNNsS;~uQyW_44k1C=om=R<sRM)z}nAM}l(Z-6pG!~9e
zi6%M{*<QfC!I^#;`NT(5YCT{N8QDDJM=<Nad-Of<Qu5j+DT}}LIry?&7={yF<*~CX
zXo^I|HH9bg=$vk2)l~0Yr}T+2w}u;K3J4bA$eJQ-B$Zm;QA(KKey@P?C$xsyvn$Z)
zsH!;OCMw>48(Wd^uhu%}oB5ci#7Rwb?XZ@wN7P}I%yz{NqD;MleaC9aW;N=Ushj*h
z;eg@oP1+-{BQ7ZY`%~W{tIxR1+0s%~Zx!Im9W@-wNlH`66-=>Arn7=s`<gt_tB7UB
z*Wl?3Gz_UmouRH$VDB49l#tGG?Rg^;y0hba@PB>(SLVmu>(S)tt>liw#(SHY_atVv
z<E@+bw~*0zCuZj_KOn6)`9zf)VqE`YvDvX8+^%D{so44BaWz+G)TWv|e(0&A;wlEw
z2g#;BhD9<Pm^mF?H|!|@r(YB$T?5}y@w`~D(`6$wVwtvt517RBnWp`uW>6IB&E8XT
z&YpB}km~KzLYVw3*ye<)>9XWM64QK8e_;8lQ@Atn^S8VA$97}nIpod{bn>Leq*F{W
z(|JbgCOhMZ)M9jJq`bFff%irB!~!2Fk)9L~7I0m`?)vAO`V!VZPdG5oy7f%?6h6iV
zY3Rat=dX^|BQH9Q3%?oM%m9HDOPLaWgZ-5>ypEvnFpFU`yKoA}WSLN|ZmaYvEPje5
z;}VUg9-3U5BDi|KI&F{%3rMwcG-X+wy{bQE!5a=0Ynd95x}#fsck!XBc8Tzr_VRk~
zp1}4F@IJ@)Q@2M`ycG9v&O0&^;zGbu2KJ(AUS0-n9j9=kD*n>wu2q{ot7~)d&DUA)
zc+}d1-(MeIBE3l{3CkJgqmWF5;Z=J>ep)6GS#5!|zNFm-dji0f-12e`^UgA7#6bCa
zMN8M=Q-pnyhh0`A=5J6qi4D+s0*oRHWVLTCE<?4A(fQDrbJ9>GF;ft-Sy%q0Lfb>>
zL#uI-(ims)&C+Jw@yH+SVR4&IfC08Cl{+TLKlgyoFI9%|(J~*=dN@WMfL30r3_ewu
zSY2$}eFJP;Bd{&d7rH^tuVaPf#n|AVkU35aO1J;$cR_+XZb2uRFS|i!a8Cc+(vi0V
z8+Bcsq{6PIh%Guvmse~DgzT!J3ww4aRq-jmN^IAk$2NYL{pqo{Ec;wEl;H->xxpa4
zgRhyLcB}3ANX$Os5NyFj^;1AI7gc5wT>11Wib8gr6yYUcnf>`Rf1)q0^kg)Jtqt(A
zjm|u#Lemgq(Eq#lMu#j1o>;=Z@6Oq0t!Xfp4o%m-|A7u|z5qn{kA|4Fy7^R3D+7U?
z!NqNSb0{K=)TU3Yuo9ARe9{#A5G4GKMW^nMNsK`wX%4;nualH|D55=&s;R!JJcCb@
zOtT(?W<90u-Yr#ydnghWltm4|=wJ!6JLB<jrzv96>#Ewd1)jv$_4%|A_NZ0GVt3U%
zv;dp-B=qPX@F_t5i11-@^>iH5lh8od{^eX=QI~ySsb9smYgc`X?j29UR8^|N^bxr$
zI$@Vhc{pY8jev9Pvfpxp?}M_LIubC&o#=K0a~6<fif|TMiwvZfng}!)BJ%SG=+~Q4
zv}Hf^bcHIpsOD)g-8QMuc(*HaC=j}3SkY?dk?cC`wC;AGa1Hj5vpz_d7sJOseB-Q_
zS8(2R`(<qhz4xVB^l{a>PB_Dztb}u+4iX@6<d371(;3));YtW;Q@mk>CsttsBi>%1
z=EGdH_b^0vDJ{t6i><G{0K&t!7PcX}&^S+`f&<K*N2vQoVj<Ig4moQoj{}3T0`qj1
zm)?}_=f|bfs$l>1hm|y}?i)J%hQVaPa8IVmhuE|wE2KBzANoc&T<<w{6jPa%9>Pxh
zSc7x}f;1`G)Z>+g2_u)KVmA&efbL61xFm3zj|V>~z2`B7RM8pFgr?ga43ifTsg0|g
z06dEuW!>LziA}&HO858+diJCpQ&V-)k?3$aED{_XL>F?e0p;DJpU9%hJ7A+Z^GL#Z
zoNYsi-Sln47Pn%tl831G-4m2EyRZ_=9ByaCA$NA?@i5~viY^jG?BCDS@p2?&ToSO7
zxnvS*Ce>TzQW_?qFm!U<lUtC<OiCP_&9h<<I3x*|XAz5U6YIQ_dR=^h=r_VbVwXPQ
zFGVM1%Ecsehl0sHFYS*9aDUB=EySYYTj+wXGe0Afd+ER<)$`8PDy=&q;qW@qbBV6^
zU%u8oai!yU^*#yDz?qeH6rskLLB%$rCp_BhRK#h`C0ba~7hJF)<E}$Zhu+j|b351P
z)ku0$CzAxds$x;XgfU~UKS~`NAYm_cQhLU?l3#XKvdQCQv_s7;OKOd)=X@nbu}M=u
zRnRf>dN>ZA70#3~-1fOd%gKE0Us|PVsof8fHnd$88bM;V2e-Zt5`;Rrp-<PUj|kHl
z-89)`tthJ_WgM3!w=n~-k8>-^w-y+lAyH~4+X4=kp3b9b>CSP9GHTR7mtauxLv!c{
zMJdQJ8*C2|KDNfu^ICO7+2i?;8kZXM%yv9m4WE+b0Co|gDVtU5O}F`xa{qls?7hTe
z0bNX<hnoib$Z|q#gzR)QjJIDM=!j>XHoW|XC5uFZswS}*J)dr7sR_pP3EZF@m)uBd
zTw;h#E2#yYEi<JZP`8UmGq9ztv_@s6Hp6DCWX%zwK>}yG;^#`YfOn10!<lOOjbwkL
zLM5K~(koZ`h0rTD(X9EYCTHcEA(ADk(upo^;InDaOkG!E%aLlB!ZV$D2WBJ5G?Tep
zZ1H@Ex^Pc`@Wys#6wIf$vjgxRT#)6UKF?hU@PHI-kmW5`1oi*3GlKfyGghID1rSx`
z<2Iqya<~_qi3$24;cE*xzK3;w3ba3o!Ah(57tg9((#cCC6(`-Myk-Hle6@fC%a!m}
z!?aKujsQ1bzDlo2RstYpXLg;HFU5e{05+Tebr^nXSoID;c=3yt9Li82Z7uo;>6-41
z+aEKuFVnhBs`4he79Z|NHueWjhSWY#i`A%O?EIKY6mfB96t8{z<(xSrFCgoJo5!%o
z3j*=>-ErLDa<A77BSGo@6)^gerXhGYS{G<}O8Qwq>$Oryx+T60;2!03ZMdqhzICtV
z+rIUDoZDi!SH+Dhe>#`GwDVuO=J#0BVR|Riw*dDpUloQ|KH+!qT)yRZ$@7_iRn(Vy
zeFP}MWv%ifq$X)f|4Qvk7R`GXo^cyzo-QvTQskr6tYv1YNH&orY!&HO)+32}E^Tc{
zum)QadPHLiHKrIa2`2DXVxlZN2{k=5byoOocI=JbB|tt8hf|PaigC)<a6vPJs6P7?
z*-iq@Hp-8h?yD+Tkl28~zc>y}5SwqqgQ5(5Gy+$t(pv>>s{fK7_T+LgH|i`iq^EzP
zk96uov|0xgyF|G0f++j=0$Ie__Zf5zf4RcCB-no8&xO0|`R8lYbmmXwN>7J3HK}9e
zPERMqwHuxQ9GmWQ>`(M87e)m3rvXv*_Q&smTQyQmcx6DdrxP})`=j+a?Vf<OoMUP2
zJTu}Gwa}wqq=V?I@`_DI-C>RPHin^VP7ADF@g+G(%2$`}&zCD}Vz#i{3iAOc5A<2F
zPrr;&Yi38PtNq+~m4?V-q-uMmiSKOqeA7H}?V+d5aNG9ky=mar@N#|1<DeRIXG)aF
zJvQAZ)kc;IgN}{(3=}46S7K^U5nfGt4Ve1ebKfP^2C!92e>PboB=9#l6MW=JruZNj
zBT<AvAcpWBNfADA)hA1Cgp{gI+#QyVb?+M2R-4FBt~k4u^y7X>OjaVtufh(@&gl+A
z8yIB`-2+AzV&w4Z(EvG@hK`D~G31H8y`pw>55YGo8x3vSag+HL!aXb&{mD^7E}AN-
zfm_x3?gxCYmUi?O*-PjS87*(UPhj!eZ@q7N`!=!EYFw?3><ROR<G?MnL-9Tg?Z-sC
z1`Izf8#Y3USif7zxO>L$ENZb4-b(c@5mE-aL0@@ACA(B1At{kgEz_8aGL_fFSs_ae
z@B9P@B|I180eR)P73SR{{OAI{N*k?-52U!6x;DfBhZ06XzXlj$N<1=>;IP^Q%urzS
zLh0nabq{x@VPrRoqdX-AmC&=m<KBupMpaHM@<7ZyNUI^TW{w5MEM5(9*j(pdw8(^5
zGmvCrcHtnI=H1a2UgGn?I`>(K8HQ+L_Lsd+)f6xg8p!-V8xYeQ>z`YIy$n+frSpxp
zqpBR<<8Aw)*UK;~M^_IxFgnK`{D;8EjqyC9<OnWZ34>F__Ci$fyW_7l_!YjKZtu7E
z_xDmey`S2@GkV=_0)Sxvi>pE4(0hZ+H~IvZU(3iE5GyI#(E|;AC*8JEQmMdK^*H%}
zGL!VSJObhv>{zH;qW6|=U>=}xVabSGtAx?dt#j3(MT`&DvEy0>=UIqjZRo^N7EH;Y
zT$Q5Ih<|@VUH~PI(Rp32wpWjpR#obVf*f7=Dm#3??$4iO`s(2>&--fNE-k%8dp%sA
zq*M{ZEe*mLfr6Acg)MLg@_h9S<ip6P>u?H~Kft`g=egrcg_22|cF=7&lM&H#XY-@`
zN{3D0fG+GmavXz$`Y>C9`qtT2e-Bc8Iq(3~b-QR*oCyf*2?*yVA&h{aNjewHzu02j
zZJ)k!w7o(YfDq`giek?*3_x+ms8pxfsAccPpf%f%1fOcFEBNz#Edj*staBEy3!oOq
zSOQYH36U8$Y~!*CG(&)tC1l1k_$6N5wCuTXtwpSzp;07Cn1#WHrK>9V?muE6V(;U$
zgK}*!=W;itaMOCU^X!gRfLs<A>uv`YRu7eCpi9zcX4SSWzVB(*{m%=-%&HOwzx7#j
zqS78>)S&R)fG{nAnsrrI^+rpA%EYPi_H~5fUSm9Q373|ALyjR_ntRs0NbC&->{;<{
z-A2knfU2A%!R^k!yNyEGV@NaqBtJ@jNa;-VKE1q|r58=S`%5IKSV+_)<hB@FaNQ3#
z_QdWb;dt&XUlUMODiudGR+2wMDwc+KmF#1sI3LH^j_afPNAp^PB?R3dnL@siQgPp<
z)cyQ8!``L5Xa0T#oNSZuq>=NcFxEzS{!)=A*n3!c&;PXO!ZMu>Lu@qEfYbW!0=P66
z@AA+M4}%gd#aZ58dg8zB=Y=RFKqQvJIrQpHbpA!w!CypD5RD^s6ls&oT&r!C*fqj;
z6lCC{02@q%UIUgJzg3Aq%bEVo84)=c%4r6vG&bym>tIp(NyRbuDp*W>Lva+J3Z~A|
z=h%}qSksWwhG1d3nBs+b%$Q>__NS)Os71}Io#&c>=A={iqWBqo5YrGJUT!MTR3%Ei
zTkj6SVB^SO@|jKd-{h>w$jdzP+C;{Cus(j_i#vEBb@8Q#%JVcj?ThI>WfwkTw!)?i
zwP=LbJ~Ln<aRqQs!|p?1!N;t4c6=);CuJ}{t$FJn%;xE`{}ylUbR=`io7~;x93IvU
zg`|Im^q#n-A!{CTqW~;7v^p}V+}2c=H%o^w#^q)ZZN^;Gxl>GY7AhiVojDYmsnN^*
zn-pj<P03QfR%9u7T1T^+iwc?_xkzZ1GGWXjyfs)f&^v!NYqs$7wXk!^$NMWZCg=A-
z4fZ5Cq7J2)$DKU~^~Yn##s4IKKf??HRmlZVGJ)*v&zVQKHB?@sec2@eBPPN<OhVQ}
zSA9VJ9#arB>>-ORKc1{S5;gpt&#Q>kWi@o}+zQ^*TVY7Adgou;tLDaDP`B7M+RG!S
za$F8%MW&aW*nljpby^`~S-4!ZcKjQxlzXy`@ed4-t#@^?T7Ztbr1*ETI-TQocr90O
zg?xtO6szufE=k#KJe+R6Egql*n^vRqJiRN>hqKdb(6Q#?wTS_XKE-P2h|$au7iaGV
zkU}%D+2VF*bH#K!>+en}mpR3S8c?hIBRZ2BaaD#v2iG)01d-lVk)xQ1zo<f{98Jo#
zeW`QY+lN*`qEk{esMLuDp`bx`*Rf2tlw(j6AMUbN^kQ^-5_K#r8ZuC68*ujfReytD
z=2)6d*QUDtb!0Iwz1yfBVCSfCg;l1<;(!<*KdjYE1t4gasUky7)$ydbP)g*u9QIH(
z%WEznW+DYenZjtm0Dh$dKG`qT+6cR-tzZ}L%Nm2o#dZ=~f><0%yc^FH=?8*qSmSeP
z9;_Mzt4r~MVVEl_;N-b(_X0l;;{rH9s~u`gcrRAZ+wO2v0;M29pw6j+rC=eALZ4C|
zQ`bD9YhKKIa|;n^QD!mn`{z8<13b{#s0ck_PbOi;$Z4Xw+tc)0et+(AuVSN3Td6+X
zTS37k<X*%^_?Hyw-)hhrO)`rH<dj+{{3~AX^!Q}4(j$`a%x>dmWq-Wi=e}-hOH0Yf
z{Jx&|v$7^v{0>U-ekjlH|M<PT->W^p+ePGL=YIb}x;8XyXr7dn6f?V01(mqWbuF;p
zu!(-3N7>Ew9)bXAjyk_q0*^K#3S(YQ{h}Rk8?Kj$P#wlfKlSCk=I0u%K)m*l*rQz8
z&3X@2Ivnjr7fl+$`8f;AQZzyWBmZQ?>7TouM2szx3AN_x2^M?=l(f01AjT%2W&K?u
zETc}8Zlf;@7Z&H!^Q_);UovHynSns*RzTHzcdg}e%z+&rN?qg#{i@PU3pSvefT4vQ
z)vCGvnJz~D@sAW~@1q|Jsp`s{XHcyfyNlwhik)VCt<`(@E3kr~SlA11O>ZMmuyc&G
zs<FM{C0`MDZuI8x#PH+(<KXn3o1NT6-e#DA(mrQ#`$K}(d`;|0rJ)vi=v+9)W7HaH
zjb5!BHt|roi!Jh0r7r{S`eYb}cc{IEMDBGOa^*qLxIsJIFY|f$^Yuv-`_kAu^9%Z$
zb%K)Z_;$U%PLF2A)$-})-t+zaeydDCPG~kwL)E&4`}m0ULCht!a_8p$i>l=an%=B_
z6&2Y<&zGUJUVjC53VonRdK_OsGe<H1dwuKMD}rFP%(dZOKStKko`{B3COBvRlWR}T
znthh}r}{f)zB)$N_Vgxr>Y~Q$&{7rXS<eNn!cSkGsHyy5K{E&A4YMx)9e@MYrW$qd
z-RuT-Zo)aB(T7j=pceXhS!J#ZEXpp;#9J)L|0FBW`j|)RKFg=O0=i_%0#to;2BPu-
zv|L1dNhDy7c*2~xr;9A#l1r~tZIj+i=&?{~=!qiFxR$3}QlX+%Pk^ch`ow+@v8^uF
z0yB28@@{Lj;QN~6U&ZWp&-viG_=?;t;b6bPM=$#EMy1-DX2mI1I)bF_8dxnf>JT-(
zOAbFwRLi_5_1Jh9wi{ka*#NLZNcB;h4ZV`R4t~~XG{#M}4it=e#6|a)fDrN0zjIX@
zk5}IeD$}H16x*Tt0TH%Rhv5|=_9~RBFvq<d#hoDV0hhRw8*S+^t@7y~UB6vR{FLF#
zBdYO5t@6Dya5^|R8V`%A*$K>)=zG}J40AM>1#Ubj8_VaRM`zmbs!dGy%9@6)&OCR5
zVU(&mhXpR*&LuwD$~VzA$Gy`1|0yhSkbHx>=RN5jyM&x(NvbI~9`QfRj8~8_6$rOP
zPM@a@nd7mpKPF|C>phn;oC64jzv+#Zbp=tiOh(-<h|fxOu#)}!px?uUo&F@U9HnF?
zFj+ZVzuCTq!v1zXv3+4K{oZza3qxqwB|r_zY@VDc(YQ7p1+Uc<8L+}^r-Q{>t(}-H
zw&Hyo@8;UsEs2|#iyytAh9ZexH|DIv`kyth_O0FYY;3iYYZ7LWh8r6Fy*}F9o%L)d
zjWv-LN&n<fX^BGtR5a0tDN+Abp-w{mtO$HzSpUxX*M(1ZDWtl199QbVH|rL=y5+;`
zbr-gFlFxkd16EU$NJqtgj)<jLM>5TNyA{jp6G$>u&Lfj(0J=9~ymz$t7OD*jz0ur{
z_Lz#Oq6Pzl@++epm05#<h6(%&jk;dOR7ue8m3yswfXb`4Byok8fX_AgaljQ&GzFQj
zZ~TrN;Uz|+ZU{2)1!skkB|>|2vn5LI*3WB9iQ^4LgntDA2{maha21GVqy$K1;(b2T
z_CmgI+@6`IX3!emOA0VLjZxDQ7JIJVarGx&crnpLVT_s(=_Ds3j}F}lD%HCh=Mkp&
zt@lWdPJJfsgaaO?A1nTeW}_HF?+h8rOF?7+aY)1$XHaMiDu0Yy1A*#{op)+3kaQ-1
zR+fzs8c=P>B4DSb3J-SbQ`%Ma|Eq*8V5UMZ-Dg)&7p!|7MD!RN;vXB=s}B@4?wV=*
z*XFYMnb(mjlQHOfkd%M@X)ZA{#rKa1BO(eT`(F<TNR(RkZ=$ZV21fU9+4Jy8CtB@Q
zt!qwj{&S>B^RZivc<4Rt6y5j-9k1Gr+s$O@@#|o~%d+QLM1ym#yc;{dJWf7x6SJ8y
zO-QA|a{XU<sY<4>n<On<@ikmS%JkLl;^}w2NZTKUG~Vqag-rD%$oHw39@}fOV4-#M
z?Xm>meYSC{%xdlLb_^2X%k`C7*d>j{VU`7SOGqHJe1s3Ws1BwM=(&@fgLmm4^B+6k
zkJ1-%mbN#nxjdFbGifse%1WIBvuasRUJJDQHjgLvKTa!DhGG#iy=_pdgxYqxlKE?4
z`JIkizL{0V2~-WKZ%z7c`l@}s$Q3TbC%fmx1yN|26atX|eL@V??dp`1Ru9#ywrTxN
z6c5z`(J9t{&a)(!dD1<v*teOYgY!WZp4LU$P||_)i5%t_0UGS))G8Yz)cdhRny1VT
zHB+Z>g;#My98Bof>@GN{{Ldes!a<w(xqH}fut@aQ)p1uS()*|W+GNu+;awYL@j=~V
z%e8fZ-zM74=;f!_$L_qnW2VM*rLReDdX76Wo*W-PJ(j1Fk_B!7-$%g1yOC|fE%*$=
zFZ!M~l`hcTepsodU>|57Z*Gs?)WkZW3|4$txbWr3mYV9GewudBF;Z$fpu?);n_MHH
zWumes8a)^+=_SQS#^mf!lRKe;oS7=8*ZM2%1WE|P)G0TLqf@gfmW&;BpGV~5&b(nm
zZ8x?akYLwIY1~$c&09tx;?#P02XJW3anS}05A<K9HNK~=gK}>$85OgF2<qc4D?UwZ
zu*Sa4Yq#U$;yhyzyE_E|YB#u`1#mp!TzGb;rnpKSDZXv}lWUP3rw}$A1Xp{kv9k&x
zwyxLDAXP+Y(XCHZX)=eGTw05ie=0uOL9Vn(cHXM&i^PT%;Hb@3nY|c|#`YnrDOyC+
z4p8(3nZ?UNeQ_>~eLq}(01Yi+nIpcAA${a_JofUu>V(|Ohzt36l3Y`vnMtJR$)^sz
z#c-(o^QTW(4J(+wKCEs}<3iF@`bo2LhoVH9FVEo>MOo@s0XonYf+pG7>BKOrcV@~`
zESw6>nD)ssj3&!w(<C{7puSeFwG_uFpvgsK8Ff;9M)(-OybM<saWxDi6zfO02`+X-
z3(^gL&ptZ}J4%5WH}II;e{Crn1A#sSWkK>8_gS+Zs(Kb-v1QPonjMQ#R~IuS%hE0J
zy)B(s+Mfs(*b~?;6KA>eLG94V(Qw2CO3YY*<4{+S<`}}s+H@SP<{-nYQdrek0D71-
zG#oI-vhT>#(?xoxw4H1R?4eaxvG>Hre8$IbR;ZQ0l;Co-CJ^~mwjMWambPxbaIS>j
zZ615{d25tOjZuamI-_*}{G$WAKFG%l)xao%YxQoaCn<-2Ha9$h2a!kV5*F<Vocj3h
zej8ZGGfP+SEg)W#3KozvMd4pIOle_CbCL8G_(G#V`x^>UBt}6A5s_`JaCa|b`H>~_
z&;D=h^wYug(>hRGln-H}3oLpd`=eI4YM@iio%uAQncmw=?kQbrqq-t47l^sVBQQJN
zZ`4t^xT2UZ)5dMgPLDS=Y_F}!dDju!Ha)M)zF6PtdU$tV)XCrcEuGP@sN0?HEeUk{
znR*S=L{qg;2cH|(l&F_tfG)?SL6d-Kle$E4;YEET=|(N$HHp>vq%T}hP#_I#ZVEXZ
zWCl}#Y6Gof<Das~!1}Rg3nL;zAIynO{*B--ONna}7cSsSt)Ui{Bur<l>T+EfYvvgo
zr{gItl$SV_@S=m62proYrL+h;G2l>`Q2;dew{}7?yG_9t%7-|ah}hc=U%t69zey2W
z9O?*UXQ;pwq0DgNE`cUPy+l0FJ7nU8<5S@d8+tUw*cntwny)vn8X2!4oYIHRht{V6
z@wgk1Y-pzCa)nA)FMFy58wg?wE-d)`ew6L*aASRH@JXpiYR_XGX*h#YL;;@=-_oUY
z)a#X{b-{fQ*A1{u_f?0N6(gdUyF^v2`{}pJ^oZ4r582m(ggaS=YY-kF65zg4RJ}?A
z=Qx_-4rgDNhmXvYFDRW}<_)C25SW5!%`%Z0DbqnKrQ(@Y><?4q3@__gdRgfYp+fRr
zBjkbWbo?&6d(UCk+uXfiZDWy~&U}Yp!#9!Uc5`xVDCPtER3C0I85`x2kNw$oSsrhs
zY>$A_6)zX36||E6kyg}T6n<bJF=?8rX71A?W35|<$A;M>rTZgEFDn%RtAy%AlKk-0
zXZEbM`qb?wfpMBj5UR0E)h1(vvjgQNUWywDe{=kuWmg+1i(zz4Phs18`X0Ak?KtjO
z@VyD?!pu+LLjJ1+OtaWGKs`rn(g)wWQHF7LzzJ<xgg`;jbW=8`f(%fM$n}T!XmUg#
zM(f#)=58RG(<`T@;Uap=(;m*b2IWT+6R;8vnwk}ADU_Vv_BLLtUI^#$0WOADuKacv
zsu5!|Ry_$1DOv2*k;DrXp1&pyF!pREk#tK;UZSO@i#~^G{>mx<0#43Yim=olp#dho
zhjrPkiKe(B(M>lkWUz-&E$0H9lh>?6&~z}?A%n263SFD8L`s{wsEeO?%nX%mSPT>n
ztbP{T`0aZFB-SK)!7DqKe-hfKG!Aw+S$&W;EYNG4Lf*jmozSsR&ejkjMhN)Kj7dO2
zPG;Bul88XD+1kea<-^bh5-0RM>3C$Ky{G#ZX`ni?6Re192}0<b6qZkSq497P)ezfI
zP~s~RQ|?z2cA*>dJQ2d}O^-Y9b;eR_bS6I4Ls|&xbgE8qtoE<Ftg&q!isXo^$q*WV
z4I4xn7)OyjONtKhrp5+{l8UJ-)&vQLn?8mYFbGa!kig^#EreLrYAOt7fOI`3AG@n;
z9XJFBdlfD#Ja27>FUH*cHX#fFeK|fN*StsjxxSne%AcvcH`q&U{B$-2|GXT!w96?H
zUS_u7{osjru8V=W6DHYFLuIMBaT}RwkXq#<1K8KP>7E)=T$OT)T2GJmzd;pPbq2^3
z*7x1ELsPV+E^VW;j85!jSXnH%p*1)r)px@OE<)(4+h<x2H)s*wh!lq5GJ3#gbahWU
zj2(u!jvZdvgh}f<jveA~^$3yP5G1|KF?wtis1^jfEdI&otOu}3)Ku;m5DtIQzc|Mo
z`-u2@&^+GoJ0IV#pH*|52^6Ce71lvXvRP{ay@cxD2XZ3kayv4mvZ(^qK@RO0>2ch2
z!M7ekS6)-_r;v~*YdI2IRwU;=0bS`qpe@tJ{H$~1zUeT(rR^r0{QKrPegEx2L|E*>
zO|HbS@vkAB#?N<W?t#W>amP%NKQLLr7e9YwL+%*nTyvX+mt)Rml;&*5MC7`zt7?UN
zgPm7kIh(3bv0gfr1lgl>+2RR_8yQxoD^y!rtMq|qPtZcN^K%*8;v0V&ujs7~r|50l
zHU4;9AQO+PCy3cE{uoa#Q*RD%?(6lP&P)q*w#BGOK7DjvTR>((7Cq#O&`j0ai;rlf
z>kt$aFa=2_jeH@H;f>Brz#uGE_ih0yihUJGW}`4W;ikIC{P{kV)&TewDcc#x=N{A>
z?V>n?gG1s;3IQQ5E`Q~~hz`2IID{(kfka7Xl(`TH1@8tmFS5$wNa^qGlbf0y=e@Ae
zvt5}pYg1C~&)>-vwG*`3o$c&y3xQDm9A=uBdlLe9ZISO-4)OdW-=!7n>gF2W){0ut
z00qiI`Dv=OmjRb^rcEla-ZM^QWhL~AIZ|?Pc7R3|W&S<J8XhL9@-hnrYY1{2CP&&S
za%DD=OAG+tSch)Il!f743@51evMrLk=5o%C(2DYHy7N&^BDTcOLer&CYG{tIgiK`j
z#sWdg0{0n4&8O3rXMzV#woa7*+hPpmLSuHzHhT=@jsg*cWFMR3rEUmOr=)>VoX&#k
zXPDlfGqTK+P@td31+UWOH0cG3@O~UJub+9(-#Y>=xR2^<GQ3{jMJoZ7$Bm~sz4kK&
zXuOjN>yzNJpx(-ZRD~LaKQMuU!YgKZ3P#LAu+6A_{=GQ_n`qF=?rE)he_3FWc8zsg
z@&#iO2~jfwwUOkUB@<DtEBMZ6L*xKQh=5So>Be(kyZzZW05$Tg+s%tnkpEj`X;Ct6
zZ_BJN{7$!MH(srll3ra%F)}18wBYov32j|8Q!uAHKTMge+u(!?V4o%0mbzpcO*v}N
zrGR&+p8V|humP@f?QUI*W<&Ohi6KBA11}Dx*Gpc7?J`UXRu}23x^SCo{}*%T@Il%G
z6v`H?q^JPuMIn(|aJmAb5?^-X>M=Vuo|iceS1x|ONE1|+C?`+7PBvzRd%q<5-Wa8v
zmKSTC39*cb!lxNnO7(jyt>z|mbC-r;K;u==e%OlX6)Y=`v1mIm@)|&?@me%sVc~k#
zrGXj#UG&dX9S{MSQF(ehU^E5Bm|w{XQp*xvVpg6pZXy-MB~t?L)%0ypr`sBpfedr9
zInFosKde^S`pNwx{_uEb&Cm)dc~kqxmRl-)_&*j2(y)RH%PGiR5I5RJv6Nt<6ZKGt
zhmx1tN!MD6RH`y*EVHAVadI`;+qs}mV9DO_u}MR_n}hHt_HaPSnT6*SCyoNPKS~KF
zjcBuE_BK!+vt1@SG6-6Qe+BsyL7s0vd-<ELYlc5yk*oICmYqF0ZP50&l4w6nay@H0
zh6JSDzMJT>uHqpSA7K0-3jR&|7CZxoGEv@B&_u`kynRi!MWAkS<gKxuDzcg=4;*(i
zJcbUq;uOC&n;m5vpxyz9!}=F^gYMku$wK_C&-j4Ejd_Gx4h*zNe@YCP2MHS^+v&R<
z^lxa=-T9f5#*l|9^=on@2f|xNe|*vE75Ve$3}s}OrSYW(mx=bTryY#|0v05N&|n=y
z5o9yVQ2#VWrFtNv2{RC&ECbq<9ka|S`+RA2?)R6JV}tp5zf5>)B8nolTz>Xb27g+9
zds16T_dKsd1UNmEn!y5$3055Z$wNl`JCj>BIM}%^bH_=}VLQ!)7-%`Dr?X>RQVRiz
zTIROs08vD~PfDCz=#etI9rO~MhO8wyKaj2bPsrqr-pFi^i?CrR1VCDX%Ww%C$Uka)
zwLVD~{x~DE#oDzYybIJ}>vtEpoB@%%0bK??bZ%PQP7N%eQ$PNl+vqNqa~FkG#tT*c
z8#y#$_q49i)0|0?tyK!zb0FZs?kf<*nUtDy>H%_ywxHvbE|WlGk!ol8%kKJF)#ziT
zq2{1)>nIcqWOr;EN((r$W35^2&GYn>66k44CgjFLr{yd)G5QNY8U;S6GIcBBCCK$?
z>+_gh5n>09;Vf})X{XKFdQiJ7nps*+RGdOV!y`?qC0Kc>z|QP(7CXRY%uIdPKgaN*
zOk*6wm>q3m4swW^Ejr4+8`VE<FfVm*1)<6#-5Nn~$kx9;l}(MYd0ML=EHIY#!DsUj
zypl}$y>{+i-r-|)>HoScFAcQYkE%g&_nrmeAHyLhrP=ZdQ{ge@k8R-DX7tlrSpIZ3
zJ4L!4BoE~P<`DB<H3`At&A_m<$G_bcZtUCLS{^tGu<L-n6Y<ioQW20mBI?^~YPJ=)
zeN3iX^(M<EexhOjL*Zrf!4*0lP2F7|N<H0$!HaF@&|yM>5b3Y?TIgCc{>8wmo0~|b
zVQo(I5@$6DBT<z=bt+R3x&6W7kxl#<8nfs-zvNc)pAYJ_`B!*162fIUZ$>O4`S7yR
zM(1{AWq#D5(PQmMq5@Uw<XNk^O%BxZ7a*pd(RZ0GxM5{I5H5N1#mICBt}9QaBdz@y
z@|Ca`qCe{zMB|z2`$fD_v6J~5rB0KyXy)s7cH7?SIj;>RuK1auT1x&>wea8AUZ`<(
zlRcjG;>9AVTU1_T$bm{^c|n&fi==><KWT%qUNj{&u@sDCpw<}PO2@(SS)WDw`=`W;
z^;x%SagAKwV<Spe-5~<<V4t`e_(^;rMRi|_SZi<JLfb^|4(V>NooHQC?#yZcGb%DX
z;9!5n8}F^J@Jq9*A}vtq9xbqdLIh4{mP@eT57Fj8vf4ltw!s7T74f*D|C!22t$yhb
za~g;xk(;@?P@1xZ=qa%1<o}}u>GXH=GIZc?CToa}tUGm}UOms4fB@b`I(^#Ja)IB+
zBzLHLM^>zsB`69}8JTqy%alYz>P3gW`gl)?zivN2S^Ckn(9e7Zm#}(Jw6)Pw6&Sp7
z5rzeG*apkbTc~{kGT;&&C7Ydn@e?^3<ljEou1ADS5TMp7WbIc3^Bg^szbUon)J9WT
z>)0+9$d^M0X25spgpwWhF$LyRs;*KbWBzZV|Mrw5)&~w~mwRLChKjy5jnR)rlVXE&
zPGbAuT7aP^XVKCDa*8C8D$hQG7zAD`VzK?~W2a$&rB0n>8#lZl8pe&=OV&vlq~%kg
zK=B;BtCAGQbPf!)?x9PhWCNSm5+IbEA;}^-q`#LRA*-9I%a1WuCtm}_69`Lpds56J
z*j8paAQfN$2!@A22B#$sbvoybM(>&VNFgiR2(}vGi}Hd2Os&~YQA4mZA{hpx3TYMc
zC1%i4zbI~;aadM!U|BOy;HdzvtYZN&2?)+fM4EciU=I;hJL93H<Q9#kPGzr`5Ud)9
z0dsQFvAkv@2R?rc7FDM^j$;fGpa$Zq2<Qkzu{R`i$Dh_S_a_&wJcQgOT*8V2wL``B
zLj!K$2vli!Asa@n3`!vX3xhy>zrcZ372kS{Xh>hu?yYuz1p}PfQ+Ek_6H;2M`W4gk
zl)O`0I4|DQ+M{hJbRFvB){9{k?io2bE7q&vyMgAJ(lZQEF1FUAHRhL<RLUbTJnrxh
zdh0=NJ?O3N_Rp-h29nL5Q}j|%+sGD7cF!vs1hj)3OGgn>g0{dw3!*^p?&)SG5KM}T
zrL%%xxvzdx(I{F|*sMMX?pGU^XK%fogdRO&1bKvVfHZjfSXtk;`FobJwN5mwlkoV=
z$TdS1qdi@c%M7YD55-`F&CubTY03-L@VuLDE}Ph8oUe^Ff)iZMfVcfFtv>D&j`kt?
z7sCMOFn-fNkm!u*av+{B$Q1+d0^IJ`AJ$YDUH)szi@G;NJZ$b*G)@o5+E*=~`Y6Ae
zC(^B)Z>&jCF&pX!mAls!yW_I6QtfuL(XO>kqCu4FIU_5+T)FNtx~3V|7#dP_XWMT#
zSCCgzU8_cX1la?e@Q>)E^*jF9QX-5r>B;SQKv3Nf=R4p)A@@mAl}Nit06-bI4)7C`
z<^T)?EQM`uBZvZ|Oc%RjQ=tvv#BEFL63f_k1&h8yli8IW_gUdGlTt}~D}Hn*#>nRh
zMnZVPmh7S@J2iR2m2dc$B2rjT#l&8T12#1K+3Gb(gCwI5GPZPq5!<fV2s8rW^aAm5
zM3<ylD@e$Z`K;qmkL}YUnR;~M@OW5UXfy2FB%Tm<3#b&9>iUE~SHzX3RQT!Wb(|bb
zM)7lOiR?NYPqM9iOf(9%mV3ugMDX$4vQ6UA9Wk5TPvKxox=wf>(=*ZrH6}HG=iPYD
zPrIdN0Cm4L>X?0k85`}kSN_I!Ym1X_FeL|nIk%Q9msy0FP^oIy0^A(6Zj3<633{WY
zofbyZGlZp@`fjI9>d>=cnTL$O<c8odb+`+^ue)$%cYXUdSjFn$x4|3xP{FcaOSTot
zl52-CM_Uz@w9AZxAaT6Ysm7RvPl#xcDMI@U7(4GdKpZC@YQjrbbIL64)Cuv{f7(!k
z#2!C+nla*G)r&N^-CD=f!)zgJ8sKmtn1a#Mts0-C^h<Mgj0ji3QL^y|!!q1BnL7<3
zE;{7|#JI%s(~T?Fi6EEQV+8PKyX~)W4dBovOWj*|bunDJ^gajh>k@G4w%a~R-2jf=
zc1y>#8>K33W8e+o+-<i#7<3vA-gZmH#TzyGEeyRLoV;;bavW1{6mH&j+iS6harL%a
zGS1$pg=u5*_2TZ0HXjUN^z~Oc?C&xGv+r?+xr5<1s@pi;Un-{GPOoEVzMbDb=W@I`
zVjpu#432dB*#RKB?e@gxmqCod?e-95ZuAb0#UxBt-df0o0~m#goem%wc48JLcAbW7
z=rIgOSmYCt4ikGE3pl*po=T&5SO~fGEWIo!x_QTXB)8x1sG^gwI@dujjpN?cCVgy|
zS!O<ylF&HfN@L#_G9SBw&5OQLX$!IHE`}}=Hr~5(zTD^6ykKghG{oVibXg({B8Dt)
z)$)bT(JS}(3%SQpY+iI{(CW60vntJq(Um(5;oLrEF-ys$9x>~r+dj;=r?4Bne@+DK
z?R_8_A!bX9z5M>Ahb)Xh{b1@jRlFN=)U<oLaUg2cg)X2<>kEmt!_%8Iggy-fKt{}k
zV|M^kL6sDzaDd!*wv=#MNU;PLm;;UI>Di-eY#pT@g?L!~rE6}nUsJ*G&Mwa#TCAfj
zz!ULzEGH^kv63R4j#31#BqGEBpa}Xzmups;E?pE!CdD1AGz3g61^+qfn8y)#cndHh
zXs~fZrZKQ+%xo>`#$nCWBB^huE_HB@CD$&@ER$tf3$8cMAg!6tYomHT%h??(o+-YZ
z(kfeV%`#nA>=|A2DNIm+(mN~jln9IjN)Qj%Z11a!(WEV~_GXh@@WIvV>znANTJJ96
zYhvVFV-9FG)+{|23k-XW*7I}-LrmmQW6`o9Ze&DN&%xc~{3}Gu8F?A2_)ZYq!$Qi;
zjFS73maKS5RX5PVV{R)%^-j&UJZxi!u~Ax^``Y4EUAQulUTF1&BP&+0JH+aVEF2ZS
zFBfIe&$7~tZvi+<oH_5KM<sL1EgBa9#-N3zwg5i0k%Ww15vwcino)3!$mo%a!rMVT
zXpmys@GgghFf=78u?QpdY@>v9#n~Mrw3>5WQGj*CeFY9Uq}F1pnnvS41Z0?A9a<^#
zc_~(CD`n0Xn_;QTXVHv>L=28ZT%JzUXo>`F{TDo47pR3>GJDH5DzI#O*<%=4!2yZL
zYDo>-f?hJJ*-}>K#}k#wwcSgQG*11N4D@_KH#R8Ai6|;SGY4+nz;!751t>W+-1W$_
zfP42S$6z>GtG!Q6fR^DGg8!ptO<ny+)zWr54^*f&dQ=m*NNAx~vR<w*VKz13wxl)<
zi%`c80e>1;A*Rw`R#+om(Y2w<6(0_*24%Y?`ObW%!@A-nt$48kp-SY|g^V*B3`68O
zE7wwk@&re=RX!`MO7+r-;6pdTG4rvfi$nGH1!tA|7ueC1gEnyC6Ha3sj%%yNgwb+B
zN!vj?Wh+|IOtXqB&9i|JKd;)@(}C&|0O6WVUdie)jUmmi@HZIt8$q^BlN3^MvYrAX
z>r=$XN^%K|G#Ct-!Bg?Do&pQ&SHQs<i-8q_6by++Dfn0I%)@~m2eGfZkgW##jN@J<
zp;`@mp_QbXh-fu9=v}0y0W_<D9(Rzm9tp{6EQ%FiR3#jPM?<h00b`h)0sJ)CzmK2!
z`xIHfV={h6<noR%hNtE5j?CX3le;=%tZ4}rBeQXzWUOf}@PzEZgy8&SN8Y|pyb%~s
zPl5mRB-l@5ai5YqeiF>5C%}7p3aqE`I8QAUr-9y+F`jl2oQ7nM0eq(}^roSuh+#YR
zA~y}*geb044{B4&<cBbwwh)_!l#F3KryaDWA#q{=%c(~~8j`mnI8Hq%O+$302g4~1
zp=qG=UHqmrbfzKd5&-y&L1r4-GVJjwP???rk?9H0m_{No1#<tO9y*M|^q@`aM_}5;
zS4twTL+DFmU>?$umwaOUC>`nXP?z>bTsr7k2R-YcXQhrc5y$9hFpNgv7mbD>Psc7w
zk8n=HEovhYCG<LgS=50>l+bAmuc#A=D51|DtfD7H*ZZfoD<mQfJrT;#6Cn(ZL>Ee>
z7s<#%4Q^11o|%R!)W!@-lG=V{M4@ykC>2TQNl=7FAqbIqN?J)WdQb}&D52vt<e)Yt
zP(rs4LJdmJWqJy<pa&rZjZG*WgAkO84wQ(FjV%Eg$f5lt_c@FT)JFPA?)WhffkviG
zjY(Zg#?9FyEhjDg>><cMiKE{i@h27SXWxXlWMq@^s3xNkO+INflLsT2JO!f9CyVAY
z3S%=B#piIwe_Ln#v5<O3q4YTXofKU&385#z-bs-R2hn-@ad#5B-$Ca2bZ>TQ71bo1
zojovih8=9<@paNA)$zDGV=;C7GNcP+5j>sL1nK>>i~)q40Qn|KARR)-*+IQY>h)pB
zIAfKV5r{bHXgK4Rk$~f4EE3LW_=K?tIH~A2Ekv8-3HKu3?4sEu_xU)eH=`GJ9NJAX
z(#=RXC^Cd{6Tmy9AIpA(o9%BU_t}GP(~Ve@+-n!IO($ASa*q!}wHb+Mvj>{ZIAoV`
zrhqgAn^EXBPh>V2g;=w%;xcM?#-h|%{F#JdBqG%8V$Y;ZaS)wm8+RtnITu5w>BO8#
z=(Zb`=0W1rV@uQfho_Fiml=&M(?X6(^Y8r1xH5^CFBMN_4=kBs<~9mP#-YRv^!XqR
znNf>2@|dOJ#w0k!AB-9EXeo=}LrhLu#406QuHLM!An3qcjH*Npf6zB67le}LVz~2W
zkIxmO`P9(3-(UJ7&2&u*+b!lNrn}CYW5gh<ZAH5=P5w!<7%4hF8x)HtKnF-N<&HDs
zjxynXvgX?dnQmK`V|N=JxwU6A)dgwO`p<Uz(-qBbE%|cs75=kBht}xtm*2m%eo@FX
zDQLBH0UN<Bc73NXJfF+WT!@R68_mDCYEryY%1XP1`bRA_omg893=soTFd1fNT?Ws7
z4ij%VoK@f_UX1V4MV2x>>FS#nQZV-gFq6WRhU}`e$Z9mr;HY-jHVCVMbsZiig!e!t
z!p`#vBDsCW=HLv5Ct*HH*N#KT_PUZwqlLi2+q51$Sp)q#ZtCWUIuR|1timWIy$X;6
z2A353nxzD=`0$j0PNSh+E_fwH5*k!X-0%+!;Wx+-g1g$1JS~+?jWM)(U@dZ16&tWK
z!oho-111HYoiSoy^OECmPMCh_{$fVmh+>KN9;N8>ML5@8VVkR@I<^&4{AULC3M3iL
z*tY8bA78<v*P2$E<;U@LO%f1WtJRrd)C>m2=meZ%8*NPJT-F*?AW&7;cS8ucV>~Pc
zRr<1$b9TeiV#QihZN2St2h6|k0gPgvT1*(SEbI!USlUp9`;z2Tv#I&uV;c$0%x)?}
z=*^J!UYvFptrbeG$>7(;NQ1UBBV!oR$Os*_CMVbj!F~QotY68LqRa7%X5VuwwW>=h
zrWK<(1m@YlCaoJ6IlzU9<<?Cy`x2~W%5se?*Gp9l(X?mg_!=6a5$|h)b`}qXmo#l^
zp0D(Tlr&p$Vfl#CRNxX?*A+NIm;5f#)r2A#3=puk+?hO9JIk3`TY&>Ir>wLhM=gSU
zWbp|ZwYG+aJ0x}7&p{lIc=RnFvQO>VEj&E-9L3qs&1Ri=eatz$1Ap(Gvy#TUo+b7@
zVhK{6V$-xN0~A=3j6KPoh9P6mdPUV3<1IYjXS>8d_U*)@Sez?&6$cOW7WHagLvT>#
zI1}bK@Sj<uHV$3DtFX65^(OO;i#vlF*I<zFTIsNAoXK)sFpQ3C^=}13@J~AmIp5gF
zhBVFwI!ji>=n@5De?K&T!skvrn)>-rLwxjs$R9Ob?jEJKq4|a`;apd;WO~KwARUG9
z(ntiD<Ce2^AvY|akykbVv16nbKf%+j_ZA=g{fs#DaI-m(xepc#^L0E1rr&kNz;4oY
z{A<O?@iC0(_!vM(7|mx`OT&(nE*-#JlU7U>S<^~)r-p0)?z^iu9husZ&C@F?WXC;i
zCm!9vQ(I7%Huc{9660Aa$OfZk;GHWA{*Yjk0HdISynSN7!o(e~q$rutO(KzESr0ZR
z7HVV_hbYeiVoOW9A=!$GB_oP21z+%t3SDf#QffrF-0o3#mqKcuF$X44v4R1*c97H*
ze$hj*cYU#=cQ*zHs?x?(+5YNoI#OIaYfL+5)v|{Gw<88yFSuP*OoQaxbVq2lgml(E
zvg4BRo5SL=!OYqAZ-X&#O_hREJ>`+`(XQSsyb`Q8HJ6Di1p!uI^w>b}T--$}tjP-5
z0YVg_!Vi+Ha38a`9njS?%P=8&3#ZW2uek^X&ont<v*j#&!H(Gw^TMbi8^?>npoyMd
zxmK)L02UK)D*zw@Un~`FqRod;%+939c)??6wqVg%P+qtwPK5e!hK@ommwjSx)S%Hm
zT5ebk^+G(2_K_<hp?fK&h@mXC-OMyQ4!3L*0y}o3vWl+REawXN<z`y3LehK+wHNMa
z5iN{Va`A?VrCxnWo<|-_Vx+)$lBeXC*_MWY$$as-0t8|oHfQc<l*OB6oFXiXzpHqZ
zr&EVQs#QLp2{|ofcDvvOi)FAU%ydXRk0yO3N*jIh^_(hpUiO+8wxkOr4CWonY5Br~
zb5P-g$|2@Y`UHS(AM?NpE~|C+288%GGNVPpJkA$jk)DK<Rq>o<w1Qj6Amj?&Xi}~X
zhw39s=1MF8vc{7A<<;d&U*tl8({M!<xP2B2mT9wM?~7)*@B4aIFvjkyhAT3cvS74}
zw3#Kr5*;^%dI^$A%JzP9b@|f1_U0O2^Ky-iQ@?q0ZD<%RnP$}x3xu_>qD@1vU2qmV
zyF8x(?8cYmB`RjUC3E0Df-(B+YhJJkdC4k`|1yO8TedMjgt%{>uk{hD3%d5jWsZ-h
zQ?q7M9PCsVYWmsnF?sps+)x441N$>fm9y019%eouEoo+<yp0e9UQpn7cdWv44R$?a
zu8F3rNVH{|aT|C4f)3ymwWs3VancHy4ymTDa*{nBL-qq&E!j|&gLD&pQu;${9yc~E
zLra_G@TkB-dw}&EhfLdnzl;v}F)aO#v-@Wjm}Y7O@u@`)dj?Pn&k#mG!3K5n-K+0F
zcD7ugR%}rh_8!iH!c-H$Hc82FsCoY9M=ii7*C=F-T<vR%5pus`mcg;$Xv>PE71K8-
z$fXserriyZ_ogKS%M8T1KYg?>%POWvP?2kRVSt2uIz+-Dui~gZ$pH7#jF5}8439bU
z#$wykE!!N(&QANCksW&%kme-jto-h2PD1w?HBw`ugmy{w%E^l_&p^s@IVoM%)|f^(
zl7=N5Iy0J7NfT=f1yUk_bfcTZRzZ-4-eNJLsgXvR(6(gML7;T)AW$AC`%tF`f$|_w
z9t6q*+39Zwf$}#)b5aCKYn9wXq|6$zj4XJ;c4f=BRAt?Qk114gp;%T|?E03kzX$tc
z;=EpQ1u=3sh?b}cv}iz*OgTBXXz|^Dp)tMtlUV0lwz(eQW&@n8YhJ@b@!;6g_}n0m
zdm{d}2X9NHwtLl>{bcyrSYDREsS?*MjYEy+PALE>iJU2oD-Cm`I5$e-MEh_dbpFKi
z*jwxS&erBc{}IN5OQiuQ;qhqLz<kZ||8zXGf4RB2{M9|QJkjNT?!4?x44fJ4x?&m2
z0f7J@=)4!dPcqeXY3spLlF4$;1?C;j+zoVW<gN+qLws_<GNu&m#bwr#Frn&-ZJWZr
zb1*2kLf%`v3D>(^*j?>kTZ}aK?&lsq?!eJ3MxDCjCqH&jT4*;yKm*)zv#C9u!dAcE
zig$Pqoxb0?WA9rr7={P*^qJV557CT;X!IZVLN33?RGHyjc;lXhrQ6yCj9zU{1%wfH
z9}OnzvioyWa?}lPJ~abfl-)FYO8%~T0?CF>p<KRUcP!-yzOj$~8gtLtyzZv&Q;=hN
z{&Y{P?p2v$G~GTcR`N)$SZl#9@W}_R7a`xRF{=<m#Q>#ML7g{9GUI|=ef{!_FTVIM
zoAPC(6ZlJR<A8g*MaaNAu(7-B1M}Vl3l>sErq6TJ*^AX5{;hP#fCHV@g4+PnQcZ}O
zka9v+6OvEJ{e<+0zyk}8yxU<WrA7>WxBFHYFl0+{I&=cwHy_-$896JUjJ8{^j^3M)
zAIxi)Ro?4rSyvpQXu8*9ShtDlHT&u`@$|DX`b>gM9@k?&RUPJ$^_PTo8rEC()LG)Y
zJ*2M;>nd?QrC&!G)KA9hCLQFX-#jx!LLii{U3Pd)^~#>kzCCQyns$!Hf)}p5J%rTJ
zLW(8SrZ5Mzk0b1kY|=a2Z3%8KA`C(ChMUPcMNqm59(Rep4$&WY(-uFx=S3fq$UWsK
zZUyqYp<kL-dPZI^$@9;<i+cue6rX=|C=#ce22tYlKKOSY{CgGryA1xV!r!aYKc993
zPYf<)6cVblB#rXecwsTcHq>I=s@7g`fMgI-+t^o@PmGf3$`3rlN*gZMpjYAVzMu)A
zrvtT>#@AFzFtDW7QrfPR6zMXphEigMq{w$#wUhR%j5LUGF|rcUepQZAy^|@PyD`;_
z{Fnz_L&H^!cB&H%_Bl|!sG};;V3)~Ni;`1<hy7fG^?i~|izzA9`&1zs7~S})LqpYu
z#v(KgqBEr<GbN)keUgYwd!sRpt{N0nONpNSPoY{+!sQvR4s<w^zwVh#s`4}TR1Q`5
z*{R(V6M_b+`V7_ViBbPZHJ@LxR?ou_4+v4Ko;;~7K;plgHJ*cq02`1vxWP3qd4UE*
zN;F+g03`#|{J)$9yVuh*4ng5gS*dY*v<-rSkz#M?5;L|DN}<oEuz>G(04xl{DfA7M
zFPYLYoP|MD1u`rEb>dd+Zm-3z*wR`Dwz+3wuYwCW8pERBDK&oK9gam$pHI2!70tL<
zCL42a!slCgpZEu(jW|oK(T)07iHbHdgjKD!F)1v>L%q&qiKtS5_0a24Bb3Z5Mgj8r
zo*wMFDN{Jubq{vkppCWbwrEJAMYl~ydhNKLth5A>o<)lraND1pw0|_C?h^qX!)R;y
zNy5T7e$$p)cS0g;Ncw(*v2{Lb(Wk+*M-)814P-<e9BqJo6F%Q}=P*1%)_PrQa;>R0
zxBQxEycQPQu=Qcj0Q-#77LA3j*G%LX&x9nT)r}40L@1}J6(9PHqjA$tI<`wNf?!`M
z0VTwoZa{jnWj_$0zF)B%wm7BO_TbZ(RIidPkq{nh(eo{YtQEPa1MO+5PDE{C9%B<n
zVZ?A`k3#x@RdW1g6e~DM#l=Zha!r?TP?P7n{UXVkW>pDh|CPMQzk_o<I?=W5!6C@H
zz&h~rH_K=1KH+J-A1L}nD_M)&k~xo(f3Y>-w*f+aR1m}F4cK$0sktN1XU{)>@bZts
z8UjQ5mfhHiCGKuKctjPW`FEm-h9b8ENAQ5ci-`BbUGx|H>b~NdB`M{EoGfUen2{1{
z;i=i_tfhs(Bg4}i3Qbk@{6TlyLb<}BZLYRIvd8h$WZ&+%=HXP2j>ri<d8|k!r9OS|
z_S$K`{;-ag^=wTYARZ0BSP!j1bk1Ar6Ip|=*oxjUqq>6qpw~cP`<3JxX9ebk0Pha~
z1i@+$c!mDQ$@gbhKfOJ>cpXEV!XgvQ&Ae7VJs_At3tDi%OybAdv8itSW><jLx%oh7
zQmt!R46FhBkQKG!cMrY)!w6cQEA~F|R2W+^Ku=k?0w4p}ljn=jR0yK9%#T&r!|oFH
ziZMG{?po&PY`gLOfg-Op%~mLJ*)JLCM)YVOlmqr2wS?XZxVqx&f{{P^T8<Npv;I?X
zI^p@g?e+B(|LFepr>^5NBpcyZlcc)WHV_=4&)qy=dNxK}OC0lzye`*~ia&_HjeL(5
zMXM8KS$(jv);Tg%z1G~XxANL-O<k}Fxdb}V{01)LTlx9}%WB<ww+8Q3#8T2)u5X(X
z(Kx?WiRk8ty5i6Mnz6L&*|To9Y@>WhUR#(NQ2qMN@&53*{6(zF`#)U-f)9mvK<Tpi
zYHz2mj;F|Ba4@WW7kQ{!bvs%ru{!loT|(<B=&C~<6qSDckD3;3){ejG?bp8CD#~hJ
zyXQro(F)xt7N1c`8x~@yPj8PI6`u4oCqdbYg0#{+s|#8Yb5EDD>NTtl=dk!=dd)H^
z@-+SLX8Wye$niC+xXi)k5i1X|bx}?%ysJI4a^dKXztk!IBHfN)K^ymJK*{}$osq9R
zB>05z{>Xx`ewQ7iy*74>8X~Ze6}w{<ImxAYr?*RX$1@{L{BKrCICg?9F$UOPGpGOS
zih;sK75SW;z-#^EEK8Pis#&o)br7>yn6&SJxKbWm=zsr1^bp1Tv{A^?w&egk5-qZc
zPKvFgU|DIDW_A=r$D0@w8xI85A(H717Wun5f0R^g33m){&z?6d0rb2}e$sL+3%T4}
zuZ>prQVOLjpa6RdOxPb$&>_b8V~=|aP(4EoY@aK64}JsuW>nf)%Uls!N-G&5BC{Ly
zK5|b%=d8E}k3}Mvc@w_jtMM5fmWyWeFwz;hlzHTEdSMWW5sbyUPh<uBCbN3DmW?SU
z%DY5e&RGQ|oXk?8PRA>f$*N*%EwMze-{)MGl=o(vCmGbXDuk!onzmlVVju-q;Nokq
zMN~}+Ls0jv|D8~Ps|}~Ty;;F0aUw}Ww`af?y+xWnL8)cpV7EQxvO#-=VNZkoq6}!d
zz+Qhn)Rx;u0>)KqNx+E<Wtx?c4OJg}dK7j@T*&O1mP`~k6D9_+6pF#gx4YFTex8d7
zc`Nm~NWoYMWYt%askc(YZyt5&aIhm6&PpyeX4$YcGjCfFCFQVU>)`9>g2>9QP{Z8S
zVEr7|oJc98n1UP-kse6WkquXVcS!z&_G5zvYi#%~)WKaBG-Hqx2XOyp6^*RVGg7i@
z2|mTFH?6N}Nd*YWUZtfH7XPs@Zl*(p62f5(LgA#09+((N1o0@x(X~_)*Ljzt;$V;m
zm2_=x*8lOwrT<ITlve|{>x?KamIZ6QXN|+*Crs}xU3SPwN(EsUnrB9}&Hs(cBo(t5
zEvS}7dpx>jo1@9j?L0acM-%T{YTY)+XQSPMx8n%jJK9&ANH}2$kBrB_Xtw9uNT_<-
z)6;sz$u8PTkPX9DO=wS4PY1CRa`90EMyVd6lB}lc3R0to4mLb)%yR;EA?0noc3bK_
zi(J?cDL-D&>|{juzh#>#>V5cpv#S^~(b5Wnn5LNIy{u#n*Nquk?^J-)rReR}AtZ#e
zoDtY75TSA@jx~PMT~haGZ=cOV`H@)r$Bdj2Q5R4g8!Li<K#pb%b2H+UkkF;MU%I`3
zeK%!*=_HWAVG`Y!brHQpAFglNebVhYzQBjK!d7y&tQbUN;?BcKC?kAi&PXlT9W%5i
z=Vs3H8ZHRfz~A4mn0O}?)m$yW_x0be<XfqoMf-ifILLRBAJ;~UgsAPDFRTNN%$dGt
zwxlttko^XbMO(@Bp(TiC=2c5aftQ7x)51ld_fyTAooD^X?T?La+ZsUs+y$~6zU1?Q
zSzXth?4MaBT@CrB)2#<1{VGy0rLd~Y1sAXI`5F1z+?o%xTo-JDA(>xHf0lxgtf-Za
z#l^d0)RYN)jyw!j7-$mcO0;C{yVcvHwWd%-UOap8?D>~QHb$#HRTjf#ceS6-$j9Cu
z%}kz?kMRE&_WxgykK`jEm*kR!|2O|5AIa1#vYlFNHJ?w~L_9M}uel0yMwC6{zya`+
z5agW6h{4!Q`NjWq??QO4CQ{fQo}a)JPRTvk{7QO@cEvL&p>76y^2PLdzav?Sb~kri
z8XE3qdh+~q)|$GR;)_WdS$4tZe%3H*DmL)RetO_Y!I{|H)6F13a4dDn?-*I}<qC?>
zc-SQHXu>__E>{pg)=$B>o{@8Xe5}AEit;?lao$H_O|53b;cS0y4d(sK-)2Mg#kmGn
z=`UXFZIv$l4NfBYN6n27e4w<0N;!hkJHOl!jvrPn+S^5qkO)MLqa?5hqsZ2xRLwjm
zkVWb&vjk1E{asd!YDIoLYSW7!kHFX9MQs}$XC)d8kL>N!U5hoV%qD{1A#63DJ*jeQ
zeYVzt{iCLZ(b&ln+$7b`ip1SScyQZ5Xi^09Wk$~M;4APEnR!H|<j6kv?wO+r{WSj`
zWI^{FDP_fMH<l1x8g2sKPoru1;}<EW?XRrh#l*$RI1~QdhV)QK;0o`BUGm5=HN58g
zrt-70MH%6ms`fU0ZZ8NtIOKeTasIGPAHAWaB{xAP`_~aB8fE4kO#8(oScTX~?eqVZ
z#N!)Y9%p!8TBe-Hr1Aezd8|36ou~8PPMX=Cg3sC!iGDS~6AwTLY<!k8FQ6!{Yak#K
zBG^4}#Rw1y>07jn3UeMpW;!u)0~7?c*^m81PnnH%%F!1mUyv#J{M4Lsf!7E&F%(S<
zi;iNjn1LFl!0d>EY#-=;OL%Bikfj)x8qe`>0X>+tX!hh>T*|!dfNLQ+#IEO@A!-E6
z$%*?%QyKfT7wF+}c(RZ=J6k|V{N_>?JWGqUIeNSEUcjSQ@}Ar?Ty{8mz4N~WZ)iA(
zXXXcgwt!E0R%fMF$8v^5as}IrkZM5oz9duf7b#@*B}%>KQ>tNQy~BtaO}NO4I%m04
z&jQA*jCgtu3jde;_U_FEMPbJ~{Lvr#c_LWZJ);fT4e%I_roDF94B$qZWs3;Z<^;^P
z?$fkD3_*JlT&?%ukjE~uIbr7l0yCw+BNn@6i-InD@5-Qs!>sHLxZlTKg7B@_6@X9l
z(*X=8iXQjQV;ws@!Ewiv<BDD5*Cv?1WErCQ70dC#sEw=%*KVnjMrNZy#K@#|PW!D9
z?F-@-BH`%wclo2(_n7xz8yL%8=e*w(h4DbY=s9<1>D$DZ%A4kSXC$(zsIXgT+nm81
zP<`#4tr1`ewPtQBgK_0u=RC*iPDLoC8VQ)^tUnjsF;GhdK{)Y2D&&Wz2f}E!!r)*0
zz@Pdrj@j0ud7a%d?fe@RluKGeo%n)^%v_Z1_>bPg=>$KHJ;JCkHIq<hDT7Z2QG^^o
zKQk6n>}W92vqH&<Avdn$U1J=40{`8w)qt{MnIdDZfO+7PvHQNo_^IgMpKZcA!-Cl7
zi|wOz)Xw~M@Zd-N3L~tlIeB;!oz>9-Tm-8l@(HBWHy?~?3`hRW_K1u)c{IVV{%o_K
zg0Dt|(bj0rb(iI4-}}5{pGq^P@2YKW&IM6W)ZWv6h$=((`2vteBvaz}*jumgI&R0d
z8F8qk7xwmi;>2H~Sy3S2@oG7!pISEhH;10vmbw1@=;$!)%=*?GE`Y;q1N4o4pA^3{
zj4;W-hsMwqE7qi9dEJY%Z51xy_Gh6r05R(<Wh6(fjXXk#nEp%NV%mHG^v&g+u{&06
z$XY4|qytDiRf;bmNoT-wMm1`XFgvGg9a(Mb2&_1=MV=qi9uOGu<94ed#h-lf?D@0j
zI|_bpr=jA13I8=#dH4VGMTeav;&ZoiYTcAX!+q4J@B-}UUz|2}ee%V#7tfxbm^r^V
zHM0*a^Dm~)Pe}x;u+^iT8B;CW{JC&Br?Sdz6tLaI-fqpz5c1#f_0sWM1ixu+?7akX
z11<%w$!Ddk*k}ER-uKgMJMS}n4<dZ_N7PK6Ik59@I?9fwyQID2sePlFRX!gGTz(Z|
zkk$f#Tq{;cnmZh!c6vTICV9yetGZKba;oW^Dn?Fju3vrCk%}1)jFh$hZt-1}v+9PI
z><2D#+2c6wDB215F@~?n0^>YuJ(Y_oz;-{gKg?w<dWnYuYUF%I_p@rIXIP!#`qfuv
zmtpQk)Y!Xkqfm$?QyP?dt93*7R1whAsA^VO({kM}bXX#1yZzID<C@Pd=m!9)pLVY1
z>5P2W%i-h#LC)<MU1DB0!cN;#HdxZ?PybEsUd+DuuUSt*_@@c(8@YPDSR9==9CEP*
zcO1o)ii|0ay782V8xKL-=);3fM%q|+ls%sG>7qufTrvSkLOCi$=t?pZws_jtYnIuK
z-8&iMu>d&+z&M72$p=9=_6Ojwi9E4DoBhBy26diP(2YF-Hv&+Neu;Mk*hULbBcdlK
z18uayG$Mk26l7!ABpLzNcr;**!BGqWYCH*;#)E-0hCwt205qNmJmax}GX}RW0Wf1v
zu#Bj=c2A&;m;$vYNJbRGXCHtJ+@SuWyAL?VFaXBGw4ey+MK9pRo~jK_KTZBg5`Aok
z-I{Q+)Uz${gyKzCzfRzBU-y*@emUW#oo!`yDR*}Xj4}w;0g08}#x^s>EMv;nTA*SR
zqNoaIXxm4wq4(-_L6zp&SB1=O&D;|$pIvXZW-7?p57*=sSGOLQId0nB0w|&6ww|+s
zft3NogOX+|w94D?E%sq8RotiH)@Ce3rY$`4%$}Qnq4$d6bmwNe=FhCp(vgyxxKKCd
z>h=D8d%5v>=Q>*Of?@hQ++b%nNI-OhmEOpj+*5Sc0Zo~a8@~RMymo~jZK7lInRuUe
zWU5}TWu?7G8g~sdT?|>a3H#(V+9U_^iH_I@{fDCoIr^|r=6^yj)X|KbmmX}Jiv_DH
zJS}r(Ux@a}7oi~XB!?pUeZ)*PVsb9Yy^)aFo#A~@SkEhB!R{J19qlobrP14X0KEg3
zBvt@8DN_r)XrrL`j{Pg{m<GRS2_I4arfD4q^nBs4+b1?*0iDBK`G=xi&NuGsh5`qN
z5Mto%pPuFH?wQKz^9c+APs#x7S8JYBk)!8F9&)_cOu~8l=b}9>WaS3}ezebz$ce0A
zL>U#NVDyeTjolEM4JN*v_L^QvVw4j}igY6T!1EouHykQPRokGBg{(4WJ*4<ZbafQd
z+M-v7MvPySz>{QnKkWVdRr)%)H$YVt{2w(V=dT=rU$aU<6<1AiuKJ4AV)LbPICA2X
zvy%QS1$q6|wH?;!ue4|ngnn}?6qT?eX^Qmcx?)ByNfLDY)7!$0`8|0>HANZ6mZ^vb
zQ3FFX;>#S6H{g{(NO^!fkpbCXUdVieP!YW3NcLaM2w&pwNojf`Z>8w1Lyhf<(VUo@
zJHdbcP;t$o)F_DsnIj&rjlMM@_kx>D2$r6koiYztUKD2*g`B(EgO4$bcUR}5Ch_j-
z+|9xKQ!aLf4?~O-%EuZ0NI|ucQ@`GlQ5#l146siK-H~w<rORlquRqLw3Ays2Yktc`
z6j`8si_O#EKFTy}<tALOs3D}JtP9Q8ksuM`j=VWwkmBMCZ_*3^eF%BQFs>#4(k0su
zo<KORot<4kS(@BZSAtb)ayaC}J)WRJQux<wEjV6qy)p8^>8w?-N5L{Ym>P{1dA!84
zW9=j-=5Noyih4Q&nmH)<KmolifyuqtD-=CYei`P)j^aiicz1RFAYR>HsGy5iL;cn+
zUJZY^X4M_f*nq-d{cummuJ=Do`ET_w5nC>06i07fas1GisC4C9LO81Er12D3^By^~
zv<Uh(dmM{qOhvUelxE!g+#7CsND$%IByzD5hctYFn+5KF#Eo&^OPsOwYLS+zY99Ui
zx@|Fi$<{0K^|hC<1Ak%6jsU|}XkR^6q~Hq{f$U7H#2~nqRXSkYv3tYp?v>jMauNKN
zl1vr_%Lc6ia)ArsyX;WiY_Ol2-To&iZ&povh8ytg>h;;Hi`TO<|Cg1#pK3X+6`OJ$
z<BSO?ONqEYDcD5oF-Z8w;MwBJCUDT=OY%;kIUnp`&V?zZj%zO!wdH}RHNVwGforWR
z#wMYqDN-}<sicU;aMGIUfJ`x{u0fBF%?8LXb127fo0#mdyVlJ+?bW_+{eDP$goCLi
zq+|fd*+N$4Y*y{F#B>IW@T^v>n&GEEmBk%mbTHT}7OjKYwX|1k(Y3Pn*WU9RCpaj9
z(OR!C)deiCRvhSDYQ(Dh_1E^vN_l@mW#O<ra&b6pqd3hVSl)Q7GSkdmO+WPJX{b6I
zvZ%_*dKJwj#3NO(<8dw(9A}!BTzoRrAf;9ZiY$A}k6h&atG;E@glF3Vr2U<B!gwEZ
zEZfRS4^lWUblV5rdAGKgzuc&Q6jS{Abe%Wr|LHi6+eW##frvesQO<edMw#Y@28*4g
zxO^YHZ{!z{{ys^)KZ$QXU^&xdy#3{nhAyuqq)S^^<3Ujjsg<)kKr#`nXvs9I8mOvF
z3So=Oe79!eTGQ+{>J>T22fumw-~kR_cWf|&+opatfns=pe$CtXEBkFRxbT9m(=18u
z=`C5n{~9skFqm~M*8pnTy99`V5DTwLxx1Ezk8{!nFSSWlX?`>3+7q0(JCJDv(zLY;
zq#&6EGXka_K;?K3T`c|8G?{6KGvM(!KmYvm&k-x{KmOxCh^z=DIm>vt{b00X?BU;@
zKcA8Rb$0Ov!XMXKk-5|>`&IKmtK$eFnrZ*P>+jw+xm4{pL2LBO*$NSk5A)yu@P`?B
z#Vg2t<rWykMP$0*U?DZ3fWQV~Qe3xPVJfZ$gf>hF;LDY^*bL_M7Ch6Kf{Ub64&av%
z7xhPNsWU4E!h|QJ;J1t{)Hju^*9{0YhQmhtv^jh@h~_LRrhmaWq(S>+>n_35TN0rK
zB53fH*OXTz0`5R;EC+;sU<OH>v1Tl{>5_)bxFF?qCI1dbAnr(Z35!lyQC8@7m=b}j
zz#)DZA!G>4+`eM#gzXm7DLCXy0`%aXBW~id&B<4ImTIxnGeVrj4QNQOVW89%;|Suu
zA#K5;=h<gdcFb=|D=1GfUE6JfFibOMrWC@CM*A#jb!&7)OOa=gU!pv4A6C@3L+?^a
zH(}n^;8>4mvtwIcy&_7}%HDbN`^PK`b3xY%i!c}=7RsDRz))$jMyOq>Pof-)9ics&
zk6Ia|9AL{G13NA)SN?8Ku8ggNH``io1q+#R$Z!+7eN>i=?Fkq&wlVDad=bUq4c4_y
z<m`nH1u94DASp1R$1xmvILsN_BlBf!dva%NsXQ868mGoK<l)2Cx?|4Ghtszt6)EGw
zFIvKiKqb(1KtyKb!V+b?Ty(BvQETix<uF{dX?i2|xtbwBto>s^#S^-1;8l<)50QL3
zy;MT?c%^IB{pFX#F+EDzno$+%KPhv^qnkRCcG|0nscYt5a7hp3e#NX`Jdm6W_uvD?
z#X;0_LJ$I}#YD&yOW%`}p2-wXvm_`^PG0(iI~PE7E;OqaG-Icsg@LVCtYlRLPuK-R
zx}3Ka6}d(6%vc44gniJgGJEmz`kdqyzhjjmCtt;q)GcC2ujfC>JON)y4^)Q79cdQ9
zm1~BLv&1P5si@w<GBf85(lLP)Ze(3qpO-5w1GOPD9joz<jVe;HrBOku0OJ*rlO7zV
zyI*K@<8tYbMvl%2#UHbycRY8p4VJ#~D4lDntTho_<x0tnM}Zhj3$_haERc>`RXn{L
zGBq_&LJ7pE^F3*;h0NJyJukRgU5_^UcfE|kS6*cw!Yw7<+t6YAS4=1la*5$CMt0&x
zgqN@lL+i7BVI<`A70ec2Hh+5CjQ{)L6i+M`pR;#j9lk>{S`=y<`NEO?xQuSP1Qpg5
z{sUZb=~e_nH&CkZ<p)PQQB;8bFNNy>YUsP~G{^w)(N@e}fY`A+I9q=6&X)b7sGCyG
zGypki!52j5?--F|So??LjmaZC)3(gkCs4X^dqg1D7}Xuf*wij?7F@Fg3$?$vyM(b3
z3P2vfUq%pGV8Ak~0Z|R;vDvdGUSYUuYr@e@NRWVW?km>j@?PB2DnGmI%^z!vWX<!T
zQ0jh7%<t(OkjpWLA>#1b^^X0TUa&3$o0f)@?Rc`HN21fq6*J!vHNeI8aH^rDEZXbA
zsdjLx{WhFx=jc=mOX0WZjRTyDTj|F7EnYR04#nH;w68!CAChFGy|m3P2C}_Fv5uFt
zA)`DX(AR(h(=q4cCWQp?meDyFcp%quz^sQ2gdHe0goREfz6h;w*-#)^u4%@ixLZy0
zj5Wc$oW4*5O6WWBH09}jY)}VOUQ+ny*Jj;%u(Y}wSHuW&njx48t4c-WV$zDsJGy&5
zpu4*^swlZVFfo|BcH0HL^QLlhSeoj<390Z+YaFm}t#M_aV7h4rY69ZbB6$}R6%lOv
zsUz6-aU%}MAEAtqbiEt*;lx{F+wQ}bXpwRYhlP)A0VAc?BoU-7W+Zf*;yw(VgDK9V
z1ovSeStL1UQ{0Dve33*Zk|dCpl#$TwZ`yqrFwINrN!)cMCM-f|--dNYa0n~z&l+T2
zbJeUTG3BmSE%)K^@oaXCfgg>+Q0v9?KM50=j8<!E+6|1cQX0gn#uODgPfIu6QEo{b
z-|!I_LGT?;(bszlMU5!r5s&PIJxF4*Oyqh{q~Ik7@Bjp0XG$w_g1?+)>pF#I*r!WY
z%4#$5-I&)~{n{t`t2Z|dYB|+a#e^<4PbhQwl^aTCZ(4g(8h06(PlFl}9&9ZsEQAEE
zOn8@xJ90-WH9TW7Ud+n*9al2xxEPMO`7YtG60A`%g2=VsNgn*x7F>G^XMnAWlzFJ?
zXS-RD&E{@w$-K|w&^WFI#Rq=;*N@YtaKOorGx*16r++^E=zjRu)6<iazkYl1&CTWO
zzwy(Le-(9ki$8rl`73+<x5Q3PPygIql3=^FBt9<mR8~`5`Y!>iE};{*K>OU6hDmuM
z=B4x}IO=0W>_PC>_6VL_!cL7}`Q@Th20H?m*(;uy!swoECoX7Ku4P554au!(Y%>D?
zA^^a6Fz6qQFXz=mvKUL2^ST@Xqyf)|D{>DYwHEx=#Z=&9aVM^YFQ?fpYDs=MXCOBP
zdA3JK)(>7XI%Eq(Q#1rZ$efw=b{*lETIOGLp(fnbrh1#K$OVWAPriL583cg;%-$Fo
zC+dtE;*#mSF_|N7CH%Qzx=0l*LC>^sG7Bh7S0upYk+u{Ahv&7stIiQ<j*$5xN`GJ$
zEmYj#P1oy!X8?T<nksCwKQ=dj>HC3~bxCSv4!IQenP{)}#`po=JJfyvN5PurTl)Ku
zOmOX2vM~igMyXRTRSn99odL?f(H`Xj-1}bKR2~t1=Q0Xjq~AsdVC^@d7B&!V=lXQt
zo?5YLx~zFV?%sToLe8F|%`jJUp>An4p8ex(z7{}22hni7)0uAwbpc$S>^l$fjknTR
zewS@B3)#YxVB&EYxh>hoHJSRV_l>Sk=4^qHD*e~R^aYBw&4bBV!8D|<Fpt-dVKb$?
zGpF)LLEb6!u=e|97GDy2+DZ#mw*ER}IVQ#gbvLV8s0o>$y4b+}j-eWDRR%>Gz<g9O
zv%mmgQ^}GjLDy;}HP|fZnr2)_ii1`(yEU(ZvkrzgA=#;oYYw-qo!g^Vm8_Tjf*bX3
zX9ZPmbvygD>aimEM$qA$T@0vGTw1pejDt{e=`okl(e$#Qyd)=zG4k3SY5dD|Tuw$a
zWYrE5lfFWfKoGEi8V@<!E%LrufzCmm`eW7k=l<hRK>(I3D!@c8gMf~+%X1Z~@wQ?q
zejz&fLW*SwwAI{D!v_SE&b{M#O$+1zIQZT!UtXVMw|u$M(|ZOkU1a7Bt#O0o+mWgL
zw@d+t(bm9+W_Tz!OE&<RX9FQyu_Xf<wLOttCjh2-=4+7}DH5#VW@}Zf9P;iQp>S)1
z5bl4Cybx=88wH?GVNVg<@0#;-!^(9*b$SrT(GP*SJaD_3J55DCrG+_mm*2k}3K8%(
zwH1SP)6^Swg^i4aHtLQNJOHemvpf$<%zzE$USOSa^TXx$FDHc0*v$PD?b3DQ*npNx
z46gUN9&q4c3W1?H+NW73*YEp3nu(h?|1|w$Q0CxI?+wSP%mWFvLF^l0K)0{Y_Wn}l
z*K3x|Y#E;Ss1Xw;bTt62btxg*isyJ$V9XW!y9=AJ<&!NH%&2B!FjCp2!3wFdYb@3b
zYjOf+LRa=!O9^xbXkoO^GeOt~t^fiB*A}*hVwAZTP|PRINpOfa@q;Su5&BF>{h2@d
zE_x6o4oT>p<gRp;Aprs`^#e;_cX_@cC0Cl>vKhHH0!J9LfIBG&fb+AQ)I#%k*pYeD
ze;<}16jII?MAeyLitCC^oj5df_`3+IMGIO>8@_J7w4xZ&way18kLA>by^`BO+%R`3
zvPKkwjU7O;c?%Lyv9aMoXeO`@9l<iD6s<N`J(+7442_|*@v)j6D5<~#VHLyr<8=l*
zMajI9w@mn)1j7w(VnQHs;Q+WZE_4-QHYCYbR4iGO!(GxG&d9f30~j)6xZR)&BVlt5
z+cGx-iFbAVC_I=cx|id3)h;0~dKnKH;h-p)ra9GgR7my(^(C`xs0%Du5CW5ytm!oY
zx#nScVW1Z)w?+V>q-W%<OmwkgBsPf3P)H5I$^6%lShAetHAv$PF&%OSCYxl9bT?{6
zZ<>t%tO>7$wdj&HhrO1jLnbt@m;*Gx^8B#SwZMbjUh-j!w4vEcrd1P_iTunEMk~Eo
zlMOIC*oMJgskKscD+aiUN?N{TxbM*9$N1*35Zr~#(;RtQHQSn(o2(1W>QP|V!UvN4
z4JGuVx69a)6}{Wv#N0@)Q(s~RhBSrGO`oUuLJ~p=T^s3QOG#99&CsapWPi{W<d1*X
zl6o7k;X{HF>QcGJxFJDblFwQKjunQzMvs{|Cr-tm*$r`^QSHZ5Jk@0DgCLo8YpFJ4
zD9wxLB!44`S6DaQ=1Q6aUCE+g6)cz4{?m>@3%&$Ot)S0q;>|x^RT1nysZS@LQH3y)
zE+7HSUM?KbeKXBt*o+HnAVVK#VuOqMDmXM~@JZ@*X{KdV9zo}YVd%l(^W$yvy|guz
zK~Gm~VJ$V`uiE`5_1f^>R{zL+Tb<8*1Zz^qR<aL(B5fX969^mHsnTK>^v<Y42%OHD
zB!qH|4d#FlS_lM7dwPo+on4;8%T6y`!ViwyCwqron=?ZW8mJ^#=<pk(WAm`J@9?)!
zu)})Xd=>VJnJ*=G2{WBReLyNUHabtQc$H7rw9*^2(M<g4lRFOcB@<s79Sky5Lnv&m
z{f4D;t}^Ri^+5@+d&%=`cKNAhnUb98T5FbJ%?)R9`9x=#9;^Yd9XtYS96mUhJ0A`<
zF{<NXk<+A2D<2{^8B(j-5m2c!Ag$WyGR%JSvM$&k%-1G__giSgMv0JOYP0mc^Tx{E
zE_4`e3RI*?c2;PE(T3fhU7lMaeIlelvWL&632taf>r`&A8!vshMDkP)8{jcH@raAu
z@B?6rV8~E)ma)XEWX*<Q3FL+a*ySmy&Q?qjC6kUjAzUa;i=rvgZ4ZD1iPQR$LP0c*
zga>K&)&jaNs5Mb7YLQ`#BiEZT(Rn+H0$4Q^TIu)#Jqe9<A&sQEg9Mhj4RX<yD>(~_
zvV{@+TBe0E&S`dgPpe!3vH{f`OSMf<Y6}G{aeSP1MVoErVq4A(Cw<cVE$y0a%c!Sb
z_EpRm|7sQ?t<ze|l4_oT1&}WS?^@~0Q@9|Cv?~gt2nb7dv+SMhmR1wb{q{lzrwg|x
zSc9}(^6P{ch*lo61HQr75%8o}Eb(%dMyaDv|90WPAiT>o81T+Urb!8(ksrW^9`uCf
z)uNF1is*aktzIborES;3QX@6lQU`3mM!YmznGF>X_dP;)6LZ(^Sy7n($0+uI={que
zz7&|&&y_Px+N_$Byprp6s-R@f`sw!UAq=FtV+x{xT((cFE<@OsOt6Y-aC}<mPQD;?
zXQ-{Ku=hfQ#{iwoZc9f}>R{V#4`5C-C%|3a#O(q^s8jOJ)_(W=#V2I<*ay;tAhaQ%
zeE>Z-)<iHPCuhZa6?{37v3T0#b5`4{5{^5m$Cs5<>aFXx&kW+GkZNFX(>!S62Ti<d
zdIwFstNk7{@qmWyJykEAwT+9xr1!qS<gL^;Pyr-sO2*kh$&Qvrfp*^0%}g+DfvB8M
z;L3gXn~DygkB7~wWx>UBRKY=I?J;UCk)<~A8u0$HvJnF2?~rOdiir7@osnziisgip
zZU=!S_iZS4&NStPYIx~QH~&uVbObLPv#bF>{M}o(d<NWj%T$wC8U#Owk@)_BWQSFk
z+x2`wu2?4TScM1R^@lYTic9e|<wdGT$Q_l&DFij@+VKe^y^x-u+wCsx0$9*5)29s#
zU03Xm%Q|fxZ2m&6QNmE#>gp@L^d((gs4|4!RC&5Kj3LET*QyP&l0iVjBf7Z#-am!J
z38PJXb~|1ZR7eG|J^{Z9c~x=}FL6k~W@XLEnYk|TBa`MZ)GC>O6AUEds!1X75mb<S
zBM3F*b%dFcSSyex!f*#%RNX5y|6SR!pA|+G97p^ELfnkiM|APBthKpx(O{{tjR<!j
z+dF&}?m+;rNu)^U5(I-l&BnSQ(N@2S+AP`QaAO-IdScrZK!JXMt=J#*Q9YuON3dos
z)-s=U9Q5(MLbQ|2Z6vR59hcO)1z|fk6TNkT`<^n>JIV{lLgPa5eC+gTa0N%bI$8!N
zBc+D_kG*$qZsfKS#q+m61!|lsNgI)pJhro$n;VxRX>483Lo3Pl?$7bgfZZU8s0nlc
zv^30mzx%In0Q7_G2GArmkGQc_n=#dW8jpkXewYz064Yna!)eqnI>?NMvrJQ2@R;3^
zWi<NtTGjgJ%#;^6PGL3)eX&#PUxu{tc6@aOv|)t>v{{t}^s(moHOCGL8lW{X_Jyg6
zVt$-h3!}?UH5s+>ir^I7L4_i<vMW}+>@8h2D)$~OFvBx4D#4Db1XFJZ|N7`n09-kj
z;ePyf@5i+(6|{0gjFK0BxMgno`VDCmT6f>;W8UElsuXb<Gv&>IP{%Z~Mr(aongG6d
zlOjXjmHnD)wj?mxK2T3W-|A2tvH};mX{Q5sd*svz>w~W7L^Rk>f}Zqx+|-GQD_qn-
z0FOX$zgYL8E#HbKBt!owh*%<iUv^B7G)X|eV=XwEJVzVZ5hDxsmHI(Uzj&7mVoD-z
zq};9oX;!d>t%$~`avST`4U<^Vuy@3UVCZrB>O5Yw-$n;KwddZph#rDGY+nfjNI{um
zP<nRJ9a+X(43JIIvHj#7Sd*RB=z-Y-WVr5ob8M!PM)f$XkFI`)=4_y0SzI@{`Y?Ss
z?2$m35xs5vJ?LksJhLsfp*;3R!H7Gu43zy}AExvnXL3$+*W(@Txy1(bBhF|aEUK^2
z7)CGIA$rA?{+|oTHtdO)dYp42UvUNRzn4QY%irRNY%GX1wLwNOlw;~Sk7_Pu+<kfY
zRH93UxUjps!4<HRG}Cjg=qhrmulZzse)hn*Xq@2Ardq~J1=2#-hk*mWHi$MXQwX8s
zD^_F{5tQ2;3nFGvLNtl$kywqMJj#p>@p=<u%w|TVP?yB!(++7qCNmTWLN6dG_Wh`?
z8=UF7<Yp#pq>cs7HP!haEnL6_`rjUkDiv~!PLZT+mXSIP=K`vIE*h+!kyeEMQP6vw
z5tI9lS=ktrPuJwncxquffoqYVGy^}mBg-d;t8^(E;*(4Eq$(2Kph2Y!2k~!D;BS#N
z?vc&vT@``*iMEfaH*K4)V10UL88)u>{(j+A2rb<dqxR{h2B!+FuvHe;9F|caw{&Vk
zd8W98-ChL2zz;PKa-*eX6%=lFCB7O}BqK_sxIsI2`A2X`^C@~B*CDY6kuJ1^Zi|F5
zt`KEOR;0#f3gC_B^l`RyBLuEqb(rfiI!b3^to5L+b^xRfl+mq8TqS{CtB<4?F`~f;
zPRH{=#J7TvOgqaoG<%IEO{M8Mod|-?=9n>()oKhIi(TiOu~Imhn{W?|G$qK0+LLI`
z!CRWlDJ!c#va(WiAVVPMoy0#z+3wkOb<eh4wdh&(Ej8D^>c;vqRLBH6g{{6{HI%bt
z0Jg?3VQ38s&-#(JyALe7T$H9%%BDmJv%M2yU+}`EQ&g~8MziSyIp+^3<>-MxsEw9J
zAa-8HG=r(F9@5SdzQ_e%P!|X8aAND)vRUEn_R~D!tYG?ht0pSX&yd1mMwEtwSh1K8
zZ`sb>w$JL_m2$6aOW9b(<~=15x^@sDW&l!{rd%X0h|zVyG(FMu$^U41W5Ja4M!v`O
zt2EpH(@(GB`-tsT?{uB!0~cBP5Q<GOK}!1?(1C9y5ejLqCZ~Rt>*0Z>JvIX#Z*GFi
zJ=L3l^e!Np5~lR!7JgZOAD|te3u=na0c_|zvY1d-RWPg$AY{AJ_sW?kBvGa;7L+yM
zYK|mb6q&+|@Iq!wFFL)?LkKh1jJz`!A&$wGk2jeuBqq_s9au1~+xg9^oYM5D<h*5B
zIP#7pwwy?w6*Jmd{OP^6dat@x7ZU1M`;W5L<b7Kfv03-^Pg4xIZSA~{Qj!xEs941r
zdS2nF*^sUG-nOXv@Lh=aT(hhO$Ed}~&3TqeMBXWZy&q5bVxa}u65bSH<|kcIs>7~?
zf%Fp=24wGs{d=<BroY;S#?NsYrc2rG)w@3gF~?Gt#U_Cm+nXhur5tL#^1UFNvuot5
zHv8$X_RRM}4fWHPEe*HLYW$P6EA<w_ADZib+RgPJyR-QeO47!4#Iet=STyX9R>-PZ
zD!Q#19Tp6GXDv5%#oF8lY+X4Ibrbj0r79v(FxGu&QKA`ESP~U7$2H}%>K#oz>UYHc
z$+YKB5e|?HTU`~6{$j;E)_^kQqTCqQNykrrT~H8wTko+TNua)O6!zO0{qV!(dEaf)
z?>Ipa{@vWF2u~|?6rukp>M9r%u`f5r!rE??!CN#-NM$lTr}8eY!_?Yq&8zk8*#)w{
zMrtnYcEXUMup2C|YNBu1?P!*e$~lozdACj1s?AN0tNMcLtxz>T@#5Q(7wEy3(6)NY
zEzO^y3nmLes(v>sp9$e`q}GBiOf_}+%;_gyz&%Zvt7b|s>|JAn_hV7^(p8&iNXvK}
zdufh^0(C1MIm=fZDXjg#w#ClNsf#l{v;~ICMo#V_zmi>6Nz+`Yj)Bk1&Lik3CHF@%
z#V3a_g_wNQ<~p%NPfnhU(G6YD42#T^yejK{x##>QaW2Y<fGhs^3EJlZW|UxtGU7^S
zSqif>T0uZ(dtYP^?cDsGr@cg%J@b5xrPj?$SLc<pDxj8pdv-BKKUh`9vSmZn^!hbU
z!xQgwW23I_78ZgSecsOlR&@P!pTmdPFuy$^teF^$+E}Kd>YC)8K@uyHlzDi?{!5kq
zflCTqI<Z375R;_Hu+MK~tiNM)esOhuadvupasCW_YrjD2!t)s2^2%K7QFzKk1=}*C
zoZF!x!U(gfMIhAH#|&LEs>%k=e%UX{IJ2SH8mhHc&!{>ylAig9{&V9i9-xrxszt{t
zopc+Kt?cd@uOyW1RbA;F<9w=qH!LY=C}zC0(;zNPJ2=}#eLUV9LnP_mc+Ux98MVyP
z3)J$aYBKc>MNPyTBlOzk-1sFnI;|(_H0qpI-5FcH5TY$$w<;#}$=Y^DGkR~U6>e>d
zuBH=x#I?)m)WGW(+t0(?#vZe<O|0x3624fNek=2`s8?JG$C7evw}vof4IX`%x|%*W
z)6OfqLSNnED;jF~v(1$Ahc19x1N5p_Q)JsjO1g?imZcq)lRCP-I6Z%PF<zwGkSM~^
zoKxn{99?M<?Ot)X<9?|1s<IV^{4!IykBa9!<Foem!aX+PbJHkcghzUZw^wV_ypKks
z=59l(m6g)Gnn%Y#e(;6wSSVcGjgWt1Ld?a24tQ!_>ob)Tv7jbmxgjn3b)-&7^6@r!
zTOqQ%V%=h9cZ2yL8PpW%%7fg^vvp55iC`|ssO+yYr5S<x)Q;D7`)*lf>T#AiXU8*d
zXUmmPzL?S;uH=rX%9>@%s@0vfj^LT;eIl%<Bp39aW@P3w1kNd&)#^mmt54aAY)wP{
zOZ{I}c5WwNxF4@x-$H9z@E32b=;(=fPy(URXapvu{l9COIn55xPsDzoL$6&y6NMh;
zyleytYYU$!TvgN2%)Wi3A!zy2u*U`*s`;O39cR49TglfOP-tguFQvj7Mvh~e0XaI4
zkz6h^%I>N*JyUMW01~AC;P6)v?9b+1<qlh6z}D1X^|CU9L0R9k?;M%1!5(#G{>c+q
zT|i?0z$=eX?YE%0R3?(f5nOn*L2Vhjyg9qMZ2CnujGvAOp!O=rU4D@+W(up>jjWo?
zaei8;`8kzPW-wkrS$ngVgJF8%T5klRdZWFFTERH`?(_=bLhqiU!Afj#;VN#XHzqTy
z_X_QMTddDPc#PHUHhjL}#|l{9vD(0o<%el!*4vNe_g}q-Q2Z@94czE|72g$QR8g$B
z=;b$Pyj7Y|3aR+Q+%Pa>(qOjjD=_9=PS*ieHOxT=f<3=vS}O^aCT_+*A0kE`?3}23
zAN|>y6``L+_LpbT4Z5ple6FXdwG}0tF_MJZ!p0rRKjO(A{RdmIl$xdfM}af5eXn+5
z=4)<${OlU9xrtWC@T#<z6fzL)g_&KM5|~MSZcTs5o^^8Wp?#I)UjN?Cb6~Q9)x{Mv
z&s%dGFUlMk-;{Rj1O%*(w`ket%k!zv{|f$wUQh|4IiZg0@GzCO@hM1dS6b<$`5T<3
z;+f&WQ!7acul$C}UONy*>AcwcYMI+^KDTFA07asI|N0mtxu;)zee6B__nUXp+miHN
zy^C9mGyP+W8!^OsO(136nDAOnOYJ2G<O>jlwBj1^a@r6Z`-#WKy7V?fn4%G{{t~2n
zuM;_w>0$ouzgoTMTaAW!q3(vh?L^V1|LB_PNHe?6ztuN+Q$vC8;x#W^JygY}HGyB)
zBnh3rx_R^B^sg5$VBbu1i^n3V=2j}-B<?Z()^^>m;IXk-ryW~y*D>_!`Ax%9x8{-S
zwxFzf>b6y#*tBy89?9NWD~s7sQuU@l`!g|qOxv7i!RQ0Iqx8znZiGBX{T)$Z!D8#+
zx~Lru3ofEh2Iii5-pMTb{utsTH2K$rpGX-~F=iF(J}72wW$+!@b!<xJ^R|YGaTKog
zRrAjq*XN|7f1Yb)GuVuMxV?j;i=)AdTED1n{N7z#lIkb(i|Hh?mGxLd=ocMYzOtHp
z+_7CDg=Bpz5tfeY+VHh{mhxjz=B@V{JsRCE$@WjdEK%>KwCa7k(fPtOqr{nwDZ`vA
z&Nj%bX?wBhw7-HU&P+~O=Ch!bKur8{=}Ll5x|Sz$=A24Rm(mt@^tY5&ze|(;wpTSz
zdnB^yhuxlEo?8jiWui%oWGDj5&^o3)I!8}0&o{o9T&M>w`V{GCzOoWQWB<0AMB1&5
zd|Y?$2JYTUN4c&$=$D8~rM2f3^!q_dzuU?c{J5^(=3FvRm7!#t-qmbWm0@fB!=QW*
zn&V!uh75gh6~)0|w5r{u$EG4~HXBnC!S&y|KhY#2?rCGZH@!2mOrHv8_3j+DutImZ
zy=g45z`1F3j#B=>9<WF~?U19=91J3c%3?MX9jbS17k;g5rvy!?GM&XtoSmxc+J09F
ztDKUWjA)W!zf!Y{F~k#vGuOP)^zQe<Jw84*w#VZ?{_&3p`j(_5p^H@@$UODc$;lY~
z*Xc`NNI$X-VWp{9Wo85iQU@##(f_-7{i<pPX#eU3Z0qN094WVRjLvJ}cXeAIR`XzA
z2*wq{)2YEg*YVI&23K%|&gQPgw#KoH2I}8}ImOt8UCkR4W(nUZISDM`5M}g^ps9rB
z+WuS;S4CJ5sYU(-Gd(Nwp$fYs@fIQ4tur#BYirX(WG}O8!C-rWxIl743j&uR!pYb8
z=2Z#R9D^+&QxP7VaW;cf3;0KPJ=ln(Wft!;4|r_iJ6#we_7X?5v2R95x%cX|b`YNM
zLb(VA^Y<WFQ~v=<@t7S7zR|CbM~`Cl&2R%?4^8>x5D}cr(H&WifHXuwHKoa&#o}Bq
zw$X&P*7f_W$F3n4``o}SNc^j%ePL+@!B~h;k(|}6G`24bgko#O!v1WUHbp|cT+2$+
zH<6?oxLjXFB-C=PRd|o4!Im8ttoDsQ`w6uVA<Rk=n*fhpAD3Dn(VQls`&&*_0#FOl
zVM2M>hp~Zo)sRFLxtT76f$7x}DG`P9SzvKTTmdwk#h%iY-n_CFq-nHrZ(>?C4XY<X
z#<w%y8;|!4YivoJjDpdt+eG6Ezr?vT{V}xM4V`y5B=D-aW!#Za5yBC*4(nr+UPC=Q
z4R!Syvg@?BsZVE*jaqapBI~!ePJ0jJh(=+!QnKg)6LrbB#z|?bw)AUq;umsDLADpn
zD519(#8N;G2*JI8dIjd1P}~b>O@O|f0x@Y#RPF_{uJ<@D0)3R5l5{VaHK{uwS@#0#
zlfqXd?Ot#_Qh97YL)1e|Ut88jy+}i@_tnwV;A^>|C6lu0NShsr;?U-$BA#RP(lWfB
z$b+>EEO}O_GEH@3&S?fL%r%=a)dn2MiktRcwq=R&OxV8KpF#BP#MGw`lh>!bI(qkC
z>eqcKzH@!QK)=Y<z2|U1Gx`PvMuLqA9W<jSK01MTgL87Py3$l-Do{g`k6a)ZNYiLg
zew?^%o8k6YcE~K;d^!^Gx9Otf44|i1mp!cswKqHL3AHCaS&PD@u_)A=)1Ft$`mvAr
z6Rpv2t~{+x?YU-^m4_;tZPX7`acfqtm~U0UIU1si@c=^ehzc3N4+NyIj`c3$!2Qq-
zG;cN5nD|+n!CeS&`ph(M!;Ep$L|Y!3zOp@<&LPXKK<cc;&WM_au$Sz(SzldL;}3m%
zNj5gw!f?AJlQ~)7-g1^6&-KY%S@H5gP^E~eph(0*B0lZg1{5{CicjuOdbHa!W8<co
zQ@50@w)U!)<Zo=2pkilzl^;}#*eWe(n%Li)vwKh5(!VRHmNCn%>@6twYW9h??qTT0
zb{3fyON_Iw^g1P<CFanHJ$;ocpC!gwSNg%+f%|a{W|TX!7s!w$2F|J%#IPl%Ze8gG
z+GB}{_GzxejPh~zwn+IcF(`?Uuj}KtWr?YYH;!vItTO!#9rY|6XPT+<qa$JuSBG`x
zltvjY8buKI_QvDAKBrUGm$7PFp{ApMM}#FjHOQ{#EqYE;3+a^&pl;CuGFjSs`rjC{
zzCH`wh_$+?nde&z%$1m2R%YqZJJ*e}Y?PIktEirgE~qWAq{%6fJ^c*(2EaJUi$e=+
zydVoMmWL%k{l}h+t(uL6b^!8tQV2nq%9ih0GB5Wpwv%jqG!L|_K5Hywr3}_vew>!o
z!sTIQj?upoc8~6{@W$A;jg5utl-^Uxy%|4k1GDApURMK|Jjjg*d-LrL7P)eeH&#S2
zc6VN=yik@`^*%~V>RgSa@^&7U`ciL@TE9B+hnlXB94kcxdxrjd|8IZzb#(B}{{GL$
zqd)!fhyA~e;UE8Y@Xf)m?mzx;aInAs^Y<^my}i2lg&zF+Gb<K%=D&X3|CwC;5((ts
z;G5s~oM=NYpiGUp7?~q|hLnhoLovf`_jdQXV*OPKt$qpu0wqC{`}cHlH&g$Dom0Bz
z_d&G3{_d8K#f8!XxCzbeX=Aos*V@g?_Kzu6{@#LisvnzW`9s92nKB!ZP=`RZPdHHR
z#<m-*ofgEO^_go#l$wb@iv$`Qr3NnUXw)B~)WTzkQX8VwhA6c@Fo!6$AxdqCQX8Vw
zV#W}qHbklIAWF?BZ7s2Ck&Cl66sthBf2BAz+vfQ+NqE83Ex#iX0VpfBgf$3I25{B3
z5MxUK>%%&@#|>e_MM||AzX6W9SL+3MSxVCK50NNlsfp679ivkuNJ4X}`3IB)g5M3+
zxek!AO01G3o7ygUtlrkSQi`o|xW$x>IK*97HrGO1kiT1hbS%L)>%XndrV%v+TU;)o
z-$ZdvZGEuEpi|^sP6Z(Q4M{jlH!)nT!Kg$gaEC>kSkl6Pf$UzK(UhuX84+gNx?^*{
z`W?)vtj-+aJQo}%b0TXq4|n>jhAlHvCLm|Uj54DX0AwvCW=kZv!YUer)|XhvD)&kK
zkw}O}WK&`ZCA7GmPHi7(?IOgRmUx!B^2`5zto7f--geDnpdh5;D2tC9(A;TSpH<@%
zUwnz?ybyAH-p{9`I68qhjY-Mr*9v6>ONCC3(Sou<i!M<BYbwjvU-r0$@ybfPn$oGD
z<fbE))lv-Ai8aIlzL}17D}fu9b@fLTruZXJtauqeQeux5SRx+`i}FE0|0wumsp85h
z*=L(|l>Wp1xK`q|bKdLC7^@1e9WTYmDl@?gZ&8BATHtA?Av=#kk`M_z^t@_W&ip<~
zfD=5TM=L_qRzJv{$Omlq7u=ALh%d;DO4X~at9hY`oRYGc>5aE2GDY*O+#T;Ct{pJT
zCF|Z1Tr<66Q~k@7-Oe%f6W{%E4umPwicM%noMVB@?N9h(f#rd5!XTUkxR9-1srjP7
zS+xtb*q3dQQxS%l*LT{ibPkUr{=i(X7}M{!iIphAWb{{@+!2<VzV5I&>5}1vElyr`
zz$WPm>_DWfF-@ByI<Bsn5v#V{sY3QB>Z>0P(I06{|AO8pBt{n1Ft=UAy|=vH+A`d6
z)@}vR_tNhRHNbJE$%<bebJe3(5M{F5MXTtT_QvMwbUxrEr$Ig|CUMoq_QWJ@(y(is
za*6($@#GGj6A;=zMB`&INq5smZfHXGFVKWcO#FKGr__RMfoDC?5gsp%4sbWkPe7%1
z)nvMH+diN3hmqo=LXr{n#=b=@_>L?g5HNbl_JxM-r#KjS;dd=;T>tg_2N|*()x_!}
zqLQP8<ntp7eRE>8<Ly~+Mim!5I<mVr3>Qpzmf31<e2UIUJ}*J`?o6=b^}pZlQ#t4H
z4RZGM)6HuIznEK9LmV;j7JYpm+xQ{cX6(B8)_dEg-8b>tYjp9dCjd3ua9PlPb+tyi
z(B;%<6)8y(zb8V_lt@(4rwR$ZAQ{cx$L<cD#6I~>V!iamJx~}M1QLE(Bak><&_I6l
zM?oSZ`haP<s`Iaoscx!~$pmNQ@^zF}W}j^;W;gc7S`Gbx8q(Fr;rkMK5aVgLqhRRa
z(A0=(SZ_+pZ_Bi2Sdj-D&$I3G_0CKy{g@n<c$av3b&0+;ptkQNA-FQ)=Q&?s8sA2C
z^~KeuJF$zoD&ZgtsMe%-N@s=ETdh9%0n7KViA0}H`TlMCp4RMgF2$hgej0PUz;wz;
z1|$iS6r6yySQZeaAU?Uw4=`et-!l7x&nR=$fm<*46jN_K+CdKb<mDhKvkQhNncvge
zMCkGr^gP2eMBqP;QY!WTqMMr+;7KW1xFxSme7E$s%qTTPVf(vk2wkt{47GO<WvN~Q
zk&XIs_K9GyIxf?1Ot8^}pxZf3?yhRi6E5^`toBp15vRv{QFvyTb=AjkP<zL5EGL-V
z*j<9ZVJUe+aVS6tZ~?4b6&p)|jcva=5O(4hX5^?AF6>U<K7swDqsDb9b9=M(VhmpO
z>gQLzvfj_ndBA%3iCnIkJ!~g-+J>vuafc(xYd!yL|A$BSHd(>3^Y10Y?ta4Ood_#G
z-h|jTbIXcj-TY?VOF&z4o)?)f2yLyk;uih~^ZjkyP@8nk*{dh!v}bokRlaJ;=8EZ^
z<AoVh=&CD0%L{m=u+=V#RYeu2a=mjR15b{>{_@LUr=8VqI$^R9?zGdAO%?V-Ms(Wg
zlRdRzw$yH0?F79GEg9&S-VAh?TOQcYsJ!!@x!9fA=HWbYKiqnb`A)OPd*qDQv%$SE
zV=~3pbHIbg)s-I}$o%%xzh+kWZn~0e+KZ%b2dHpHcVwn^d{ReLR`#xPv3rEw#^qf{
zXIuBEMCr}3?#P>t0J~FWY{nz7WHb6OW|Qq4v#+6Ak<A?E2#9@nG4R_6m^<dkW^9$k
z+%I>zPZB^}0zh<ja-U+F-kjw1JmUz6Et$x{?BWQpr6HhKPH{A$i_0wtXAMVW9_%cc
zATHCiXMSmwIqH{g`nNymV@&U5$k?miX*JKdx=}&#!p37(CDj$zH1LtNV-$y{VH<+^
zD(@6E+U#_%Z&sYB<<A@T;U0Xap7DwFzyD1(;oioJCmXdjoiPrG2Z(8W64N0AsBd}y
zPOmOeA_!y-<4lfGOFbLA-Cn3xT68iUR*Ecg<;Rl2iTBAn@pj@6m=_DoM*0SW8?VMy
zy*seVM8?S8Rl{1r@&_qxrhR=(ku+R!<sJG;0Nw`sW2A$XTc7YeYIiJSwRVJZuiOQ%
zi63?2PKa_CLHi1_H!BFuYE?#2!&$~3WN?~wMy}6Yug|8FPY7C2A-J&Kocc1nFd_0p
z>xo1d)kxU*gd3tPiU9g4jxaNcMj=~)3k-$jJ74jH%<(<tg)op6M^EgZo@idV<o@#B
z&N5v<aznYBvgOQ5Y=|&2r`#FlM&uopY7Ja@T&`UHBTJ0;GS|HJM{kN*^9t18XiARv
zH}I!T<wjfOz+`Z`WReddJNo6ukcIX)EjO0F|BNQf%k%y*1Li%)ePkIgpnpey#WFw!
zUt)%5#>lXLbM@Dk2O3krdUScd>Vd9HTjm3=wohwZ*@9l&ckRtb*oGZsZaV%IYE9L`
zIj>d=R+!)bR~tt<5)#8b?-%Lab_)py1yr-%jKKQ7FoLsa`GXf`w@v5)XJ>q&$#Hu-
zw#IRoP%V?fXI^k3Ip}F4JSR9s8J}4Wc*Ag>w}!%kKrziQB%_(mcK4WO0G=|}9SnkR
zuLNHZH7A8cfBC=Yi}A_H_;?+pPgi>&lfc5x!3bqA?14;7_C8BdMj3%=Lf95FMn}D}
zYEtV{@pBoir<k^(?FiI5ukUVeuTYK!UJyluG2!cZ`ieY-nVmi@;!BWg%;kmcTxs7j
zm(Uu<ahe+T0TUHO=A21ip`18H(K=#pNKy!@mWGh^aL0iRXWF!CI3ovWWJ#h~O4zHk
zvMTfglSFAIILR=(^RwVcolZZHs9S-V)Lh@qbc4m-0Hjd~s$8{QZb%1RJH*xHqN|Kx
zNzek{X(=T@cWVjTg(SukXDVc9X&LHXQ0Y#>_=3QC69769{6PX5a+GnL*2#o(?-<P-
z=UULg;eZa4YHy@U;Gde8nwUWVDT|5uFA2&6Y|~B1mEg=0DY++^#`*Dr|C44J9&<4}
zB5d@-jWJUEL?%ZX;?Z~JejRn5<1WzcoxKuTcs1VEK5lM@YX3QMH%r4ASwOqGR_GMm
zp(L$JeK0N=olYNb)7w|%{TyM1HyBj&>?eM4dW2r_8@;fd9PM+>Cbl_L0I+_V(Zt;h
z|7jXyPD+>wxzTrx3pxvBylr>3jfFk_p`H^Ka{Arqqk?ts<mmtN=B7&9+34*5^X6t$
z%lxShA7|O-XTQy%HD|Q_Hbq!Z^>n|86pO4(43qxCDeYtQiYr@&#Qw#~xjqq~RQQ2E
z-oCgQqo1_YdHdqVNQ^E-s|p1_wBS8poo&eGRHOzdxwmdxLt7iIev>(7Gk>57MuKOV
zmV}Eu#i}wGDnVy6B78=Huv;Z?L<_9h7c&UaLE<{a`vrbS7sUdxVlg2?FI>_^ktxgw
zFQndD2e@Mar|6$VaJz2{f?d)5ngEh=BH5m@@jPIXq%7f!ZnUgE+rDq%7?K5LdR@=Z
zv1d!W!%A{IBezs#9d?JtcHWw_3b$IVi0Idm((ik|-gz-qCVQ(y`Ydl>+^lLv9-%C(
zb0kD~3ZylrVY?ev^U&|oDdhN+iISljywO_Fl+IpaZ&Aec>6v$GUG~e$($2dWuJx&~
zm=V8|^l@VqZ>u0h(=l$RF^X|T@jq@y<fD|ik1KKCW2fUw+qd+dY{nT?sBMbWM=WQP
zGWPK$>~|Fc7F|_#(-QbG-Sbw&LI_CklaP;xNHpWNN|FIJ$;K$Qg){{5KqYYp>5h2Q
z`OO%}&c8O<S!;|Dv7X;N&4~b?(0oqBO+l4E%ddVJoGH4}m<$vo0Sr(kEt5Gnf@fu>
zc(i`_Wc&pL!;?j>mWSwDUPc8pfnyO4a6c`b8SC$+JSi50)ly$)y!;V|6nA&cXFS7f
z2I_NuH#<tiGFSXaW%B6r{BAZ%IFkx9<!Ox_%x&qRP5YvalZ+Ck-XwSv$@=VcO|Ulb
z>OcGR)Mh2IvQ)+(m)FN2mk$gw1ay$g2f2KZ%LlU4JqEe_lc6~=ayf`ur-hpP;~|^Z
z;RYltl$-d9nz+^!#Kw>*?UOw@Ix8n&BG@RAWAq$ySHW|rFwLOiM)e#IJ3S-h=d;Gj
zyYW5(-;+YzldGy$TkJMoWSRbVVgOhNLp>%NK}-U=I6MFD!naz?QaQ(W<WRqmmlHu;
zq(qGCdW!i_Q$g`S?owT%Hdue_^8CZACU<0c6X3l8zU!?2n$7Lj>K|mckHl&>V6%~g
zKg?b~X4d)$2|tnh7RN06GfH5CVQh$DlCjO8Ld?<67^9ftCJb?b-`T^9Bm^(56S-z&
zsw$R&(^nJKs_2oQ)7`$fIe8lLmwVA<L0QiQ7;o_o7x2Ya3oxw7NDpWIErMs9DZ#Uq
z;)+HVF%;1D*8<kQ=UdK#OJ%1cRt$@Ws6pZP<jTW7TTu;+sj4apQl(#&04o-Kh%odT
z6-4^u_AMs{j;_h2EtdezS?b2sLw&Y>!)5py`>*f_ta2THDw%ET-y_1;TmIPb2dS_s
zR&b}uTVCpe6U6i(oxt{|_BF?HYVjONR!F7grEAwzZ*>n_xYCTOc`+F$d{JXiN4A=&
zS{_X@J~>)o4Op`)CFrD3Tu2inbtLI*gheu^iX^HK<Ot_<lyG*hrD)FNc#(cCbCQfO
zOGjqrO>WaIW|X1!*91aiTW(oXxZnzBwSbu_R6pmbG@05){3)BIE-2G`wY1HB4_eOL
zm?vC%6P1ks8j@#xsnK{HS^c3fzBm^>722U8tVvTzA+*2&NI_a~!Z*cE`E`|Ond#K?
z;Y{LA?URC-QkF7Q`Ls+<s!fs$bea*N7LeH^N?>gyAS9M%Sep2BnDZ@-%=}w_&86}{
z<6pZ<{ge$Q>!wb|cwax5Lb_>pil`1<H0Y71HEEDZEr^t!4pWUqf7i@^wy(M(z+kWg
z{Z$6-{Uy%sNwZ0++{>;N2Up?<-nWF=65UaYdcF4AD&me8MBx-GJf4-$bRVbd(N-=I
zJz(3-5o;B<$T>3_KLux&=81HQ-nM<^ZMQBd9mZr!bn?X^niS@<Z^s6M#uZuk`Iqtf
z-grU(>2PHUR3cu0bJB)ILMv8HsMQJrcY<wPf4B4ydi%Oehf7Kcf@LHYT*IUFUI07C
z&o=hmF`JtP%PuFg@u!u?*41PYwWfvD=}(Bh+kzOc^oFzWr~j?f)7Hn#9=85Tf4+?$
zZ<au~qH$$ZDp0%b$g<@KJHEaS!hCRnS9>z&Sc|X${(W7MC8rQzwnW&(^}76?f~7=c
z(CXgs$2PudEd^j0GpCyqp)Vat$H<nh$%rB)@Uqxv`B=whwu{+fGm(sOHc~_^D1$_0
zkjqvDtd`Za$}?zR%?TAK!xNH8w7@E{71ThJ;^JVJLYbUnk(z7VCV8yMWg0us9P3jw
z4Va<9wE;6m7dV-_Urn!ywq;`^i^T$q%3h}5ws)q7I2RI`A_VQWRrVIQJ6Xx97``ra
zn|%v2m(I$CG0bI)#kXSe`<OL+qPrGBW73x{6<stCYGW=`u-#xz4Nf#ksIC5SH`qw~
z=~fF2kUfv=>5#~Xp>uri3c*MUeT{OGJm&KKJbvx;Tb~lXKU(x{{aXuqwLjN9p${iB
zbS)-cY>2v1+ufxaGi}xUAH$*%yhHC#XlTDj&bHispEg~1`|Szcn~@bBSAJ~0M&V21
zzaFg@V}05q*qF~c-!i)BGq4t$A52Y``Y*+#G!Z$#R)IqQ^S__{?q6jjb1alRN<<3(
zZ&W3qi6SF%yu^!a+ix5nA0PkmtFQF`p8WBv<NE*Ve?C3_^5l0XUw-w~@zbYYfA#ds
z-yMH(eDc-P-=X8(EYUv-sj&Fn@iETGJKuAmznjGzm;d{TjL%EMy1)-(V_YvJ5w=DM
z*x4(b7@0a*T(tgne?0#B>G;?+OKp2*l!)}mwkD-)Hcq%8T<Wj9X~VqFMx)VZl@ItC
z!Z{`H6k!m5UN&Pr`RtCe^cgxUq~eQfdv7775!Ct5oM}tnWXu>hQ5E)LC&tT_5iyz(
zHrBjvQqU|V0)V?u-ye@pPR1vn*%nLIN+1<p<j)W*vg|YKi$|*~X<hGUnndXd%mgp;
zXQ=%l1JX?tD>8%TE#|*RsAY%YFJ?O`j&fbt3{uU_zi;{D3u@J!JSzmw*4AKX;+zX8
z>)iOhaIht1vm(P{_2tiyDaQD$s?MjGh07w)uts+0?oSM)WKI@kU^~wVJH5L6@##(D
z=M^s8T#t3HOC(6bMM~KW>LK8am_kFaD5LDP3mDEoSpL+ml-6*w!Kj*UF+F?BvC~?f
zt=$1F7sJYomP2J_|7|n%YSoolZZ<~7w<}$jDez<o@WJsJqyH>nm;Ed=tjL;btEB<K
zTrY#evKfdV`YWhlHF&1ZL~F#zj4F30D~H^MPPmf$?zKn&Yf2s<yypZo&Vv)))vGso
z=H*7aprh-Ho7>Wz(<Z5zeXm*Qt0T}G1~va|Ukt$)0F$sZ=ai|Mt9;d1Q%n|ANswfS
zgmTSebOwY9BGZgSG)9*Uo#6$^&TvN+^j#i+-f20~8yj~7bsD?+@VYD662Fe~GJ!TO
zy@XFo!MAaN&1Et^2Dr;z<-@uSN<e%=0=}(Xvr;t;X3*N!A<j>!$rLosFnF1{<SUH>
zP-8k<BBIe0w1|?9wOhp2Xxk>PNT34u-4Rhu<BWY6rNk&ZM4~x=KzynQv-H(PGwM}#
z8V#@@)jB)N(_^J6)HC$o`^UfT@Be%}`qM9eI9MKhQ~vv*_V2Xz?|JRti`u_s{dalr
z&B5<CH7of7@ETjzh`iI-0~^z|<OO9f2%D+-Gjy`))N(8|CcSYLX5L68v=Gr51KFgS
zSLXF=`}U1}xhyUSA+wVux}9Ujf$w&gLDMMejQDiMpjh!_S-((@<#zHG7x$syb0f;_
zzg)}*WiCo_k#nYr^O4?WP0Z{@jNC?awnnV*>>GNpk0)HHUmvhw2j6UrA8;3<Hryp(
zmRDJCS|!1BUThQ&?rk2d6_NB$6C$CnjQb=PD_`sciO>yc#%?r2mVb6If7y43`0(&B
zu7txfthD;+$cQILt`rY|I&y&Czz!U>g}u1J1^T(1|JENaA=xi~Uj8tGAAB>>4|E5r
z#ziZ`!g~a$)+r3UTWic^qmRM;<b{Y_`#tc(aRw0Inw7r=lza=Y-<Am<k^~YJBSUi6
zRI|<pQ{x%N*;RC+RdgOrV@FS`DM7ie6zXw8A4a>uuuHJFfeC=N5oFS<6AmV;kaxKV
z>=s+T_O{V*4&=B7S)&cNQd5fmc;SLCZQiis{Qj+ISfnXaBQ8ef^EH!Q`<U{;?lg~E
zpO0}%C!9%|5&>OjL1*C1bU#^wK{jyO6Qac+q6(oEJQLSJCCWIP1yTn;oTy_)<mnne
z_Q!HhUl^~ty`o$|Em0_+ypv02sNaT^7$Wi{fv&rXBVMSyP^PzAuf&lBQGzC>YIu-1
z2f*%@bjPG1=zHJoISe0zKksOx;@%@v8Mk`OXLlaB)_KLc-`<Zi<U<>%hw-Rm)&HZh
zfhNRSqu+!7=j7!0_=_*s{6A0sIQW0w$M|^sKW&)zY5IRwSMs6!KR0F`FAd}s|4;Le
zYyO{=HFWrY<iffqD&J4@#rNa;X|AR8u~b`XJw1|G6DvGkQ@;l1&fwe`oI9Q)crVT!
zdyQ>CG<E3^5ITiYDif{Kt%}?Y8*;4M$8<w`*}AB;`JS5AX{Ld0xfA-zxjB)vtO|s#
zZF~3@rJ`mkz5inT^p9iHs2)%FeT$arw-D;Nv};?9xkI6IX=)Z|asIGA3D5x{wyf6I
zzf1e#NT0&1?jFMaELV?0<*rc34R>1l$jUcN^F)#&EWy`N64@q4*ff>!!d-4h*fElc
zz&U|%#q#O{KWTI?YTY2CzHj82!-bl2LH`+_Rd!l`1IhY*();7)-sJ{~u-4R?;ri?%
zYncYN`?jf-V7eXEOB2?>dhHTr9w$&$&!e%WxFQO1Jz5#Ajf!wZ8_I^Zz}xL#Y+0?x
zsTC4kEhN66R!ljqP%*7X?UwAz7erlMR#uCWF7sNY4Sg~HO0XcpUzzQ%SklBesuNsD
zqQ!9{1oyc_cG3HFqQ9$&cARJaukLZf0b!P<B+BbsLBJB;IeYl->ejVf^cLr7*)w&;
zY5IA|o;$tl5hOXsQa%K1?j5|v#hq9^&*_0x=U~6VdyOTzsTeJ?S#fP(Jf1Nyp6&K;
zU_71QdL+hENFqX5`<|$do610S%owQ7Ky}(y^vP45uxto&>n*<{>^bdfCAM-N`ayj=
z1;MEWfRu&+<OHl3U>5Zkvku}+ZEF6KpKS#{T`T|aJi8SIXLhU6VMa(QZPR^P>p5Ez
zV$&YCn;x%Ha4^y(36YXcGGbCV8-b6nt?#8XdO3n72k7ym(Bj^7IEse!;-4QC?cF)u
zjoPmmdixl(Hj2*1(AaS6{%+bDL09|JR07RIzw@;lUA2;%jpX)K=y%vzdNaHyQ<^Cv
zt_#K}>*&6?dJoP8&uy-_76q{&(34ac7-O{m9Mg=Xhv=qA5<*gvw$zJp!*oxD0DIeQ
zr}vf8H!0&dl}CC~`u~kGIwi?6$;i>?`aknI?hd4n*dv~0{Nb9UROnk8$JLteR2^HZ
zibTdhUwYd*x5#|nG+%!D?i~^i=;o(B=ZuRN-mu7KIlJn4l*~Dou9qq}3ZU{A{Eah|
z@GPVLrc0(!p>dX(7q?tV8Q#!iHPt&VtfD%ZdhV1d-PXMr7dB~OS%0i%=jMD<Xw9+t
z0yj%_!U{diX)<@N9OsyykaAj=-Oa}Jb(Y5WN$QRD_s}fk6P!8Jb#n_9mi?G>qRa+e
z6F@}DW^pL=vi_E7d}Bg-^E@+6ksz>0q6wLD(JjDHHY3ufDECX2sn5sQTO~@D3@>Pc
z1bGnDB+g6&9i{*Zl0+Tal4p8Z8Wq+SR$BnN^f7VgmwfwYv*B-qnd=)v80BByj-2bS
zk-X>u*|6oda*Yl0XjTlw?UUU)SthDIJ8;8iP@W`YlW96s%{D6TO3>MInozEDM&6l%
zZZs6#kDNzB-|js-i@h-_@|=hSgTo<38Gms9<!zenhLynTB=#@=7kx2)`n7*HG5z>s
zc4~yKqn^4Wq&pGRJo0_`kyP-|Bj@2q=2*@b+;3wTq3^JqzYIPFc)VU7Y4tJS^)G{u
z0knuk0=S5k0=$T=2Y3<tUt(tnUgUEn?gyUxA?mqEJJ*7zMb=#o)r=;0GH*aA4ZbUt
zR*grcCJv!xfy-+6fQ_{CJ{wbow!Y|a_7;$;9&5fP5Y|~w+QKtTnRJp6#K65%0w?~)
zHprzFYPtuclBDAXE!-df+rds6dsu?CAgoX7<aPCyooI8R*pm4eatJky%Sxq)I_t*T
zUYd=7sIeJ&7l4`ITouA*jhh^`vX)kJD}R5olZ})l$6(j$v5hzG9R%B?Wn=X~h}K|O
zf)z0}(fZ$$vTLkf-~ZX$NxG?-g<oN7S>kPZ(Vc>3&2DC@CN`A3qf&)Cwpm3@!=wV)
zpnE8;UEi)kx)9b<;SJrj^6YH5FI>11rJJA}W(Gjk@Ya>7wwK`$7`urq)_luJE&fvq
zwxdF=Nq%53glJ!5xva@N24gysy_&=7ad>Ge8CcI7I=wl&yhIt%nw31XMg8O<YAw^a
z0+D1H!qU_~mI)Uj>R#92e#WDJo{s*%H^10_9FP9==9ho-=V|tE>4bZBq0*QRo803%
z!1J0ZRt!N9S!Ak;#HJEyElCl7mp^E_f*n#>B+?p?;TbH|_-sn_HlGP@G>}(60o|UU
zY@Nf15XXg@$Js1jpXx`;oA|@^i+U=$-pP8naj0YW7vnEnI5Hy--EG#Q0z)AR{&J(p
z9WE?gS~Pn(>m`~Md(X*sMf9fP$2!O(`%phlC+f&v)O{MwMz)&Wz9V(7mZh=nVLxWK
zksFWDA~v>3Y|lN9Zxs7D9jZ6$QQfCwY;4cin69xs`o?bFtvaq>_2YG{et)E7H+`!&
z?p!^Pr{5NN+N6_p|6bPr(zGe+6Grw5HU8}u{aU3xC(+677KdgGVUI)D<97QuggthC
z>yd)3U7pAl7T9kI>R(4H^4OaN%Je*lBEmVH2}@mOy@^Tu;rhk4n+4?%;xi^K88mO1
zf}5pS2U7|sKt|ZvB6lmsj0Cg#LBvP1-5TqK-smZDJ+W*EsDKg}T_d7GYUJX=5p2$=
z5qQAUiWds!+0F5qhdc<Bdv8j=TM|Tz9!4)8N;J{g5?K>>rH?%?FWu&w5}7pz-_%b7
z|2Dxk`ZBr1Y;-wAWRa`oVN9q*;lj0?XTsPz_sMuRMsJTS(6^mYdg0=|yu0>iXRSFG
zyR2Vsrg|F|59KF1*YvVbg(*D!F3Ac>?@2wZ?23y{^G|p+g1=jO=)!8L$ahPP9b^VV
zh>1FRw=@mCpM7!ir?1etjR7<V=?Nv{=G#ck1utgv=B{kK9?>(lX)ijgsf>E>KBt!0
zbA$`U7g*5*4iKlQtk2O_z?qVVZqB4IOR-4N_a!ecWv^Rkg-&ObRdH&6=aaoX>36qK
zS?jZRPqAqc`{s>W<h6z$Z~o3FZ#0~@#)V^q&~BhR4o7OnA$19qL(Ev`7-Gh14-YY8
zL(JF^GqwhAh#4DV#)g<N-xy-XhM2J-W^9NV^S?60jIE5{ddwJ<fQ>5(00uDgd_6`W
zWN!$r#25r_>4NYg&SYhuMR=-+s9}Lifdc~#q|+hBJ;rpGPItJPlHW|JQ}%N<qYf1;
zBeMH?Qg~87g47%{^wwnnzSY=P%{GI(_$lY<RffGzqq47gOkCTTsD?2u7EMuWs$Ipg
z7}KWx>56M<VNO{$Z!<1Au!<Tif%nV)7iB^w7&<LYCjy=d85fr0PK#;ov6XJr%|>O?
zSd-%J*NdB`RmR=-2Pg<zmj9?#Fz&+Mn267o61p7|JJYbHrZAnYYN~7_Ihfi#5p=rL
zb2GMHFNsYmU|w=QgnS0Z5b`<1RMo~1@;QWju8kq&)4SAxJgtr)<g-3LG1?Rt@`-)*
z=+Jt6l?lB74sr_8n=8;()7(lC+^=2trgu^3m<0N*HU&Qun_81XO|XHfRRiK|$~A>H
zu|cEV7x5ef)<Iw$IKm*XqCsF?AA`W^UFtxdR>vT)*2gDCo8kmkBGkqrYf_1OXi77(
zF1v<gHEUYlwa`kLBuOF2%^l5u1p8_9`p&6@&`fJuuZyxkwStmr97f%d<+j_dsq#m)
z>vv??GudsO6Sl1{M);0c!;la+B*bmEe?vlC=eHgyA<nqGUiGP;{)05Z;Kpxef(yA+
zW#f?DQM|y)H|&`IcRuL|9%(G|$^Wy@Su!K7|6Tu5_F~0S@`OV4Q<cKdGF6u&V;uR=
z>uW-c57Kl7KyUxfCvP2iE)dSLDof~ZZ8-Lv3uOCVKSP&O&86P1G@+C^Nyg=R(UkMI
z5dBnpbnLo|j%|?Fl=C)Jm|*c1oY}0L?*IMUlL;1od*Y@|CBkWHkYi=~?L~^AX)%P}
zxF(uFXCM}1k*g)#-)U{%Q%)q?QzmRpZ&L@*8NDa0>4LBCucf!Hq;gto*w)SlS&d59
zQdQg*KIy=|R^)~$yr2u(!o`~s2@xY3Op@ux5ofjN1RK)_mD?RY;Y9O;R^ny5Q3JL_
zRBei=&g75!^#y5UE<VnrQf|5z8N6NF3pl0vhP3R1+oBCOqz&SuZPAbVYV3HA%yla_
zsqLbZPi2$J?kYDxpxXj~SA=2nSWR>^^tc2hS8up$$J<8Jt$YOmdbPI9AdRj)?w5@*
z>yU^W^Z%<6H|&oSEzLWbN0ZyyD)f}h3Ogkk%1pU@EKU1H)9F|cO|uf$zr1B3C_?&y
zINn;<e($PY*bd88uN?T-s(jxH$Qzp*jzsf>IeKJ^oTs-{2x_Q>^i}g|qy%OXvSO=N
z3oA(X_KK%(+YpX9{ZtSTIXc@rckYXKPrCQRP=FXBbW=T9rv2q!MrPX>v<Xc%+pv|#
z?UInljp;{89~?F4d-LI{T$CZ}F&Ad_6%%Fd8kJ`?krg74K>=A1)-8?S+NRd-IUpaW
zug<&TOTD*lwSRi&bj-BNzvx5mHln#Mg(i355Miw|nMi)j5O)d5fGL7NawpsrpJt_B
z_NO=Px`~$7Lup-)DEpBcyN2BglW^<T)qN@T(M_O8Fm0wW{c@WHu^wk>4r0&beM5}<
zoaRVz@7(pN1FpKHnIA!>aNrI8U9v;;iYxs;7h2l)Z-+k1b57(duHfmdH^)pZdTVS>
zjYer^C@7FN_(r+R%TVfdbtW3pCDZzk-Gfq9k`}zP#52xDpe*@~SmxUe_-0%6H|jfA
z|CE2r8`CgTK(|_nGk>Adr9Y%7Enp+C-Vv<GEa3865HTYt*L2Res`puCW}Aj%qjK9f
zvvY*z2MocNAJ(TzOK`{5d6AWDfSxaKt}*|AG<gOj`d^e|D&!cQB1zdS>%#x~8`j=l
z2d?2#iS#Ml<BZsz;|!4um`MjvK3(IMhv;F>C9%eDYi)RPN0v_x8#km&Y?kQBC3|96
z&)TId`4nVpJ%PVH8Lu(e4%h*<8)5G1_+uZ_po$l5{c>$-Bdbfc)?)H;Nw;>%5z_5#
z^<*jC;!3F1vyTyMt#$OV1>1I-H7e6D<jU_(0Qqbk{0d^NLmoj|%V(W$ft@+6C7Vda
z1)dT6%kPHqn;FR*3nh;dk;4BQsX1m`iXtOIj+c0m?cf{7$H&Ki{OT+HzbAkE>bU;D
z$0uKY_4MgiC%-%S@~f|opFaKitEXT7?)c=7Uw-xUcj$Nr-wuvKDlC3?e2g>l&i7pC
z@5g48|NDuI&r6@Czz^dYRr6v}NFr=n`8eT=TBV+mW5}()-5-y?emXurvVM@ZXGV!g
zk8EFM%4Xw)3&N%T%9}OJ`)o8CeOCE6pCO!6@=g&3qQm&^-@*BMfAZNKW$80?R!GGc
z*TkgRpKFEya@J?gr=sa2W{fMN8yRwGyHsXGjAn$5HEW&}G)sv9;O^7+$K#We@yTb%
zFht5(+3E5bVg=Z4!QYG;%V=HcXPP+cuR~7pGt~Z&wW!)zYB`;YQc@hDmc50)n7z1#
zNnGnmz^@sV>igBdyr9+zn`ec<S##=!EzG%4HPhh;i4vriABzl&#%rJ1`j#ex6AXx&
z<vNqJhB9ghz|iaRjAzAymETwkH>kLHN+dPK2l9+2WrF?RC1+Py&7UFTWLx>OIhgC_
zkL#RzREJYK;?~Z)0rYf68t_uANZT@gs=333MNuS3!dXHyYBDsbL^%d8Bp0=;=lbFl
zR)rj!ryBFPs{fP=3Tc&9S<H1Cv3c#@JOC--Wez9L2|K;I{PF2c<L9+FkP?w<(pU4>
zJmX6(V^>mCyAh{$$s6KMGde@h$vjnl5M+My8%galO7~@H7=i6w5!Lt<Y*io=jlp-Q
zrDfaCHR0@@2n7c;WAvXTZ0D6krefI&Oh9IaZT*o$TSa4u1kqnX1*^exW{8&Hk{MNw
zxFvkCC>T}CBcM}sQYbFuQA+Mfb|mR+gheu^iX^HK<Ot_<1XE|Gz`-K@+~L|vp|lR!
z9EgYK1T+b;mcp7brP^p0(sX@sb6cUgK8)4fhkdV^uBs!@8%Eg_?h36bE@c_ZDrRcc
za9m6lRLQdSGg5qv&Vb^Be?QlkGaaK#hR*PUWM^2CM?V0)({iLYHtq=O%xd-FHHFeK
zlCJYI!8kVG#JS8J4V{oVzNfs*u3zOD)kv~JDk8e}YF<o0OsLe_+O|zHJ~>)o{r;v~
zs8>0{EFBs0*WAW#t8m3;PDNXd&Zcd=@vtk{D2W1`u0SCyW`(iKcLzMwiC`Ij=xUN^
zA_1i>rd%MX6^j!^?=gI6PSdot;K?+@GwG^I+1Bu~$a5}~Y4dJQHigj5bS3rQ1ah?*
zI+jEkgGjY34L!%w1jCGIN%2}2)dI3Al9Onjgs7BYj0GfH0(i=d-`cRbwRN-rH6bMR
zDOjoxw;75a8iMZD0XvY<M45WLEg<U;n>lO3mI;E>C78tRrdCE;B}q0t(6fG+w;ob1
z_&rSlVOY7y@*{@zH#k068>X0M)_2kZlL(<dXw4ECpUv8g5}ihvCX&0UU@d7>MKo5B
zKkG2rha51zc+1Xu#cq2J&0Tn6>@;KN!e5RA$v93&t||JHE*o@2G4P-@71&vvFU@VG
zW%V%mr^gZ)PHBRNJFd57#98L?eU+Eb6ptQ_tUYF|WI7o$KFWA<H>DXl*lcA!d-<rV
z_SJ>~eRv9rSBoF6*;9YITD&Lc>7E2RD=jj}n&eC>foZF=)Q^mer{uJAB5RX5H!&PU
z!i(h+>XXsxjSR$Q=e)yM9Clsi5N<3;dJfK+oASe#GserGFW!-)@E5FIuR3Qy5lckO
zhfD!<^9Ma`>Gu-qU9kpIi4~PL(6rnqQuBXT1$8FgINCD6@DNQ3g{U$-W6rrG2%Cd|
zFWysbT*#ae)aeR9P@Yqibfq>W!{I7`RH6l!s@ij(SIg)a`qQQm`kbH{n8c-KTnqiV
z2SR6aB@YoDld)mzIGG2w(@bSShyrP&45zPQTs;V2-$~ORuvYFpEU)`2F0~$*FNKPz
zWPEUl628a_rB6k#c(T;&Mqn%LyPE36d4DA0ZQ-SE)FMlP>7~FhpO{U2;-n4zAscK8
zyJd@Bdf^h3a3P4yIRluh&ZhrUg4>q|<#BpI&gpFK&RNSX;09}8PPaoe=nieNT)k6x
zZB5WF8r!yQ+qP}nwr$(Vip>?<wr$(V%Fh4o{hy0-F{-;X=6rh0>SxUEs<)BNFvTF-
z;~=9VM2FxAf+g4x;8w)ZJ;jhKY2u2Eo8cv-mh(cS*$zC-gMpak`nyo`FpRps*nEbd
zQB7#ai%$@;$CEZwVoUT_Ml1U3sa`@Oh7Ebscz~3rEQ<2iA9Tr@M?%Rx(=ULMv!vr3
z!r4YmAQ4`2{29rLSu0)4FH5+|p)F8A5m}A1ff!{H3Az*I5D{gk=fRPuB4ixcjAa?_
zKzK!gMd^5`5P+6(x*u$&BOv3g;+BP`doU{SE<?|@9EMcjBdi-#!>9KspK5@*t^glI
zRX|}n3;u;8!i`$Rsj98wCM};5r~#F80X2UVIEhoNTK!dnPf!fh?Z@h@GA5m>BF(ze
zK2A?jAB|3f%$)tr4TJFOu_$ac4DBCGC81V0bQVk*Z;2vn8OvHV7Xdlk@Cu+I-ZLuR
zQZqxDU6@+iYaB*1sui<2=)q(>|GXL3V=oY&;lF5?LI}wdM!Om%0ABam5(L9CDfo}9
zFpdcX!?27ASR@1v#E(`#bfb7PqgCsTH0Q_UIxc&id~DTdTLyO)f#RoMx<i+8W+xCZ
zWFxvTadGm&8CuhteV(H$a$_%|QkP~(m?l5*nYnG4Z^v=oz71vOdS%jF)8<0Mj*4#M
zE}=oH;IB{{3}T~+5LRQIm~~KSbCiVTWUb-B%bXrdRi%K%Djtq$dJ}9uuW6ElNK^c9
z5gt#y3(cl59gj8Uu{m~L0@`l%Sqj?d#X{<GF<7TdSBwob6C&O5dm*Q2eE51C<uR;Q
z9^{c#Ziz?K7frnJb=oWCSoC;le?E<Mw2pD!EX}8cVRT$+)rNxuChO^ccClC#rzx$F
z4uraHRLe6>Xa^hgPUsvzPw5{b>ntfHJ~0bswDFu`=F?uD0yG0|3DQ+zj2ju5zG3W+
zRHX*veqq_caCQ6tUgj`d-vx_xQ{Hpu;JJQt=h`E^9di6{tYDbsIKePSn87e8?Y{%w
zXq*rThWR_xKJtDzOmp7%)<ZJnUGv4R#^!xY_!??IprCyxJlhnIWTzG6;3F7i$P!Xc
z>o>H@i?15MjXPM8=pzq)5&y<9IYYL9WXbxZ>?Sr(dA8HRaU1r8;bcGY;5k`-TOGJ*
zoKF(6K7;fwYbLH0Wh*NbQRJ>4WCz^plZ~#?7_8V@v<d>&ze4a$9ZMaRl3vR?$?47*
zu^6RxQJ1G8F)&n4EPq;|be%=*(0#n|v-cNrtmw;Bw>wt|?yBDD1pV~#PK-}G1JE{g
z<#_51)Nfw!K@p{gZX?T^I~!@lbbuN63{|p3oP8CIhQ@lhe#rC~nguxzEY_R5Z5*uw
z4=ghBqM|N~%OLP{um0vIg&$5y`=-oC2#xdB0Qtr!S`Y`LTv(?F&4Z?U2a41jXL_%f
z&y{X$khM}R6+1Z3#%fSLZW(r6K(Z*jwUg^zAZkN-`Pz6$_}Xfe%LAV0Mcb!k-!xm<
zI)JuP3Uu=wNGsi1Rkjc<^9tJOF8o@W5D8^xM9!UfZ13uXcxA^Z&^IAo*mDVePm5aw
zr-Dy9)W!3Kws(@PUCMl--Nv2XOcU(}I_=CG0Gsw|L;HvW$5VsEc_Bpa{OK<ye7&A;
z;A3Md5aaJ@w?r9sb<)BoT%Lrmo!$|06xZ}(AgpgByG>2ZbI{*=<(MDZ5QkE$ic-H^
zJ@R4|6`@ftZXD6jPOm5yl>)Z72EMbwDHSNNB)w{MVSQ>2%9<a`JAw|%6p_yfb(2?9
z$cw2`BI(8%`TX6|2miBOzW!r1mkO@yIhQ(UJeO(+)A3M14gWu+lksdKxR&Q^V*0n!
z>Fp!l;q()5-7#W$$SY&&TWx_<H{HT|`D{7mh~=bQ1!pm(NN~B~K<rhxly2?io@3W#
zRfcgZz)7ci#d_w~%?acI|FW7a@Iv@DVHWO(UzT4DqPkW<w@Gd+RLN0~a^0B#q+c$~
zYV-UG22grd9-;(_b;J`Z+$feCDE20R8Lk$lrn-hG?ty<I!m=X$=UNzOzqZIg#y^u8
z+Y=R1McHXlY;cFV__lvT@Vsh<+7B8BF`(#;O)!&rl|O)XQi0N6`{5)2f>5j0C5CP<
zZJDh6r*al$gM0|_4KD+aIw#iaN|U8&tpIIgaK_rOdg#Z;=nq5DVRe`nh8fH=!<EI#
zV8AL&>J$3Noj|pe*$~=@0DlYnw}UXC_gr|(f3+1*CoGGTF`))l#DT{4J$Zz3CsnJX
zY)XnE5(Rr~PH5(tlz#hxXE9J@Fqt=WCl6gVz-G4AeT*-x#nUWK7HX&E`RPy9&i2MV
zo#b*ztgwbsXg&1sUqa!ik%vR+uJc3Cow7EZF(~L=0n&;@LNag8v8Ug|(5ylN0kTx0
zAjj}xddM(5vm;px-lBedVoT<?5wovaw<hX&Rd{+;9;v>MI(v5XO9?Pth1PY8@hGZK
zWmwwp2|NCB^`rJrh~(hFWVR=OUb~q++z%gDJBP^o*A4oceaV<(@7LXTcJ%V+ZRdcC
zhx?dH2F7_`97+b>pT=yj!%sYQ;`jYLK|jayKJ@c`=!f!=Y#ibrIz`j3+0gd9^&j0O
zR<CiQJ~<pidW;cj;;=xmvHaCOq==6((Y!Vzs9^nIhj6RD#P@kktr>&12aw>hQ?Y``
z&@sPPydW|*OT&L8jnTr0+IVhAZKNRb`_j_r+v+&HcnhmiBWI)jFsELCPec1iD`jE{
zZT%!t3wppty;}&;TChG_v{|&V1TTa(jo~%Iz&q!xB`?w1k<WhV;`K$e1{2*G!NO-q
zYkL}JCq$unqq3OuU_wNsvPQHJwBHW<4_aiuqo9Igq9u2vT@(e}7|M2+fC26ycO{71
z6z;BbR#BHi>z8J{R3I*b|KKw)_UN3J$Q*F9q2ZPCZ>#*6TNq(b5Mi)d0h<caDQ{Iy
z!l8n+Wl&*JPJ&?xh*e3v#;78WQAs=mj9E$irq1yn1G9`6WLzG{pdwx_>+oM2ftfGj
z8d8|Fry%L@>&XiCKhc`~8?FC^t#_=TI-bjM%l|K2%SqOl!lZ(PNd=jI8#|a(knsQE
z`db-QkZfv5)*{fZXvojBO=1;aD9FzOEudh-CL!JAwt>BC#Ejyzg7E5Nt%AF)pu7Uq
zmchK2QJ!w9tJv1sN(;a(nEPtgWd-4v8aMV7lpV?`IhIghVhT(56vm6Ngh`_dlZF+>
zjmk|JRT}T&3zJ0m?tdj47*v`tsWcs<|LcLn!pIILYcn_W|Hu?Sm@LiRTR~*a@5BFn
z=r@c@C^%M7EB~KE^+=hj^4z0%4r1Z&mSX2oUTICid-F-UG8eT?Dt$0+m{~S4t9za4
z0CJF0|Kpaz#^&!*fSxceUxtDu%s6wF0rXo<(C7}t_ZIeNTN`a(VG8~X-knmd&lr%t
zcUf|m=X~L(%pUiTB0|HLph+Nacc_w26hs&^$ZY|Bt$trvmapKdYM@XJ1UA(?(|R{H
zgvVNwQW9<C3ELCt%pYSv?_$I+9x(0ma)fm}E^o(mAmr#Y>C<&o0B_m7p&0<~yv3NI
zg5?cqRz#o(YBgtZ{5@*gCRDJnQfD~U{*!=G7Ux3k&?OMYLmM(nD{Hh``2tlYTYVg*
zw>XIu=%j>{`Vvxxs@1Six_!M#o2qOI*r5+K7JChBP@bCJg)J^@LAKG?lO*}}wEm0x
z*yiaR@P#=SDdZ?-7t*(&a!yJTDNiMfcZ}?osnm(%rsCo*A0wG}#R+81&vS??zl(Cl
zy40T!9JTKey8YO9<7^g}tbSGJebei5^Q)9BLx>?!DUb=!<Dkl84|~|s-P$!vVI5+i
ztm3pUdPI;V@<B*KF2|TTY3qiw#_^qC!(Vs|ajr%@U>-T-y9mnL?ty3~K3FJ1q|%Wy
z(r|@g$~w3<C83EySq^E5+N0khr-Qtt@M3Vf8;b1MCtn;)HPZNibR1u}pT&lw&DGPo
z{K7?+mOp0DlBJ?%RUC1MGw1Ol7P^lJ+lpy;MM0&z)%Zq3J$G9cpNQVh!0E;nrfeB0
zJ4M*eR9aKYNN}6$`PC^WnTsKhG0hp%ox=%kpV8`4XT`Jww%P_^<{}c#_CP9=A<?x-
zrgTsAF(eaWy(@t6h+fl;Y@Xn|###H4YH2y3e4hS1e4KdrgWI80C0Iha*WI=<-Zm!-
zWP;63-TQg)uV3uGvxALSdELkSI=u;CRhm|yb4lxJ>7ShFY7Ca^Nzao$7CZjy1zfDp
zcp%&pB}5#!#7|LGYEQMC>w+bD2qLmn5JihC@^e|ui*AcNB&7)J+682n8Go&F2RG;<
zAtvI@kCVly(;^ywca3x~TdV;#r&Xcz7S54upk{!$iDiDGOIp%vj7j^ec}NN#G5sxy
zyGmzR%^=XN<T8pP4N=?oZqr7vHPq1w-EgT|$(^UnY^@Uce*YmHdQXHx2ENL9#8`bM
zZ%lmHrlSe{n<fh}*udJBCONGoX&tIzePo3M$pP<kyC2EOaT1&39nOU-h2wTrf{<;r
zZepb3LOaS-t`sj&=?$gtW%Y3+kr;858ro#b@%NPvDX3U(-f~lnd`g5&qD7=fq0lHb
z<DLx+=W*%mL(fQah^f^+;zS=g;?yikxr~?ei%9Dd;F$OMlXh+>|JPzzrAq|)7t4D9
zYDy-GF6OKcIut{lh0xdTOzJD-xgY>=!^pa2l|h*I5ZnfbsK^4|e{QjGs>HbY+JnLe
zFq&<;!F0g8%t#FbKa^A}gt8$-ht}A=V*eUwb}Wy)@AT@pozGR+yX=IbdYBgdE3cFU
zw-~>nfS^Y6o{$jf+wW&|@shnxPG8R@+kkZ?*`3pjQc{tyDnyFAyPG%G{#C`H6`=6Q
zDT<+^P5%-k+rTXO2qclGll<IJ_pf9G^N>;+`h=2^|3+@9&6GlcOU#UCq59|N?jRJ1
zWb}{{Z#Z=?zl)eWL0_&zp=ywf!_A7`CL2k*%)a}qjB+S>Z{7EKq<?Gso|n{#Ro1fU
zTor+^{Ds2EnUH^WNlWl02$XwTqBl`rnO*!f0wmKQ(R9RbN{C95(p`bX`J=f`?7XI@
z9T_r1Y^o4yn)|~TL%U)WD&F$VMIz#)7^FVUZzlBGPMl(-nRveT<0C}6ydv8GF(<j^
z3Y{^SE*WCjNy7B%4C&2+ev12+0FE`_xS8%ovuOceeW@L_C%2~ndYxU}&*jDQan&XP
z>lp}c0TSa<0d_K1g-8aL3($4Ze=L1Rg$N4kS)MI;YD5`WZoz7W2*1@_Hzq69d^DDe
z(ATvh<iJfa#SrvmZk=wb(`^mYsSiA>VY@bi26x`HTLI%JwA&A{ofvxK3MBDo!00vD
z(hW^l!r%INJ7cL!p$oRu*7x{aNQ%AMp|h*$<M-jJ&B@br^i{u8vl44$oB`gn#?^2;
z@HAz`XB`CE=}8++u7*v-rsdB$4Yy$9%(p|*B$2Jf65q$*`ypOTiMG*NKDSA+s||J&
zGQfJm{-)4BAOvF3`K%*I0PD&SEmx!fON{x>Ov9pPEal|#S}vm>XU_L|(0FI>ODqCG
zqv$h@(J5E!7+(lVs}QZIyE33a)V-oA^D*%C>}X->96xz9b>l2J8cRAXYZJC6oEk23
znZOuv2<Pcw2)RIWRwwkZpN{>#yoW-AJY}v<g28?$5_J?U+)Y0hXP00RAe+}T8o0c(
zW4AIIxPqrbk*AD^A!bkaLe+4+>PD_Z;t`{w;jd87JEbGU2J-$~&FY9nOa~)jfPBs?
zlNeok2%#-Kj4SB-_3!xz-|i7RY5YPZL0_Ksx3jzYU%wU1FMgib!H3JA0>`nc?SLRU
zIL0H&MdQLSG9LXCie-`m(4~8-5U;dH9y5PBx~P7bPtT84QMNW7nfkO8?Su3bBVcPw
ze4BQnTmtv=XIX)C43Dj?wD47mzy(u@U`m83mWRs1Kit%UhQB3E5Lfa<EHB79`_Xik
z2kK!~)ORi^I9Fq-0?wW;khZgPeM6343Z)j$lzr@*$5R=-dRSwf61L7$r4(U)f!IYf
zl^{)B1Z@v;t}CeLd)^&$jzp(e+vMrTf})QLKjo8V$AzkZh%5f~F*|Aa5uiD|cL8o^
z9C3YR2$gE>H|jOpoKtX1y31uxAbYkHnz*kx-1Aa9;-iFk=b=WgNtLG_8KH=})uBSY
zQ!pt>-B!d*a}L|Qa~&WNAP3-TZaaPF;*Gn|3S~!Y9)~VSbyJR6-s&E`{7w<+1s@$u
zX0kgD4<t|uaj8T>yuv@-KW+S9TwHHv{y(RO^Z9=7ga39%?&AHq-%j?_U-A7pIM#N5
z-apfKcl30>gy8+YGf|_tAN6~0eq`wUB0-!S?xt^xOIHhGQYsM9iJP8h6Oa%iAyEUj
zj(Yxvjn7gYXgD>A3q12xQxs);`hwjCB4;`@=~`Z~c}!!a99Bvc;8hskDo@8poJ4m$
zBLk%kXPoscGh)C89kSc;Scs5`)!NqM*nDQ*ZHPHw0`m#nsuTGH@C`au;m<{WL>1?p
ziiW9%x0P%jc3sf8fHX<TR1d(xyy}8<=~4fqbICG|U=n5ktar|VFfwroiH*P8Ife15
zC(XS~ghi4J4GkiCOJFzgNOu)dRzvf<3DKIcHO+e0%JoQQB~R7no6_6wv@2+#A$}^B
z)OGjf3}hIBcC$AyPC*;-mF;pb{W1f7F>beK#nLJhosNdyYEqFa+=)ItxVJO~zaHt~
z04#VC0SV1wozY)6%Es{*=S$)M`(_NgSREy<-{NrF3|<~-TE}~NM<A^Njy0~jr(w<d
zww?HJ5-eRpwhmbdGSM`ZFQ7D(x*S7j&4o@vPV1O>4b%<j(5h}<KBUq$d!0uRgSwT+
zvD<J73}jjwv5#TW2sxvc_Gd}=16QIDi5?NH%3~Fl0X+6Dwoc7(08!{@cxat~ENU!L
zp_3mbBPfj7N<W_;J9_i@B&WWyanm|KATu?h^+PL>^etwJlbwm!(-aeVbz$}rpW_^7
z?rClb(}=P|QTqVfMp(XPg+Ab$I;$LOq|Tc!S)^FtsgdR=?iyoC8MHQj$^vZX45fkz
zKSOONKS0ox(|2?=E$Oj)(1EXI1VG3wGADz^q1>7p<68382H%22KbrzhtvR?}8GGgw
zSWub&dL0o@n5UFXlhj@gNt@=El?hYOB&isX-XtFVGv@gWHIZN`Z2a-2LZLM?a;DH2
zZiO&7??ks8tJYlfIdi4ku8vTWYKkd|s7oVJiCSe7d8Z<XpWp<mXH{+pVWiNPCY)oO
zW+qZVS(>T3ixpK!WF)9ruN-sF9f(%(JV&xW@cdRN)xodI4yGXrqAIA$n`fn!97FDo
zgeo&XMHBSMopL9d2lx-j>yzCGd5Qjqlj`22q?ab1ukIfR|J$2W^_lSRBDgwYd9*u;
zCM9vueviNjat}1v@N)wZ_yQvrxu@BV^Rp2xMv5Ys`h2N{h~_p0weroxH9Le2DO-vX
zU`uJ51(vo$0~<NT@KC$Zr?<E_xHVYbSlqR87NT&LPKRbYU=rPf4W#vsG(4he!!J~Z
zC=#eMx51+ZT;h=gq|Qn6KwSa}4U{lPal!5FcZYjKgcRHyu(>x>t8<K9dzw~NJgsLS
zMr2FEMe#IqmO?6RU>u<yMRHPj>hz!>`fYh5BBP?hI|?o^8D>^ky~uCEfVguIGb{Uy
z!^rw?A>rLxH*JRRr}B9K7A=&u)hq4!>cf5K=4O?Bq!uAHR#G$*KucN#C3>{(LON%9
ze`f7$nzU(B6s)?r7P@NJzDyh$FsJ<d@iN9YI{niWxknQ1WS5#GidPZ;D+x}rJ$i}C
zKiqyw6S&Q;ZwsCXk?alj59AXesvZGn?qM^i7~V^c-JB6jba#3QyV}yw&y1GsXZPug
zNg1~a(&CQ+B3!}J_Trib1GExFf`!+W-WRVff25Xm{i%&=xl`A=>Nr_xuUo4|M^H@m
zJlkESnR##a3&uxrnu8qiFxFadRx4Y6NdnO!9Y+Bt$)Rp~UK`i6MDaxD-ibpom%qwC
z24y>ia<rH>{}oymLHVLpZj5n6nodi<O$4}<HhKXcQACh?f&G@4EHBoLm}S8snVmg6
zEuUv+<IfTdQ=F)@#VG_4>{DFKH4_e4dy#4l>CmU3VoR3(2{Y?S61#+7Y1Jkkt1V$q
zJ!0o+zohKVP1Z>mqWJnnfCCFc%hd1gsWIXX{tRX%_T5j}xvd@-h+cIkQ8yJ^0U>vX
z*C;87G8QFgDK6xpGI_YN4K^H+6-c0@87QOH4Wa^;4FMRxtq%8zvIJwx56aY{*aMV*
zSa?CK^i;u*ryIKIc5{1^^JG(EtF#l8&5MoPevd_TmtK;^xfj^t9tkJ#R*XLm+M>vN
zt*^*J=c1`ZW;)Ko8qQXsMz&lZ%N5KES5EZYUc!W!ofk$M-@;_ZNPK{ZDHF9zK`1Z}
zB?$LAHUX^Sih(X%mL{6&5>PRsQDUWnXxY6^tH#j%b^uLt20Er1<G!HM(!Y1HuiL<r
zoi_&}2RRl|xH;uYFid>_4<j=X%XAqnIz5_!ukKMvbJhJy-|I+3wFO>5*4y^zgb(Lk
zfxY^(V%j?df`0i&tF0fpsYleJ*MQ+L#l*vMAg?rKKjvRDgy-Fun~QJG9eb~V(WX)}
zE@OrQq}<8odk)y3H!IlSr-27P%x&<#FGCl6*lQ{y#t!(P_m#;n89fZ%-)8@{;^ZUS
zoHFpJi|@bV`%lfur+4t%<2M}izC$$c?pXlx(XshP)qu4$g5CDnh?r*Ev!bQuLRTOi
z>4-3~o~ea7t7+K&*SGJn`A6CzL7bEQr>;?FMJ7$G<(vqH5rp2PYAZLFDeX&agB*X5
zZGDjrlXOdDljQPc1fvJLQM`5yYcNTunYPi)97ZU%L72@pW*--JlR*7Cn$aj}_8*45
z_Lo9Ue(_l2^XK*qXrgnT=dH$}Uw26iT~w%;dPN;lH+^nIV+vs)#yhE@9hNk(kWeA5
z40F;3P6}sFcpj^05&}@JLJk)K(1(l8Onvo$_W?JhvJn(WYMDNWJ1fb|ln9=@aBp`H
zS5=$0d0dE++br`Mpbg&dmQB1}TdOgM7;=$=>{=_1KGDD(NJo}c1nFicRNhjGfht6h
znZ|WU`DjFzta3QoL6+1fjN6RLoC}cFT~Q09gX=yG00Ek!0!t%-L~@wu(?$Y0dn;Jy
zv7>9`YN~mBec~x*E!Rt5oF90|wT)a-r}ZVqT6#!|(Zv6&#B?k{-2Up793dBnra?v2
za%ymKPO+d!nI4ILBA6QbHzEV4x%^U+R$6{~x*({_-^c)Lzw|mci5(8rd)*xBDc~1J
zw17C1H|qE_v~!HH{kP4TTq-Tf{b~u9iqS|vMwvXz{MF&)$^EF$GyFJnI)@{1VbYkx
zp3Qyh$$7&@W8Bu+Tvi@f9G-l-7KbHXEtSzK-Uye8H;1tyE(3#n$_|%dUK^K~L3I82
zWBtf${m_eBOM$=%wuY_Xeq-M&!qI{odrR%5jbl_wzbwiz10;QWweVqHQaD9X)X`0j
zsjG_+(!3&lqAum0(or!>y{2>>#wf>_Ki&~d09)W<Dk6<H@Nsa8skI6#s`{)QnV4Xs
zy~CP_`4ex%{R{BEf(YhX`DEs>fGkUm4TL{QD`mw#4~JU-e+2-544Ts2SiPaImAP7j
zV3EigOFgEabf?itDHWPK@I7TMUNg!@<$dDB+puRhIMS(`ZMb}48LM%AEAM^yF5&%T
zeyIk6-K4@Zbls62{iwIz19{)-3pR@VRvw|;6vBtvL8zAPK<LJ*pc!FJ?_7z)Az}tX
zGB~ASVky8U)H2ajTIHzp)i2f9SZH(~@h6mG5x4JdnW<CCWgL_pX8?NsMZIP@23%1T
zsT9GEL`Q;aQM-uJYYa*`dZ1h$gh0Ms;*3PQh;wEls~cnc-OKvYkdI%CeTc1$ordSo
z#*AwqJ3i5!Q<7zigg67$(<3iSpVpIbi)Zvtd&9-Dc+=om(uW>MwU&a^w4Q$FhULG2
z_zfMMc5clo|Eny4;_*fvAq(PTP$<_pX{|mEY(}O*0xb<9ONRxYL5{x~P^t04P7Jfy
zk#?_3F3t<&R|yvRjzfeT6$UD_!eo}5^e9sAz}y(GcV-@fLC%M*&-Gb$u{}!B>)!lW
zOB<f(GDvj*3dpWK|D3!P!|5RCmu6f@7QdUJJm>Dd-}<9dA$pLZ8&x@e($!Ofbf(QC
zuWbBvDr!{486xhv{aqhVhR^ls^*pfR4^8yyrbiLLvVfY6;%*@a$_<|IL!arc(;0YY
za?U=&1jnJV0A8p%;O*DW0O=rAVD*ygJ=$apTOBNqJQI!ya_+yLhhalBPk@w|Wm5pZ
zaC;aC`LIm15o6~mwX@QvREv;)D`A0T*0tbrgD=PLG5*zUYKAVVSRgjZ;8e}bH{cP6
zEJ&(tLWrRZ>A4K}jw^Qp_r>&?S#h+f08uj)Lu&m`I@l;xW-+K<Q3$l+5uT!K9Sk*(
z*lfE1wEOJy^1{K0Y^QTW$KJEQ5+yWIyj<MRcXS<((_JyjUftL62g;@G(sobQ<1+fV
zFpZ7)c?8|vyy#n%<ugUIuA*02>zehTwQlH~=~%l7<NU*=(rLY~$HRoZe?;7T{yg`S
zxq?y8i!|+h+>3_qEX&eW13&+{cI~cEy1Id4p%{VKQ7(}XG`ribn-Z0-zr`rHh0z&(
zSs<_t$2xI51Hb}KJz8Dwp;C8ada<Va-;Wg`<s^Wik?qBSAQjXD=@h33bcT6jXDkPs
z8@%=by`hnDUAazoUr|kXEK#M=Vrx_&r@S~=?^R@J>c)~Eq=2>lZ`(B|%V3b0MRpQM
zH;SyaqW6K27uhsA0a6E<M0Rp?o%;~*i7D-s4;qUyYpypM8x40mg;~5M_*3<8EDV*o
z9!}^_B`n=r``KEcZOdY{-&4yg`tdt5pI%Te)M>=EIs&2IfAd?%`wmLkso*(32F)6w
zx9rdnK+0Ug8;<A>Dnl+2WmiC01<}6pO2nj`6Ck9W<yu@6<5_M)F5(67iKfFP9tjtG
zB3S;nyVWZzT=I@!$tRNK9`m2(HJ)&x%Ni!}WOLf#Kf7y;|J-iO!z7&X=j7P}j3QX{
z@&EJcVf&TMzC8_P|N7Ye`uy*`;QwED=OHG%s(ppeaemp`+$Rw|s=)eHYupFcw}6Q(
z!}W76C8UWmR};+D#A_*Lq9w-aTeme*T9QfTyY#Ho{R$>8T;pbfAIuTpcnL1oe$0P4
zv;Fjj75HsV1j~XA{Izp5j`;ALssdY>WAfC`zDBR_J!v0QcFQr}3{!r<HY^Ke#&^|6
zTHc_60wvF6=n_5J0hq<@r=v%mY$AanwlD`#Bm+shyGEU-d!BpKgKIA-qV0Ng{drY3
zP4&uputsZ!XCO!pGsLU4Aa)VC)}!(dnS~4LGW#DM24Z=g3(B29hXB>cd5GVo-1Ehl
ztRt%^A&sgCwX}mAAVj!8Jy#oHuz&v?6BL`Su#Y1OEN+6_%H|1>`|OEpYl$5Bg!pfY
zabM?RovTq0uP{Guzk9#;SLgfLKR@~Le~T(6@n3$}!u-EB``N*JJAU2<`}==!19yAB
zUS2K^(7o<1XR9@~GJif?f6SfkrAZQkgYErpb63#3Y?7CI0v0RVnV)g>_S^{u_dw}0
zm;%fC5`ozV9jzV4{Sf@3jp);!8R0!XBKIm{S2YJ!sBP_|D&n$&dvyGQrH0T|EMax1
zS6Iak)SW7<hCJ6gLHCz5GWp_7iJPeYjn-LmJa4camqhaf^F=y{i_w8VG{@#rVclNS
zf#D~TP=csVGS8rRu3Adl9!$zUl2XG<V+))83-hoG^6@P#&>H*BLDz)3e*^_ihBt^M
znOIX5NC4!tI6lm+&m|qg@cqAMOq5zB)C%m@0&lhsbPhb!a_KTHV41X!5Vx`3A$yj!
zD%k|U>OgwQGcysRGxcK{D0hwcZ2$twiQdUrDJt(G@T<D1G5%t}n`JO1BWH2<EoAIG
znNBy%k?&1e=>09Qm*JSTsrG5DJ~4Hs!0;a&8^r!5jV#5?3w)k}b`>H(vuYt0F<rmh
zNJ-EXU(^n10`E#m)on_PrOhu)2JW+^QH0#B6Y_HmIMFC-TKqlJ@#lBie)>8-rvA;y
zHImS)0hLy=I!t;C)-tdwFm&JqBMp^$640E$FIlBErikQ2IFLk?c8DwNlnKbL3&mO1
z2eHa26|dN9&#Z3}R1aaCXw!bta0D!Hcv(CdH3MRHnEX_2KJna0V?FG1e6vjxd5<>+
zm*dZQkq+RLRZe1iA-{VeOY}2``)ZWx6jQIWr~A!cPfrw`*tX2S2h_)6_P)Msk%hu`
zbNjqXPHGw&71u$p*2F3f3Pj@}HFiNghPLj}oYWWzBKYP~M&a^ZJ&FxD1#)V~qTF#k
zU>(l9DqzwphYhP|OpPpl&vNfs!V-FNOtCLWVW_P>D(?k5zYQWEE5`}!c2=~7-LUDL
z<W7?RvpGlox(pCpGOi<>c1_Z&B=nRH+D~a7XwrmJ)eh;RY2YcY^cd`_k}9TMf7?#E
z6IPqwG#j*LJmA)MQPn~VFCT>%*E*PH5XCH~-(=%C-R`AFMkQuEBQHjz%a|3M5d!!k
zkq@Rr_4Bga;h(RbanNpeYYQyADvNTZ;z#YVe=J}Pw9=M-iY4C+0tJQmi_AzlZru_t
z6y`!q@l#+wHj!Jtm3l_1N0cLpN1Uvc{jZYB?3w@j6jJ@sVi<m12<nmn-dgUyvJc6$
zTY#FO;53MYgp>wyB7jutEwumNS)+C@eZeyI%+qj;She)&o%>`RvdmqCM(n7%Ah@6d
z;9b8El3@|Gh~Si^ufB{#se6K1=B1!y&^@V3pgD-4s!{nt1cN4ow}MJxN-|X&ru5U`
zaXb1E<Ho8p55QK?N@`U0*s!Xu{Y4-6WJ{l^pbo}>a|DKXqr}OxUN#-UkXTz7mSOEy
z=UC@4XuH+*xnrBqsvqjp#`Xqm%a<V1e6+^DdSfF^^mCRt_KJAH6;MTv;R%0bm_S<Z
zq8E;v0;&x`GvCqcP)xEW+!B_8u<)^~pV^&F4t6_j-{K#rk?XEjZOI+k4Y_<@@BElf
z{0j2VefMh{JNt#QKnV#USwI@WjjFBgpHJKz;D7=VpaL86O|>hT!<Ik7J~%izv%Bxd
zq7_DU?G}7SaeEx>W6RQSRO44r{WA-VG#m%mE{}Y{(ysISspA1$&<~+TN&wMg=TT8Q
zweDaQsD>+o_&Kg1icpuhC;_9+K&V$~qIW5+gc#54PZU>bz>rFFoYXR4(Df!xJMK=6
z0$!B?G$W|O-RYo%%>vw%vIk9B$UY8JIn9}CxyTsv`HMMOW80m~<i48jry%Snr_5y}
z<f%rQWUI%fq%9Sk7jO*vw!jt|J?u=XFec{d2sK?g23o}mEs*^`)QV+*lJ&lsYwRvY
zc3GA0!XD+32hQ3eVcQ(=6nv&)&;Twm_GIfjbJz53oC_G7!MlHskdc-$DF4z`4=Rl1
zcor(lJamlcXn(g;h-UB9*fV3dOmQz+TPmc>e5<99gn}9nof<*r)k0Qi1V$d7i0l-|
zy2DJ_=wbb_ZeOR%k~L-_2JVet4nnv5XI(osZ`~<~2+%u<awtyFqCF#ke*}x(K3?`h
zj+dJ%3?o+KD8>hHS4Iw+mxvGIh)lj1!n<v>j6p3%NmSJ%PP*i^S8AAUol=f_^b+}|
z29SU5DBlvh{jHNy-Im5r4J8v2o_s?{4F1|6+A~<ECCa%dUUgzr;o}`526WS--7`zj
zpmWYp<DU8wk@I?KIsi79pokFrd1E~B?}}Zo(DhIF-`g~6(R_6;EY`ANRZK8967D_|
z``VdKeQ@Uy6I$js?!xyhYShW9xmn!ox{@wJazTariUVm^vkc!#bA)h|qap`QX@iNV
z4N|Q^0%msTH3*U2Sn254;yGO~k*#IzZv*z}8?|m(3H^ARRc+%yyTV{m@|{kz@-99c
z5+o}nOyxs@#D5EZ@kcP$br>W_^SLC=DW82EE#r(SV%Q6#J>VtE42Zpk(N3ae7G~Cr
zpia{lEYy@G6|?hM0Vr9jhbQrA^cW~1-7F7V+EJ&r0GmU|#UkjSx<Zkr*BwxMIJX|%
zKn&BUmmuVeOQ}(m5%`b;l~QVC;S(MGvZRxLrU(V8rIapgyFvQA>BV-142AQGPHb8=
z>Se4;6_faY_gx(pii)#RY^JZkth}fBOJf$wF3gcJmgfHP=g&a2M?lME8}QES+$cA$
zTeavJ!O!zfYut5DYvtBu4K3n6E+Ow~^J~QfuI~6KHYKX+d3C>0YBML`|IO80c|IxA
zaL~2)pDNB5YM6ERf?uWd)On>mcP{*Alb7is#A1{fBY@QV(6f)}NJr#F=`5jO(VznK
zP6SpK@nf>QuBMBIguLS0_nY9Fi)>2?3oUlYp_Lx0mc~VF8NIIE1<2X}48MkocD>by
zB|FA1!1MP?C;HCme5}Zs$N|$#h2ySAOG_Vh{2ho2(3*KDNzJ8(-cfW4X?8tHIP8qT
z(w!8C`oPMI+++GKtNPt3REnoC07JlL>2HFI2kIWkWYpHYRShd-Rt<rTEa-SPltP5H
z*yFUya`Vav++fO&p&xh+A@^R-EjyM|pD+JjkGT3%z$f2R1@O%$;Olq5=M6vj*6WRP
zpYN_0A9u;(ulNoE{_pLtF!waz)349>_VWzzH5bQW_xji9_XhY5yTAJQMxtMnU+bA)
zDLl`Q*Tpp8YxgbZ|LXs*^1n~mdCW8@Rhj|c|EHv&ER!js{Uv=eZG^aoNQ<yv!+j1;
zOR(W461I#CV1~KlE%A*{U|pFEs8%<P==*+?dYEE3xjWDfvdW&43SsO;9tLa+9KEGJ
zV6^fJBm-5fz9(ctO$E|4f?h`$Xfu;R&}c%&BN};Nq{$$3nPpaGsCbW?g0u(J)}DXD
zURjHwyGgUfdi(|@)Ff58FRRTiIxYR`RD@CTc!+zB2InNbAu<p7kF?p;%xhuv5{TIm
z2%+w>amS!GTM)EHMYb`hNkEA_4#5y~{~Nig5`x*-w3NnaZfH^~kpM}U8^DKkyq#$!
zF$+OUdmkLzeigUXk0Tj`o(c!nZ^=IvoMgRpt9_8orx~il1>A69+|}NdJ{VNq`51Rt
zFsY9sXxnPX40F*6@H$W8b)XwQ&t1I7P->pE6UJjBJVxE2wJjU)O36U5_<MSfX0xl(
zczND+l>@J=Zd<jh7So17APv+lBl<e%=+JHj&C@utP2?Gu@Bu*8WqXQx2F;|Oa34x3
zgDiqXc>cQprOM!Iq`LkQ0s@w~zr#vI>{2Z{M2NqKKw2V}3F_rG?`su*%%|9XRWM4+
zvf5M@x-9|}S-M-C!0L(jh`fIj6>RMD4v6Rbz-&hqcgD%h`{a7FIbl*$ele+VlE>=g
zwZ5FjqgB#K2|8Ou?E$Xv){BEiPg--Lk#f%ZOUjw8TBCT)PE`5U6RM`1w42md#w`c8
zh-LkFM7!K{t)8Os<%(Jh#W`zRXL8l4Vka_Pm9*++4Z8BrM<pV=2psTg^B~ocl6AbP
z^5)TD59siNwR0rMv4i`<6|w!aqH;kHS;EhbA)yV12K^<vyx*%h51EMCQM^3Cpo**l
zL7>bs`bidAXlrAU+=|w~$SdQ^j*o6xgF~Z~r|-9V4Lh9lu+}e>V1E|4c?Iqusf$es
zHcIBz!PB*G@76?-W)u2VTA7>dh0mauCR8l|f|cIbRoKx<yeq;(>Gel4fDEE!83v9a
zd7_c*WKuM#S)ck7TsU^~Z9v$Gd-;PLK#s(tDDnQB>JD?=i?rLi^c$vfjd;IfVk_C;
zG~z8rx0r*_U~QtvsXdQq39~Sw1-^*nIMr|}+A+RCcp;&JNmk9|&A-Lpg3q!YJWxIq
znG=cHEljzIK45^e3QO}3rIQnB2Ma{UR&hz`$!dADeq*@j@ZWSY<{JM)I95NZ`ek_k
z6hi=Fd8Qmg=9C-QO~nO!<0itr*Cq&fvCBL}7?ulOhLG|5rbBSfS&nt7G#5<UhI-c1
z>$;EOQLXpj-r!Geru~IE15fBwfIVD{j3#Ky6m(46O@T4oZ3L}xu_NXu1P=G<>>9z|
z)Sz}eBgD#WHpjh);~<_~Uf&1l2sMo9Gz;HL5$e2baLn{jRy@X5_OZWsR*Y?b%kHRc
zK^j{{Wlgr_1xOdP{;11(ZGe;IF>HHO)c*dgc)mTR5;HdkZzZ?KLZ)B6K?3=Yi;10r
z@_9xcDkQW#58SfPd%rZq>Ze;LcBLw9J(moGtPxd>J6;#>w7xQH&S-;y==J8Pv~X3W
zokE?7A4|z(wjQLSSdm%V|Db}?0M^kT*2(kb^oC<NRwqG6t4@Dmn@WFtYkJU2%P<fE
zYulU_yn>q)<tF0|cT`|wQS}dp`%XoP-EW2`z*BOibSnA_qE4t#_Ur}gbgQzi+wI5&
z5_6DuvSJPj-#TaFQ>*vxgNw&D#GrNtqcCQVA7oxr;3x$DIG8zG_=CIC{?#Ak9v%`>
z!<>9(EtSe@SasP6zgbV^>DF&-Mllc-P)e%D7w8(!Gn@oXMAdhiALv;KQiZ5(Hgg?j
zUQLAULu8^UWWh@Yti)J*Ear7Sfg!|6V0?Dy-=aQ&`2fmvhp9Hc9bx>Io3p1AnXc5{
z=#1zKm>pZ(y_G7WO~+f9qngDvE=o>X?Wr8)y<kQ6c^H2I;n{Bf29&?;%6Gm!O?`db
z_|$ywRWH-ey=g^+sfkAO;hfZ0b+UaEi#~z~?`G>kxOFNgZLdDcTBcqpf0Z?Sm0R~i
zJrU)-0$?X}GN;#X)!`sMjR2FXhFbO)@X|vPVZdx&=r|W(D13FB`F90qyBCYnm9`v`
zalrj~tH&5D0NHq<-@-SK(zKjbNQW5Lw#q?4m)0bsCR3?N7S02+t)wEmlPAsmyunVk
zVZ~GDX*`zwZhWiZhw}!7JZ*5Aa9(aHYJZ=wJ+C~%&_%M*Qv~4=GL09GJFlfauQtis
z)qb;9GCZ?m2fgVAMto0xRAc7h=5F>BRI%b#cJh_qZV3C@rsI5%RV4g7QoiQ)s~naO
zt=VrgORq*f3%L80lwj<hR@C;eb#VT*DV|@<g-&hW)(rLf-Tp0;UjbY*;=aTS2aQJ1
z{}`Pfb%gEk{Q`YH|FK@}JV!xQM5N`TE}1JKOu%8W&fRq(wg=lEMnR-8{;_D8f3O?}
zsj{e19hbUn|M0CmZQ?a~H?me><1g)K;ls57Z6!$Q^6&<Y=94PaR5Nu0RW(@+^@7{5
zH#v{%_49w<@;QD+_4~7&t=eXlr^+yqS5YWrXZGrkrRJ!X84?s_+PFZL&j*&E5@_*0
zJN8(*Fj}>i5cp5?<9K#f|2{}|%vo*uEqR5h*AP3xJxi`OA$3Dwh5*PSwUXafL79gy
zPwrVr)=_G)Lt$|j2S53=jvk^W&6k&9u+2v7^N+x)(!#F3!Bjfivy@P{P6R079B$Q{
z5%3u*Lv^5VPKycH!Ik4Jt=%m)))`)l?a}^e%{z!1UQLC*9vGpz7Of_3#7~)Ln*ACE
zc^2OnyG?M*%y2-~5?}nGDbG#s6aK#mo=?;-@{=In*8^Oa2NnmzSfl7thB8wzi*f#X
zDL|$@SoHT07M>p}oy^3)b_*vvC3V}VXA#(&Rv7Z##+;ghyL;GZk1J~~$0#JvLnDHa
zeA#n<lcJEgQjx8-<fd~qCRt~}dj4prg+e8DOhV)T`#slmkRULzBN!$<Hu6G*O<(^k
z0@bQws~%!*K@j1K8Ukpry9On|8SgaA-<uMFFneA-*q6%d9ztOi=zD-mTAMuNlpVKv
zL?Vq05p022V!n*wdSx*jfgTAPFIXy7+5u(&yiDuVsOUr!!1um@3zy`iw`+)}Tn>Es
z{Feji7j)fFcV)^eO`K3(p&}uh_0fpN%9s)^m&Y-RL+$L?KL)>}B%L}0RbL|p(%Vw3
z+~6B3+=p=<fc3g~(UzHR?%mVcsh?Ke>xtMx^?j7UQvK?I*g^f=LEg{PHNJ@e;Y9Dj
z=3DjN54;TtagEvq_1*#A-;Ub`bbQB8`yO=Sr+OTn@OCMKcSl~o;ek@+I*WCuY)y#v
z_m4!%$o8A`?60`se%j=`yjc6`f?f?s*?D);!Wz`4;cZL`1!QV4C1%S%K0q>}cN6@8
zhcY={Bfv)g5$J=h77Tfz*0UUF05ZzZ?Ui>6#+Fj@d8L0@w4*-P*<s31&r_Fyy|_yZ
z`3`Z$ne03aB!T509fMtl5*Y&s?*vtQRa{sV;^rgmf)_WPt-oElr~6yEAG2F8JNxn4
z<DCxBV<+3j4^0^`KgSfp()Iv0-gc`W4>dK=MweZLL4|mI!_-x56BU$l=Q&zG${KU(
zAr#lX_ly$%uh}THgtO|S7R%QpzKws?a>C<S&^5ev?uFZ&0pIn7`t4RF-X)6o8Z!Xz
zQ%iq^vx<`53r^FYXgCGun#f*$oRb9n<!hhz5;|LMeE6WIntq<~?`qyYC|2_1>45G^
zElqtkRCr}_Bap%~d1$MrU0%Lm9m7RRU)<j>GSdLsc07LNA*0&YTjOF4R$Vq8bF)vs
z&~;7h8rXjOC+#VMG9{Vw<~kpmYreph#?5xeus{?;A+||W3;X4)tQY$3q$&eemUo8X
zl02x4hAp!oFIn}1vTW@E-<y;pp1N5vdS8Va7AHlKr6$LT^*i2zQ0>huhO|Ma`S)f~
zI(E!yT_rp$Lwaa>fN<3)%yvD=;nq*ZhIJ<~v}&-w$UM^@9z}VJyOT?)$Oo!H75uoV
z(?=Z}AY{p?zq7lMu@~VBENZqiVKt@+rZixta1poh(lC@*gL+*k+<Bn|2c{OyPTgus
zch;5d{9~iN>g>+hpAw)(BMGroN?)N2G-LOH4R{Z}W}OPp;V9Td+3lzhnKTEvTbuLS
ztOvT0ka1kBzr3f|$Wls3+;D_KF{|CHF6kCjjiuO3br{`*%`495+(G~W=3b^ynvXHh
zB{+W~*PX!uRMJ8tZQuL3c!hY4HunpxK5AIi@w6s(R2DPlN|u>q!TI^>(x$N#D5n}M
zyqRWX<SXMUU2!OYz5ktr!l$1E%W3X)V!qd#&nq?SSa#~28v)88`D_xbw>D@Gr_k8h
z79+89RpB`(vb7)%_5BGZY4Jf?kBTB)>KPZCeOc`d!&ITMXId=Ve3+=S1%!o~5bRLc
zE@aZ$X!o8JTM}D(I%FO&w-Jl;yZ%0>;Mr(Q@{$1ahcZ*Y%TjG75a&z9^sLy0Jx+8x
z1dH@a5P5XlB-7$7Qq{xo9)FDzVUO}X+F(gdJt^xEDik5qRCX;EE$SgG<*Yeh;;u43
zv&hU6vr)E^6Q|~#^)prAC|mN4vfhT#N`u`#h_|m7^SW|{|CV+iNhC4}Xw9Y0ed=ek
z8H|#v^B|z#)$9GaJnoEcTUE4Vkl-RBRVwLcAcvKT{L6wt!bS2Qs}Ca`Nn**svjIq%
zNCyihc`Fs^xM1MH$V15}g$1MZHJgkivqdHeq0PObZrimzLIK!+pqRj+7qtoBOoYlT
zDK_$FT^Uaojsv^v)yneqtFVAW3~a-<v&H_aDZ~LGFk$YoSHH{S{pI6ed3f>_K8Yz|
zuA|($DJF3<@w{27yE<d#M76=Od+!6286e4`bQ_ctk#mi`bzP5s9;0hy40<Rh3t~RJ
zTWo6UwM&M`#5l@)HWjHbquS34T{`4Qf^<oT9<k`<;k-y&go`SM)1!`xQ)4bno_#H1
z*=dD+dvtmfEQe=gDX)+1LOZ&ymUY-wQ`{+OLHlnz&W!!q32$_3_*&#6x<a3ftwwGu
zru#h^^dZ)?sPcf9I0sYJA|G+~)b%<D{RN9GQD)frw?T!$3+APTED5$ePSflduaq=N
z(`@<F!cc{+DGteT+B!LE1VlcgEa)L-L$Md=O?spi{$Ad_)7f8Ck%*S#kMX0~YJTR>
zy4C7Zg_H{Tfs#-8h(ejM_?z^Au7VzZzJH7C^gkcFznBZ3jG?2Ox4|jmC^2w|SJ4C}
zGtC|ng^>CTUQ3>7<6=v9s=@Ny+LEgJIvxILOuc_)iY|S7>X2MMG0Eq&Asa>$S$172
zbk?J48oWoSrvU`_3T_5fqv>e@DAcXVw#_=k+vI`8+J0hCq@cOic+&usK&HPEFE?dc
zNqATJ;L?L~^z{<7b=Ji*ZZImEC3c4MW!cs{{;9vFDK4Y61~Eq|{RME)#nAyPqNHA3
z4Xw~hME*Laq0UY*w&UwIv(~gFd&#fXX=q^sEv-yL)dhmX?;%L7|Kv%!fpJRrn_3|x
zgG+3edT*WhE;LQvOx#y#zb@-sw;e-t5gz?CAizjjR!JQ*RSGDiuxk-SwCP;nBOX?q
zv2Rb3w8>bLhs$@=J?_|*#Pg|JF#Bx7)^L((U^u07d|w|$+K~Ut+~&&86WcO0Iy%_$
zvEP<oN=vpp4$u6y&;I)Y?AQ47c71+6KK{Df_5ShkaJ>6=UUn<m)YI?p%k`eu{iRKm
zxVTv7HedUZ=ly&%OddwR=-Y96+}(|>wSQ*UByRA`sICYw`^O%He^54L|0le0O_nJz
zKQhbW0nTvGB|m?0s@ESh!}p~eq-nO_6T$c2U@mwrRme~~E)V#tudEd4j<N6rlOwhh
z&FctYP37%t;dyKtjCf94aHyIA75bv(BHZ0eZ0fMhaOaq(A_AR)0gxd!M+L^kS?kq4
z8w!j|jRH4r4}oNS^dCUDq0UK=!gh!5Rj>-K?ix2=t_mflV6?}zv5}T_#>MdY)hDt!
z+j1k!$;`1e81Il)YtCH(cm_vn@75F8usY4VslV=S7W`^&YE6ZZS{{lze|d8qD^r8#
z8d9TI;JK!JEujLUMMP4wa<hA%hu!SIz@rjNbm#KTxm-SZ22!)#w&VU<E!M3g{(JWb
z)R$(t){^a2O0Mhmt?O|DKx*W!37mk*V^*}rZf9~}Bt_0xmo3it)B?%2{sa5It`j*r
z7A8RJ)8+8@q6ri(so(qGAW5)cL_^1ux$_ym05mSe%b@vKV&t$Nz#vzeu6xum82RdT
z`XPxbEu&^w^_$YIalf6Wp$b@IX%HP?im%6XiFF<U^(u}Zw?A65q;?OWf3=BXy<m)?
z5R~8G7_=IiQxlt}17~}sWsUqCYE^i#nc_~on&iv%id@4{OcyeNUA>Y+P-tMX9PVDd
z$4jzx0>D1>gN!yoB^fK*;<LfDDJmU9bNuCjbG*uf;mHT8f>WqZaP7kx+TYSs$!LE#
zQTa;S%GC$beml!nV%fRcy&x5tR3(ZPTeD-aV73%2L#&c5i$5yQscg+cM6Hvy=`YlC
zvzch1laTs#nzgW1M#deki$iW9Sz*_)j)oWQ6~A9vut~+Z#}!6+bA^Sdhw;XwLj*a?
zv@yu)ua=Np*t@c~(O#uQ0#ykuigh^XHA(7fwHN6z?D$a!O@M!3_aJlw{AHW%J8r(r
zbM|uPY6HF>Vn@2ND*j8NX+xDq)hhC2PKf|>vRUa0>WuJI3)e_A4&^8Y&XMz1o^7?|
zn1Hg@TvUSy@%ZJ5>VC(uIM~iP42li-CI7#Sg8TLqR!&YnZoX~DJCgQ0$+GpA7V%u+
z@ao33zMS|5L(zgibw3u7Dy##w0TsrX2&9s_^EuhrxPH(IPpZK|%#k1C_hpBWhOTZ>
zHzgdkhMeX{SXG1DlWdKIL4Uj?o>$U9XFYUn1mY0a4d_v5CmP_wyS~P(lM$0eRO!Z$
z_efGKL#UMQwB1^bn#<KOV9=Fh{Ebp&bT`E^?8`uii2f1$V4lOqSEO&|%P54lG=Fl1
zh(^ex4;=l5y|tQsB&zJV8D@ayWMybIP_EQHCb7PnlBjqGw^oJKm2q@iM?kA=BeIMf
z8t|W~@!{i`FIBd=)1aB?*eYw)YBKSU|HITfMo0F2UAVDrbZk`Av2EM7JL$M%+qP}n
zwr$(i&HMY0d&m8@#@_o>eK}R*oHd`hrjyuh#=qaWZFJv#=2O(*VsW$PMp8^kHXSYz
zm=lp@hiMfPNbO_{rq%O?j%jArTb_fG+-X5qpaf-jx`V4OILoGA11O*ZD*za!esEdJ
zm9v8Pi148}g<FZaWAENp>~uOT-BmBqV{g*Li2_875S}gbc_AB8{IoMKX3vBCJx3!_
zKGF`-LYAjJ{5e{G6lCtbo`VpbryYmV1cUft-qBOp{rF7LV$Mh98WmyYbB^-0h2t_?
zOePtl)lif!k+>xlQ*b);apo)cGO?TB?eDMg?P>dzBoy?6y^qV+?P^}`V3hm>olch^
z6jEpkiQp<k<gO!7q}28Gl$g>~V@<1*B^rw+FMTgrbZR9gpWE8^EwEjAv%|y*ThTK+
zdUcK33FiKPUZH3WV;@hOPU-8|Is|3(bIVI7pW%P7%^%-_5*y1$(&jIYqEtCj_8N{H
zb#K)1(0e)G!vyw9WAK4!vwj~}2y@Lw5DEAuu#pRP<#YgLBRadWAm3E{?Lyq{e+s9m
z9low0@RHA#S%_Ry+BvPKYUTPi=-Y&HnjqnYdiFg|M)Hs#prLVA8Rrj<z{{rgGU&<Y
zG=nWIRA`fGbc&7Z@U52wUvN`L)p)C#`WX%4t9!jV#`zme=?pHTSSC~yYNWo%5S7QV
zDM&+RPSN}^A*F}DhEpgyfdV|RVl&Q~L#O{QO_?g(4)uzdE)D5Fs{8$YXSW7nJym9-
z0%P>+L7{uGwGhr^7r%+sI9QWraD~=C-#zE!iTzH{1b)w%W#;iUS))$_=}svTDQw#G
zHQ6)UorhrEi(gkvU>0vu!m>EPBvTp!Y$;C-JAN1+6so23Vo&+!mjT^@=<(>d8;16|
zOfc{!*T{~X>|5){JFa}}TZmE5{`;T*mCafIRdRS2y|=tKxBmM)55In0U%md^x{$-|
z-#<0v@O$s=Ro1jx3&F4J@4l$#6S0ctH$|Eoi`K{F9hQUCKYzzXDA;gECpCYq_d+)W
z*0PeUw$y7uy4%^hu>Wzr{z5C9(3&nht`nX&6=x`b>PV@++x<u=-D8{Od&TM+jrAHO
zJtSYHIDN-ey4p<Pa~NO7T1JcWjLphslw|o)pdT5B)R?dQH=gK=N+gKBjoR!OXTh2F
zmZa*b;|J<O-*u{~i&X2NvTCPZ-TT4y*sLb2U^JgM+6WET(~$xc)KMXhBgp$4A^5ct
zFlpIXC~4ebd92cCjo>(Q)g1{%AI4L0bA@(2an`5;Qb0rw$LaIRag@xGR8r}L{%g9#
z=PIisj}2DR>Vs2yiR%p+IJdLnkx-`Ar@4<cwcer|_)X;^rWc)5b&j9N0<bF6!(z!Q
z34}|EOVYGtgv#B=&Gq`mi2RCFX7V5_<$UiG>!Ey=MTtfy1f_%3@P~KKXh&ufd-d5|
zGOBMiU7x@R+%#sIj1VhM^!RId^lC4TI-%h*D64z-;+D%zdB+dlq<?dMZFj`n*R!aw
zls6n19{f1tm0Q%OmR>DBP~HXf;WgHu256KP_UjLGinLVzHUIc5h2-ooK)s|A2B<jy
zDtpVK%t7~N4MRT^WF4ZdyZ*JOkVuw9ym$dlL~EocD~bPS77cY2fq2m4HT;<R>Bk<r
zHf{uF_k_3+0lRh)deG!uV_M*EBph>;3&I>7G?vmJS_+(s+?%q%FD;35WB|%ADwUbX
zK=yh#^m-urx-SZ;DNgDbY0Z`c{kAJw^5?*dx5eXidk%!g$e$XEAyn4Gn*XqVJ}9Rh
z0MM=Rv#nAm7r{@s(_-L_!bJC4R8QL^9YTlSW?TX_M-i{Yoz<2@`sh(8a#kS;4aq{>
z10zMWy)raCTA6$a?;vqd_$?sYQuF@jthA`|Csnv0sPK_3o3}Q=O9K+9g*L$*t2>Oy
znQu6ZsLnjB$`Kro?ldd07@)nPgcZH-MeSf%H`a{7Cw_mtnNl!gr55RsyOa`r^ya1x
zAKhw)Ke-_ZCB!*S<AoOuBk+Y=&IX-3^v(ZxbgTr{0pnXulU6(4X-nk6EN-i{+MFC~
z^tV?XKQY3l5MqIbHZ5-@rYIp#%gDcU|0edv*ZvS;=j9Arr@Sp8aR8TCeD*=@kzrpz
zML~KYz!`=PP4A3s7KP_1@V1WO!x!i<u!4z~p4C_cHh5KPRHmf4$?N9vx5J>cqkBgm
zELGA9GQQprZxZeN-+DiV*@W9aXYZCI>0?ojM;nng)x5gWC`6C`a4StY%5UzTX0`Ku
z&;(oRv>TasH_<kz=1kiyfB;rSfjl3_3uE6HL+X_{KTCrE(mT>FP*81R$b<b9eA;o@
z+;zaPt*m=605uazf|Qhk#cw%1MM|?WE$!e=He*Uu__rS^QOlprc8$%NA@xe|W!?!0
zU9M|UN(^NnZk1!i?)L7o{$**_NB>pvmCptlx0#3j52Ex+xUS+L<7$U5J3C4dyT%v_
zhnmknR!vQKy@bQpgX`tp-MruT<IBE7`^;LeEC2lDW2gveR3DO%C2@McS5r>rLi4eq
zj!5@$MOo<0f!JaG5_B2VK^7SL;B@30j2dKuB-{JHai2KEOug)Fj?;+O)6!5*4$y+W
zaCI0=2{Mf|5U0gD*7nlxD(r=!X)nUjne1~k09WNx{C?TCuL(PHD^!tIV_&+;?{t@k
zKD_VKg6g##>BK5{7d<is-(dpDrrO#lt1_QV;wG_D1z=NIWLA!(*@}~wmr;S1rDb7P
zo<?-Up=+!=Rz)YNvQ@qLhhG9edml)$NdKRFGEDD9Fyl`E?$aHae6I7bUb5~q__+v4
zMMx_xb{ar;GfMbzStAN$(;T;z1~^&~uP#Sw4FOMvqey#STm4mpD7QLvNpS%Eiux-4
z1tvN{(5ETop2M@a)gP2bvUJSlIri8*GDzmC%uYQJ;8~$jn21|%iwKffrT5T-8^ZB`
z89oBx>~|5Wg+&yKTd{cFEw0kd5}Y5-wb5l&NhT3sczj`DBCrV9r-_pq!R)!HMUMt!
zCCF;sQy7?<(xDAf^Bh-?<`i-GG4?<K7fzVDcAonlR;tf=hsytI`IK3!yB7c%K1Gca
z;X<2)H}?uG^}LUikq@<2+8d>!(HNH&)jyhCe4{-pK8JXLvq^CYtuSLfTgOaBm4QQQ
zsLmQTqROm#UY@2W*|dl^&7Q+Ab>xH7n|l^3*}nT_aS4HRXSZT{10sdHwP53L7yhTl
zYV8`c1Z(mY^eApUf<}xjC+&jL5?yOtD=9z8l!`GnInL^`Z<?8)0B4Gy&p3^MX%aE@
zC|LSlsOXhw{v*Z$U$^N0EqQN#{kOY&9Am-z@Kay2_5HWE!TrArZp;u;kBIWV>!8to
z7B+v5d5th{yZtQs9_z_<au}yQ^Zfrl`e*Zh-{`@M+OlYEmECZ0wtwuP!^%Q(eYw1G
z7=Gtlo?yK6UR-3XNc%FUEpN7xZ+dpb^!V1kK|xPOLy6d)*FIZ&eB(B9XuEF|1Gy8#
zT3efYqk!o;b-5gK1NIyKfd%r|V;~GQ;xET3ITT<_g<Z3p;>M8VB+bmZeL7sw^p;gf
z2ij~q{CW;ly*fQ@3Kk<GoGbvCv;2EYk7k0&SkSQqErLNo4Y#u*nW=k@X8rXqDQWE0
zy4?NwbsO#a#<HyXVkCF3{}gzE`%_J1BPyLqRpSp5nz+C=XoGczis>H0mh)?7?I&ik
zIRVq1Egqs(Cl9HaIxe!XA%|a(Umq>XW}=sm7m>*#!KnThw9ir1t35V+FPK;SAE(rj
zd+4WItaH}@8|}F^(?nO%uj7N@ZLhQ}FDHk)&-hdC&&y^CzKNaS?F=ucx6!Zt=Hg-s
zif!-vqx19eWbggr>@Lj7H;C`Y(*uvEJG)R}S-I{vCwukh8l!f#ORE(CeMaf@O_~=N
zUQm?@iKR4mATEak(}fK@(W>4-7g;If_&^Hczc>26VsbsRV5P{WPWoa^3xuaS4@foP
zDz{32y^XpDro_s~p%cY)e+EFjxQOM+?Qi77+DCRxp~0lpd_sKnILI4mA9m^*8et79
z{=&@5>XhLFNtlVu;Q6E@mF3f)ndG&@<npWJ2;K^51njTK5tR6ULREzHhhAjq#K9l0
zqCVr0EuytJpVT=cKKKofcLHlmsD859-mD)<7}5*)g+I|9o`%mNuGOVK;Z?~pjo_z8
zKdGw_UW2?#&rH@kI4u<~0Q!}<PGxL>Px>6-=^hxSh9;3VL6zkZ8d}Qa9GwIk-B_Zv
zCv9d9MfJpeKDe<UaSQld6m|~W!-&qrz~L}lhKo)~i0EJ&y#2l1E1o#qkFM7Pqkz*a
z2DWh%Iq&fT9w0eUnSTh#9mLx#S*ku&F)BAZIHkH_RT-E?Opnpah(lL7czr$GuKsd=
ze7?uDquYvWt}~^)>%gE*tsg>%rD*I~>FJBHgb;;MJBSL`-YV5shad~xLc*X#9ygcx
zfkF>hw<S34x}oOSr>E~Eli2mo{cXXG6s?yZ)oY=1YM#Td#*@&|k&+P8%{M=p0am85
zmr(Dt8hBe#kWg>4|FnT8+_LIB>Um@BuH#RiH{!M%OqLJsHWvrKd5$Ir7!Lb2vQMG)
z(te9oo_i>vIjgU}t7W&OlkxEFd6KlvU;*Ikk~q?1#|zZepVM^*nJTen^)Ok2Ww*1s
zkVAiROVo-7)-iQqHA{f0Pz%;tk)D#6ESU7RGwm7zV><Aza7oPsmqZ;G?ELSZB~8I(
zqDIzME1IILSvL<WM~=tnP6|D(4*U*QC6!b^iMv?@AJS<=9jS;1P01?NQcmiM&VmkK
zU{OmPWVLRtSBZ3oqp}~T{nq>~xON^FmsEFTB^9Esh5@rEW@+81gGZeSk2Go}DH9yq
zxuR`{%#bXhAeW_E@a)RFhxcvX-R2x*_8VSJ;1PJuWyr^8=aQ_wxaMNLZ*O~nN2ry)
zegdRtmY`&#Tq{D1Vw}`t+h?eCPULI$WNt!i0T_}+Cj~>r-8Ny^?{eR6bmuB{yJB!L
zeRPwdm}qvuNiA3+Z4i*|8nqFJ(#8sSGqu9%*uSRf5OJTuo7`yvc~eFsoD4v}oZq^7
z0zyJ+T?L^y!Qx<d@U79x8QSwKv96ZbCNt38!QB*A@Dpg$^!k?njzU%91uw-h<fe^T
zqg6}LX=trWqrX1wiNqYBI^+$z!gPRF(pZJ2hOakm^~FW^HTD<~)d}|gCK5zhG^XiZ
zE|P&_T&=7XP0>20yR`<Fu=Vf|&8S?d-6rpJY{D1S^eR_pkyQ73@9CRUJ7tb`DMVyC
zPg`Uzc6uqu@p0l&5VLk!K*K|-&%H#LiwIu@R={EGH!^%m#w-l$Jj#0w;qcqvAXKB@
zEhnv~0ppSyuiFW+o0)uvqgxaSRwD=fd7{S*lK`eAE~cS&Xx+jtPz}(4^t4|>7N)9j
zkq5$`hE}f8!su063({ZMp2@G#f+rOhIIdv8rtOIvb=w{t1vxDRsl!r(d(_2%n+Lfp
zU=E$Ol)dR?beuCabdl8;_Lg<DBzC!;%6Kr@%tYNt$)3)L%TNw8N!3nHPFyHDD&gw+
z*9f0u@VYgk%ovlYBiL}~;A;^nxJVB6T`immLE8IdVz@mM+G<gDgt(ha9yV=*jP1P7
zo%51_4FH;9>`FEE5Nht;I1)EHfb&X@lM|OWD%xqQK@cKxJPMR$96iTzw0S(vL$h&j
z?wYh-V7ivCE)>vVdel;gL&NY1%?KxRZ6hx*1SgM5M|JaO-DG5_ce6;SIy7xJXN{bV
zfcxN8h1D&1t!^b2tG<K~0s6pKiXiY^u;l>tjA7G0AkSXQcKxf0z=+j2g#8NClbwa;
zD(ZzaAd?}D`t&zk#i#<SFr?xQKT-bNH$6zFN+HiVW}RYB3;18rFwY{Z^RuHu-InH8
z1tkMAzHD1?#IKEEj8}wiOY}o&g37e;!n;dk9O#yJ+gD!y0f)l=hAovf5{IqoWN2JC
zAyEP5tM+KB_xf$uz@<d|y)LaPbWhz=i-imfH506r*bAWe&Q{KAFT4rt_{NEy>wqJx
zDrMSgK|UAjuDH9P3^0Mg;xPKfRD-9|EP-E&G2wkC0ADH^%VcwS|A`G+eG(*3HaY-n
zl%NYX(jPUuNB>RccCANNB2S(=9lJ>Iwm<}oOxNqQ+`BjX81WJb6X{5Q;Ww#wp19u?
zorW>u!Y*+$idUfLOXS1yI5y%0@AxsYy}}<sfHCyUywu7;v=Nr_`HF&=B3>~o5Jhv<
z$aFr<E`52Vr@0YFJF2W^U~5#l2oxQ(ztCh!jpx)pjvf1tFg?s_6{s1~N@~<agkGdj
z<<uIfzo^e4*b-@znS#M8DJ4pqA5nm=JFz@r1L57m(&|?YdzmUzMJ3+g0+xFv!lNt|
z>sab>OD<WyQ<x;P%d%zk<%QnA|8bHW5Yw^S_&o|cw#to~mM^-8@(4dO8}&Z3S~+!D
zqR6>SD9Qb^`!r{S(Dk?%nG{uZJAK?Mww~no+Hp43SWeG2>~-q=WQ_KL8RXqQ<<Txa
z__JADFdg_-?`FCOJsTpz1S0V<_8w$5&>C{`f6!^}pd$1^I93MnSG<aumXn6KwE8o!
zKOC`>Y(pV4Emq{dxekV=##uxGz|`&*VqpM*TVGAR!4cGondlqncBjq}&^KO45<V5$
zW0In<+w*Q|;i*D;3|j(LF^MFlIosGZfX*nzZ6<|)o#$V$nP^`TQhu7b!_se6cQlSp
zeH#E`2vn=EFF3cW;)6;{;~-YvxI}8+<X6LjPHIQZPgI3H$)=<-uZhbAr}P#4iq{Zy
z;q%_LZ9eiJR*A1O`-5N36eIixYl2?=G+^wv+oyq_J<ne+Vq||9&3+Q@|8Pu~tp8xo
z&g*>04VNDZwE5@I5Bd4ScK+a;d}Coh*ZrL4`dQ_<`8Y3S`(Zb`{>Og)f4Jv=IH$+7
znO~|T2SLEQlz<GQ35v}veJWeHh>utUe?aq90YQV0`8qPTsvJ;?iR(4dqqk2*sVszg
zC#%@QVY^zCQV_r!_83KbTV9no;xrQrp#h%OK@U1y<Gdn<IzrbMHny?^X#z*DBM7XH
z!^m$WF7*bDEG*ol7pl@Ktujbt&_!O-2X^DgD{Z@^&G4^Hz5Q~+{!e5#b!iZr%_bTP
z{pNV6Va!ytOMw>q2*3hWgyJQ6CMoq)f}k39VgQ=IqiWpUztt83y+M&>^k+(wL?*jn
z0D8c)Ttyl2L_}h0-G~4xy_JZcINT-B%_8aXn7Wvypt(&Tfpv$D%gWoXG)hN_J@bpg
zHw%7@ak|4X!uriD^~oGwfCR;I=VB)u2KQv53mT*ZNIsNvxm&u4bUAo~2k|ECGq39w
z-fIw*Nb&{Kjs*deZtv=rEkuo!FL>k=n}5CaeOZ)>*s{*PYetu|+HIR@O)roJ#)<)5
z6Kq^`yN1?5B-s|qqD#OCsPe4S?`n3f81Uc#8gYX(!Z<jQXMe>Czgyh;z9|wy<_WO#
zGGy#ZEdUD4=ZhaL5z83mO1H<Io;TrrWS0&km1SXV5({917(<%&5#P6D_BkdS%uWr9
z@VX!N<{>=YP0fjYeDyN5*=}Bt&WuM!Dv0jBBz3z#uWo0RJX8W;jiNEi70`9QTjL5a
zp&BpZufC<3T&*#TG;Bwg={%-t$V+-idSG1r;~X+)oQ!Lin`F?RH?me=ZLTn3;p_;|
z8!vRH&{a*WXfvWONjfVR-9X}i)1F5tkCCe6Ns_UNkABBM8?T-uLrLi0l&FvHU=fq?
zg-PT8@(2#BG0^X<(BppHB)CmM(un2b^@USn5%2|LQqfDX(nMPu3**$Vg2vq*Uh%kh
z${gw&r9OOo)N9;gr$x6K3>yTq!p|slhD)BQjkT3Gt_z=Ue*Scz2{)b8t<lO_V=29d
zKR2Oj0pTxkBdW)ZOXph>7)ftBmjhuCA<Z<j56Bb_V*yCfC8YrC&2s&+o#_I_N!!jH
z;{vuPp2Um{5K?oS?pUK=HKE@%lWxQZ9~N0lgJToxFnYl0g@$hzMak^GMT?z+6Up&J
zA|oqDQ`1cF_Q4AZ;*YgxqHBMbqqxe=boW4ek!MIHX>~ATrvgO;$|)|&Je5jKr|-=b
z8Cb<90|4rIHNc`d76{fjoTeMTBDoe`N_$lKJ`{q0Be+NHgC^zM*sR4Qx+5ope72{F
zxv?reL>XpEo_mnUho_?m4!HM?X*A|c8V388GMc;3FbS*<5x)?wu15l-g!~Ty${;>2
z`ubCJ1q!;x4K|=eE`Np0$#7$*XM}b(SnQf0K2>3k+(Sf4oYx0@Ns?gi{ysg7(i3SK
zFl*&KR-#tA+Tt5)V=TE2tZWhPyO#`Z>}B;;Hz1F!VX(wH@c}1_TP5nUoLUg1xc2?s
zFKjDI-M)X=XB0EFMeL?<B0*){zD5T7N{Egcf%dw?8ZRccI1F94Df+%M!tP~Vr}m~P
zZ8}u&hprS+jy&Cx>$kc!YszbegXwS;C^vUf28^OlMNXurG5i^)p<0q&I7m|cRRh-1
z717Q6YX60AI8ZA|N2|(mZ<hc#eKy<eq-E?4fU~a6^xq<g33ZlrM>{XFH7^0fBzR(^
z!5Oq85aca5k-rlC1XrO{Dtz%nba+%<G;Vj}0*~6sxL7iVL+qS3@v6}N4EhPZ7-CYr
zKu{d8CJ#4j%D3l-|LRYj%>BgMXx#CFzed|3d^#~L{e19KI`#AEOJ8$hR(MEL@zbQ8
ziF2r6ZqZdBT6`}$Sq4mR>Z(@Ix{6LddspmwcvnAQe%pRM8NnI^#S*~iScuzY6&8YB
zrLsO<qFCP<1umf_v^8}ks41@h<3WROp7B$0ist%VV+W392~^S4{;=6-!*|MA$5bBz
zhS85iq8KAM<{(?2-UV84K$r8H5uPzab|}~g1%}Df+Mc`K6*I1eH5oA>OeeE~+UJi?
z(4Z0c^h;2y8P7qQnFpS*=)k=B!Lls4QT;kAnd&w8Y%~jo!GkEd`u)$JpM>2KZoc6Q
z2Ua_0xkI$R4W90<{Kcz`;*;E8^%z!kTffr~Da4=2Gs7}Rx^;;YrV^l>)vU#X9_K-;
zpsG)^y*m4m@(lAw@77!Zrsyg(BLay?$d{9Fr>3=ST|+vBH_#kZCRd~a+n8@)k;Iac
zKAwGVu2}b{@<O)qM{5P3Klh=Co+!}JOV(7^OQuHa7x|VNOXX@FRh9Z@QM(2YbN^uT
z?yo?3Q@<FFc0=%uYrbLd2M|fd$+nI}*49(SqZEdsI`r{$kiNnE1Lm*0{{sx_j_v(O
zxW8?maW7}pf(R8}Ts-}A3Qjs<U|R$L_?C!=Y90Dm`E&<(q>)ERHHUS3PKbW|D<+Qp
z5EXNoch$H}7BqhKVX1ZEox43#OT$bAL!poZbnlnAtUxYE3dKQ@AC(Iv^zlnrWRK<r
zXl~<WT2oh35fEI9g63hkWm7rt->cO-e4t8QUO!|b^VIJX?#MaF#Rlw5WX(Io3Pqp+
zr+yJ$BKYa<vuG~SC6Tom=YKX;{HI$h2w9Xu_G<j@)GOBM2bg^X2p(WTEZe1C{V77N
ziDDf^g{Q%?R;@=GA5h(AgQih<Mj;u_R@uGWZ2wry<yPyrEDm9_4EJUI#SsAo>VgFz
z5A#{i&s0uA{Sp19;Or#@?!vL)ezEgWS@HFCF}U`?_9i7jSm-R~bQk%&5}wa73)^(+
z-UPT>pDQ65DuWOmtFC85RAq$|+gJ>ZBL{Tra+;lj8Z=^3>y9??iWv)Wi(`&$Pn$+q
z6eXUSoe6H!C;fM+O?H=jD@L4!Vw=cX0H03me3*Hx4E!1M#t42#OBt!1mtJnT_zD{j
z^?Zf8B7``PE(@7q&9OdXBMS|l3>Nv?w!MoaWX(x8omtC$`+Gv5ZeSMvbnb6!^+w=p
zv<37)dv4^*Ut>0o(jt1}8T6cREuNtd+eDFui+@*dGBVxLu~07k=Zr_nD5BfH?aZOy
zxc=$dvEhTQIL2cw4I1ORR#qe_-(=fA{?@E7ta#v)Qzn<Hr^pe@aF>#1J4qzSDUB$C
z#-<(mE$?wz3LBnaF(aicC}}^ZyQh267@5zE>G96$_g#OxcbQ|Iz-;u}VU~54fYT+-
zw|8ug>qK)z4hql!Xw*g~Tb{5Q>xTF@D!2uIW=~#Rn*{h8{!xlhAvzHJDEwv=#~Z`u
z*8<8dl*U;q-9*C;k&egwV3X1HenQP~lXruh#u!kkpr%*b5*oV>V@f})oM$*%eFQbB
z-n2dPr<oxM_rc8)1;OnR3jsa!g%xLBDf9S*B%PM_U^+4sSOUZpQk6Y|xl#VCI6dkQ
zvx-+M{}QhBt)q{@Rj5s7j_yh4^$33$cQhMN8k^ook4|kXo+jW#;m(f~beX9;wM6Z1
zG+2#C6LS~D4U+_r)V6<FPyL=<x}Towe->i|jIx1=a1*C<zXQ3(Mf;xd!mo{;@<Sql
zh|!a}8@Iv03qhNuwtkX0a#DBs?|FH|#ekH;C+(!+lb0LH3p$ADQ<kV7Ioyg~D}qVa
zb(j{Q;a?`NcCn=Yt{9?wn@tR1!Q%Fo6Wv7UnwmL0X9+js>7=zlv$9T=J1brA-W6gg
z+gzz?-rGJqTZtLq&8kG;c{Ps3JzhD|*7w;eC|(?Tngtir8H`l=7ByAJ%@|~N2K)2z
zO{DZ8V{mQl5E!r{Vg>_8{vLHP-cZ*HGDM_=#6sc6lto9^@aAk(Gc=-gsSx<!dn>0G
zLBLuD&~dHl1PwRdP`)3eAy4x4y_>PG5RBe0V+N>>L-^NSH$*t_D&ji$8f^2X@_2H3
z%vo(87!M|wclFHlIy&8Ge-^t{eXVj7BCpmu75r%%gMeY7nxgJo`>i+Hbs!(FPZIgJ
zHW_UM#N)15>4Rhe4%n_KDsr=*!L^m5q~CLI0n4@a(e*r6$ju9rg6`3H#^5o=7txGI
zMD%$}L&G`$#s@b$#GsWW!Gs?`ws8GOo2MG10}=?>hbT^G99_UxMsHAI@~i~un`5D&
zB#;!oBn}oFs|9&%8AM<)ZLMcpAJP|k`Zrpa`Uw)3k>VAFet);e1wa@@BnHFo#&tdy
zt6uc?szv@g`MX{0IM9ZWjlW&%+-7LDi1qHVt(2%~B^n7w`u_3|M;(=~T@q%#p^w#V
zhGymULBCN&62p!**#R@lhESsO_mtvMeO4tx$8h6%OG4{8>LGpO>7`1$G<1oY@R>kc
zWtrg^cpOtsd|aC$l}@j5rFoeutwOou_K72O@)Z0!oVANSb9=$fq19S&jIZMHm)95}
zs~irw914b<#Ce*^9`<W?Jb~A{h5Os$56&f5^!?bpo%O-sPvGVFws=bM9=)BFm6h@D
zdosPcnqKcKGTZA-m-!s`W4So~dUd>;426T|^K2OubPblKxSYF7baZ<O^rXJNh=7R7
z-w@kho4-A}=t<jKNXvIJT(mqJ&*SLFt*290>ap5TdBD9so@hzm23q|Y*I|m(>C!S;
z0CZ`;p3~3}7Mqx!v&nv@jof<VWb-Q{D+ON?=g?_5+hPh#*;^4xxe1==pYn}5rzfCM
zuy@%6*b-+6L2D7Bk2rgo1Nx)ZkOlSgklOSxE0*4?`JCqhXL-hJkrVJyQ=_TCAK@d3
z3sp*Ij4pV%6ZXsdwtbP&w8^>@1zn33yz-$+C4^MKi}_!-YW70$WAS3~$NXmT<Y_cd
zf!tCDWy_>s{kM+e?1H@6ymHvV-=9=TBepPWtV(4$A|Dr@?0<E~SAXZTdgr;Wk2l`k
z4nI4dyi~ug7f;oS+r?N2)u~q(F8;Gb7`keolPzSEll|+cS3=iv0N;!QGItdb(S7Jo
zqc6DBGQa7LjD5Te{F9JYQi>LUvN%ypb}8isCo}3Y1b-ZNS(1h40^oFxr~vZj1+m{?
zig&(pNxi%m4KbX50<zXgT$t_~Z2TRn12n*(4T8SZ<U6j%IV8*2+SKh=qsq#wkP-q^
zr8`{lYtFJ-P3x$*sdZ|*3ro^Xu32{qw7=J&z1w`2yTqwI01l2<4vOr@htTH-GtW7W
z)El&SM0e)6v{DRjy8Y8!c@TP{9fn_TxwBWt{Df6=zDNS$q8#Q2xwgnhYPKBhcNy1a
z6psT^opoeaEedZ(vm6}9qQecuiq~FQbm19^<-XevOo?f(Tl#i;jV%|ijouo^j4N%f
z3zFOR_+xKADrFQ$95F7CZmN40ka;B1p;Dz~STzzzSXXDY6NZ^UbZvA4Y%bD*cG_oL
z;r8%H<B{tl@m>#I_il>89_q-;r<)&z`ES6eO*dDWTELQZ>;Cfv?~nROG*1Vnowy)x
zsBAZaROG!;K!Cxb)O-<bbk`qv^M)yba;F=4_b*aH=(`$Yx<~k%APIPK<h4djiSLU|
zIyO>HdwwzOoe$Sb3O3$P5Zs_791$roJagSa@JdzDKzW2CHp+J8$b622s9$z4ANJ3I
zd|zAe+@?~F$gke*C{r%Xix>b-m-F-D<FE)}14>ef$K}SAjW)ayj8-T*f_Sc8`+zvd
z2=vXoY28?>IzDrmzbH$~FUUxkte@iL7c;fPOvzBxb&diaa~b4(iE{I|r*P@oS(2P;
z-3U7Hf<*~)(*jiGdDwJs=&BxR?C4_~Y~r|Or7jhTauW_|8}Y~H(wC7+P2gKwoJ?vQ
zuYDAPt0vN7!cwhnOyO6T1W->qZi^$*#kN00AoHu@(QgN`WdvT4>*!nUKI3kSqY8b{
zz&`#z;GRrAzSqnKp72trf;Gau`z7BO{U?Z{z64-yVHq^ngcR@R;h1zHLf+4d=(M=6
zAbf@Dod+DL_dq@cT~Bgg?LufwY6_cyQMK3hpe*z_ekQLd+j@1Dle3$=$D+ZW&tEG(
zI;t-7XSSS~vNFXg`~?IsBQG>jSiN<ui7Z+)6@mQkhAeQm5`#k%c13o7O&fWWac7=J
zm&3sdkz(8l7ip0^kHa?p#Ex^Z#IzwpE=3Q*O`f_Uz+r#{U5c)|cO5Z>S|e&fHJu{D
z=}ieq+1%5@O{aJnI~HLldeVa4ERcKdDH3qd!$Uk_7c}wq;(DrcnlT2L6qxu{Shg!0
z%c763=Vn{~8Koli>48;ya5lFJB(<)cS^D|GCek#Sq66CenQBI+rK^qyNRO)C=M6(=
z;{{a4-Ao>BUHlmx9%MU`>%98WwbR9JUh^G&=s0i`2c3KVY_P3GBm+$&%HwfD^G;tU
z_Gqx|ack^Zjpl*t0Un=`SVb2WAso<L2)T4z5`8&5%TpW}-kv}lKN)i(;A)H}H(FP^
z^vv8FLHiPM(e^K`H0<`TL{3ZJgqSb0o+3<&1D4SqW;nA_8=|2e*uG+o@oI*&pv?$<
zIcT36Ep1+s(0dr>xP=-uD=Hf#5tuyk)dQc1e2y-)`D12n7%PBpLub|;=4Jro(5NuI
zQBCqr6E$6(t^!#xs6aTN7#i}r`iwMq7mAI6yp1&hW>=bv7=;3-m?$O**x&X+d$JNv
zcNQlyn1g25^D}p!42LTgP^UNjIRQPs+tjQ(39GR(+q@~(cM2xVT+Y+HcNvxHtW4ux
z`XL7)c)!-ldsvcM{CVu~_AbEOp2RU%Nk)GU>N?K;8{kEusxp~W{LvevLfXD-SxrIL
zSXyhXxM9h2&|g|%K|775m3~3i>MF!O7k!?ac^Fq+O|NJ7leu?GF<;%$z2y#F%m@Ag
zr2ta1J)fcRnYspea2#Yw38cu4J0*GcP<I-6)7K7zIQcK@eSr@n5J=#@KNfA^w13^v
zvp<>MNUmeIcYU@Q1)rZJ<9H0Pm8&O>I=N|#iqM-*Pd&`2f#@+c8b6I~o)+fJ{AN0l
z1#X_rQq-46Y|pli!3L-*F82P!1;t-hH|k(PFWLoe2cGTU{0w9Hx3qK1@12d2iYPN{
zb+Heb{d+bXNCuFqr7fIo3jn5Sx`dH2P?SE{RTq*tUmO@1M`D8qNi4Y{pdkpFy$i**
z^(g@WG35h`1$6>py1x9UBnTqn+#>=)qi!~B`4|_x`bBJKFi<H@^pzD5EsTO({mcjd
zHxGhzKFP^XfLrS<v5)gw!78-z+@JJa*J*g|Bk8+I7b)kZ5~yp&DATguGTBcj)k};}
zf;tHiqP50BpPuNHW4!l1E-yT*JpsbLnnn-Y2KNZNT(tV8rgBLIg`#GioK)1^-Iy?E
zJm{b2E%5<y(^VI0m$_4iQUsiVu>Rzd;{$M+tAYVyMZLecg)6W147^o69=NtRJ;KRS
zgCRs5R-Z*Wqo$d8lu$kN1P`-Vz*|Wp9Dgxow+U*WZ7ShE^SegGvcbS!8wNJ&o26;X
zNpSx~s!zN9L7rX8+O?7j{4gXJfA<#&s3W&j5xREn=7wKUa{5{V62KWsPy@_;uH!t^
z6zgHpiOE7l1VGX*TV;N%#9Cxlg1|JF2CVgF0G$*6I9yd|e%$Jlv_*t}ZY$xB?2pwe
zG0+lr4Cr)Q$-HD{<Zf65v@Nfo(fhiG74tb{-qYOh{fhe=jN7}(7x3||Eie5o#uXrq
z>uRU!WN(vgpIiN3KSM4g`F#dH-P*g<V!-{G#XO{8Y=W+=Pyx$fywzBQHM4tV#u|BN
zACKwf_g9z#bg5+y5Z)BbYzBidR})7xRCXhwmA6`V?u!#<soEZgUP^<>XA?Ik%F&z)
zP=Vonxq^S+9M^nJY!7NO>`xq+5Fe>)w=ZRJ2GFe+JFSy8ZJ>aaMVkBkzF&8Moj-i3
zY^z~3zn;@lYSSCj64=wb8@6xKU2jE-%N>y15^|^y_Oyo6$QgyBJ%g<=EkSMo3~ZGA
z8nB_PgnVYkWIulu6KwLCG~hM38OC6${*7#TbLm-D=O~gU4JTMXYPs0~%wRb^5p5D5
z<>ywg(UIl)A>JAmB^n(ohG`8qA@Z*Fv=bxLi7=Abq55kV(Tz^U3Bc<7JHz(E?vD?7
z*b?dma86(jRnD?CbOM#eeYCqV@3=8lcv-W&IOFB_-f2Wk_!3mQ`IZ!J-SVSOkJ?t<
zo2)8Z%df8eZ9zEEDb*H%l<?t5Bn+hF-+Hs@c6K*g>^k~o{Se#XmD(+~9ds8&uwr*_
zeH2vK&X@Jup9B&STVjx|q{((W(GZOf+~dY1ia-k0&RsJug@5@Le;e-eKD~_lSQ_kJ
zo6yI(=%d5o|Fgb<VA<L-8q3M7JjfJE7#@2Qcve++8*81*!%KtJ4NQA*`aS*cLvDT}
ziaAsCIfy}<!fhrw*tQpf)a%DNhHh+TZ}MO&#T0KPibIsbo87QBF%rJni`db>R4k=f
z+qfX8X59oa6*&3cN1on0P;B4}5vu2pH``YJGWQPyS4tO~^zZ3SedOpBizBo;Ue+YA
z-jN@_0Z<?P`h+;YTAS&49Z*Ucn?p^!Ij3Qu!NBkNU(Xk6tgn^c;QMPIX@?!vu!`T*
zd&Qsbsa!R@tYrOfNZjNvwLTy9y1Hqbgzs*hr&XQC=0C$`VlSzOOQ1FjR4uX0o@<v2
z5Qg_fSi$aOJ7V?*V%W**i0xKzMA=bHjIE}LwM6F{j0e39eJYqboCNGMm0dH1eKKuC
z|Mb^m@&l|iU2~X`i0k1{SAfnx8LEt`LU=~$zOjg7J}82q)Jqb}<tfpB!DE-Krk&w5
zEi#TaLaqkvNy6Nx0?9ZsZR}iGWAzUo^jdjOopBA_7`E4)qjA#8$^a>?Vpx`#!aowS
zyZdvLfXffNpuo~6F>P}=_+fsfTGa!GkBGPWB@yi~6Cj>tdGYdcu^00IXA*z0C6i_T
z?OjFO{tj}qnXi#(U~~p=eI<F2^x*V0@`tanMGjJxVHkB#7xZcV^%Heo4ZZsagmJJe
zT@z-eHIMz1fZ{{=oG@;iT70FdvqxCO<-PWtb~y{B2s*Xxb|ns^8BC2@!c#z;Jtqhw
zO2@~ISR4(cNTrO^U;;tz!rynaCOWOz_f)I+vQqz;A+R!8UE&)C98CDS`x<bAoxbYb
zE7pI7bs`T|uS>jFb506l2pe>*g<+xW{Slv4_qF9M_ig+j|FRtYqZ98h+1<jxA_X$G
zY+dtda?5M;KIT&ufs$Ywirsz~%)My?9hNlV9$K5*AVX2I)#>UGS&{y_g9i>s*DXdJ
zVf_$aHp#UCqLLsQyhGbjo(4A{Xa&hesItg;uD#{&r=;ym#~*Vxz?eE_6I|-9z4(P)
z@@WWw?o8ZZEe=u@S4Yck_e+J>a4fVriUD|=2rIW|z~Ir}3!1XgvH=Kc9}_+M4}*^l
zw#0r92f*a`iKJgDX~7p^#?Z7#TFK!DyDn6&4%9w|8ET?COEdCh25=Z6q_9@tuWMKV
zpL_x1R+=7ERxCA8!c9~w%mnWbflbHNBT>vGWV8<{Le%_9XIB8W=>%5kW3GiM-%OaG
zaq9;g4HI3&U$H-Tv+=mkx0*_T3qr%ENnc`yjCw7y0k&+<{^u%tl4m+Is7(Kw0S}=L
z-PT>}JBbK_gxXldDX^Rw+6$!%#-y%jm^;AH+*i1}DOzK5TV-KqSVOi}WN5ESG8ebf
zRY~Sv+F^3$%(fTvPrv63xsX>7gNY@=W9fA`ck_Y|NnmPWr8$qOaNVP3n3HkrA;bx6
zy-%2W{R*iDLi1LE1@$rb$rce2nVy#1Qn!^575K+&w<Ssl>w?KCi2PekeN#0%%|kq#
z_1L4O3IDO7lF_82Q;8Y3xWHmO$8O@LVLs)TZia=$o#@eRv~79!mfCumQ$@L|KHnZ>
zo-(vXyKU2vEn}U%h~4utqf~Q(YWxQ}f;mieIxilp^F_Q5g0CF0Xu$U_l45{o1DK$S
z{l!+pwzbegm#7tYCA5-}Hf)O70UI9rU`eT8l4T(}B3KZ&!V%{0dg%IezCHveK71IM
z^<y?JoLPzMRdyL);ojlX{TX2_Zp9`@qjh0KjIjgELhFyQXexeouv}}3s`jqm_+af)
zIp&Qtv_Kf0v$t2cs3ChP(ln|vyV}<F$a=03dm7Hr%&oP=kB{fI>9|(w@*M}cwxM71
zb8gcZDG;l#iwKWkX;+_Ll)KcIF<GJfY6V%XE@z1VhG@v_F?8s@DqFtCsSwQ_AaC@}
zX}Fi0Pl``s!kxl>-?F32;&e+7H{a5Vq1TYq%%>ySGr1XF^?++-Yi-?c_)WuG;j+#6
zd-&#-amOXobXDnYNHKzW+KYRbfYBjy!^beS*M@?a@FuF%v=<UN(o_51cwWA<C!!dR
z?qP&}KaJ(OP~H|(x*DU=`1<!Ztoran#-?do(S6l}hx&9KTKZbgqMC7N0$5TeTSTU^
zll|WiROaueBi)})_yF$qpJ*~arWqv5_doD?k{YamfHapKrbieE&fdQi!C6UOt)LjO
zf;-*}wUOY6iUoKU45`DsSC5rD#1tU<G1OdkP=)YVn9$Yy#IhbYIv~30OVo7Ss+|X_
ztA%Ez<l|V5Rjf2RZ6I8+pKwXoN-JlW?gr>0=S@sn)B=zbwXk#Shkr0127ML`oYhE}
zXk&IHXbp~9^K1OCdv@w?z)kx|Q{x8I-=Y}F)rV)|FHAJqJ8&ktp0hb7ZLiD|X-2a1
zS+X5@2BFUsyY@(;qR$JoiQnyOD_`B_$tbqgF3ba{ngW*5C)_jFPF-+W&I^->MdW%t
zwel%+3HWeHg;{_S&|u4<C@5~P))w(Sl8Qgg;_AY1=lDG2U?qEe299y^^J0Xx8AV?-
z)1{ObexQWqnsEpnF?eS)|Hi{tyuX=`D?phsF^_S1n%kqS&v*vW2YpSt+16B>qsomn
zOIjDBtD(HLE)|py-q#d1ixqZTD@|xP-0EVwAQR-g6mDeWb1i$z#q0M$4{>K0jQh0W
zwtGRTwkJRn!J%cYEVhWhWq_Y5%5Ij7M1|hsp6nVwY1nrjvf3bUsl;}FtgA)E2U?AZ
zH|NBapi9mm7TfsEfTr1<tl0SbJZ-n1M&vZw7=v)@ie~gwO12tGdOGNAFy2?MEze3N
zWP9WL2iJOKmTCPlTBhoPQ=MD<=6#4eS$59woPu9M4*g8MALU3pS6eD{1@(@hMd!}-
zrB-*9IfKo%_ga<|9sP8M`#QD9LrCo!qP;=s^QDoA;riRP#?Tn&Y_06Sr_@-QAaYTc
zHqvB`{k9P@#YG2pGnT_Z%j=HwFD=$s;}>1rpFw6V8C#oA1gDSC4FOwTZM?YM=y_81
zPxov_pPXEv_)vs`b|U5>LF=D)MiPNdhk6RS%>Gn+Uq-8W@b3JB5oZGnVuOos@A~Zs
zGbv|k)g?1&uYhEkF_;wV<swmd;9Z2Hh>8~nlTnj~0_<wGqFwPaUj$8YnRC&`Gm;a0
zqyX<8!pimA;3X6xKv#42Eub4UFfiB-*$z0%y%?SqX4?ijOZ;vZC)kef*_yQLlQj5b
z^hI<(RC)9z=wN-CU37>-$6$b>(f1W9j<j_3RXxqg;r>3>xKs4hgH32Vms1vzJpan^
zA4;{AH}`1Q9pftHON32R*Jnh^WQ*y=x?Bmz`_u2D_R%Sqeipt>ibjx<Z>{{5i{BM1
zC%hhucGi6P>Al5iIy``V@7klA_305Id|UkP&tFr0-NPE<ma5*_^9&0eyopEr;qPCj
zPo+~S2T9Ks&=z1RoUPzq#DmkirV%eSIM$i1pMO{8ou~(<;(aFGr-M{*^Dh4y4N+i!
zD&9w_?o#WM#d{+y?+%@ASje#YE6JL-rH=4@R&scx+mkE8J;1GdJvFxwS8~TUUR5S#
z=PqTPGLr!KQ8hhn`QEXdVpVh2<=m}i6pH4Yac9NLXD-d6VL2-kPoCn}H2*FfG_S=V
zG~nQwkp-{EMOpH+eO@%K+%6TY%Q=+KDZtL#SaGhj{cU(BoICo9b>*C5EVw=&jC~}F
zyP#m)4^UEC&%2VxBe|dac-kGmy$bQ%pvsM!TF;JrxZCi;U;RX}nQ!~t7*4_M^fy{>
zBgeJNJgSamtqv6?nbh}K?;?+rwL&;w>xsG<xgLr5GOZ0o8-B9h_QD^}Yte&g4W;Fw
zrwno%7A0-&-UcmBs^L__Ph_>X6DT9#G)_8QE<j_BVxJR#kDM5;(tj6$)YufLXoJrU
ze?cVB<_LcO2*Z@NQHFPGp(0%lafzTB*UGu#|CR56*d60hWB4vI?myII<F8^N8_~69
zA%5)45w0Og_86i;k@@s8$P>7U_2EdI^t1yRhiuqXu`-T0jc05CbOtFkUAiX?zo$DN
z39gV|MNgB`fS}Npp0$-k1gAj=#FU5ls~tQArmTP+9HQ=em8s8yXb?qEAA{M@r%q^j
z#jvnb>vJZ~o1ZpcnW5u;9QGcbLTg8MV7oS>#CmWE?eMQWF*^w|5d@IP40@Y(tz>+I
z25Bl<b43}Efg#n4TyGC|R8Oy#4{9z10h=;TKYC<hrBz$4`tL~bJe$eFtaPJMt8~+(
zpFSXR$5w`b#_w#lwV&6QRRGNtnx3phVx{Y3U0dl2HsBSFoU-R6v+_OxE&@yfNp|_-
zs(f;`AgDmX_)ofVJmOY&M;n4|S?CpU7rE(F<CTxI(c_$BZBN58VNJaVmLc(QQHm@4
zpGuN4Q-ob|Ts@-3jM(GcB?7Qs9=L)DY24Q7(=_zy(lba-*Abh*imlSEq<0(ZU$}+!
zt@QA+i@4#K7YVAtgxa-!o5ZSe`nx6e4c1A6H$T%I{@wRz^d;Z(IxFAVw36*}_h3EL
zFhle};<#J16EEoZ@vimEQs)cN-N`{Z<p_i=zFpOcL)B7AXi!>T)4<ai4xWY8Yl)h(
z96N~sFCjmp+xDbrSgoJ?+!LTMF)ubzBvwi>O5#4vL|f@pg_+Wl<_)75cyi9>QK3{k
zX2-T~<)GURT)?kWPS;=ljb^X&14oHnj61V}EirB|mC`u%&MJ{kGNl)oXLr&<$^8hj
zl~#=V@hBDH5r*{HZ1y=(-b45_N5$ih!nU{|_CefQS6=ZpLTkQtA$?@STj5r;BwVfp
z&~u}fh2t-h)1hcC(5%v`sWYUf*|!%J!G+6v5P*C!YX_=J`l}dJx{F8w5^3<|Dj|&8
z^Ixa53qhMy_Xi;osAJQSn5Jmcf<_#h=uF^;P-`j(OhpRgj4%g|Rl%b(!8}r<59ttW
zxG^$R&eUr1sUk2qZlE`?g7(iGi2g?0ve>|0CRCb>)TgOvFLH+$yl~79*+ZsD0R@z^
zxsjCz{|##B?%UR1vjbXXl~EEO9Ce3_sF+43prImVm@`0f^e^5s;DNwcqWAG<!2lhH
zqzWk&qk2)>9P5V~q<m5#s8b0r#d@ZOUZlPYl8v<_&Qtk2(=IN9%v=sNh(}rpDOiUS
zZU~O00&RVx52Z??4;N44Ls0zoyi4OvkbmYPJ$N0WxrID+(}1%T``B(|sU{Y|QrTl@
z%yN|<!2$rwlE+Jl$;kdSvd$L51_FA<c$19}{%%2grNp!=*89&LtfP3i#~mm7enH?*
zn7rJO>zast*y%6if5p5HMJtK{HJK2x>3I}HA?M6KYY9xRSVi*~hDsA7A^RMcIV^(<
zp-@TlK0#>n%^>Wupp-I<txP_<2|+VxL|x(A2|-h6@pSk;(^$quD@jCy!~7=haKc4m
z{6;vT0|%#{3S7)leSfQEa7Fdk2Gt}{su&*%85s~yN2ID4yb>ZG>`SCPNa*k`D*Q8@
zYU&k-(?X0M*s(-OZo)-{Vv3D03(eRmb}^igLs3dZ8N%IXLQq12Zo=GSLr}~S^wD{!
z+qSwJ^@xxyPGaSQ@SzRNN!#ShI>bdWEdTf`UQ946=hB(V$1Od<lE4&N36zQpM*9&n
z!w7^-D2++R&H8h;@Iwd8$N0CU@IxD42jV1Xk3V3U3p@+L;AqKnLJ(1+<542x;bwyw
z6NW#<OaG37SrB=XApbxL;U|$Q8cL`l+dsNcNQzhWawa&)9+<t3eu)ozs<#u+W~v)?
zRgRwxA<t$>8|{ph#s{4}t{1t-4y;WL+jHEx^#<U3Qx;??Q1W1SQw%Oi3!dE8xF|CB
zQ*ur-T*-pG;u&X6KN}Z2E6DV%u7Vm-;OpZ?SI1YCMh!1whnMar5$O=Y?wl52h+mtT
z2qQUgAEc88G6zM~`@6>rKYER@8%3rdhp?ZTv+pOx^6wbYqD+~;1k^&Ym!7cU38x=G
zBNA_4<gJp<|HE2HpM~W@xFp9uH6{Ip7Mi=^dV_HK6LxH0|5;_6271E!8NxEE{2pWD
zK5H3AwFSFqN}4x`Z_c_OqchYBGKXX>n!C&$x2}(7IN236Ub2ZDu4r^)h7uGTB3~cQ
z6VEhA$vMe-C9P>s7a%<!&JoYwM38u-d$u5CHUC~*9MzwU9SN8hh>{4u{^)CA3Js=5
zmor7AO?^3Jg%KOd8xS_%f)z4d$cr?tXWmE&$a(2xG{UbiMm7u?6$xJ{G^SZd|G{VR
zPW%-rXZxau$PfMG=kVdi?SediU?jQ5i1%q4y#kHRnZB68w}FQlw{cOpvNhEPg875(
zAGy_Vr(UGi73{AMsoE7g+Z83|mDzb$XYzTIBfE3+Y?xMmdMS~((vo+VRCSfPv(Z5E
zWVL;DBx7aMHa#CV+aHCJ-&E#}4bZq-R80*^blhs=lh$G3v$&6P+KpseR5pc|f}i!V
zESXq(@NmeeiZxiKW;%Ht+5H1tz-EVop_uy?YZHp9a&PAIf-t7rK(>l0iWAk6;S~bQ
za8Z^nHk}PP>dP+-M4gbF$WM0^B?m{piy$b{vH~6{J-HC5)=kKg*I;}D*-UswG?3e#
zSQ{OM(?c+XRlSlFJMUsZ^Q6KWOsSx0>3GNlnN!wG;?)$Hb4xS~gS}gjzQF0ht}C3G
z<w#7F9N{AI{>SiqMD(~K_UkJWUPmZ^uG6pLPEpTKU+O)SXsOWNZscQl*4`Yqm0LR|
zE(|vrhJ6q8==l=o<E^WHfA2rv%$BFAvW!RfpQjZNI;)m9_m$wmmCZu450bB^%(Plt
zGWhl=1MG~TT8xNk!T%osX+W00RrO^h=j@uN<%)Ht+WEGt9ne4D0T{(RwV5zfS(p_{
z@wA}{_l)GUW>fvbhjtR`nO#>}(CZ=Xy*OPGofS&$$>7#SYlDWE)-kkdq?HcSlN0=d
z5I+Ab)^E*}qRa7%X1-@vYSpZ%m{yGDkeFxwnzU|Q<Ny~YmRl!D?~AvVDa$poT`yH3
zMALzp<JZs$jd))Z^s_i9yrgMU{rRe%kTuO#T$p=A)l}dTn$Q&lLYMqDG1P=A7z_}w
zwk%H`tDWUc?XAE8nNwD^B1av8d}Qzm88yC!_I5}jJbZ)LJL18&Jm#O;lPr9AEFXoh
zpX*JTcziS;-a@?h)_O_9q-Tk=M=U{VP;8o3Wq=B6lCvi{(hzg@lq;&nIB((eL%vJ=
z<Iqk#h{w6IM={FKThgoj8iIo=doy8u1OJJ&W@GFCzW1rMrZ<^yY~C64xCV!Wvr6Np
zaVFPg!7w|nL*FQd5TCXZa=tMii&>m4be61$wj~P0{=RShgsYu+F!S@ij`-jQ0)MP!
zVf_WWEY)G7i^Ue)6e(qXtb7W)6CG61JEX6X7~ZMZjvnk$UDIrZC06E5P(a^*u4{@g
z(6n|4B%st)yet^`lMDS$*kZx5`oBrzD#hXRLtEg&uYa;X{deD{#<Y8U>(J5dA~VBB
zt)^t>0n<Y&dO={!Gx9Qsnt_)!7K_lL=nzo`GQ->0M5F{-G4fVk>8)uBHX)Y~ziNL2
zr|GSH`H^MKaN$st_X8Pb-2&-0qYUTQ$tY`C)aHr}A2ey!b70+W*rx4?W%Ae%3ucg{
zV;-9dgh@RA+m?2%=Um|6j9w+%w+<4uVSkas;9yw$E^;int+Uea5|i0tVN8<++?TfI
z<)FR%XG4n_dEsR=<F5wknlJD454z(;p3w?Dzy|4GNmG%hrOzP6j0z`uT24?V07<Kw
zXH7vXi?F=edmmahy<%F8AH3wd!gKpu+ZsyADlV~tGh|I}9h4IU+p;_>7gp}LL+z!6
z2Z(k`0RfODKlLQJJFzqJXQx3-2p`t(e0RSYqd7Kai&`PDkQH>=ILRdm0spgGp4F!_
z^8c_(0^13;q&2^F*)`TnRhu>&RFNm-1im&r&h?t*oYt(^oZ8$5%wrg05Nr8!QUBq0
zK_&`0fnmr=ob$n=&9p0q_QVz|n5#4>GkfwU@g#b=i5_x%Ok}!RgMVoLqoiU>IAeHv
z_B>$;I#Qp>P|H#la=E!GD@OC@QmDED39z@qg!G64f{?;*DDJI54Ghsk+FQvxEK`Sf
z2DP11=8Dj@G@8+p-!kDwy^r1lN#0kHB8kp~Ui;s0!Mj?L1%SYq(Zfh*<WlAV=5)#+
z3Zv}~I~60DY(#C~Pg%{XH5XwYplH@}ZBs08sW6R@S0s~F#Z)OVqsQ%YF4vR~8dfPT
z;W3pMk5hy35Y-n6{`$wMxENh)Ve2TObjMX$q<jC9Dk~nRreaJr#Rz{<dIiN})lQ74
znn>?$yLY|Bm@ajRH4=|e9g$uak=`gZr6QuObV#6>Pz$kD<B)O=2CE?Ut!_xJYZ&i|
zPFVb8z@SL|LSp4YqOUe(^oex}<5MpZ*ZDE35+0`>VSFV*EI)g64T8I8gJd6~`XGVB
z5<W7%)}Y;<Zvyxl9j1BH`HIzDYNJ867dH0qg1b6sr-RxFg~Dh7qgJnllj}!d^4Ac~
z8a6!a%(Du1A>~a|+AVcG_PEI8+Nj*7Z<gi?8L<6t*k+1$AAY{wRmAG<SOx9GgPJ#j
zQ_4l#dSlE|43f2Im;Nkg1ojG4s9cKU8sBLTsr~36&32*ONR0nuM$U<73dp6yxCSWX
z=*G||BP<CCUF!2ycNcKzq(m;A1Q8e)(L>NM!9(=%>W1AVou1=2_~9)KhMX-c2IUgC
z^S}w~z&!%py4Wq#vM1*X`!wq903Y~|cPl2o6^hneEjXPQ?EiWp-^$v0w0|5{2YGE(
zZ;O6XYAdqVMrDiX>_D5LtO!iVVF$>fYvfw4t7)}_fS55Ytpr{ca!v~iOED}puXjG{
zMsEJu+P0km49{KQmBW{OUNB?pYR>+NRnn%MwnVo+7@(_2!IZ)@(>Gkaz|SLUI{Qf1
zWx*!!cJk%)Cn*@oibmC}8r~+$Mr~B_Dc)hQ!XT3zUU}zi4N^4T6spJ<XJ4E>eWrC|
z^y*W^COtc&-~Dt(J`GaTGkHor!GFIn|NWADBA*DkB$vehul^7DM5cO?&D27x`E=41
z;+Zyj^--8JXpF0Q9Bu%7CE!+OGT<=QQ~u(A+wW?!ye3i@3Qtd93a8`_e12<sgMP(x
z$hg#lJ^6C_bQq^oiY}R3E}`Rtnd!;X(^+TgdWv66(!{c9GS$u+Moq;AUO6letSC4a
zn>)IR3IuzlF8QqkWGpL|vE0>p;W_3O7!6-GEWvm^BNz4Yu>zN<sha~m&c#St4DqMH
z+fR(ceE9M=P)kF_IG$Jf%P;o!O0V4sP7?V??TPndptMIyS%ES*zuXEA*NSRb8leyf
zI!B4;5k{4*BdOYXPROOqooAMyYj&7q#b~X_4@X^j@xu|s8l0+aP_NtKgb<>+Jr*Ua
z^d^GhAxyK$J*9GIeYVyC>H`3qU<qN8YG*~lVIpMQ6;)8sfWamyJoz#s=g9a9VnlbL
zj#rU=9^5l46NY8}9q5Agb7U<6@=%j8g6LA;CJ_D9mX>3`K<=G8vVs>An{jJh_;a?R
z&};xuocwcPmOQ|w`mXuVCW@g7ZjPzyZqpNUK*IftP4ErI`Q5gBbdHve-UN`Pp?ag>
zW!`gXe=+e^Av99+`QInq@$Fq6zVM!zOF8k9#{UNOv6fAHx%2lY?QBmWW^IMUu$kb5
zhgR;qnB~kVD2mq&2#^W%|I@dkUYy{0>RGhRHezir(}~s_Xrq_~JR25zN^h(+j=ntk
zl1#~yQ_bZ9j}dI5ubKdG{~~B1Vow#lBdYCnxTQRFQFOIlP9wMsozf(|7VVx~h)bDw
z18`|AEIP>G<i!5aCeob_BIZ8Koh)R|&KJ;CcXKHVo~7m59KGH7o_9yD<Q=(Vxa`1s
zgY&<HXsADkGyM<8Ti6uYUUf!mwO39|C0DS`?@BC<p%r^ZrsOYD$m$tty#flS-BmU?
zjG)uRhZoqon3YyfFTmh`wl8((E`Uyrxs%_am;Nw(CxVyVU9|pn19uEZ*IqYmM*kI-
zEuc_q4w!A7r)j}%S>X<XO%3&!JamXPhh6AtDlP@GSm>B73c4ITD^U-JUfF91zmGix
z{<lI$0A4XH2QZx|$nL#t9bz7j-H~&&beBzS-Zp`<*rmA;^{-ft9}N1)Oas1cf1uXc
zsFyJ^>G0{WH==t$>_Q~4{xHcO#J+4kd~9GWd-3_OD+=?0epWuWy!1_CPUUs`dFv#)
zVQ~M#ZlP~;26IqhghJ?kXHhPV4#t%Wony20j26C@YJn{Si-;Gf?PZ{q6PKhyzH2EE
zMza+r|Kbb&d-&k!Z9SSd*$u00e52Yx$H}H9b6Qa7>#~#o5rFB0mm@_O6=LNOYCUD}
zN-v8Lnk5S8Ju^H^Z=&agk`pa%Ea6>e9J~U59=2-0STUC(W3{X7b}<>V?^_o?4RjaT
z7OXSEW=jb6Zn4%;7foa(RW0b69Ss|du&SE#@FZHVqd~d#R!8K}4%B;L$YMBh-|UV^
ztCL3)eCtmJPQZI>KpE|f=A!QN-0XXvcl=Xn&h%Zgt$TAp78Et-bQmT<%YD88xM9gm
ze?;_NnYLY9xouh<>ez*YluxYsOKMgW2DZbR<zRl+vbDcCQ0{u>hWDd~pij)i)@-vo
z+XQ10Y`?PPxB4PXa`2%ubj6C2R4i`-_#-e#xb4q<ZvZv}F_MuSbvE({(V&M9dFRsR
z3y^Q14D$tHx2)QbQYr<a14KMkiZ8`F6m?$Mj47}nVRqKoIx^PQ5qNQAM?62IKfrV1
zhy7MD!=HS4_Vn!Oj)6Z&)HnPu;eV}H-v0Mu(c>ox#N5rCIwvL3aUYB+d;xy+FHc*)
zKKb(Oi?gREdd^>*>e+jq`7fqVPf4I`t3%PujH!-q{z8}*dv~(RO%|}(#6hxpX0C$~
zU)%c@j-Pj8?<9yD2r2NI{AMjH_M2g*cXS4Q=R>aVhzJg4)J&~Au=j6u@H(3AiuRsQ
z?VHV9(Tt1bbAVHiWH4X*pCuN7-GCoKz(<hl6%|tXMRh%6WgkmcaR7^Vx-xiY)^tO%
z6%|WnWo}a%R<BsWsKVd(kepYH0#ex>?a4_FXIc(sSMF4$8HE>9D6<L=r^!=TRB}Bd
z<c)E94qcU4sB6A`!v@MjBCIytE~tCCzxB{6Z7;vk_-*o*RkxhootZv^Q!PEGrV;EJ
zbjCXS75ryl%Gd8+yn9B@^W2DlMzKXxnEui;LQDRERSGWF8?H69hUZ`PAHvAG$PzQY
z64vI*G-$h9G1K~!kt^I4Z4uUJk60IWsGR|hX)a~KdboX9D)i^p1<&!A?4-`ge#QIr
z!NBS6_T(>Vy|R2{4|}HrL(jr2cwu9w5cvcT19WSG+qd(&N%x<6w0$BDT1K@R)$Y*=
zu*WU3SY#0lBkH-LBr{fJ&dNe=`aBJxS0c(`?3JdsgK4nbSym`2b9s!e4MgvHLrz{(
zYs>VirnNp|SFA?PHFyv9Rc#Yp>uslH$wc1E;I%Zz)-|E9UF&QI>l{r=48-Xn8(>_0
z#9T-29m;8?EC$ZBlkTl$P3{mQ1lH@>%8q_*Ur!ORCehibZx+`g#JUVh*=u~ovh?Yl
zdRb6a^X$)s%x?7D6HTwaZ+2!X$oY3y<ONqZaezY8&!tl#O>L38R&%r&?Vv_n{Fr?#
zr3yP$?Aq*$`{}?w?-ax7&h>NwdSFP^N-2$4sOt#oMt8aK^VWB@XmNxsL~)CI8lY)b
zdLtWhN6}jdO@C(OnwQVWOQD*IwUrj_Yr-_m$W&97vZ`D7W7su=#vqoqVvxK<qbQQl
ze8fK1zdM?cqmK)v|0C*!I+~G-wQK0Z#e!88a?6~VF9d1w1!+XvkNz>3BKUq(CRYDH
zdvE_7M{eAWe}8`d3Y7d*k+iuhDPPBSR4Kc7qI6+=k{D8VSE;iTV`s2jm@~lK07Kp;
zm;e1KbORX7zF>geB_-vEU+%P=>A`Dvqu)OAo|F=6SFt-LG$QExz_?&_jb0X|Sjf6*
zWzB=!e>fzua<oaI;$X(p8--5ahI`b%;<jn<g9r=rjzYj}*q|44ha`1sBPP*0&6R&B
zN^-VzUpE{$*n|*-XaDrPWOvV1Nnf5q7c36$$bkySNfmka^4XMJ^O{$*t(K?Zxczfc
zigVfej({QW#WQj&Tj-IwRaT7NS@RAunk7cwo<!02Q{1d1$<<1*_*D5pRMEt)RcvH@
z!=>f6o%JfsWm_;;`3WA0&W>VQ+w0nQwrYC^d3=w^;K``s>>5(PI8UD^_XY&rL47WA
zaqbv=P;;u}>NYx29;cq8BtAZ?>3>N<-h6d!yLIx3CN0W&#!`DGeomu?j!2#a{jaWN
zMlVTHbo|q+%8mJ*oKsCv#{mu$vom>tXw;V(r2fJyfs(R^K2ZSMzZt_l81A*;CC9S=
z#q{ts{torlUy=7xuz3356{96FC-)Tp_xqM>7Uf1sBFJp<F-(HNfZPjiFrfvZG%IBu
zu(BvFEGjv3Rih6vif^wjvIg<()rA{_`CmC->ppZb&L|Jl{Y*u**HhoF=%~FYw^pWT
z@9CP3o2XqzslNGX`WSlUzH@%dMKrZ>c#6%_V3jO18w5vQFQ{Rpr0y!sn~0Z+xGirs
z7{u86lIgU7iUNe3Gjyz#uUxj@=njPKx{=sBfV?a%cO{5`S;8hCr+AER9^qfJh}yj3
zdTI27lj#69RKYat&5g2E9<T9)6@TWmQj8p%zdgS<Z1M#0Jx28&fFoZ~nB0q7m7+cM
zmvLF_IBxWTZ?7))lGU5-f7sS#wRw7@tcE{av-XY`Y~;cq#RH4$-8WPDrEVr-{RUYQ
zy?@2YLl0u*d>COpjOd_o7g+NiIkUV7Xqz>Tg;ON52;ek%<8yDg;UPnWpGo9kC3b22
z0QVET{Snv4T@P`=n#DXVSH?X0_IhYBea)H$d3)_O?EYv*?Fi6qh4$4WMJhgLk(yyi
zm20HnTDIvGYmVF-W_7RJT99|auap$Bs#q~<6_9hB2v2gu)y+m5sOjw=;PPg#Y0q&1
zo?pE=JAe0PT9?0C$oq+wlTNV-*D=YMQ05`A@IXp&gof%xj=4!M%oKibelzl|LUTUY
z!E7O<R!SYey|mQ&&@2YXysIjlYuz$-8d{p7c-#-8Mf8S~!B9tZiqY#DP&~94Adj;t
zbEHj7cUYh6{+;1$Uk`pCyFJ3j)DnEKP-SH<TeCOY;a+08fJu1XDb`N$)1S-ajtM&G
z>=lb5y=<D=D>mOWv-W3?8yIIesDaT=FEG{?EU#7_*f`Z#Ea%hDZEDS|?GX~&X7}@m
zmFU|6qbB;6C22;h_3Q@BYR+o<rZ-Om8dfNxTBqx^w3Lup-NK5;rBtw;X<2je*>Hn#
z9n+~SJL`{Jl-p;0#iR+(4i!lIn{~o?A9F0++i4F{I4|_j2fguZtxkWvR6kY|{Q9IR
z`}zNT9LGbWT--p!9?U4`JaJj3xv|b7u@sl@-s?slLHqkG@BK+~bC2mv)A4rKLwdg4
zNXXZ+brnZdG2~Xx?f}uuw52uEtnF)M6jBIV-Tp(v#I>fyZPY9Bq#u0o`oSI!U$<>A
zh0Nxj^nqe{fIj7E{KS4+3@&^}n>0(3dwN9|@IPab8m!{o$OfvaZJh#4!i<GirJP;M
z!}FZ9!AnDyRhwUCTziHScLy?!mAq{6WGP5tt0{m`4|4UVeH{3RO{&l?(a{$Kd-3AM
z3oO?2```bb$d*u2vVzyE4@L<ig@1hca!UUF?A<pI{@7?mW>PQgSIq+h!jY0Jrv2;n
zhxdKigW;QSYxL7OfM|$!^LM}f?UbDJ7Lsqc%}jO?nN%+<q^%|tO2B}c6u;XpFc(Ne
zi5SR3sQJx8+vHHQdn;aOj6z1%DMu2hiHrK97Hh?-fiU1xQt?|x=IZNKc1>Re6T@Mn
zG;QH2>_op871NIxhcs%R9GoS1dPO6&nUH;f$A<EjM6yeXjpcyQ53D;n6s!d+$!pJM
zT#$0p%D=-Fh&z&nwQjh}in2<#OKJ^V1uo^-C?R9TRP8GksARpGf5nyAolyH|#~$}_
z*=FY}+)JHUql`6H;s!M2*A}eWRs#>>z9DnpmhZ98rmUD>ltECQV!E@-1Yww_&rB(-
zdlscx)ArWf5iLial1npipLT&Iz3<SwRMRDN*J_NTeLb2^k8I{bOO&RqJ@e-GL)N8#
zM;nDzpp6m>b=D;$aqER+W;6*H_>t<t+aB7zdC=12^@v#B(6OW1O63nbN@Z*tWU~dE
zsaPnCLxGz>_Mjpe+XDz@Y&qijVje957|iRC$=L%RDpZcw0b+jw#T<z|9_Ebgz;YSe
zj?x)hs*J{#gXKQv;lnmWs<duC9KL0#VNTb4bHdeHHzgDx@0rMyyt7Oh4;P&&S#=tT
zr)-9IL!RDieXeLZFl+x9aPb7PeSSAG<uR6ThnLFe4p%$hj5WbEe2}{NV<wN!*W7V%
zQ%BND$CF7n%$a+^B|QvsOM7(|(@UcR230R5_cR<%+|u_TweJhX(<}*!ljGMu;m!pR
zT?ozEIW5>pXklQ@g4L{z6f|_fkS^zKK}BiHh!v~_M#6s5tTk)#`uc*DEx%)}BFA5`
zNOYu4MBnQ9Pcl!ym(l~3;c>^BMR4T$ZsRC%h+|h&Z(*65{RZinzzUbLYpu`A)wTz4
zszSp@qg1IPExR#SkTxhXhou|#4%6K&G`e@WY>!5cjtSKtv!Zvrbh-`J-uGp~8mg={
z5nSa;$%02w1568+4X;?B9SvZ_yc;q#HBbTuQ`GsMG}l6w?6R9xTrIA%jsBZn#^5V|
zWgjb?M!dISgY922K&8J!>0)#zZd7;)%P=-Ss|QB*_|fi9@B99LH=g2&XtgE#Ry5%|
zq@Y#hid%RXOUL%(I=UeVS6GKU1cgndn-K`zK&`^#A7wjHR8W3c3P%7yeBF2aYQ-m&
zw#*)Y*tUCewtVr<mffSM`w9^hew;u~!B|y@zBxhU1lI21csY55XWHU?d<NK2t37gP
z{K&>8c7luGm?c=K{lQ&ljJ;9-`T+iT6en8BqJu&`z>m$E_3;YhuyF}nHz7d+`njuG
zTgrQJPuueBa%=wBP$lc150z5)Gcmu@8I(@N9EOO)Yu!8cDZOBu3~X8&R<`EJif)OG
zUapw=j;IkSwu4g*EoD)vPfoQbr`ng{RJ%Z@T8PCv;5XLlI%1{E^;?|xoDS97)wHib
z6CcxLq&>9#Dh9f}E29~&sZX*zAV6#60<&SvM|}zj7JNkKVBmpl<cL`h8z?(~c7T=E
zPdy5raM@6xSvIs_=Cq}l+MQrcFfXT16afrhr=F%fy}cxstCU((_}{l?-Y&;1n0@1l
z7-dc~EM~&mS`j%v9mM55yL&lucXurd71eH-%Ou-5S)GE*fvMbVmcHy?LMnXUdIu~V
zYn<5!7;c(@nt*yWPhQ2uiwL&et|QoXaU+iCAEAzsbi8}_;i<R84&8?X)gt8-jw>Il
z3PuXmBo$<+W+aeJaUTZG!4&6Fg8MMgERvkFDel8Szer*eNgBvN%Sa&mMY|6Jp?PUN
ziR-S!gh>eP+c3{q9Kx#mR=ao3MC(aRIjil!eRy;<ogQJ}M}J}H^nCIM!bBmXa1nj`
z2z_jo2DPd;MTO4O+VwZfEs6ab-vSv7-_<F4yQ5Ont3tlwksYuvl9;R$ISPtYyyg}Q
z-!LAgv?9m&<FshH6rN$9u30VH<*6rQULVl4Pi%*e>>GedbZyIou9gp|bNQJYOJ?ue
za8Y`98JJIlBGtawT2fdD30#@*E)#d;j<#xi#3WzMD)}8(GHJUQiMafbuvrNf$<APM
z!*`N9zp+HHtAT54t0HF}gB=?-TV%688!I~R%Xn!V*BYudYsD+_AIE?B&CipQKOG<c
z@M7{$fBntzU#9RszdrfX$<OW|zd1QMKK|j)@4o(c`R1?u<mVqmSKs2lem?$zz4>b*
zk&}}@{okbS4KzM3^hCB3ocdQ#t1f|vo1k6JOE0866Z2a718nsi6??RJ>#zq8u3@Lf
zuRLCK$|xalnVs{*6h`;-FmXY%x{)nym!!0&v1La6i=Y6;-bMeQe<g4C$zrTo$-6qE
zkOn*-&d5C!skOy#T}%Z&7I)&JO?yU*Tf8Ot>70Vz6y(`HduILMfM!4D$L$mvkc2Fm
znQuo3`!q2Bq6;<QtoHCRvL)|8O?dF-BgsVo_<yl)jE)m^MvY0yblI3J5myraTsK{$
zik5KCwB=;xfQ(Zml*=PSEe1Bv8+TTnBhYLi^F`GDz${v+xWSt?O~nfUQ-PZ*EVJJ>
z9|I)*PMJ+Eg?%PU)t(sNLBz9};U0C+)5H7wm`-r*XR<d1K}M;&UaAf*8+HV!|3)dw
zIk@+|x~Y6c^tHn%c$Iz{T>)#q2%WHjXluu3^XcgnYbQ4yFZ0gLXQ|}usM?H6H5clZ
z1~Ta%AIi0$By<oBw{<wPC7~{W%d>swA^zyCG*;df%fgmy;YnrUu^YHmAOmFLVR!qx
zKAEvOMyhN-E`}CdtZg1l$ttE<fLGoiB5=!Ud1rRzUj+G9p@((5UuOP_(33%0sImaC
zjFp%e699j;olvJ_cH&|Kw-W|9ytWQN8o+$iGBd$Yz^0WoQGzyVApv5fpbag!j-ZpZ
zv;asOaMnThPDycM<C?=|8|L=tMJv0T?TQ=qZx<C+Zgw})wbx@s%B7&=IlCB8r?|9k
zALs|6<kHt%Mn}`@it?HqE5^thx25qf*Ks`=&5-RdNX(Wqv#H|dm!2DsIooaJeKP|a
zJ9*-_)y6+>-wrJVU^!3$CQ2CubevsYsPGzZA=B^+(ZN?z+=PX;`V(s8fB@{iJ6?9Q
zLJ5GK-%9fJ^#zjUHw!(vXW-IBVczo^*Gaw_nY#UyDUdMQ8u-u*4|sQU2?g_PAmkvn
zWaLI|cjTrW0K+`<U}#2*1Z%iiS{1`%TpuGK$MqG${m&>15meM%0JdG&Qxx~Re*b)A
zbyHED9>nqN`@mctxLwVerlOqC%51yK?_Q6E2>6pah{5{U10FhTU!$RAol$}tfYmcr
zmI1^J*ih~T0;QUNTz>cZl<+B=x_?DUIx<cSXnBLd^*+}FHatS;_lD*uO*2o9?%)2|
z4BWi=$H_kjFb9A9n~^xJc_0BB#J&**bOYlz|N7gdEUz0@Of3x0-|$9En9%J=X{}3H
zB5)WU73g!z{_esiEPkWqf(6w~j7BQEG*}_E#Uul?NSKpjFcUi5MJ*-pos%e<xM^pC
zu%Ebs5-2#gurw5-%)NqQK52HsDDF40Y5<J)*Fx%F`>pSy2N4yU&^yUX(gB2rVF3ax
z^&?YYS9!K1HCLM6vMISX3P%{TfGa5o6z69p>4fI-up{%P|2|AZsH9xXiRua?6q}Y!
zoH{hN`8P3CTP>)OHhkTDX+bfht0_kZk9e-a9?8`pZWy~1MXw6M!j4q3c@G*;wY1?v
zXeO`@9l;8w6m6FX-)O=9a4_>OKBb`Y)l_sqyk!W0+7+-;l+0Rr%Y@HKFw)>-ObH||
z8~|6wg|0%(hP3#DeGYd`OV}fS_BVhrGlp9YIyV|N*RU)zqmX!4*I$G$W{U3R_*u16
z$g8b_hh#V?YNlyPHO&gien&lImJM}*2@67C(vmg(O+Ypr@=1aTL(F?KM^HpbPsw|k
z=wii4Y*3W}NDYgV`L7|fWF;v((8haaI_3;aHpv?8E^9_V_8I?0A6^S{u}Rk)_gWf)
zOlXd9>7c*>J}^vlCvamAr+nNZZFu$#)2ffkM0sWyqt#xl$p(ZSEW;>OYONHTF9x`X
zN?N&Or0>|^b9{3M1ouvsX^y-V%(njJKI;OrdKB2T@PQ<MLv5k*`#K89F&Ff1cN253
zy-qyD40LG%pPRf)@r5LW61tY@VoOO>b<Oao>tuh>O35Gpu4VN$V8e$5CE!xI#<*cY
zugI?l3XWBV{f!<oagN;;e`*)R6^$A`p5mz{D<1^SZ1XMEW(=iy5uN65H1QT}=`L5&
zZ0J^26>AZD8E^k-+h9<>1fW*X=XL7MKmMvBHo_pUH>aObg=HjNKmwS(TsWfpW}3&a
z@0W!pH8jq|5-0OK*fePHNuqjVhGniig3c-<(1XqA`#Y3-X>%$AN>^-dEj8g!L;6Wn
zd)YgnkHU9AeCi`ulL%YQJ}4Av^Vs@8*w9Xu7Q3L=dKH$y**KDfP>$SS4hW%zK(Mr@
zSGdvH<psR#?u9q-4=3%Dy~D1}7y@FuQb{n;;Wx5l^RNxi@Sg#&!+P9Y+OLsGXP4Ws
zNY)#S6!854b5+`Oc;1$ihPHZ%Hkwo4`((mlzGUJ{*}))V7(!titT#-ZbCp^Dst-zl
z)k_{{zse6a%9P|x*9M~uF*lsW<ue^+dawqR?ckBJ#^Hmbx$|LX6Qerzi<~AyUb&Cn
zWLWJG1w45K1TP8Jgeb%8H?Ql0{lR?gl<@5q+OSa~q?p(&eeb-ndbbN5Mw<c^X_}o?
z+Mu@~`LoLl%cPHm6v+1Q*)+usEomDsH%P{7A1;wRRl)}Kn4EgVMQP*#h($1DsIDkj
z;!(0@!w>?w7Xfy9YO0F`Q$)$6?M?_6O4F+9LAvb*kf3o|Us9-urm^rK?cQ2In~GW!
z)w~l0#yE1l%!$rhyC{HFL!p(9&(V|6TNlz;s@q6lnOmY1T{y^DxG38)f^TJ7DC3M4
zxA(Ly6;w8$nj=)(DQaz@f+dcQ(vE1q%v`MMnc<+1`@f|f(^Vby#OuC_dGN1(64Hov
zTGmwa0xW=h9(dPk4^QEODAJB7s3M>&*~PMFa<jIYxbIgdGT2?XG{GFCt&*Q7tbu6t
zG27vf7&`)<^p+(a&e~k+DB$1DT`>snG7UPswvcIB!mr8q;6o26p?S5c<h>&LUV5t+
zYJX|VHMiVIovvI5EM22snx!np0K`2-Aa`oc`aP>E^WPZ99x;7KM$c~qruB2>Op`XN
z=D2KS)1)d&X0M;Djvm55+B>Eo3dm*q#BdqHcEbc~sRqZVE#1lIgsydUa1?f)h;SRA
zli4k4CZ`UT-BJK^qS*oN@Fp%7RD?Pq-&*W<FJF8@_7?j<ni7OI1hfyJ=f;`{rsVjn
zY8Jtl69tRsO+IIJI4fbllPJD!rBd%5*==SJH-uCJgB#}4P5kL5zG-+*H}OsFmv9pg
zc-YQE_1f9cxEKt2=L1aMOKk%cK(nSK&jw1?ZfO*F=RI9c1=F?=mGcQ)x$l16(vj-p
zVYAn=;NUr~;7Vof&}%JGr1tR|@cxmq5d!A#kZPR8#Qe-o$u)CeIpLs(L14+W4aY8-
zro2+UEd97yekT*nkcBzZ8py+6ymiZGz~x(}`oz*8_&JQk_YWjHtTwq_FXrTm74nX?
zxB=e$)KH<g6mKc7QawU$tMpDGz^EI>CuDjdJwvz4UE2w;MZXM98yMQO?2gMWZ60j?
zLZ?x~P}<(r7yQOUy1Gzh2)${`^xH6o6jR-)VUd*r0vZnJ;`VF*5E>`+Hu2fjculxM
zDk$p{$g5CRB`5I`R|(k6tl2qJM*=@`+HZzVCChJufn;3uDI`9E3UY4*p@zL?m???1
z0(mA3XTU|(oum2h%J%)NGFQPo<{vQPzOO!_i`R9h&7q41ONA{X+<~mF@Kv}5L3vFg
zMY@zA7zAn-)&+?U=qBD~$qt(vTaN09ZCwEc{sFdPztOWOqLD|iel8kWPB(1ye5w%b
zBug8~s|VX96}KR47iOThE^yy-W_m|?1zBiZC|>3cp9V)T>(y)>oMdVZ*pgL(uvZyQ
zqrB)KYy)SR;j-W{yJgGd?VmNO_0M6KYnpap#)Q7quH}~@9lV`hU4iUaVS(&cWr2LI
zd49uofPw~OO^y8qtD@kKGizaV*{PUOn|=|TgFC3xEGWBT)yr({YEZfNc})eqVG~bw
z(kGZk5&XlJ%>Z0Em#6db%RL`gu2j&<3BgNV`r`WB^z{=mD75armt)?MHP@QCj2VA2
zAk?u;tkD`a%M-vCk0~<jCy&=0*pk3#d(R^YeXC7N$O^0*gwuhuJ#p6v>x1t3L^9bg
zf}dnPj&)+v3KtDFtb5UxZ>2L<ksmwOE{VMJi0O$Y3BWrxiX-MZ+Q^O+T`*Vc2Q~f8
zPfg3PB;rn&+f^dN3brs6$vetVV`$yL#DamnBQ*rWw6pi;>8kxccfd2d?wbaYp~%DZ
zc^be9e2Rhh?2=oyOt%;io1|m$<Q-YeP8(ogW{@1O`#x;DT}hKL4#Tz$?-17p0L#+Q
z<idtH9Ck^d%!rvb`3Uzj;@51CY4FQFC>U|emLp~V*Bh2TltL|d<1pUgoZH<%zM~b-
z*+t<9(J*=;PRV<z&41oNwqfSJH0@k6^<HXt|4|kRhrh=X*;o*3YJ-emD94o9kG?NH
z?%ppxSL8wv+1lCN;Rx7HV)vXYx{sX7HJ_~a&n~!Z2P=56uKIYXk+jhDhIGK!2GNE-
zg%A*5sb)6`LAk?Lv-So`h!#m0iG9nIQP_6e*Si>Fb~7rCp(GBUcAMsNGDCqP^bI7%
zKF-y3hc#W-+_1x_b=0&mT<5=yasdbEe=;tryj4?jMidt}6$@!N7f|rIWU{75<|6cC
z$M0yxF!!Ab4-6{jYx-w8w?HItqY`*C@UvUCe0I9Zmy#(yyAaR%BGCgL<aIcRe|rXh
zORRBEY*z283Y@3fKIFY=-*g4*(|cV}biL>Mg;yzTKvPVbr|W=DA6Q|lEUY;!lSuCA
z)P(X(X$iYo3<2qnfd{#^0kR4Tx4RNwgDR2<B~o1DTW9$@a7oKKd7Fli7*OQ3(a>#?
zFd;SJqNutOeWpMjJ*N*dr8{ll{#CbgT}Fp@CZ<{sHq{P*)BzveTBKDH$QpejzerIH
zCa^k@2NJ$D`pA51nT8?OXfeDrz2&o(k=F|<1gnA?!)USF+GnaYEfyH=L5bl671KwG
zEF^eKiv<_H`lIlbqDL|W8o8DEr(Cu(QCE*F?5f?KJ#Hx;`yP$;-B=+LKnh!ZzXz1F
zYyhSPg)l&a!n5&ByB!CXT-4r_%Eg?uEl%%@*%zX8`J8kj$Y@3!$c4Nor6l(ZLT!vT
z0<rTd1q>z_J*1r#vTj;ga~B8h_Qc+`WvecV_A^}JsuN~;dk~ekuZgDZ4bz4W5nVlF
z(XyR~h0n@Hr9ASml!H<1jwwmVm7@qT1CYWrmu=yK7##{GVxpOq|IW(BPG}X4d{4ux
z#OeS3`}gTMVn_Wu+g9^lwpDpQ7Mp-UO2>xKNo*tu7t$<{)A*I^{+^c^lL3zpC&A^O
znn@sL76>ny(B^Qrab5oysGX2E9E;8YZ9pEWXI%6Z4EqHbvt5~U<;)X`X)KEcWeucW
z5XI}R(o`_nscISBPLH_=<HEIKKjA@06SDsCp|FL-Bwn}$8;$FBezQKOw0!O*uP+P7
zeqx0!C(=~i4c}V)=~1EHd(`SqLH+9ZQU)OJ`-+I&(AU3AHQ?h$<aJWAhKZ4iRZ@_*
z{XWGB*?aCSMAfH9AwF_oSp$g?#K<jVRVu=M(k+dCypVNm6j@JiPN;~puB5BOp_GC0
z3sweHHemme3Ss*DSs47BcEfZj+gaHCV-y>zlrJ_3%-EhRH7w;2VC6?i4tqDqR~_Q%
zuVUs$sgB|4s||qLIGT88?MS1A@Sni-zie>*hekG^LrK~+L>&9<ibcczXqBwMQnB5d
zvBiR6&#aZEu2`G<fUPSR;co36cd3e`?S$CAXi2IW)l@M(W{w-`XZ<^ddxU4i{t4mv
zOF~CjhOMqjCV#YQo)}P>%hpefL(+-!Ul$Yv-!^mHvSOsZZ_@6!J^J?Bi}T!RGVeG=
z5dMESRSBL}KosFWcHtEairD+fv9$IZ<>)E8DOhhZJ?H8+4Pk2Swc*kF`t=)Pe@(o(
zY_=1Q849<Pm3>Y0J<*PC3f4O(O0I7AL9N=|^tgIoaM%hx_(^oXEoDdUZ3%6APx;83
zSLBUQUCVmBo0ZRu?cu~*3weXp)YU6@KZz2~G-0lqDWkLxy&Iw*OR|@)+C;~084qJG
zZD_0Ex|O~;{VR?Y20w^>cjv|2#TlR40>d82$vqUmWcw;<Mhb;H@U2H4A<s*8_gt0q
z<tcO_B_DM-PO8YWm(Ql;n%BIdZG|PTeBCeiT-+osTi+3I#lLt)j%5oyDySe8bEUH^
zhgssSVC2sBSZt3R-2B~?S*ptsJ|BqG(7bec-aD&Ct|ec;elsQC+N+Ee%gEKt_|2Y%
zCmwTRlaB5l7J`)fd|U>s-1XOe4xeJe;`W5`n+fiyopma%uUNA+NMc2k!iQJvzg(Li
zq~d_mNj0I!Op30eF~1R7f2ZX9&E?gb*JmH!oWCMp+b{4?d7hGwvNsn;E<8R_!9r&E
zzMUcyCRFqgflynY3UVR1_5jXt-LI&mu%Xz7s<l?%aD9rJ9)869dGM78QOI>Qs$-u{
zx{u1{(LK{I2_9b6mEJ+;Q~x`Pq)|h$kls#1WQ%Zc7DatJJ(@x!>CyDaDPk43!ZJ$K
z%BH?EAwtn`<4p<q;Bs!_8XKR7i8_Nir#(93hA)iq7O-1&v#_%k?&yZ!*=mJ*+oJpK
zBrkDrINdey>YM%hfu}K}7Z$|I_Mwn<jd&{yU(_qDgrnyi`;B3ovyLwPICn*yoB7rw
zyTV`H<105*|Fg}Mi-#`2wFdZA7AUd>ky5VWkripreW#vZy*WF7_hwp``>-e`%0_Y#
z&m3KWh<2~Iz2kleu&Qi@p}5ZE=TXZ>R`O;uyl}=u{0e~*CUjzEc>imSUgX?p^ukR@
zKQgb)>qT-5<R>5aftAA5*%<S0%orXlK)}<B0B5RUZOt)ad7v%E??_uU$%mWZeU(Um
z#I~!M+X3cB*`VP_myyjqTwC|_kO?*|n|OScIj<Phr*^V-yYE)?rXFXRb9Ov@yIQV<
z@}-paa3y!JDr;3Od#F2W9icafebQP_Nz?K>Ua^~)A#lOPO;9H)tUhHcvJDOS@65mY
z?A)z{;e5RR@DZSC!C$=hMaOg`vLy(aOeSDbI{v%Snak>ge9!FnC1CBgywK!+Aw3W%
zjBR{H;iw{_nSJ}Yp<wh+6psTs+{izKjzjP9Ui$S89NJmiy;d0P$Y}}~kmK`|sAXMo
zaofZ6%%v>@$cXua+rKTN@oe5z>9E%h*qi(7EGsh@l+8K&7sn=Sut#{AfA$PUH=?nB
z;*lp@?f2lhTosC^F<f|bz-<M&xPE<oG4zY<7(bm5KpnjxZ}W?66Q(el!|1BTf;MNJ
zUYv6UWd_p~l(jd591O(5wcZHA%|u5xYER?!znonX+L_tYe6$i<TDXeq={06%WslIl
zx5xM#g@+j3VZ-MKeykD8JJmb*vEnps&$9hkasSmLgyQchY2ZZvZ}DAm!8NB^wpo6I
z!CT&h(kU%#JYitQ<fGZP@4=XNF<&Rx*D!}W5X||7Ft?Ji(!|5~=Tjosz3mfs?~{MF
zW<|iWsQ&mW8KAod<8zp%)>c$VAy_d63!AniKc=%i{-ap2l;TkTt)mrA-}^(D`G(V<
z-n+qTuA}`jy!ZB!PK`u+QDH}>TPl=Ux1qn}$T~TX$gwV(sDJO^IWScxLUjfE`4N}n
z8=nIc>(YUpfUv96En4<@zdm9AFX3<G8?GQUXAE&29_GpdpMvIgX)c|-`A=Gw?JJbQ
zbE`?UQT>g0tQ`oWbYARZy=*L+&&Su7Kt+*1{O$#4a{vE7{O(0`@gFzuB-@hosNTiB
z)tUU*;z10t853w(*BD-Fc&R<)u=z$9LfK1=bUp1UHuejTjdkg5$e5BhUicEEd#^J&
z%=Ezjj~}fp{uc1CDAmL8w}V{t`H$PWIx)g->)*mj-qlbLJ9xtb7lx|Xv?lNiW0KJM
z`|JPw=IpCC-@v?KbW6k{sTWo&-zDxb{nTzdU!%(=Qk`~U#a$=J`?uEvPu-eFZo36#
z)l;|c)k(~^&cFlNJA<;AgG;KJ6o5Z#rw?hHiwu~2B6pM-InKtI=P2J1HLh6f9bA_*
zqvMK8o0EZggwH#j#hf2xKCNN@hVe6{QYyx*?z&I9v-UFhPV6{#W%JD@z{E5TxA9f{
z-)o0+((}K_v9cL#Xdm8;;OOFLXdU21ZQtLAgC*&I!e0<cWH0Nnp^z6H>R(w+KHf52
zV;7S3sU%c6scXa6!Yt*7;LLl^HF+?;?b-JCqgkTSN!fVsJItMLoM-qwvomK{NG-(<
znKheU96IeU;fdFnQ&z<+D4qz$FMC%KAn96}D1~z>4P8omoY7xWTKyqS`uiT$rp!oW
zGY`8tzc{xVrprWAc9W5WT}IY-+Jj5<^5T5wgDG2mFWa0V9m7{vB53U2R+C7#-$p*K
zvv&<=Zv|0q+Zl{&#QxHnc?9Er5bt+eIf9?p(c4{0j#OpvVlz6LovJeIegD8MpTTq7
z3)YZf7Ov+w6pU8ES$b$L;(D_)Cuybm+xAZknTUHDjrWM1QB`JDqzKVDY+;4%;r0kD
zQPT#2&Pgfn#XW7y2pn=!ngedcv9g%MM2G$zi^6X%+a)72t`S)b<Lq>J*N(eNMDLU|
zY{ak(`<1{hCWtIFtsHnGV)sYszIgEhZI3U0|NGw)z%40R!Ru8b1fTlHmoKN}-_PE~
zLi&jXgjHCv3VQ?#5)xLY<X^8pyzjvP?O&sWZT(!cNBne7$$1cd7ux!$UX0>G2&oC3
z&v6Gj#6!y&T)`23vv3gGW{*{Tr2Z|KQ_wE#YTjU&C49$A5*WfMsrW4;a|Phq@mvyD
zMYv_ksQd*LrdRl(es?JrEkblyXJi6u>(E1F53_?{u$Uk&kQ{lz$YDru@(sRu>8au}
z*a9*=<Dr!lH?V3W{t+1l8?n-7@h+PYk4-w#1v0UBGy%qb7$N1}3v2BVI+LAt5e)eE
zQL<S70ZQ@U42`~#hvSh^tbQ170ODb&pPUj#iv_u5%L%ZCB&t}N+*vHn&0q&0v;pe(
z>x@|=F7|n_w;=H^Nc*D7DuSsLp(42mtTYyv1wygS#lrrKpiPNXFV?cs%t>UWA+FX(
zkx12#wGZzxJlKlkP6Xe`nNO&F2w_%=*#vm%a9n~wq6II;&adyN0-~0p+X;TLPg4W$
z`lguf8tg8Fftk@Vr3i=hscC!5Tmdv%rLNMYnLJ+$5`k9kFs9Y;urLWS9nSn{Iz2+s
zxFK;eiAEOM#NY_Oqm4p*45N1g@{WWAUcIn_JCQ0OG@;gE*ml7h%0wF4hBIWxX-`uQ
zvd2yk9d%;;_Kn>>0zG0-7|v@J88pc@9T%OHwrWcr$Vptu^@?m3%_OBai=tPMN0i_!
zqEUr8P>QpN1`71W9GJ<*MCB}+;l0O65x`L%YSLLW1Fd^Rv(6$L)52FY?JT+xtvnUa
zkYuRoYs1<Ji*(HOzS@R2_#ijb3n`n9wA+$s2{11`^PG}*R^VlB9%^)8C96*RG}WCY
zCpH+E1DnBW1CC@bO|yq>MPj-Twy)+3h+HJ592};oPkFUv<1gi*FQp^b=LPyDj_#4e
z0kP!<1tyYB2_3|ixgVWEyu&)VS6yi;p9(b4<P!%dTVi-LTz;IoZNYFehCOB$9zLD8
z@%KSdat6?|%Zp5FLh$AmdqVKU7i&?tK#M{MPJ7-D>$@EFC;3Ld`{ik^Yj2IH>^)S;
zVk2BoEv;F(7ruP~=VXd5#se7517660{zyRjYFkGU2kA$y0lXEhG3mX=CS3?{`3k|?
zs1OoCwACr%%4UGh5i6}g>kMLN+Q37Yr91A1t4jj;kc%Zbm}E=C&5|k>tftv|mT7Oz
z%3NCY^1kI-GpwM<+FB7g&xHXc1Fzz<yO$Yod)Rgc&78ZT>@~HQL6Se(Ea8e><z9YB
z5V7SgXolI};o3dYwB)0L8XeP5WwxT61@=ky#xQhkKa0!;ON_IwWUW%n5_9U*p4`h-
z%o5|QD|s{z;C@`AndFYlA~|M>fwjt_IBtmvtt(liBbJzCpXNHvBp+wCMJjHIAw`0I
z9kySVB_>dBoYWjxW%3OjVHS=v&Gh-v39*N(%{p_uQAW0dB8W#v)9F#p>iGIH_S)9z
z`Q#6Ti9(jR*-gLO%uX65y|)2`7A;_t-qw?UVsLyp1Kdfpx~Q4Adn?Snn(QmHWMJpI
z=F3J|eYub7sd&w8fhEIEnacDt93z2g(R8Pl*tBM~Y?r5=p!s8_VC#Ehshxm6UUY5C
zgszs4teN}yOGT0m+i*dB^;xu#c^xcUf1LYj;p((E$CzK4xFdJ8jmFq-YC9{}CBNfJ
zMl*gkH7b@LvW^D9Jjk6G`|#}@2D!43*H%S9ySwak(`hTKvX|1bI#(mfpUzW%U&<zF
z?pH74p{DDtp<1(6ydwW`{FmSSJURK(@$nBYCja!;-yHvC3jg!#lRusO?Edkalau4)
zAO8IA>yMXj{>o2&{y}v0E&l80;~&_Yza|nnIr-E7&FtvlUciN($aaED`ikf_ISvJz
zo9_M2buaq+5?Xl|1Ok@?!|osH;O=()8%0jp*1u13`^$H?d@e4O4B{A?n`vXVsB4?e
z%l3~Y)p2Y=+tts_vivDx)v(M)BGsorwJ$hO?b^Z(2CD_}XE}XMh*HD&vqYk)QEK4g
zPTu-YQEKDuDN5}rO6@61Er;e)l-g62+EbL;Q<Pdtdx}zfic&j3lp0>zHpHqW4$jt4
z>;u*QH^r%0nCG*ike$#U<t<AHKv}URtWkh6fUCBJ6k7sVAJ)k|YzQ0eN^Y+4JM1y{
zYFL0*l&tiBNZewUn`krIDLEr8D|o|={D6``@H_50hX9#+iPef#bBmHELRjbiQfx1W
zdvqDqA?Z-r9E5hu{%-xzsSF>-|1s#zAZiGv*bgDEqqO0+KG;L>DfUytTiEQ^tdOGI
z#c;JoqgR>09hPijDLW(s*}b&lCD%(I5oTfCDW0#qg*j9GniJYIt)#_*si5cMNPm5^
zWk!4ga@E~%ftLcHY_!B`Nm{9?PToQ5LkxG7`=t3uB1Kf$bi0HSTGDnWm<JvlgmlxA
ztV&mY`42D5{kO2E-N+ay2&pBh(&Gk<bee~~8hqj(eoGdzYt{5T&!?m%c?oZ#Ny*)>
zHK`a?n!J2LYA!mXx+D<{t}MU%ZN@Q7zpSKRQ?_1E8bqYBw-n?$sfIY%Z-`j861ZVS
zSN>KJT0Q{BO4sodHTGnMCGo*=ReqGvkDZ(?by_(k`|Ple(!bds*Gjx@?e{tuV_)HQ
z%S$P`%1tY~Xi<W}Sm0@QLv|j8qF@SS=y?xWF5*5)pfkEe4_1U|Q~e;fBA*cMZ*)S&
zRQ#6RaHX?gUGatC=2TqVAU0mzRhl=IpPlF+t{gEdB}4BB4NUJ8tAAnH?S}F=^F8)`
zU_v7lTWbVyLtE;nzmRoJ)d@Ob2rWjWkgZ>7<YG&!eink*mwh*<W`c^S?{rw{93Cg~
zUO226#QPoYN|InQ`id5}Oq7W04wF+Z1+8sya*u$`$`#rpk+Nu-#v(edt{JLT`_5FS
zGK%_|hsXGjLeqcC?+TWpiyE5y4&p9aUT<v}ZaITf0sP(jeW3<8tqfa<-^X0_sFjT}
zTOI-`ItAVskIvQyqU>~3&bG6(YGX(3tQ_*ND_TlLzN%z#OU@Z6?VkepxSf@UfsuOx
zA^TqdLe|dW_v|kTf~=-D8QT#a_eKXeoA?uOsY8KG4^G>!7V>_g<)l+=!lSWoNdvxR
zO9%u^9<qI5aQD*^jJ)u>Q8uo=I{#LU*^L6V`Z?3Z^MW;t=a%~J%;><=Q%k|MY%>tq
z-5V$c3t3gRnwy-H*Q{B1lG(@v2Oj_9qE9tarUT?0nWu-x3Vy*;6>OY#7A^Yv7}NME
zU^5O4zV&F+ba)W2qXCLnm;f|{;j*OT*VTY^k&8LrDoR!odB@t8mrN1QpZZN0B`J9I
z7_<9?B=*H4iDlgvkKn>MV36?38iS-|%}4U1KMNL_fCFaqs;z%@LUq?0nJQ?-E<PmP
z%Iveli`ljPF{q(Gat+yr<M3y{d5DnZc1OVzhQshi6zqB|Ex)hOzM-1k({!0_pAV6l
zR`8hIE{P8D?DB$qjimO+l4zwy_48cTl&8bUuD-Ymx|2GXOHYSbLIFteoZocj-fHiY
zpRj!Yno9KLl<(gM_cXA}xfFvQ{WN8HLFo8M2BMfy9GrkbEDNYo5TESx15mAsTV}tJ
zH(WUGAgz~sPI<H*?UNq##p^*zRc{2HRdG-2a6|i7$lHqE5C;EvUUFsrORlfK0Z&RN
z#vyra;=AR)KBE+w!v1F!8C@1QL+}paqBKKbYEVDUJ~0}sPJQ|f1{=*7`MBW4?PcIR
zk*)bn1V1GkaWdXZ+GloHmpO)m;2kHioMLuuX9@mBm68RgV*x_27r@HZi?I^K*#4sf
zWhZ@Ls7Gy(!fy5L6Ew~`0;$V|o147{gZnBA&#!-F9na5sz%u+qF4xR1wo^MT;A+3z
z<B{Y6=AXrXcyMo%RUEhe-3#pPPsF?v;{g=~>iU<TXhQ5JbIXcj9e=a#CEzWMY`Q8I
zgti8)xQG7%zrT+gY8TX;qcAaNb9Pr!<*N<ZTq)Q&QJN`*uC^s;MG3DIwmL+ys-)sn
z4m&3?@Z`nse*4=|q@7hXopH7>j<mBOn`+z-nSivDlRdR#w$x#vc1FDm8#2%@q8aEe
zw|rzilk(0pbFsH(n~&#_$LWSS<_FCl&&U}Mv%#Y@Q!>TZbHGQJYg>N!NalB({|&Rk
z4}(gwD;7yE0@Qd$cVeb?dQwMHR`#KCu`|MM)AFv9v#m2KQATsDx8zMHkUgj{#`XXr
z8C#BE#%$-5c^#`2Im~fRpqL|zLEa|NJg`K@wpSK&UhZ;E5<pr4Kyr3+PBG1BPV#!5
zaRS8+naHEr#R+7+As{QKIGNF<<ra)*4JTwC94wh2Ez>kJzqHRBjcYgg@CP}@^ejWh
zQUA_H^Ngz-HL70Nc+9?}x|W6qKJe|Br0vsj8v=e+ZdEll+37x9uQ*Zt&pYC9Klx50
z?F+%b|3!ju@8iW&gW8(T7zfM))HFFuLC65^>(AfW<pn8P2ARXOQd6>_o{gREC{?R1
zI-QPc&FV(Scgd3z?~8Zh9mFB9=xQn^<^+QqFOaIy8CVq}Q)165idL}vK}s9K*QXRo
zqrFr<psxhz?Jz&69ju)CLN-aWV+E_VBlx*;2Ru+eLgUUD=RigK60$dY3d3qucu}KO
zCGXW}H$y>g*4>QHrjySYsd?MV)_QZoVMJ*{<cYZ_vKFsKt&LB(X4-BM*nV0PDlpM#
z%vRt6Lt*&NS3F}2ddFqgB4sVfGyA7!MpiCmyu7!wOm~pn;Ac~9STnyH5{%5HbcVSJ
z`-v;PM$RvnE0_Pk8snX6jI8}GnqoFQ0^u7&&GGIU{<N#!XsaAx2B%9V`4qZiTyGq+
z(Eg(JM(_Ktc(J@V&yN|v_nh=mK3>55PQIdQgblu<g5IE!;rROUt9K`6r-1e7;(XNu
z9co+nf%p5THLgrSmh@eF^8u#e0GXRkevLs>ZIGOos|71CIKb7$QI3VANYA^vyxngg
z<3Ry^uXkgxu`f(uEjIiiN^_e{Xv<4VQ{Aob$e}v^&hVm^VI7wl)EX-7Yfel5xS&F+
ztFB@#DXLEC^{lchSEFD`-b+omD5|ame-sn05D+A$wXz=8H9AE-a6`7?>Zd;d!;~%D
zi?Bk}#(TpJ*Nbj8Eo2>BA)eddGrfF1tK{r?P0cXOg+jM{)@j+Q=Ow#i)pNyfCbTUU
zT(d%VEqhKIJ}IQQGn-TjHLc5E8HPEbqMYDF4Q~V6WfQ%lyfS+96*DZGZV+CB#rY^T
zt%&IA8EYXb$GuM)St`6(V`Twf+otBiti{sSVmjHhzi4~IyflKKv3`<E)>Lw7ILA7d
zh?~D-=I(|X^>bvjSG_LbtdT|qq=oLCKa6yuWNigyjcVX>n>eAp2!a|nW9He0wWj+<
z2exL4ifQJFd&jPSY|HpI+Ys8_)>B9^(X6ex0HFkny1F_WMz?vr$gy59-dZe4Qd3=6
zb2$Js$oAxrE82;DH*-K?^T@+-ZkUCK*{NMqnzh(*Oov@i5RMCa=WaI2h!Tgl2=~In
zjeN7Dnyj;|mA~W3Uiq=z{OpE3v--qv_QxgMdbcMqG5=@lTPWcI%oVF#g}-z&k7x6W
i{P+L-pa1WvJ+-Iy)Sg<{{$Bt90RR6zv)6S1jvD~q0W{hG

literal 0
HcmV?d00001

diff --git a/charts/rancher-monitoring-crd/103.0.3+up45.31.1/templates/_helpers.tpl b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/templates/_helpers.tpl
new file mode 100644
index 000000000..edac2b315
--- /dev/null
+++ b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/templates/_helpers.tpl
@@ -0,0 +1,50 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# CRD Installation
+
+{{- define "crd.established" -}}
+{{- if not (regexMatch "^([a-zA-Z]+[.][a-zA-Z]*)+$" .) -}}
+{{ required (printf "%s is not a valid CRD" .) "" }}
+{{- else -}}
+echo "beginning wait for {{ . }} to be established...";
+num_tries=1;
+until kubectl get crd {{ . }} -o=jsonpath='{range .status.conditions[*]}{.type}={.status} {end}' | grep -qE 'Established=True'; do
+  if (( num_tries == 30 )); then
+    echo "timed out waiting for {{ . }}";
+    exit 1;
+  fi;
+  num_tries=$(( num_tries + 1 ));
+  echo "{{ . }} is not established. Sleeping for 2 seconds and trying again...";
+  sleep 2;
+done;
+echo "successfully established {{ . }}";
+{{- end -}}
+{{- end -}}
\ No newline at end of file
diff --git a/charts/rancher-monitoring-crd/103.0.3+up45.31.1/templates/jobs.yaml b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/templates/jobs.yaml
new file mode 100644
index 000000000..51b512adf
--- /dev/null
+++ b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/templates/jobs.yaml
@@ -0,0 +1,152 @@
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: {{ .Chart.Name }}-create
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ .Chart.Name }}
+  annotations:
+    "helm.sh/hook": post-install, post-upgrade, post-rollback
+    "helm.sh/hook-delete-policy": before-hook-creation, hook-succeeded, hook-failed
+spec:
+  template:
+    metadata:
+      name: {{ .Chart.Name }}-create
+      labels:
+        app: {{ .Chart.Name }}
+    spec:
+      serviceAccountName: {{ .Chart.Name }}-manager
+      securityContext:
+        runAsNonRoot: false
+        runAsUser: 0
+      initContainers:
+        - name: set-preserve-unknown-fields-false
+          image: {{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}
+          imagePullPolicy: IfNotPresent
+          command:
+          - /bin/sh
+          - -c
+          - >
+            {{- range $path, $_ :=  (.Files.Glob  "crd-manifest/**.yaml") }}
+            {{- $crd := get (get ($.Files.Get $path | fromYaml) "metadata") "name" }}
+            if [[ -n "$(kubectl get crd {{ $crd }} -o jsonpath='{.spec.preserveUnknownFields}')" ]]; then
+                patch='{"spec": {"preserveUnknownFields": false}}';
+                if [[ -z "$(kubectl get crd {{ $crd }} -o jsonpath='{.spec.versions[0].schema}')" ]]; then
+                  patch='{"spec": {"preserveUnknownFields": false, "versions": [{"name": "v1", "served": false, "storage": true, "schema": {"openAPIV3Schema": {"description": "placeholder", "type": "object"}}}]}}';
+                fi
+                echo "Applying patch to {{ $crd }}: ${patch}"
+                if kubectl patch crd {{ $crd }} -p "${patch}" --type="merge"; then
+                {{- include "crd.established" $crd | nindent 18 }}
+                fi;
+            fi;
+            {{- end }}
+      containers:
+        - name: create-crds
+          image: {{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}
+          imagePullPolicy: IfNotPresent
+          command:
+          - /bin/sh
+          - -c
+          - >
+            echo "Applying CRDs...";
+            mkdir -p /etc/crd;
+            base64 -d /etc/config/crd-manifest.tgz.b64 | tar -xzv -C /etc/crd;
+            kubectl replace -Rf /etc/crd || kubectl create -Rf /etc/crd;
+
+            echo "Waiting for CRDs to be recognized before finishing installation...";
+
+            {{- range $path, $_ :=  (.Files.Glob  "crd-manifest/**.yaml") }}
+            {{- $apiGroup := get (get ($.Files.Get $path | fromYaml) "spec") "group" }}
+            rm -rf $HOME/.kube/cache/discovery/*/{{ $apiGroup }};
+            {{- end }}
+
+            {{- range $path, $_ :=  (.Files.Glob  "crd-manifest/**.yaml") }}
+            {{- $crd := get (get ($.Files.Get $path | fromYaml) "metadata") "name" }}
+            {{- include "crd.established" $crd | nindent 12 }}
+            {{- end }}
+          volumeMounts:
+            - name: crd-manifest
+              readOnly: true
+              mountPath: /etc/config
+      restartPolicy: OnFailure
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+      {{- if .Values.nodeSelector }}
+      {{- toYaml .Values.nodeSelector | nindent 8 }}
+      {{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+      {{- if .Values.tolerations }}
+      {{- toYaml .Values.tolerations | nindent 8 }}
+      {{- end }}
+      volumes:
+      - name: crd-manifest
+        configMap:
+          name: {{ .Chart.Name }}-manifest
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: {{ .Chart.Name }}-delete
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ .Chart.Name }}
+  annotations:
+    "helm.sh/hook": pre-delete
+    "helm.sh/hook-delete-policy": before-hook-creation, hook-succeeded, hook-failed
+spec:
+  template:
+    metadata:
+      name: {{ .Chart.Name }}-delete
+      labels:
+        app: {{ .Chart.Name }}
+    spec:
+      serviceAccountName: {{ .Chart.Name }}-manager
+      securityContext:
+        runAsNonRoot: false
+        runAsUser: 0
+      initContainers:
+        - name: remove-finalizers
+          image: {{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}
+          imagePullPolicy: IfNotPresent
+          command:
+          - /bin/sh
+          - -c
+          - >
+            {{- range $path, $_ :=  (.Files.Glob  "crd-manifest/**.yaml") }}
+            {{- $crd := get (get ($.Files.Get $path | fromYaml) "metadata") "name" }}
+            if kubectl patch crd {{ $crd }} -p '{"metadata": {"finalizers": []}}'; then
+              {{- include "crd.established" $crd | nindent 14 }}
+            fi;
+            {{- end }}
+          volumeMounts:
+            - name: crd-manifest
+              readOnly: true
+              mountPath: /etc/config
+      containers:
+        - name: delete-crds
+          image: {{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}
+          imagePullPolicy: IfNotPresent
+          command:
+          - /bin/sh
+          - -c
+          - >
+            echo "Deleting CRDs...";
+            mkdir -p /etc/crd;
+            base64 -d /etc/config/crd-manifest.tgz.b64 | tar -xzv -C /etc/crd;
+            kubectl delete --ignore-not-found=true -Rf /etc/crd;
+          volumeMounts:
+            - name: crd-manifest
+              readOnly: true
+              mountPath: /etc/config
+      restartPolicy: OnFailure
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+      {{- if .Values.nodeSelector }}
+      {{- toYaml .Values.nodeSelector | nindent 8 }}
+      {{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+      {{- if .Values.tolerations }}
+      {{- toYaml .Values.tolerations | nindent 8 }}
+      {{- end }}
+      volumes:
+      - name: crd-manifest
+        configMap:
+          name: {{ .Chart.Name }}-manifest
diff --git a/charts/rancher-monitoring-crd/103.0.3+up45.31.1/templates/manifest.yaml b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/templates/manifest.yaml
new file mode 100644
index 000000000..8dc9dfb44
--- /dev/null
+++ b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/templates/manifest.yaml
@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ .Chart.Name }}-manifest
+  namespace: {{ .Release.Namespace }}
+data:
+  crd-manifest.tgz.b64:
+  {{- .Files.Get "files/crd-manifest.tgz" | b64enc | indent 4 }}
diff --git a/charts/rancher-monitoring-crd/103.0.3+up45.31.1/templates/rbac.yaml b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/templates/rbac.yaml
new file mode 100644
index 000000000..b063d283a
--- /dev/null
+++ b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/templates/rbac.yaml
@@ -0,0 +1,76 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ .Chart.Name }}-manager
+  labels:
+    app: {{ .Chart.Name }}-manager
+rules:
+- apiGroups:
+  - apiextensions.k8s.io
+  resources:
+  - customresourcedefinitions
+  verbs: ['create', 'get', 'patch', 'delete']
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ .Chart.Name }}-manager
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ .Chart.Name }}-manager
+  labels:
+    app: {{ .Chart.Name }}-manager
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ .Chart.Name }}-manager
+subjects:
+- kind: ServiceAccount
+  name: {{ .Chart.Name }}-manager
+  namespace: {{ .Release.Namespace }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ .Chart.Name }}-manager
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ .Chart.Name }}-manager
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ .Chart.Name }}-manager
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ .Chart.Name }}-manager
+spec:
+  privileged: false
+  allowPrivilegeEscalation: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'configMap'
+    - 'secret'
+{{- end }}
diff --git a/charts/rancher-monitoring-crd/103.0.3+up45.31.1/templates/validate-psp-install.yaml b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/templates/validate-psp-install.yaml
new file mode 100644
index 000000000..a30c59d3b
--- /dev/null
+++ b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring-crd/103.0.3+up45.31.1/values.yaml b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/values.yaml
new file mode 100644
index 000000000..8963ac34a
--- /dev/null
+++ b/charts/rancher-monitoring-crd/103.0.3+up45.31.1/values.yaml
@@ -0,0 +1,17 @@
+# Default values for rancher-monitoring-crd.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+
+image:
+  repository: rancher/shell
+  tag: v0.1.18
+
+nodeSelector: {}
+
+tolerations: []
diff --git a/index.yaml b/index.yaml
index e19e4c256..3a616a4ad 100755
--- a/index.yaml
+++ b/index.yaml
@@ -16541,6 +16541,20 @@ entries:
     urls:
     - assets/rancher-monitoring-crd/rancher-monitoring-crd-104.0.0-rc1+up45.31.1.tgz
     version: 104.0.0-rc1+up45.31.1
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/namespace: cattle-monitoring-system
+      catalog.cattle.io/release-name: rancher-monitoring-crd
+    apiVersion: v1
+    created: "2024-03-25T10:49:27.423322264-04:00"
+    description: Installs the CRDs for rancher-monitoring.
+    digest: 2f4f49ae87dc7519c2cd9d8e4e7884740ae6e90b40dc6c64c4e4d88746b9a4b5
+    name: rancher-monitoring-crd
+    type: application
+    urls:
+    - assets/rancher-monitoring-crd/rancher-monitoring-crd-103.0.3+up45.31.1.tgz
+    version: 103.0.3+up45.31.1
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"
diff --git a/release.yaml b/release.yaml
index 4f5680d8f..62314139c 100644
--- a/release.yaml
+++ b/release.yaml
@@ -99,6 +99,7 @@ rancher-monitoring-crd:
   - 103.0.2+up45.31.1
   - 104.0.0-rc1+up45.31.1
   - 102.0.3+up40.1.2
+  - 103.0.3+up45.31.1
 rancher-vsphere-cpi:
   - 104.0.0+up1.6.0
   - 104.1.0+up1.7.0