From ad2ee847a9d412650d39d6b6104b31f7127dac05 Mon Sep 17 00:00:00 2001
From: Rowena <rjones@scaleway.com>
Date: Tue, 29 Apr 2025 15:24:37 +0200
Subject: [PATCH 01/13] feat(vpc): start new routing concepts

---
 pages/vpc/concepts.mdx | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/pages/vpc/concepts.mdx b/pages/vpc/concepts.mdx
index b0a593bf3f..70609c0497 100644
--- a/pages/vpc/concepts.mdx
+++ b/pages/vpc/concepts.mdx
@@ -9,7 +9,7 @@ tags: network vpc virtual-private-cloud regional private network routing
 categories:
   - network
 dates:
-  validation: 2024-12-03
+  validation: 2025-05-01
   posted: 2023-02-06
 ---
 
@@ -105,11 +105,19 @@ Routes can be of the following types:
 
 When deciding which route to apply, the route table reads the routes from most specific to least specific, in terms of destination IP range. The first matching route encountered is the one that determines the path for the traffic. Therefore, a route to destination `172.16.8.0/22` is applied before a default route to `0.0.0.0/0`.
 
+Each route in a route table has a **scope**: it may be advertised across the entire VPC, or on certain Private Networks only.
+
 ## Routing
 
-Routing allows Private Networks in the same VPC to communicate with each other, via managed and custom routes. Routing is activated by default whenever you create a new VPC, and can be activated on pre-existing VPCs by [following these steps](/vpc/how-to/manage-routing/#how-to-activate-routing).
+Routing allows resources on Private Networks witin the same VPC to communicate with each other, via managed and custom routes. Routing is activated by default whenever you create a new VPC, and can be activated on pre-existing VPCs by [following these steps](/vpc/how-to/manage-routing/#how-to-activate-routing).
+
+Each routed VPC has a [route table](#route-table) which is automatically populated with routes to each of its Private Networks. When you attach a Public Gateway to a Private Network, and tell it to advertise a default route to the internet, such routes are also added to the VPC's route table. You can also create your own [custom routes](/vpc/how-to/manage-routing/#how-to-create-a-custom-route), to route traffic towards defined destination IP ranges towards specific "next hop" resources.
 
-Each routed VPC has a [route table](#route-table) which is automatically populated with routes to each Private Network in the VPC, as well as to any attached Public Gateways. These routes allow the VPC to automatically route packets between its Private Networks, or from a given Private Network to its attached Public Gateway when the destination is outside the VPC. You can also create your own [custom routes](/vpc/how-to/manage-routing/#how-to-create-a-custom-route).
+<Message type="note">
+If you have [updated](TODO) routing behavior on your VPC, or created a VPC since TODODATE, routing takes on the following characteristics:
+- Custom routes are advertised across the entire VPC, instead of only on the Private Network of the resource designated as next hop.
+- You can optionally [enable each Private Network in the VPC to receive default route advertisements](TODO) not only from their locally attached Public Gateways, but from other Public Gateways (or default custom routes) attached to different Private Networks throughout the whole VPC. 
+</Message>
 
 Read more about how routing works in [our detailed guide](/vpc/reference-content/understanding-routing/).
 

From 8a76a51bc4a9ebf870e647b88a0d1c64643aea69 Mon Sep 17 00:00:00 2001
From: Rowena <rjones@scaleway.com>
Date: Tue, 29 Apr 2025 17:55:20 +0200
Subject: [PATCH 02/13] feat(vpc): new routing behavior

---
 pages/vpc/concepts.mdx              |  2 +-
 pages/vpc/how-to/manage-routing.mdx | 97 ++++++++++++++++++++++++++---
 2 files changed, 91 insertions(+), 8 deletions(-)

diff --git a/pages/vpc/concepts.mdx b/pages/vpc/concepts.mdx
index 70609c0497..14a62801b2 100644
--- a/pages/vpc/concepts.mdx
+++ b/pages/vpc/concepts.mdx
@@ -9,7 +9,7 @@ tags: network vpc virtual-private-cloud regional private network routing
 categories:
   - network
 dates:
-  validation: 2025-05-01
+  validation: 2025-05-02
   posted: 2023-02-06
 ---
 
diff --git a/pages/vpc/how-to/manage-routing.mdx b/pages/vpc/how-to/manage-routing.mdx
index aea7157397..a848152720 100644
--- a/pages/vpc/how-to/manage-routing.mdx
+++ b/pages/vpc/how-to/manage-routing.mdx
@@ -7,13 +7,13 @@ content:
   paragraph: Learn how to manage routing in Scaleway Virtual Private Cloud (VPC). Configure custom routes to control traffic flow and optimize network performance.
 tags: private-network vpc routing route-table routes default-route local-route subnet
 dates:
-  validation: 2024-12-03
+  validation: 2025-05-02
   posted: 2024-04-09
 categories:
   - network
 ---
 
-Routing is used to manage and control the flow of traffic within a VPC. It tells the VPC where to send traffic trying to get to a specific destination IP address. Notably, it allows traffic to be automatically routed between resources attached to different Private Networks within the VPC, using their [private IP addresses](/vpc/how-to/attach-resources-to-pn/#how-to-view-the-resources-ip-address). You can also create your own custom routes.
+Routing is used to manage and control the flow of traffic within a VPC. It tells the VPC where to send traffic trying to get to a specific destination IP address. Notably, it allows traffic to be automatically routed between resources attached to different Private Networks within the VPC, as well as along user-created custom routes.
 
 Read more about the VPC routing feature, including detailed explanations, usage considerations, limitations and best practices in our [dedicated reference content](/vpc/reference-content/understanding-routing/).
 
@@ -39,18 +39,47 @@ To activate routing on a pre-existing VPC, follow these steps:
 
     Routing is activated on the VPC.
 
+## How to update routing behavior
+
+If you created your VPC before TODODATE, you must manually update its routing behavior in order to get the following capabilities:
+
+- Advertisement of custom routes across the entire VPC as standard.
+- Option to enable each Private Network in the VPC to receive default route advertisements not only from their locally attached Public Gateways, but from other Public Gateways (or default custom routes) attached to different Private Networks throughout the whole VPC. 
+
+For more information on these new routing behaviors, see our [detailed documentation](TODO).
+
+Updating routing behavior is irreversible: once updated, you cannot revert. However, [Network ACLs](/vpc/reference-content/undestanding-nacls) are configurable via the API to let you finely control and restrict routes within your VPC as necessary.
+
+Follow the steps below to update routing behavior for a given VPC:
+
+1. Click **VPC** in the **Network** section of the [Scaleway console](https://console.scaleway.com) side menu. The list of your VPCs displays.
+
+2. Click **Update** in the **Routing** column of the VPC you want to update.
+
+    A three-step wizard displays, reiterating and reminding you of the changes to routing behavior.
+
+3. On page 1 of the wizard, read the recap of the changes to routing behavior, and click **Next**.
+
+4. On page 2 of the wizard, read the reminder of how these changes may impact your existing setup, and click **Next**.
+
+5. On page 3 of the wizard, read the explanation that updating will entail no downtime, though changes to routes may take up to 30 minutes to fully propagate. Then type **UPDATE** in the box and click **Confirm**.
+
+Your VPC's routing behavior is updated, and you are directed to its routing table. Custom routes will now be scoped to the entire VPC, and you can use the **Manage default routes** button if you want to select Private Networks to receive default routes from throughout the VPC.
+
 ## How to generate a managed route
 
-Two types of auto-generated routes exist:
+Two types of auto-generated routes exist for VPCs:
 
 - **Local subnet route**: Generated when you create a Private Network in a VPC. Allows traffic to be routed between different Private Networks in the VPC.
 - **Default route to internet**: Generated when you attach a Public Gateway to a Private Network in the VPC, and set it to advertise a [default route](/public-gateways/concepts/#default-route). Allows traffic to be routed to addresses outside the VPC (i.e. the public internet) via the gateway. 
 
 <Message type="note">
-Public Gateways remain scoped to the Private Network(s) to which they are attached. They do not advertise the default route on other Private Networks in the VPC. For example, an Instance attached to Private Network A will not be able to access the internet via a Public Gateway in Private Network B.
+By default, Public Gateways remain scoped to the Private Network(s) to which they are attached. They do not, as standard, advertise the default route on other Private Networks in the VPC. 
+
+However, each Private Network can opt in to receive default route advertisements from across the entire VPC, rather than only from locally attached gateways. This allows them to find a route to the internet even if there is no Public Gateway or default custom route on their own Private Network. See our [dedicated documentation](TODO) for full details. 
 </Message>
 
-You cannot edit or delete managed routes, as their lifecycle is fully managed by Scaleway. The route will be automatically deleted for you when you delete the Private Network or Public Gateway that it concerns.
+You cannot delete managed routes, as their lifecycle is fully managed by Scaleway. The route will be automatically deleted for you when you delete the Private Network or Public Gateway that it concerns.
 
 ## How to access and read the route table
 
@@ -74,7 +103,53 @@ Your VPC's **route table** can be found in its **Routing** tab. The route table
 
     For help with understanding the route table and how to read it, [refer to our documentation about route tables](/vpc/reference-content/understanding-routing/#route-table).
 
-### How to view VPC routes in IPV6 
+## How to manage default route scope
+
+If your VPC is using [up-to-date routing behavior](#how-to-update-routing-behavior), you can enable each Private Network to receive default route advertisements not only from their locally attached Public Gateways, but also from throughout the VPC.
+
+This means that the Private Network will receive route advertisements from:
+- All locally attached Public Gateway advertising a default route
+- All Public Gateways attached to other Private Networks in the VPC advertising default routes
+- All custom routes with a destination of `0.0.0.0/0`.
+
+Each Private Network must individually opt in to receive all these default routes. This can be done when creating a Private Network, or later, from each Private Network's **Settings** tab, or from the VPC's **Routing** tab.
+
+<Tabs id="pn-settings">
+        <TabsTab label="via Private Network Settings">
+          <br />
+            1. Click **VPC** in the **Network** section of the Scaleway console side menu. A list of your VPCs displays.
+
+            2. Click the VPC containing the Private Network whose settings you want to update. A list of Private Networks in this VPC displays.
+
+            3. Click the Private Network whose settings you want to update, then click the **Settings** tab.
+
+            4. In the **Receive all default routes** panel, slide the toggle <Icon name="toggle" /> to the **on** position.
+
+            This Private Network will now receive default route advertisements from throughout the VPC. It may take up to 30 minutes for routes to propagate to all resources. You can toggle this behavior off at any time.
+
+        </TabsTab>
+        <TabsTab label="via VPC Routing Tab">
+          <br />
+            1. Click **VPC** in the **Network** section of the Scaleway console side menu. A list of your VPCs displays.
+
+            2. Click the VPC who default route management you want to update, then click the **Routing** tab.
+
+            3. Click the **Manage default routes** button.
+
+                A screen displays, showing a list of all the Private Networks in your VPC. 
+                
+                The **Local default route** column shows whether or not a default route is already advertised locally in the Private Network via an attached Public Gateway or custom route.
+            
+            4. Click the checkbox next to each Private Network that you want to receive all default routes from throughout the VPC.
+
+            5. Click **Apply scope** when finished.
+
+            The selected Private Networks will now receive default route advertisements from throughout the VPC. It may take up to 30 minutes for routes to propagate to all resources. You can change default route scope settings at any time.
+
+        </TabsTab>
+    </Tabs>
+
+### How to view VPC routes in IPv6 
 
 Scaleway VPC routing supports both IPv4 and IPv6 protocols. Managed routes to Private Networks are simultaneously generated for both IPV4 and IPV6, and both are added to the route table. Use the toggle above the route table to switch from the default view of **IPV4** routes to a view of **IPV6** routes.
 
@@ -87,7 +162,9 @@ Each VPC has auto-generated, managed routes to local subnets and Public Gateways
 For example, you may wish to route all traffic for a certain private IP range to an Instance hosting a manually configured VPN tunnel, allowing secure connection to a corresponding subnet at the other end of the tunnel.
 
     <Message type="note">
-    Custom routes are scoped to the Private Network(s) of the "next hop" resource. Their routes are not propagated to other Private Networks in the VPC. In the scenario mentioned above of routing traffic towards a VPN tunnel, the origin of the packet must be in the same Private Network as the resource hosting the VPN.
+    The scope of custom routes depends on whether your VPC is using up-to-date routing behavior:
+    - If you created your VPC after TODODATE, or have [manually updated its routing behavior](#how-to-update-routing-behavior), custom routes are advertised across the entire VPC.
+    - Otherwise, custom routes are scoped only to the Private Network(s) of the "next hop" resource and not advertised to other Private Networks in the VPC. In this case, for the scenario mentioned above of routing traffic towards a VPN tunnel, the origin of the packet must be in the same Private Network as the resource hosting the VPN.
     </Message>
 
 Follow the steps below to define a custom route:
@@ -108,6 +185,12 @@ Follow the steps below to define a custom route:
 
 7. Enter a **destination** for the route. The VPC will apply the route to all traffic with a matching destination IP. You must enter an IPv4 or IPv6 CIDR range with a subnet mask, e.g. `192.168.1.0/24`. For a single IP address, use the `/32` mask for IPv4.
 
+    <Message type="note">
+    If your VPC has [up-to-date routing behavior](#how-to-update-routing-behavior) and you enter a destination of `0.0.0.0/0`, this custom route is treated in the same way as a **default route** advertised by a Public Gateway.
+    - Its route will be advertised locally on the 'next hop' resource's Private Network.
+    - Other Private Networks who have opted in to receive default routes from throughout the VPC will also receive this route.
+    </Message>
+
 8. Enter a **next hop** for the route. The VPC will route traffic for the destination IP to the resource designated as next hop.
     - Select the Private Network which the next hop resource is attached to.
     - Select a resource type: **Instance**, **Public Gateway** or **Elastic Metal**. Routing is not yet compatible with Managed Databases, nor with other types of Scaleway resources which are not integrated with VPC. 

From 0dbebddf7551909e9cf0f0ba9cbfddb922c2ffcc Mon Sep 17 00:00:00 2001
From: Rowena <rjones@scaleway.com>
Date: Mon, 5 May 2025 11:31:07 +0200
Subject: [PATCH 03/13] fix(vpc): continue routing modifs

---
 pages/vpc/how-to/manage-routing.mdx           | 30 +++----
 .../understanding-routing.mdx                 | 90 ++++++++++++++++---
 2 files changed, 95 insertions(+), 25 deletions(-)

diff --git a/pages/vpc/how-to/manage-routing.mdx b/pages/vpc/how-to/manage-routing.mdx
index a848152720..fac85ae0f2 100644
--- a/pages/vpc/how-to/manage-routing.mdx
+++ b/pages/vpc/how-to/manage-routing.mdx
@@ -66,21 +66,6 @@ Follow the steps below to update routing behavior for a given VPC:
 
 Your VPC's routing behavior is updated, and you are directed to its routing table. Custom routes will now be scoped to the entire VPC, and you can use the **Manage default routes** button if you want to select Private Networks to receive default routes from throughout the VPC.
 
-## How to generate a managed route
-
-Two types of auto-generated routes exist for VPCs:
-
-- **Local subnet route**: Generated when you create a Private Network in a VPC. Allows traffic to be routed between different Private Networks in the VPC.
-- **Default route to internet**: Generated when you attach a Public Gateway to a Private Network in the VPC, and set it to advertise a [default route](/public-gateways/concepts/#default-route). Allows traffic to be routed to addresses outside the VPC (i.e. the public internet) via the gateway. 
-
-<Message type="note">
-By default, Public Gateways remain scoped to the Private Network(s) to which they are attached. They do not, as standard, advertise the default route on other Private Networks in the VPC. 
-
-However, each Private Network can opt in to receive default route advertisements from across the entire VPC, rather than only from locally attached gateways. This allows them to find a route to the internet even if there is no Public Gateway or default custom route on their own Private Network. See our [dedicated documentation](TODO) for full details. 
-</Message>
-
-You cannot delete managed routes, as their lifecycle is fully managed by Scaleway. The route will be automatically deleted for you when you delete the Private Network or Public Gateway that it concerns.
-
 ## How to access and read the route table
 
 Your VPC's **route table** can be found in its **Routing** tab. The route table shows all the existing routes for the VPC.
@@ -103,6 +88,21 @@ Your VPC's **route table** can be found in its **Routing** tab. The route table
 
     For help with understanding the route table and how to read it, [refer to our documentation about route tables](/vpc/reference-content/understanding-routing/#route-table).
 
+## How to generate a managed route
+
+Two types of auto-generated routes exist for VPCs:
+
+- **Local subnet route**: Generated when you create a Private Network in a VPC. Allows traffic to be routed between different Private Networks in the VPC.
+- **Default route to internet**: Generated when you attach a Public Gateway to a Private Network in the VPC, and set it to advertise a [default route](/public-gateways/concepts/#default-route). Allows traffic to be routed to addresses outside the VPC (i.e. the public internet) via the gateway. 
+
+<Message type="note">
+By default, Public Gateways remain scoped to the Private Network(s) to which they are attached. They do not, as standard, advertise the default route on other Private Networks in the VPC. 
+
+However, each Private Network can opt in to receive default route advertisements from across the entire VPC, rather than only from locally attached gateways. This allows them to find a route to the internet even if there is no Public Gateway or default custom route on their own Private Network. See our [dedicated documentation](TODO) for full details. 
+</Message>
+
+You cannot delete managed routes, as their lifecycle is fully managed by Scaleway. The route will be automatically deleted for you when you delete the Private Network or Public Gateway that it concerns.
+
 ## How to manage default route scope
 
 If your VPC is using [up-to-date routing behavior](#how-to-update-routing-behavior), you can enable each Private Network to receive default route advertisements not only from their locally attached Public Gateways, but also from throughout the VPC.
diff --git a/pages/vpc/reference-content/understanding-routing.mdx b/pages/vpc/reference-content/understanding-routing.mdx
index 2f7a4bd8b1..183cac3811 100644
--- a/pages/vpc/reference-content/understanding-routing.mdx
+++ b/pages/vpc/reference-content/understanding-routing.mdx
@@ -7,7 +7,7 @@ content:
   paragraph: Explore the fundamentals of VPC routing with Scaleway. Understand how to manage traffic flow and optimize network routes within your Virtual Private Cloud
 tags: vpc routing route-table private-network managed-route automatic-route local-subnet-route default-route
 dates:
-  validation: 2024-12-03
+  validation: 2025-05-02
   posted: 2024-05-28
 categories:
   - network
@@ -19,11 +19,11 @@ VPC routing allows resources and Private Networks in the same VPC to communicate
 
 When you create a Private Network, a managed route is automatically created and added to the VPC’s route table. This route allows the VPC to automatically route packets to resources attached to that Private Network, even if they originate from a resource attached to a different Private Network on the VPC.
 
-Managed routes are also automatically added to the VPC’s routing table when you attach a Public Gateway to a Private Network, and tell it to advertise the default route. This type of managed route allows traffic on the given Private Network to be forwarded to addresses outside the VPC (i.e. the public internet) via the Public Gateway.
+Managed routes are also automatically added to the VPC’s routing table when you attach a Public Gateway to a Private Network, and tell it to advertise the default route. This type of managed route allows traffic to be forwarded to addresses outside the VPC (i.e. the public internet) via the Public Gateway.
 
 You can create your own custom routes to send traffic for defined IP ranges towards a specified resource in the VPC, for example if you want to route to a VPN installed on an Instance.
 
-Routing is activated by default whenever you create a new VPC, and can be activated on pre-existing VPCs by [following these steps](/vpc/how-to/manage-routing/#how-to-activate-routing). More routing features are planned for the future, such as ACLs and firewalling.
+Routing is activated by default whenever you create a new VPC, and can be activated on pre-existing VPCs by [following these steps](/vpc/how-to/manage-routing/#how-to-activate-routing). Network ACLs, to finely control and filter VPC traffic, are available [via the API](/vpc/reference-content/understanding-nacls) (currently in Public Beta).
 
 The diagram below shows an example of how routing works across two Private Networks on a VPC. The route table is held on the VPC's virtual router ([VRouter](/vpc/concepts/#vrouter)), and synched to each resource as it joins a Private Network. 
 - An Elastic Metal server on Private Network A can send a packet to the public internet via a Public Gateway also attached to Private Network A.
@@ -44,10 +44,7 @@ Every VPC has an associated **route table**, used to manage and control the rout
     - For custom routes, the next hop is a defined resource on a defined Private Network.
     - If the destination IP is not known on the VPC (represented by the `0.0.0.0/0` address), its next hop will be a Public Gateway so that it can reach the public internet (as long as a Public Gateway set to advertise the default route has been attached to the Private Network).
 - A **description**. This helps to describe the type of route, e.g. `Local subnet route` for routes to Private Networks, or `Default route to internet` for routes to Public Gateways, or a user-defined description for custom routes.
-
-<Message type="important">
-Public Gateways remain scoped to the Private Network(s) to which they are attached. They do not advertise the default route on other Private Networks in the VPC. For example, an Instance attached to Private Network A will not be able to access the internet via a Public Gateway in Private Network B.
-</Message>
+- A **scope**. This shows whether teh route is advertised across the entire VPC, or (in the case of default routes), only certain Private Networks.
 
 When deciding which route to apply, the route table reads the routes from most specific to least specific, in terms of destination IP range. The first matching route encountered is the one that determines the path for the traffic. Therefore, a route to destination `172.16.8.0/22` is applied before a default route to `0.0.0.0/0`.
 
@@ -61,9 +58,8 @@ Bear in mind the following when activating VPC routing:
 
 - Once activated on a given VPC, routing cannot be deactivated on that VPC.
 - When routing is activated, all Private Networks on the VPC can communicate.
-- We do not currently offer an ACL/firewall feature to prevent communication between certain Private Networks/resources once routing is activated. However, users may choose to configure ACLs directly on certain resources (e.g. Instances, Elastic Metal servers) using tools such as `iptables` or `nftables`.
-- Public Gateways remain scoped to the Private Network to which they are attached. They do not advertise the default route on other Private Networks in the VPC. For example, an Instance attached to Private Network A will not be able to access the internet via a Public Gateway in Private Network B.
-- Custom routes are scoped to the Private Network(s) of the "next hop" resource. Their routes are not propagated to other Private Networks in the VPC. For example, in the scenario of using a custom route to route traffic towards a VPN tunnel, the origin of the packet must be in the same Private Network as the resource hosting the VPN.
+- Network ACLs, to finely control and filter traffic within a VPC, are in Public Beta and currently available via the [VPC API](/vpc/reference-content/understanding-nacls/) only. Alternatively, users may choose to configure NACLs directly on certain resources (e.g. Instances, Elastic Metal servers) using tools such as `iptables` or `nftables`.
+- The scope of route advertisements for custom routes and default routes to Public Gateways depends on when you created your VPC, and/or whether you have updated its routing behavior to the most recent version. [Read the full documentation below](TODO) for details.
 
 ## Best practices
 
@@ -77,6 +73,80 @@ We recommend that you build your VPC infrastructure with **separation of concern
 
 For example, you may use one Private Network for frontend resources and another for backend resources, limiting public access only via Load Balancers and/or Public Gateways.
 
+## Updating routing behavior
+
+From TODO DATE, new routing behavior is available for VPCs.
+
+- This routing behavior will be applied automatically to VPCs created after TODO DATE, or where routing is only activated after this date. 
+- Pre-existing VPCs must be [updated](TODO) to accept this new behavior
+
+|  | Old behavior | New behavior |
+|---|---|---|
+| Custom routes | Custom route advertisements are scoped only to the Private Network(s) to which the “next hop” resource is directly attached. | Custom route advertisements are scoped to the entire Private Network as standard. |
+| Default routes | Public Gateways' default route advertisements are scoped only to the Private Network(s) to which the gateway is attached.<br/><br/>Private Networks cannot receive default route advertisements from Public Gateways they are not directly attached to. | Standard behavior remains unchanged, but now each Private Network can opt in to receive default route advertisements from across the entire VPC. |
+
+### Custom routes
+
+Previously, custom routes were scoped only to the Private Network(s) of the “next hop” resource. Their routes were not propagated to other Private Networks in the VPC. For example, in the scenario of using a custom route to route traffic towards a VPN tunnel, the origin of the packet had be in the same Private Network as the resource hosting the VPN.
+
+With new routing behavior, custom routes are scoped to the entire VPC as standard. All Private Networks in the VPC receive route advertisements for all custom routes. This gives enhanced flexibility when using custom routes to route traffic towards VPN tunnels.
+
+You can configure [Network ACLs](/vpc/reference-content/understanding-acls) via the VPC API if you want to restrict traffic flow along custom routes. 
+
+<Message type="note">
+If you create a custom route with a destination of `0.0.0.0/0`, this custom route is treated in the same way as a **default route** advertised by a Public Gateway:
+- Its route will be advertised locally on the 'next hop' resource's Private Network.
+- Other Private Networks who have opted in to receive default routes from throughout the VPC will also receive this route.
+</Message>
+
+### Default routes
+
+Previously, Public Gateways could only advertise their default routes to the Private Networks to which they were directly attached. Resources on other Private Networks within the VPC could not access the public internet via these remote Public Gateways.
+
+With new routing behavior, this standard behavior remains unchanged. Default routes' scope is still, by default, limited to their directly attached Private Networks.
+
+However, you now have an additional option to enable each Private Network to receive advertisements of **all** default routes throughout the entire VPC. This includes routes towards all Public Gateways advertising a default route, as well as any custom-created default routes. This allows resources on other Private Networks to find access to the public internet, even if they do not have their own attached gateway.
+
+<Message type="note">
+The option to receive all default route advertisements must be enabled on a per-Private-Network basis. 
+
+This means that each Private Network in a VPC can opt to either receive **only** default routes from directly attached Public Gateways (and local custom default routes, if they exist), or **all** default routes being advertised throughout the whole VPC.
+
+If you wish to exercise more granular control over default route advertisements, we recommend that you configure [Network ACLs](/vpc/reference-content/understanding-acls) via the VPC API.
+</Message>
+
+TODO: add explanation about what happens when you're receiving multiple default route announcements?
+
+See the [documentation](TODO) on how to manage default route scope for a given Private Network, once you have [updated](TODO) to new routing behavior.
+
+### Impact on existing setup
+
+When you update to new routing behavior, the only automatic change is that your custom routes (if any) will now be advertised across the whole VPC.
+
+Your Private Networks will continue to receive only their local default route announcements, **unless** you enable `Receive all default route announcements` in each Private Network's settings. Therefore, there is no risk of the scope of default route announcements automatically changing without your specific intervention, even after updating to new routing behavior.
+
+Your existing setup may be impacted by the new behavior if you want your custom routes to be scoped only to the next-hop resource's Private Network. In this case we recommend that you use [Network ACL rules](/vpc/reference-content/understanding-acls) via the VPC API to limit access to the custom route.
+
+### Example use of NACLs to mitigate impact
+
+Imagine the following scenario:
+
+Your VPN has three Private Networks using the following CIDR blocks: 
+  - `backend-net`: `10.0.0.0/24`
+  - `frontend-net` `10.0.1.0/24`
+  - `monitoring-net`: `10.0.2.0/24`
+
+There is a custom route configured in your VPC, that routes all source traffic destined for `192.168.100.0/24` to the Instance `vpn-gateway-host` as next hop. This Instance hosts a VPN gateway, and is attached only to Private Network `monitoring-net`, with the private IP address `10.0.2.42/32`.
+
+You want to prevent resources attached to `backend-net` and `frontend-net` from sending traffic to this VPN gateway, under new routing behavior where custom routes are advertised throughout the VPC. You want only resources attached to `monitoring-net` to be able to send traffic to the VPN gateway.
+
+You could create two NACL rules to **Deny** traffic first from `10.0.0.0/24` (`backend-net`) and then from `10.0.0.1/24` (`frontend-net`) towards destination `10.0.2.42/32` (`vpn-gateway-host`). When combined with a default NACL rule to **Allow** all other traffic, this would effectively block resources on `backend-net`.
+
+Alternatively, and aligned with best practice, when the default NACL rule **Denies** all traffic not matched to a specifc rule, `backend-net` and `frontend-net` will already be blocked from sending traffic to `vpn-gateway-host` on `monitoring-net`. Since NACLs do not filter traffic between resources attached to the same Private Network, other resources on `monitoring-net` would still be able to successfully route traffic to `vpn-gateway-host`. 
+
+TODO CHECK THIS example
+-Would it be better to modify the custom route?
+
 ## Limitations
 
 - Managed Databases are not currently compatible with routing. The VPC cannot automatically route between Managed Databases on different Private Networks, or (for example) between a Managed Database on one Private Network and an Instance on a different Private Network.

From 9ed663ae3def657cdc129d03d14a99de3b7bb502 Mon Sep 17 00:00:00 2001
From: Rowena <rjones@scaleway.com>
Date: Tue, 6 May 2025 17:43:27 +0200
Subject: [PATCH 04/13] fix(vpc,pgw): update routing doc

---
 pages/public-gateways/concepts.mdx            |  10 ++++---
 pages/public-gateways/faq.mdx                 |   6 ++---
 .../how-to/configure-a-public-gateway.mdx     |  16 +++++++++--
 .../how-to/use-ssh-bastion.mdx                |   6 ++++-
 pages/public-gateways/quickstart.mdx          |   4 +--
 ...nt-connect-to-instance-with-pn-gateway.mdx |  25 +++++++++++++-----
 .../assets/scaleway-vpc-new-routing-ex.webp   | Bin 0 -> 74336 bytes
 .../reference-content/understanding-nacls.mdx |   2 +-
 .../understanding-routing.mdx                 |  23 +++++++++++-----
 9 files changed, 66 insertions(+), 26 deletions(-)
 create mode 100644 pages/vpc/reference-content/assets/scaleway-vpc-new-routing-ex.webp

diff --git a/pages/public-gateways/concepts.mdx b/pages/public-gateways/concepts.mdx
index cb7b669802..b0054b9b4e 100644
--- a/pages/public-gateways/concepts.mdx
+++ b/pages/public-gateways/concepts.mdx
@@ -7,7 +7,7 @@ content:
   paragraph: This page explains all the concepts related to Public Gateways
 tags: network availability-zone dns flexible-ip nat private-ip ssh-bastion egress ipam legacy ipam_config
 dates:
-  validation: 2024-11-05
+  validation: 2025-05-05
 categories:
   - network
 ---
@@ -22,12 +22,14 @@ Allowed IPs is a feature of [SSH bastion](#ssh-bastion). It allows you to specif
 
 ## Default route
 
-The Public Gateway can advertise a default route to resources on an attached Private Network, which takes effect when the IP destination address for a packet is not known on the network itself. In effect, resources in a Private Network will know to route packets through the Public Gateway if the destination IP address is not a host on the Private Network itself.
+When you attach a Public Gateway to a Private Network, you can choose to have it advertise a default route to other attached resources. This means that when the IP destination address for a packet is not known on the Private Network or elsewhere within the VPC, the packet is routed through the Public Gateway, enabling it to find the public internet.
 
-You can choose to activate the advertisement of the default route when attaching a Private Network to a Public Gateway. The default route is propagated through DHCP.
+By default, the scope of a default route is limited to the Private Network the Public Gateway is directly attached to. However, you also have the option to enable each of your Private Networks to receive advertisements of **all** default routes throughout the entire VPC. This includes routes towards all Public Gateways advertising a default route, as well as any custom-created default routes. 
+
+If you opt to enable the reception of all default routes for a Private Network, resources on that network will be able to access the public internet via any Public Gateway in the VPC advertising a default route, even if it's not directly attached to their Private Network.
 
 <Message type="important">
-After activating the default route, all outbound and inbound traffic for resources attached to the Private Network is directed through the Public Gateway. This includes SSH traffic destined for Instances, which means you will need to [manage SSH connections differently](/public-gateways/troubleshooting/cant-connect-to-instance-with-pn-gateway/).
+The Public Gateway's default route advertisement takes priority over the default route through a resource's public interface. Outbound and inbound public traffic for resources receiving the route advertisement is therefore directed through the Public Gateway. This includes SSH traffic destined for Instances, which means you will need to [manage SSH connections differently](/public-gateways/troubleshooting/cant-connect-to-instance-with-pn-gateway/).
 </Message>
 
 ## DHCP
diff --git a/pages/public-gateways/faq.mdx b/pages/public-gateways/faq.mdx
index 2842190fce..7621a51580 100644
--- a/pages/public-gateways/faq.mdx
+++ b/pages/public-gateways/faq.mdx
@@ -5,7 +5,7 @@ meta:
 content:
   h1: Public Gateways FAQ
 dates:
-  validation: 2025-04-07
+  validation: 2025-05-05
 category: network
 productIcon: PublicGatewayProductIcon
 ---
@@ -22,8 +22,8 @@ No. A public IPv4 address (aka. flexible IP) must be assigned to the Public Gate
 
 ## Can my Instances and other resources access the internet via a Public Gateway without a public IP address?
 
-Yes. The Public Gateway can advertize itself as the [default route to the internet](/public-gateways/concepts/#default-route) over the Private Network it is attached to, so that Instances and other resources on the same Private Network, can access the internet via the gateway.
-Moreover, the Public Gateway supports [static NAT](/public-gateways/how-to/configure-a-public-gateway/#how-to-review-and-configure-nat) (aka. port forwarding), so that ingress traffic from the public internet can reach Instances on the Private Network. This works by mapping pre-defined ports of the public IP address of the gateway to specific ports and IP addresses on the Private Network.
+Yes. The Public Gateway can advertize itself as the [default route to the internet](/public-gateways/concepts/#default-route) over the Private Network it is attached to, so that Instances and other resources can access the internet via the gateway. Resources attached to other Private Networks than the gateway's network in the VPC can [opt in]() to receive its default route advertisement.
+Moreover, the Public Gateway supports [static NAT](/public-gateways/how-to/configure-a-public-gateway/#how-to-review-and-configure-nat) (aka. port forwarding), so that ingress traffic from the public internet can reach Instances on the Private Network. This works by mapping pre-defined ports of the public IP address of the gateway to specific ports and IP addresses on the VPC.
 
 ## What happened to static leases (DHCP reservations) when DHCP moved from the Public Gateway to Private Networks?
 
diff --git a/pages/public-gateways/how-to/configure-a-public-gateway.mdx b/pages/public-gateways/how-to/configure-a-public-gateway.mdx
index 9d4e67e2d6..dc49465161 100644
--- a/pages/public-gateways/how-to/configure-a-public-gateway.mdx
+++ b/pages/public-gateways/how-to/configure-a-public-gateway.mdx
@@ -7,7 +7,7 @@ content:
   paragraph: Learn how to configure a Public Gateway with the Scaleway console. Follow our step-by-step guide to set up routing, internet access, and SSH bastion for secure, scalable network connectivity.
 tags: public-gateway public gateway dhcp nat smtp
 dates:
-  validation: 2025-01-03
+  validation: 2025-05-05
   posted: 2021-05-26
 categories:
   - network
@@ -38,7 +38,7 @@ This page shows you how to attach a [Public Gateway](/public-gateways/concepts/#
       </Message>
     - If you want to create and attach a new Private Network, select **Attach to a new Private Network**. The Private Network will be created with default configuration (a [CIDR block](/vpc/concepts#cidr-block) will be automatically defined), in your default VPC for the region. A name for the Private Network will be suggested for you, but feel free to overwrite this with a new name of your choice. Dynamic NAT will be automatically activated on the Public Gateway for the Private Network.
 6. Choose whether to **auto-allocate an available IP from the pool** (the [CIDR block](/vpc/concepts/#cidr-block) defined at the time of creating the Private Network), or use a **[reserved IP address](/ipam/concepts/#reserved-ip-address)** for the attachment.
-7. Use the toggle to select whether to **Advertise the default route**. Find out more about this setting in our [concepts documentation](/public-gateways/concepts/#default-route).
+7. Use the toggle to select whether to tell the gateway whether or not it should [advertise the default route](/public-gateways/concepts/#default-route) to the internet for attached resources. When activated, other resources on this Private Network will learn the default route through the Public Gateway via DHCP. The route will also be installed in the VPC’s route table, and other Private Networks can [opt in](/vpc/how-to/manage-routing/#how-to-manage-default-route-scope) to receive it. 
 8. Click **Attach to Private Network** to finish. You are taken back to the Private Networks tab, where the network you attached now appears, along with the services configured and the IP address of the Public Gateway.
 
 Your Private Network is now attached to your Public Gateway. You can repeat the steps above to attach more Private Networks to the same Public Gateway if you wish.
@@ -71,4 +71,16 @@ By default, the SMTP ports (25, 465, 587 and 2525) on your Public Gateway are bl
 
 <Message type="important">
   See our [troubleshooting](/public-gateways/troubleshooting/cant-connect-to-instance-with-pn-gateway/) documentation if you have any problems configuring your Public Gateway.
+</Message>
+
+## How to enable or disable default route advertisement
+
+You can enable or disable [default route advertisement](/public-gateways/concepts/#default-route) at any time.
+
+1. Click **Public Gateways** in the **Network** section of the side menu.
+2. Click the Public Gateway whose default route advertisement you wish to modify, then click the **Network** tab.
+3. Use the toggle <Icon name="toggle" /> to enable or disable default route advertisement on this network.
+
+<Message type="important">
+If you disable advertisement of a default route, any other Private Networks that were [receiving this default route](/vpc/how-to/manage-routing/#how-to-manage-default-route-scope) will no longer be able to route traffic to this Public Gateway.
 </Message>
\ No newline at end of file
diff --git a/pages/public-gateways/how-to/use-ssh-bastion.mdx b/pages/public-gateways/how-to/use-ssh-bastion.mdx
index 3ddb1ba013..fe491b75a6 100644
--- a/pages/public-gateways/how-to/use-ssh-bastion.mdx
+++ b/pages/public-gateways/how-to/use-ssh-bastion.mdx
@@ -7,7 +7,7 @@ content:
   paragraph: This page explains how to use SSH bastion
 tags: ssh-bastion ssh bastion activation reimport public-gateway
 dates:
-  validation: 2024-12-10
+  validation: 2025-05-05
   posted: 2022-03-31
 categories:
   - network
@@ -17,6 +17,10 @@ SSH bastion is a server dedicated to managing connections to the infrastructure
 
 The [Allowed IPs](#how-to-configure-allowed-ips) feature lets you control which public IPs can access resources behind the bastion. 
 
+<Message type="note">
+You can also use SSH bastion to connect to resources [receiving the Public Gateway's default route advertisement](/vpc/how-to/manage-routing/#how-to-manage-default-route-scope), even if they are not attached to the same Private Network as the gateway.
+</Message>
+
 <Macro id="requirements" />
 
 - A Scaleway account logged into the [console](https://console.scaleway.com)
diff --git a/pages/public-gateways/quickstart.mdx b/pages/public-gateways/quickstart.mdx
index 9a1fa6ed34..6283da19da 100644
--- a/pages/public-gateways/quickstart.mdx
+++ b/pages/public-gateways/quickstart.mdx
@@ -7,7 +7,7 @@ content:
   paragraph: Learn how to quickly set up and configure a Public Gateway on Scaleway. Follow this step-by-step guide to manage internet access and secure your network with ease.
 tags: private-network private network public-gateway public-gateway egress 
 dates:
-  validation: 2024-12-10
+  validation: 2025-05-05
   posted: 2021-05-26
 categories:
   - network
@@ -46,7 +46,7 @@ categories:
         Only Private Networks which are in the same region as the Public Gateway are displayed in this list.
     </Message>
 6. Choose whether to **auto-allocate an available IP from the pool** (the [CIDR block](/vpc/concepts/#cidr-block) defined at the time of creating the Private Network), or use a **[reserved IP address](/ipam/concepts/#reserved-ip-address)** for the attachment.
-7. Use the toggle <Icon name="toggle" /> to tell the gateway whether or not it should [advertise the default route](/public-gateways/concepts/#default-route) to the internet for attached resources.
+7. Use the toggle <Icon name="toggle" /> to tell the gateway whether or not it should [advertise the default route](/public-gateways/concepts/#default-route) to the internet for attached resources. When activated, other resources on this Private Network will learn the default route through the Public Gateway via DHCP. The route will also be installed in the VPC’s route table, and other Private Networks can [opt in](/vpc/how-to/manage-routing/#how-to-manage-default-route-scope) to receive it. 
 8. Click **Attach to Private Network** to finish. You are taken back to the Private Networks tab, where the network you attached now appears, along with the services configured and the IP address of the Public Gateway.
 
     Your Private Network is now attached to your Public Gateway. You can repeat the steps above to attach more Private Networks to the same Public Gateway if you wish.
diff --git a/pages/public-gateways/troubleshooting/cant-connect-to-instance-with-pn-gateway.mdx b/pages/public-gateways/troubleshooting/cant-connect-to-instance-with-pn-gateway.mdx
index c145efed2f..ae370bdbf2 100644
--- a/pages/public-gateways/troubleshooting/cant-connect-to-instance-with-pn-gateway.mdx
+++ b/pages/public-gateways/troubleshooting/cant-connect-to-instance-with-pn-gateway.mdx
@@ -7,22 +7,33 @@ content:
   paragraph: This page explains how troubleshoot connection problems after attaching an Instance to a Private Network which has a Public Gateway
 tags: troubleshoot error private-network private network vpc public-gateway
 dates:
-  validation: 2024-10-21
+  validation: 2025-05-05
   posted: 2021-05-26
 categories:
   - network
 ---
 
-If you are having trouble [connecting to your Instance via SSH](/instances/how-to/connect-to-instance/), when the Instance is attached to a Private Network which also has an attached Public Gateway, read on for help and solutions.
+## Problem
 
-The action to take depends on whether:
+You are unable to successfully [connect to your Instance via SSH](/instances/how-to/connect-to-instance/), when the Instance is attached to a Private Network which is receiving a default route advertisement from a Public Gateway. You may be experiencing connection timeouts or other error messages.
 
-- The Private Network(s) attached to your Instance have [DHCP enabled](/vpc/how-to/activate-dhcp/), and 
-- Your Public Gateway is set to [advertise a default route](/public-gateways/concepts/#default-route) (true by default).
+This troubleshooting guide applies to you if:
 
-If the above two conditions are not true, there may be other factors impacting your Instance, like one of your Instances running a DHCP server. Try disconnecting and reconnecting the Instance from the Private Network. 
+- Your Instance is attached to a Private Network which has an attached Public Gateway, AND
+- The gateway is set to [advertise a default route](/public-gateways/concepts/#default-route) (true by default), AND
+- The Private Network(s) attached to your Instance have [DHCP enabled](/vpc/how-to/activate-dhcp/)
 
-If DHCP **is** activated and your Public Gateway **is** set to advertise a default route, not being able to connect to your Instance via SSH is **expected behavior**. All the traffic towards your Instance now goes through the Public Gateway. 
+It may also apply if:
+
+- Your Instance is attached to a Private Network which is set to [receive all default route advertisements](/vpc/how-to/manage-routing/#how-to-manage-default-route-scope) from the VPC, AND
+- There is a Public Gateway in the VPC which is advertising a default route, AND
+- The Private Network(s) attached to your Instance have DHCP enabled
+
+If neither of the above scenarios applies, there may be other factors impacting SSH connection to your Instance, like one of your Instances running a DHCP server. Try disconnecting and reconnecting the Instance from the Private Network. 
+
+## Solution
+
+If one of the above scenario applies, not being able to connect to your Instance via SSH is **expected behavior**. The Public Gateway's default route advertisement takes priority over the default route through a resource's public interface. All the traffic towards your Instance now goes through the Public Gateway. 
 
 To access your Instance using SSH in this scenario, the recommended solution is to use [SSH bastion](/public-gateways/how-to/use-ssh-bastion/).
 
diff --git a/pages/vpc/reference-content/assets/scaleway-vpc-new-routing-ex.webp b/pages/vpc/reference-content/assets/scaleway-vpc-new-routing-ex.webp
new file mode 100644
index 0000000000000000000000000000000000000000..fded22a2e8eb74aca4a0644c200b80c00621a4d7
GIT binary patch
literal 74336
zcmc$_Wl$we&?btzyX(PW7~I|6oxxoPcMfiYyUPHB!{F}j?#|%u4(Iajen0j`-2Htc
zI@+o;D=Ra*D>I*JRT)W1Z3=KOEeTO&O=WI*xvz6(!-+UZ4cq}~_cP8b^!#V(_{(m?
zfU)L)h;*=P=Dj5(F07}mDoyGWrOnA)=ZMu!9Yxr2M9t=fAi%Xnl|!q9I3Aj*v}$Gs
zfC_9sUK*q8$vu)eTw8VrmsxvLx{1suzNe*fk;$Yn;uw8b1_M4X!{cW}@l|KD>pw(z
zEJIZCs>R8Pg&=VfF{<)K3JWinJm#mZO*^<%zpIM}p3Wy1K;(N%64qUB_IzAA6+~q%
z8-u5&QxucTiI>;Z9sf}TeqLMxmLa7;p56N}c|p@-i_<e??n&2G)lgKI*EVRDZmz%z
zqJXwYQrFC!rsxk|(SZ&lW`4dsA<m=YM>v#B;sSM+DUadpyfF@gBm}MU@s&_iME=5O
z9-zGd4MwDn6p{)lnhXg8N(2MO0uASlcN3IR4gwj@-F1QE(E&6ewqQokJOOpd3v))+
z5UD!PyiifGyIA0+1W42~;*66_dNQaAan1x_Td`t2tiK?PPz3EE$<`^AxeDQ;_pTk3
zsFlr-XxT~d)bQp1%+IxRA~eMS=wc0hhCz<3YETn315Ng)AMLc6L9{mF^E05|flr1I
zfKjLQiNhOE;VD=k_bp1mm}i!K8elY5Y8l)CMY)}zX3B4yi_faZ23#OtG65zU8SANv
zej4~05pA$H9Z{3aNfzMxI|QmaTh@9RQud^WyOx+Npn;0mN<RnYT#jI--s`8mc8nEe
zA3+l)bTo2RV={pj>e5ULae!VsMoePc11DKa5+v5zFLhX2q_s$lzJT^d$g&jdf8vl*
z`}8TC(y)C928d(9EJpgYTtko!_F!r5CP>n#rH)jMBaQNSTo|+*b~}C2iDqhdfA4*^
zwbzz*56|t))@|q=!aAVKQK_gn_}~sJi@Q12fd~!u<CT?>vj*SFUks^c+i%YYK$bGG
z1LER1y%;)B<2!KY<neBQQipRu{wu?#>N+VIRh3@HX&{6Iv>4F@`2{%lKsdE5it8tF
zO7sS;Cj$NO{Bg`I@LCn+L~#a!!CoGS#g-`tFv!DPtR*5^lk3d%hAfdJyk<E0fuGz@
zR<4W)PPE<V=h_mY++l-5x^{#zszgGEe2BRj+W?Og$waIhy>p%jBdR0ra4`coZq=2I
zH)ile0C|El`%e{g!9KMuv7Y`-3CA~3HPxyj!L$!vlCG@)b<H5x7Nvl$uI=2y*xZ;m
zj<t1FBXxKKI};PX?p(RxS@-AH=ChoUd8&pbalo|WY5K#3fE%8uoOXy8ULC{U&ImGT
z6xtmkS%jVAS6?M7FXW%=wREzzPXAqMHW{LPll)~(A0-Q6q`#9iIKmo-56ro50dC5g
zhQMkdQ8@(4kPo=Boej#*nNq0gR`_$U%-_{g8V2UVKd3RSj4~w5iEDbH+>x}{W9s4_
zHc)m(!FXemdIx5NX`CR_u?!&W8@;M-tJe>G$nA_aE;g`;Mw(KZ%1^&ZZ*2a^XYYeb
zgaQl6T4}o2H(PJAU;Lp^8UC~lX|JdAb-C0-WgO8zqHTKx_#o^<Q&;^2dS}y$f{T`e
z!7hLyltN$yfGY<;5bXfe4*8f*&RR-iN+XhnM6j2{9U57vF+wZguoEyaRnjBY?_SGd
z+!{)vW6~pH5PFARSKoL?tcj|S740Cw7zuMs>YI2FBEMetW+)Xbj!fzK2m*$5?vHTj
z^`?2VJHiJh!g%HLP*o7fXFW_FK3NzZt4ERyN|X$W6O1kZrw73Z5)G3!aK|&%|8rl(
z@L`$?Zes8Vj2)-!2xKoDZTwwaf*Osnkn$Tv{=C(>Id334ZJ{+i<##I>BNWqoQZR5L
z+)ZThGP`wkYE>nGAi->m_#Sp-d3m|ust6dE83S#v-TIRKI_E2MWCB1Uksmj6Vc5f+
zpX?!6^%0o64r5{6*nq&WrSf@R_BQL^%_wiGjD*DoCz_P5XU!N1F9M&P9}yz|6E}PM
zK#d>_14hu?Dni^UBKi6F8`P3DUSy<jfIPM|S>V^9n0r?oL?x04XjVA&eG%xYJ(j?n
z!2;z0Wa^;mBl)4&pxOfEDe<5n8T#%)ppV4~{=&{arf<kQRe{E-IJI|`TvRGYu23n%
zI;sE(1UZ)Uc1TaH&Vw=@T6koFNwU$9g7i@FY{G!R<8?dPzNG$h#1I~ozy#hba9Xgq
zA;!U;X|GW|HW?T<cO(U};J`e6Yi{_GU15j;I~X&(=S{SbUkwpa{JctlYGm>Q;sx=<
zB5G`+ZQu}Ab%L}iv_vm?9!xld3}hDwi)=k=T^9CaJTa}~>3ZQB0<Hm2OFIa%<Z+ND
z6v1PRkDr+8_L01MdwQ;=QW+r(-gcR~;{^Cl)s2`|s8cag7(tNFLJb&8v%?2lK?I=}
zXybY19HuUdp3s}3!TrDuv$g_@h*a`oQH~T&np?$_H<~bV3?}nPfCDqe%<KFWsJLfD
zP@P$!LTj@gfn0m+xCxkRnv}^5jv?*>VUVqt6P%DeD0}^VFr@iy#ESYC(;ftnL8)zA
z`T^5U3ngL(<;r@O_5wN}dhkoxEJPHRXjq0jq?l2U>X{pfh^A$fF){&jo3%!R+#{u^
zPsL-8B##$A1dDGAmrd0{GuwJnVVqn10cCcn0_MsQ*u9Lj-$)06nb0+HOP?uRIJ4+}
zr;VUsigz4BMjvX1-oSwtCMnU7)dm+`P-;)fDN%^G^zkQCIuT2uB%HhhiDdu3*+j-+
z9qBmxTBE)kH;}4lr-)+>INo$gZPWh-jX;2q`6Ap4iON4?5fo&I;q&ke0)l`~nQy+^
zTNPRtc-a93FY-n&VNe<z!K+=uyNX9e-!bsuvxyX;`aKrlBU;@dXu$vBOIYr5hqQ-S
zrZ_8OR1?748Mc_{z#|!!7XCzQ4%O(p&_mnfi$V{lR7Qc!D^Cc-4zZ@0(U>x(fc?F;
z0zM%v9}^8lXt$>GoG2m2X1_kP*N!A<gtW$)xG*J8N<Dt`O!V}r7GTF^M<^iac0M2o
zb~_0NO{dCkt)+Pfng)!*-~7G7XBPDR^$~V>z5C;Iuz6wS7wWo7OY?))Lvov36>t++
zf6ew+wUuk(uW1WXH0-x7SNd?ecgt8|o{1grb3A&ma93aFQZyn_^6tK|T?{L$EfH5q
ze-&zCaS0<kO%Yc`$TUX+3*vq^TFjW-qr@^WtjH6J!l-y-umFidmnQplmRkFYF{1BD
zHLI`o9j}0-R(u9#+mz_lbF{DNqOPjVK2|(5mqe);Q|TwwjqvA~p6!`e(brh>M!=6l
z7D#WJs_f6U+<c2a*#o3Q_u@tKOGA1T_ul`Su~N^lyT>Be7X6up%9I4twqZ{t7<^%a
zijo9dcoF&S57nbs_<TMmIcyf?;9>{I7X$V^ip_|h@(-xNYCTF#?w9t>z%k^6)KoDa
z`_eF91a2hg{b?Hr`uP9efu5)TuWkRg2BFWp|2xC~8`1wC6d(@J3n}R3svGqA_O%QD
z82(SXFY$qsz|Ude|GIgT_rDwe&nLcQU4B0Tz8`giHaZ8>ZqF~bH<|ZY<Fq;kR(KzS
zzD;|;&puSVr8&17njc#;pWPPqJsPY?1W$4>@VU^<Ag;=_6Cq?@4gN?)YKHwK7VC$K
z`>Vc<?ZJ}y3Ip^4Tmk-%MZP5YKXi%u7WbbhU)>6wTOM5@exMonA^B76(BBP+Y`;s2
zD(2!DOz-gXaX~HuVqW(n&+wzQGDK99Idjv&Jjb$<bm}EwHdkxhlOP&vQPx*c(afjj
zV^)oEvO)?|W!=&T0XJn2)vi7{K)%@57+$W)+^!Bmjz4R<_~v)m1#hyZ-C+z4V3pOU
z2L;a-xzx-PA1`kLPe2LUml6AIR@m$)x9q8ERW5ArIghbf!p|#(d5diKTgEzyO&{&!
z*W@KSxtLk5%9&M%c|)g~2jG3qT(Yn4GOvC10nhqD*_C*K8-jZC!jJTn!Pd!{elc0!
zp4peYxed_u4T(?NX;*wAX$ub}R*a*0*;R6R-;9?Iitk&k+nC0`kq+8sS+Ma9wZ)GC
zAXV!FM!*&OBrYJFIf+wIajThN<ACs)T9F6|!nv8;+D=MOQ9PzNkvWN@#lNn)(3$&^
zlO5U8D^YHN{9YdtIwRQ0=bSGsSv8IO@sk&;8JuXUW>~1TR|woqxJraS7EZVjReTu4
zrpklTJS8}!AAWz;ncey(hUXCH_hiomjC99ejx7GllN?M9i^e%}z%QIU7C4&Pk(nfS
zGh=N^CGj@A>8=$vTFhlbl#6Wu7)~EWd0G-CAG>H9ByZwjfk_Igq))B>OHnN<>S!%~
zmz1kdRbee=^UCQN+4j0)=rPyL>&3$Mt%<u$H>Cv$t#NE2+nkSHC}K<$C!>dw-0udx
zPxJmN_z@VdO;gTz3JBB~g5UljNl7naJU6KzG%y)<{MDznT6sdFI=^UIX$~wzTV66b
zmu(E`ytq53RQpbnu_mLPSIVFwy7f2)24J=eTW8k9jlc=nT1F?K32A7J`DtAOMF!W2
zxpU!+wguE^4oJ>^9Wo&LotQ05`X*qph`C`;d<nbj`oc<cUa$Fk#D4erw$)AjO4D$|
z-Y|dqaRt{objB~){|`KO63M{aY9!H<spEuE^Y{iT{#K-%25x|~WR=9`l9w%i%A>66
zQJPoWJJe|tb2M>?FG4Sq2)txb!y*?r_$DV_Hz#Z@;2tc?k=%ZDgXkW=d*XYuKp?Zu
zW2@z^E)T16SLS%#($Wu0=6~9?v8`1u0xy^BB8S_VcI1&Y<}WYPnm!xi_JOUPeF}{t
zcB0T57Jft@W0c?;swwu<dSPn1Mh<&?m7&pQ^$&|#{T?@G+mm$fXiUDJOK+i@HA}v-
z9NcMRMrE#xNY3qy*Ny%B6>9IP#mbt|DYy1@=D}~<W8=Ecv5saD>$#o_$X%j`g7FZy
zJ<6JR!_gEEivbbq^Bc(+EJtXfw91LS_5(b7P2cRYj5Ek^O)3evxe~GECBs)E5C<->
zHA@<jWz)RzY-QlWq9Na_j0!^FBqK;F-H0ghi?t%w1+%O(f>kjp?3wVfSXqa|@UJyb
zmOqKe#hI6)TO@QL9E-t(sKjXt5)*FoCAYZYPZpP)d)9Qn6*lsv!Ew9Hm6azYi@v$o
zwi+=74jms}%4leed*~Gub{I=!f=8yA=qSA1VVmL?RI_+zM&zwZRX^|)F&MlsvtKTT
zSOsW@^#k`u8hOLHEzwXy7Jq+V%d-ua)IfKo(-_K0y-=qbqVg+xJn~hZ#}g1tDP@H}
z4R@MZBWgrBvOhf#)fO%(AJGrLV_F@((Mb<h77bxrYAdr_Za*d+YJujPnm0>ZSkcWn
zP6(vFY&M_?;ykX7Y1}Mj@gmm}6~`nvUqpOJXlHFl5wvQJ6+2HFQ&8cl{ey3Uzp{DF
zi+ZnHl~m|VZ%K>Whw-~{z`GQ`ZNVmoynF;qpK<mx8~oMGGkk1)t!R;#<y)h2plDFI
zTYO{4j;fK<FE=7*`;u>F3Rs!5xuZO|3B|bobSsif*c7A|s02#YA&yCB6G0K+KUkEe
zAyJ)?D+N=R&Vy0oWg@!q?t3{{59S;vNhT@dsQg(<xy{(OZ}~IJ56aw>PofN+{s;^>
ziX3z{9r@LU%eG)uE#apHy@~z<cZs;n14r7<-{^`G?cLYFdQW{hEumyM?D79`b2RVJ
z7#k_K%Dr=9v5_%Jo#)UB6F1G7*X`e#H|an=1=#^PA#>)|X<s8^6QF*w*^mTwceA!i
z_f-6rS7lV|zVdyzdxtJ?q58Dw<Tj8w&>!*fPB$}E+XFOJ*{eVT6`6K9Nzmd#3WOkP
zg68`+bX$nEE$^B{xHf|>=L#b7)0L~Hdh-ItCA^Ez3PNt~rcxi923|ruHt6d$9O;d4
z4_*5>$Xn!R@y|edF~;M<QmT7y)Cp`CXAc*Xb#aH91rqY+$3i<@;dzkk2rQ2Y81k-@
zxaDr6-n{L~<3uvs&Y?aVtjlrBY3aDHH+fD!>8|6%kzMvOFlv!R64}@0AMltsGkhBw
zYVsalBNtt#RR@@`4<=e0L1XJ0GI;+@ke<b=a1%sGpq<66Fc*wUIG#bT2o>a|EY3MT
z+J2Ejj*5BTNNYGQ8mQGhEo4&79E8I>1Vk_Dk}4$JLfKYji`VL2h+#&~1o3>Zic~JW
zSw)ylrO19etr)WDMfEGHb}lpaEWxUv653Cg8iJz2U>h2?nMHLg(oYSMsk3pZ9}BA+
zP$VR*&=49(nCcU&BgpL6RYj09Rj*w7n2~%PTV&Ow@2j;{Ci~QVktV4~5h_aPa^dIg
zTMov$oge1*E@ae{14>hVAmxXjiXc2xF27i>zzo~mpqdw5*;3P;ibQ?;ySKzdra2Cz
zr6f+!pWJF3$-_2n{0#p-=VeXh^!xqrB}`imTo~`96p*<ox`WF<=u(@i-t)&y>oo{{
zxa<N0F@mqtPdM#*BvrRZOd}6QgW13&P~A80zRl`~ZeT2bttk2K+#CW{5rZB)b0HOU
ze%5kGlZmjlZXn(YKK3r5e;MRom@r{m2P`=TVcQ)Z8aa!<A%nlD@UM9#BhxgE%1uQ_
z=McnsW6!i0bqdm?+gyVTDArCtimj|+IuY#UwOG9IRf1jH2Ou&$Q>5mrda;>mdv?}e
z78A>lI(nLsPq|W6jm|2#NaG`=vDL3gb6Dq6i!ro)Lcr=*k;ZUyP$vK0`WA+&F^2Z6
zDUgSQfG;t6s^{_LdQpDlHPepY{CfJ4!0S36HR)pSz!AbXA|$$MG9Y9zjU25ZVMw`x
zH`?V6xcD&CD4-zn9C@40!)c*ztLDnS!Zs6mm8kbQhC9At(@`Yg%cHHWHN+B%<=kE*
zI8*qHM>M-D7>;-Jddl>jrkp<<Cr$W^&E&AK4Nr)m?2Sdp_aUs-x%0y%49E@uD!k-P
zD6Q65QWCwK@`0@Ng%L%@!|2u=SSgLn5Y~Z-zSvtwBJ7u|HSxT3K9Tp-v!}sQuo_N#
zm<8fGGD7#HGO`DY?ok;qO5FUm9<(#sI?Zd$V#|pCG0_nt09Q_ds*Kt&6>edv(UA7d
zc5Z0u;8G(aI*aK^Wd(&ug)!M#Ohh;f9ikU@&31Bn=by#EkhqE?E^yaB7$sB)H1(^A
zP^mA4^;#a$M}GL1##`X&RC&v)#OdXfyo^=?+uopPM!V*fE25`ZjJ^ac`iDF5`4#NM
zUBcldi{u%Wy#bT+%H*idS}~`Ko<w>aSeU@Z)Wi4i-8Zmg6pGi2$L%BR#3!|-Ht+=A
zATfVnnKy-&lI)w?*8{K<-G5J1566a0yZnb=H*Nf!-=sj@kVva6zRoYq4Q8!+C&SZ-
zr!3X=>Uj=aKAvXRU0&p#t@fUIuK>?&rmUQ0iVhDDNFTPBuN`&Q9BO(!s3i7=D%Q{o
zAV{^I%@4M$FyZ1lh^sXZdASs0*L0Vk54@h#b^J6U^jGptVRyXSeNuVmc2m6e$I}d4
z#_W*QF;KXM3DQFA7`fJjtEnTp`nZGJ^4R5wQQ9I^d)a3)WOo-}S{Fz5`$xj^&;JLE
zz^nz5>cp|eKUk&f*P66}aVWV!>VIxfH49-{BltF0*ETX8us=K@``+lJ<+ez6KX`22
zf|hCak7M#tC^Bo_irfdB{-M4s3t9Ro@%F5<3)X-0%f!pn3G_gBDH}RmgsPbd3!iA{
z+LxSYK(M#y)k4`)ecqjF5D=>hq7EkPE!6RmKj#Y2TuP>KSK;YH%)FKjSso=gW$SyB
zNZ9cTS=KM`)E({p&@k8F7|?%_(eiLJXg0C0@NBmroG;lQuv+s`W%K`yd>8j9RxQQ_
zI#zq+pzTG3b1X)zk+RSoMaJ1VfMRa<z9zxsFE737eYp$y9wnt96eTt3*LLs##k|*1
z?*qS8iC81*N&1+;sTq<s+d<s-X6St*d<<E{u{m8q=&c3Y+jjZr&^<FJ-z^X(At9gh
z_=+;wJ>K+h8?98Nk+Vk1Q$>@qFUxHoI%t`^BXWm{{*J%z&5<Cl!*DgPLw9CY%GBS8
ze<%0|ek=N#6Asl{jJ;$78zt+eA<;y4J(P1L3n^WnE4d5U^Nv6D!?#5tdF?cBZI7wI
zBCL@77AbCoCT-4Bm}GH#r}X#KHU?1OSano@n^YF2hQ_ma)-!e0$VS8yv-eH8O1u=A
zzB<xzn-AsCZQ9!s1k%B^{q^cR)llUh@i}O7NBE~Yq61-90OM<r>*W(-oGq6L$kiox
zM{OrUbIU=<xDQ(ejvOz&uG%)IQDS2|3L_E=2ZQvj5~@e0@CIQGyIw)dcrhhObPjR#
zd+s=SZ%>2^XHC!jd3t`RI9F|UPQCEAvzsfisJ@^=!@L1W&qfITAK#n>Q@(XHRu+4k
zZJXPB^7QhZjMkrLcTwA9<KKn3lm~NBbYS-0K{0E`Hj8;8_9H?~V|LI4Ez^$kp>;GO
zbVTh`eO7>Kkb^f!7i4;BY~A))t1npN&|WRp-;dt5e}4?xOedP9w5sb}e`0j}qDR{j
zzHWoxm8ie73G!$_zG}Aiz3qDOyoZaSe~8`s?1Qu09|s><m@4jB9tWRj&H1JB>*4hW
z3ImYZAU)xBTeY7_Be{lqL+jmP3>&{jEmj~&wCkE#wNX6UYYodZqL=(=4Eh@S&Xh)C
zpzsh8l=zy8H=f+QFAObSh&5swxhz6@fZzh(g&uQ3pWRpJN*4C~h{9pT*nFX`FB!;}
z>M2wTKp6I6I;sebwMy^rk0u`?o2tMjDg6VBvEKoOtyj0S%cZ=0hC8d=Cw4#~Io78T
z5avLKayp&_XTIn8Z`z;p!YP(OZ&qge3hB?(Q1dxjoA2g#nsvV&cFd6bBe&#cq%j^T
zdputK<<Prze)|2i17i|??^hPm40Ik^Xama{2Fr-ML8FAY4#m(roJ=)5fSX9Q)*k(I
zl93rX9~)E3rU;pp0t{0p0U$kxBc019K|PFmEgNr=FN|5q*94sRHxgHzlw?<|`m}XH
zPD1o+w3#4_-=^-yR9h3Q7>eHDxNZJL<gBl8wuL5QuA2Mig%vlEq=x;qM#nq2fQWST
zVU~F#D~oO%h{sb(b8uV@vvk0Uq^oeeVJfJ_K+r+YgdO$X*j#xoR=RDe&poYDk}FYi
zPdpAC{-;*0&AxGJFa_!Ntvl%R1g)D}|6;k9Pbmx+80G^T@ZV1Uw=b=_J5na>r0GXC
z;MX`TR&L*`<;<UZm!%-o!EzBXSTqfuXQ+%J81O@{I;bS?F0|Z=@@z@ubI=QAPMvyd
zHjTA8&Xnw1qmB5}G$3w;FX;H@(s{)WJJ7cV(1wr&lNq?SY+TA??vkXsBruSyrCxgn
zLKpDaj}|jFo1>9#02|*>oT3}fBANAoxlk9a-0VbB_;vRz&VE0DZB|TKJ<4s1VR^Sb
zjEHG$qER)_Bu?CpRg@Zptb^j|V@9^)l;GtT;jjE+8=6mUTz-|}UmY!NR|#s(c6}(l
z`vQca{}?{tdEJS&E8~LUx2jkek)*qjG=K6dqa=T;eR5&?>(~n2LVOU*)vX4_g0Ur1
z>j&YoKK}vZ^zS`cJ-e{HKLT(8^OS)GM4b}SVsCCFcFJSO6z~IBeYXB?ZDY1>-FzOs
zCYMtRz0$!|w1zy%JFAPS@SB7Y@oSnWw-^3!IcYw7PwGNB&6De{c-y$D#*S)#eM!6c
zLrd_lfkZLrGseW2GqxgAiJC(i!0goZqjq+(`})vBQsU>Zw^r>jH|1$GzC-p#ekvKo
zs;U3*VE>x|hEtR;c)b(xS#<_4<xs|7Y-bViRWI$O)cW>uK6en+i@gc?$U&^z@|Tq;
zqkt?T5!#&hAslL3kGq^D3ogZ=?cd1s!mX;m#i{@laGi7OPbNY1Gv*4%$Nm1mIE^Yn
z<cA<{LkuVS2GSwJK=DG%mAAwQwS0Zc8!fWgh_|~*KN<0Y)I7XkN5VIv=Ig_$-fK*l
zko+1}-_!!f3MJT`F82^F1BsoZKew4yq`}ab$kXmKwXd^oTjK=XM9&uWET2u@t&AC0
zg`6@1e$0_8NZ$3Y+h{F|X>ymC?2XhV9%<7n!p4)FOhafJLxN9E2)Eo}8_lDBx7?vv
z;EOep4&PfA8I<pKdNuFp+#i1$L8?re)S{Id#3cXq_&EyQ<!M3`2krL|RFclvQn9R#
zJOUA+*V!l3s*;<yJ>HbxvRJa}v+lMg)`IhF!W}ye5#0~_x4ZXLPKr-PxmglGg~;vT
zM%={_VRZJ&H!b*PCj@`{<cm{&<)j<$6p@W=oTl!IUIOj%K;OAB3r*Yn>WaSv*(e3(
z#~r&G6caq%pKMT07tp%M@K!)HBGq<v5bdP5qf(PT(a$Dc%|w)~x2c_$DiaOgdLiHq
z`%3B^xz`M4MhZ_S+i&4}kx{+?^J_OK-VXpEWok!@0@|rgJ<ZK&f5TgybUBsCSqK?w
zd5SBEefcMerP$o|dM{WPkd#PK4sjWc&wUvutF_8qjX3QNDCAc!aI2^wRJsbcp&dfp
zc5iNU_*j?KAj13U>MgWC<oI&BNi>fgTJu02rrw!_ONeZI8jV+cja(U);63_)Xv}t5
zSqSRf&n#mzb7m2g`Ov*99FfQ~0Pco<eB_r{T5QAJ6T-bU#{#vBrt(KO-z=JK(~IDL
zPrVQNm9&0nJv)v9v%d<f@6#`a-9jiXl9a1<r8ggFqLnfP(mCY+o<w0@#Al68k+Qd}
zZm^L5OpWL~adkyToj*1IzlifdQ=p~yqxWgx5pe3OPA&9__^I_j6=_frEQJhY=`yBD
zeBsi=fWI`3BFBHM;ztKtZpoi>=`w{+Ck)RCq25pp^$q!c=aP=>gd(|0M~Ajl`A#(8
zWcalsvYegW;9jI=Yr(Q|?@G(zaU?tc`1h-AZuZYTYbfzjClo~PPF!&Y`t1BUd&+Oq
zE=@o3q47tDN|~3XXvf*e2=+AVV%N3fD6>|ZvW0dI@)}c%hsiTW=pB-A)T?~`OGVwR
z9lA2xu0`Fkl|k7{$y8ngr&<oa5WP`p%INZm{t*<1%987mqCF;#$xFylm(5VLy%lp0
z%CP(+;emC4K)o%ahdGJs;6M3)`J+FrKb#LjYlt%e9Fw-VnG;R`d-P2)pD%qDMv>j_
zY};f!WZS9w(hcpKQQmx0zwL&jp8D=vx7<y`TEFZ0KI1<Mm(EKWcD=>S7a`-$-k8n$
zuXTXmf;0J>Yr>qGL+<8p5i~^Z&Rp(@7jFvR0o~#A*o?H~AJsNvT&YoPE7JJn5Q%O<
zc2E!A6zPD*iSe=MlyfA3CY|Aw3Eg8e4y)&BCh`9B#Ei6JdvCYAU5BdE`Boo3ydD5C
zTa7}J14U|dPhAN%g7r$TPVWq$%-A6HbVWIt4_J1PS3teHIx-P;#6drA2#SBj{;O@B
zfjJTqro~pj=N02%Hk9g6w{Go;yJZC(oVFkK);?AhyunVg%z7d_U$@Vjn8R*40Cyy1
zm*mtX%AZ>#A<<tESibRW*yLO?&lx;`NC8@YY~`K5=B!&Cn2alLoJfzQe9#$ga3gn8
zvZ+eN(6Ut%u+%jio`~AOtol7*%VK#_)3dSwMn#u?)tDKs&KF51Et^Hq0)YMVtwm8|
z;@CJcu%gUQ&O-BhO#)$fG)d~Qrr5<gz%zB~^O$2UPAvXpSNf&?DqY95YcVwGd4Q*a
z0*pzw+jR0?L{{|PB-(T&mP&66jjEMfYAy-wB2Q1cQW|K4A_Kw2Q#cu;>i{VG^VArP
z7>wOn$D8ou(?#j6{{9?pk@E_?f%HY@H6Hza$+f14%&=rKd^dbEm833G0a+~(#&gli
zrS}QJ(N*FwIP2Or;9~apj%-QRwrwBIpF`PhEaAM7O`c$|n9B~{-{(_;OP+_GTueS@
za<uwlF>Pz+EVJ(;(T>K0PxmobMV2S(0a$e(Z3s<$uxM9X#*qV5K_W<rb5rnEaS~v1
z?B~UbHJDUq*&+Y<nNid-M8GFYax?<yZ{hi&LOUOm6YJj&ICPsJrfEx*RPhwBvRVv}
zZgrWtP0vnD=sId-Lg+vm3-=%S)Xrhr@fASVNQ}L-urCRoW$$ZA90`@F%hYu2%JoDf
zeewRip>cE1YxfH>EyD%Gz)-AERV<0-;p{DNGye98$OsI*N-*HF58R0v(0y2}A6V;{
z(j^t`37}T7WS-gg-cDx9t@K}WaUD-~mJ&OVvx;!`Q!5y`H5u}f-#Ck8ieSd_C2SaE
zf|QB&8x`VY;L&6BEFO<4-L58EUh$pXNvWn(sTn*qJl+lDt2}<apx_X>8w_^*9k%FI
zd{&k4LeaOV>Q&!S&uOeVcNF7mD3#JQ@ZtUsDO;PTN%*+TvLi+-Hqu8a0WqfNR#LZt
zl3>8*G8`%EhZ=wFX4VtefrGQqnAg83=B9PvdiuHpu|jYun^l7tTrI$w%q<M&pgHD6
zKq9z|4LExi`MK97*Z@KR{doCbP|z1{h5LEeef_^6D&RZrd(Hno?FQk-&+B1{t9IqC
zMC^uMX|essz(hSka%>qBk+(Cqg$PDzo+yF$4)+bF_mkn><3Q+tkfo;7;^E<9YdJ_Y
z%MBu2@6A+;|7Her!Yp?t7Pmv@rGr!EDTbhr<(s^U&wpS2f1zYGFJBPhKcWA&FYxTy
za2Sa4KS<Ra$4L*v+HB7PJ_~`#8_GJd6YNndui|v@BYG8ajMynsrvBBWXZA@Gdu%Bi
zu+|anygL@8|3La57};f~@8$e)u>J9V2i}dV)%g+=lFb;l%*O5bZ|s%fjr^|4fpLkA
zk%_Q#=dG-x-S;i!@2iF7FBv2v70Vgvmq(x-VRPuiUtLWkvQwlS1Ep-%XyyUbR`4^O
zN<uZu0qq-h|5L)|C$T#Q12Yx}`J9CMOUKv(G-Tnxk57vQigWEDZ(VT>4SPqJ1^cS#
z+Xi~#FChPW@Qila)Ag*oy`6T;=Tw84MELw_;QK+M30ufz#B36AArSlk0C|E?rit-<
zK-KjbGA<Z?Y^L`wp?3GMt(a5MbBYuFFd&kgv+c57T7cV9z?T*dl^)B*>aulMi3Tl>
zN+Y~yLzi<f7D207;RzyDFFdEhD#QX%w<{AiTGeldd=*HDPtlw@QDCUdQ}63smrc->
zBwr>g>@Z2Ds~d3=3*dSm*6ndZOaQ@gu%`%YS35tzs`IC3)LBBZU90sIzfDUWxQxi}
zCLw2$$PVA5?tGfjsVl{|g!SuF(+GDJajHOt>-A4VT0{*wQhPe)_WW%6o&RU47svtc
z!{dTArDo7aYB^B2w(_mCNPY4l7~^bvWQX<M9+jBZkdK}$7d}O5!>5Uypx1n7J@q<C
zwh{XpZu^{cr{fYM2CW6gkAl>^{R_=<dsH&#r<xUew<nK=B59BD>A9t^JP@2B*M_N@
z56`PO9z3Rr=4-kX5U0_`Z^-VM*0{&GcYzc#^vHJ)>hcna+Tac}66%G2Y(m@op1rOQ
ztPV0FH4p6ck|}UJk3t#pd#{fo*`^h@-LFF1c7`;t$4@(!wgbaZe?aph43Ir1(C&(p
zbrGL}*}2dOYuD*zmxvpduc7U;*8Tcmb_jqsu2qhp{;gGNnK0)@r1`1%sGKm}?Ezsk
z&lIIlsU50tcGX${B5xOzoz8AWoJ0mmm+AgWoPQWt%ddVSrnMB<^>FR+OG<L{&30(8
zQma0#3j6^?<-|l7HjqRQH+X<iwIsVF3?aX5<B<X}Dy_R@OXUup*APOXd6l{?4!4_f
zNifl$P>|5y;&*2oIY6(;uV_5nTt4&eWp@*w&Z=iP?(-bFW7b@FN5y#zZ_-_!fGtaG
zm>1oy_DxAu^ezh9JKQ}RtntgsgFPa%l&JO|3OCtH5o#bLKkZsZ@(uH=Qe`pOnOD!{
zVgO93slm#4J0<?(f6de^c>W%~nNcdFzRw&lbf%|8{Wsn1`xl?<L7pEk0KX-<G#1;R
zm=98F=CO_&m?PysIPdCD2{18*)z({&OjqQ+8ym5V%!}ShN`j7l>uB)n*jx~@me1cK
z(%de|X?<q_XIyNwta7Te>~xi_tXh?Hrof-6&L`-|TTr*Wlvs;UlH~bfrrPPJDL;)q
z?R_GvETFy*YyQ+tHTMtfrI0)qzPAnC00ZzP(lK%bwH>uhyrB9%;{7zl%aZa(XUF<|
zTaeoL0MyJDBplO(n0qIE2rBkVAU8eV-iSX^Z#N^la~(~Nxd}x4gxy&idwPoK)jxCA
zx>TG4zkQezEobeJ4d%QBq<Nk*J5f4t_8fs_1f?1p(OYI+Dsj!|;(*%%3ZYHgc2l=O
z!a8jv+f;lykJL!`og24;w0MD`+F>g;L)^lU2*sK5D5y|coU_=RT&O=ukwsA7-6W^l
z^j`|!<9`S>rNX_2N4*QbH>Bsvm^j5cj=lXS65JZ|GN;ePR5BY)PC2g(awG=D!f}cd
z$g@>H_s;YK*eZ*L_=oM&g!0;1*T@8-$juO4`v8UiwU?b`&<<h>)-7h%r4U8K##zMt
zb_ihUa+@3p{~i30$e$1?9Q`-A4L*sWt*UgHLJI@ZHVR9)ynFz(wCM{f+v&eXA<K}q
zp<{t56`6PyPFI2Wv=j2qDOMJ6nEYVIag!o6n}#nf>usTgDoG^w#(<6oU8BCqQBwzi
zcvpyEP70IJjQ^vL7R~U4C{N7XK;3H%p-)c-dv#G?MOM|TKxJZ8eH=I*Eg@^H5V+A7
z&0%8!zdzCdHU(%RZq&LDm%uAamnc~H86#~cV||(S?SroVY{y~URGWnpPJ5i-;48}h
z7P*k%il7QhK}9<H=<?;Yw-n<oIL*EBmiCHsjhYPm2@QI#<JwIclv(tnF^l_@s|H{0
zw*O>aikVwI-YB#j874fqWppn-SyDH;Pf&q9t1n<?0x@z0SZKeo?--!9Z7k$a?R|Z2
zPf`FcsLgZ*tp8_}o~!PkQi#Ob(mQ|M^{T#4@civ#07tr5>=|q3L&C%a^Cw3oM{*?+
zxGb$^cpRS)%exy-9R2y^iq@6lG%^77b2}v7G*53kcuL|Da4Tzc)_ls#4SsP^B9u5q
zcRQ)7ozoU|1S3O?iD?8I=FM{A;mn3>z<2cRooq3Wck-yTh}Z_)+-b}vM}}=iz3oR+
zTGK##+seSL;m*q%uIQH*-nLNQ<fl6&CqyXP$9z-;??1{Dx;Y8CLn{-vTxyC}ji?Qt
zt}XccTZg`c0lKBVm&VJf(KG4DM*QqFM?QlsWz(C$M&k^!PKM7T;w|%JKwu%SJ`ecv
z=`Nb^k+deQJqiR}fcKWoR7!kEYwWeEfS`TQi7Iu64iZaipULQdL#$9vD|I&5k&6~0
zkS|D$+;uj1lQH-7&^`#nmT%9wwkQiuLX`h<hf5#gKeN)3=l;85>{<L1Xs5B^-LGR6
zjx?GUQyI%`dl}DeI^~d8VDGV!@L(V}B>`~$J^t?LX^Z-PrZLzfZ>r_9B&S`4<#yIO
zE|Suh>b6q-Jz~R9*SS-&2P0#Mohy!xxH9$&VZAWYNrDZ-LWCj=H`|ZwBs-`?l^a|s
zrhl*Qx6+jRFFejBcnled-rOc%_TRpWCjW%>E<vx8CYif)Uk6XyCok>Ciitl;QR%!1
zC)wJe%6%6U|5HmoWZL>2a%2BaK?=gTGPfB8PMlpd;@rGxD5}JQlwy1ZZ9T?`A0dXV
zr<Zjht?Pb26EAi^qcM5A>w4%-=(p7Ubo!Lu$P{m!@!+KbATTQmyrgbxL7DN<5rVuZ
zuB}V%%Ghf&$bAXf>FDJHtsC(aeQx9!u0exSUuhwv(pAEH_wjU`M{!%i)R@n9ox~~M
zQGExd7rS>xi<iAMDqd*=W%Kw4rH8OseYnD&-RZbCppnY<_BBBeJ`5@wVFzkrTJtr1
zBd=q&V@dR`Wmz|08%-cPU?od=6m7C!$3A0Bf`VLXI)T*d3MInam}*J3-Z}$qp<xYx
zg`vz9UifyIyZsI-_5!;9pkmV@Bwx<sO&!xNQ~{;lhp;?8HYR-6#3?-&4diZ*k8h}v
zryvJ6#CjBC>hx3Uw%FQ~)1p-}V^tm8TtZL>h#J&sj-7=3QBQ*sg*eTj$*fk++7D!2
z_8)~vm$t-4-8#C-^F2c&7oXsG2`#UovcZXPtdhMY16MeKFR84%)f_OvE{BlCr-|at
zLWN!k)vt4QSo0YPbai+ySOhr52aw9`(piMZeFeSIk%RR6C{q{G5ZkPV+XD`~ini!S
zU+AB42wYpbTVP~ka-Fk6A`CqDesxJ^p+UC-U;g}AWG~BO7D0ZB3VH#xSuukQ*JLtP
zK{{kcu9$p<bRQYGROc?8B_fE(>=X%q?c6=%5S91(;j|ygo!Q~U?4o8ALnf^%#mzuh
z8AL$}sMidMgvX1h@)($MZZG&^ULGI`!yzlWpD8U8oo@U*jxB=)$afC5c35@nfA1TM
zXS!-B3lC&>b6wYU!ezNT7rLYV9R+~LP)^24X<QPg4$f6-*8eUFWe|wZ)~cQX5P@iN
zU<HoKmxHgG#68)e2cbJVPV3Sw17YZmlOn~QOUdDbps*a+Ll?vuC^1o~ez|rf<Tf&s
zhcKqA;RYF`;Zhcw8+#@nZA3$TvC_N{r)_V7yc@bIh6Z9NC!Xv*swJFMvBi5#!Rv4j
z(~wKvm4uD^4xcl!UJ@jbNef#qYBMOfvic|Qbt=75b)HoHjSqDtAiosQ(3X@`mju9K
zD7UV%vnDrkQOAgZ@E)377mlxp_1ga`3PpWiHgf2@n2XpKhG=qklf_JkZYG%pD%1#W
z)0!0!AK57X(B{|B!69$P0iYCEKL1FBgx6lxkX3Q_u&kcn&28hQ31KD;oZpr;pmt)P
z`xea~D+Tkb#*`!KY)Lu^55BaR);38Mv9>-=%t$@R`^B&lz=H7|Jjbg!Lor5lbT>zp
zj?WV|s)S?Si1HMPU>d@u9m{-=|GW4{Lx*{&i(%f>#PGhc=~tb~%~C$2u&`UyKL(qo
zgd-`za2Zo$6l;Z?BE$CAwg$-c5EuW&O+Y1~C6RG9uvR)m4)L0CSArs3?z#4vYeL!t
zU<C21*}1*#$;UABXCR{dk+H*tnTj`rxn1&0BxMGb6rA83QqH-0#LMA_`DE*u*gvU6
zU%Fj>tB;XYhwA#1w;bxB+s9svJ{kz+8rCc)-c^os?nKiW7NSUvvfD0De}^H10@%T&
zTzgoxemPWU*Hv~V124fKs>&Qz7IU(8uea|<_M1)D2$namYmwiu9vp~S?3{`(^DXpm
zD#5<v=UNpSQE$CgQDUHe#PM_YPA+3LjwR7Dl67aF(=dlw$M_!bRIFAKMH0T_Q@yo-
z0RzAC=c1J3w<3+2UNHJ{p-K|FbPx4KzkBXgbuUfzutc~6JYEOLR(`6zi(2k+<J@Uh
zh6J#q=86I2z7v#nOKfS#|9bnwzU}fTQlWLjtP8VO3m9!6v4jDlSU%^gs<}Ou^N0&%
zsy2PG2o~eoXVrF&f1WiMm_)z9r~7lBfja*xC3~N2om+whLo~iR^~Wi$22PpyNK&aL
zcP!|DUzcp3<{%&+wmh~#JPpH)i&W0gfjfxKPC2XBF8>j9(S+_ram879A;9uyPZ}h@
zM<UmQIEU0ft@JcI!J-0l(bwZ<=A!DGUD@Uewuk=<j}^)~1U`e}$_sX+U|rPP$y!~=
zG0z14P2>k01A*B{xAXA(>NP=%WP{`k6SzCLwIz>!{Ayrq2;V42R-CI`fNf9KTW?&y
zMb68&2k%y%YIx6hZwLe-!rnbJ-Tte-Ca7m<bH4G}Ove!TJ`~p}#vGZw)npny2&CY;
zoP+G+Qpa@tRq3$0s42KdHyLBH<O{}Outs~*k1x!j0g_mxxn~1bg5W@_9-$Xw2Olov
zoS&h7WhcV-yw26C;uy<?#ECH9TkUO;Tl_CnI;<Pt_=zy~1(_Qz-AZ6=vTc3VIYs#D
zfW%*@2vnX<i2{Vb?y12H6z+MO8b|Upy+mLLRAL>0&D<#H6Qc&(KryGNuh0ssS`TYF
zVvyb}k_Y{Q7f<>(+KSGUc9uv?`C1@~01N%YCpBG&&aZ~W2>z(u#f^~~C|c;R)VqZY
z2R)RW8WQzs|4x$joRQ|YRQWWMF3gp;B*~9t)kMr>oP#OJdB$f(M4P_<p_w@hIC$Zo
ze?K0$Eea<SU!8KEP=~D*`_gX{rA4Bk6~b!hHU-&xL6||gXbqI~S2w{t;=?FOMi`{T
z?V+qcIdHZ-3SP7ld)syJ^~py!m>3P1-A=wyfyE>Jqt(S1N%j$9phi$>s?R=Kxc_O5
zx%7)YkGIfN5F8JXVM__)rAIGT4fPxX^>+6@j6n`)v<?V+g%lA93qKPX#!j4QU1D~w
zV3zZ}FfiMq7uV0}a2Qu5bfD^?QTK%W=FQ-lkwDw#B=XqYWM60p%Nug_57pcCxr>?w
zAqm4MQv+N3^i1fg5aS*if98GHUO({C$7%}^`BF+&(bItQpsFt`Gum>5C*#CfW^0K>
zpyLv%Tt{SIqjIzg22u-g&F$#p@<T(MP0h*?SnG;el@-!DX3T}-`9x=%hPvZc<!_ls
zpLe96#H2;mHnLsa()j$iT(yLH<MX{H>usG`5Fo;&Jw8kzL(`3#U@Z^Fq`Ld_%x3ZZ
z>;NpKLOQZuM?kR(ThW`8f||OB!IJ}Gu^mhO_0-D6QK@2{Or|5tKI1E{E0p>^vY?0q
zhBZ%%?BZal#m%(Xi_5Q_4tAdvBA|`dfE<a}Q*PiS4M+~s#N@@q3@}c6**Z83W0DkU
zCkMmC{QeowOE_U1yJCx9ZMJ*6hi;+pE&l{(khVS}^*i;LK{Vu7uF<z``_m=NUBC(d
zn=HY-3c_KaItK*7z5vqjx$R&$4s8-j+TUA;W`zx-=Q7V~!e^TQ_@?thT5fLpD89=X
z7Q$t~*Wv`~l?v1ajZ$nbJwu;7vkE;;5vjIKw-e4q`W&%r;+1`c{6nN_meILdA?*#4
z4Sow9E5f~5HLR7!Wq^5ZGVG<M#4WFF46PEH8bx^^!H6;ocxGD-T(o!lFK+T^BHsSa
z{KWLk*<(K2-wLo)KR$H6vZ$RS0};zNdjh>hNg2Nj0_jKYcCy^K2=Ln9Wn&wm5@msF
z&GiD9m_44eA>Utq$LAI$3c-=Ix=+j}l#R&DrzkY34Iw5DG_oOKV+#9UX5M;vAAwh-
zjY@8zmc^n%{cSpsAE{3HO2@!%_iS4|cJF)tVjKO8B>iepmoR-$=^cRjZcwQ-MCA-#
zkoM{{@JAe>SHY%5L)`QsBnsZB14jrSx0@mc3+guTaxpWpettVtKp?SaKceP_+tdVt
ztfrCk&1sPA)OOkY&qHFd?#JCL$*^=g*#~)0@l{Lx?a*auIvAvpy$^jw1t|-5l4Mb#
z0rsK+{v_^t8&umgGle$24YVgO_kS57<V<?>>Qq?2aY9UtC^qxeN?paTknB+Frt*|X
z<0j4R9>$`f3}P@~X+YO^IeO|I$asyLTmBoi53iI3SNml)z&YI8e~IZ*4~3cjz9BOy
z*Aha_&6~8zWxdw{;UhjarV)g6g{PNnx`yOkPONJv?|IQ+n7Vubi*kH#WW7OGJ0rRU
ztd2`!J<AE>SEa#+R+a}>b)xI1`N|4R7qN+E;3xnaGr;=>2EqFB)1@an2?71sm2R7j
zKc4G*M$uQ2UXuWx9PYj^ijm-7jU#ShfLiWv#40lgrA#7DysjK`hY4Mz0Ff*%gbR3n
zh-giLrcP3q2TK!qvL(^>va(y|Z$P+d^HHp?<vzS2VPdbQZ80rN2b<})-j7a_qJTBT
zpM(`zJYCX8b4jvVNjeQ5BGRR&4w%S)OCjvwXP*&)gAY@sid^-v0;}6HoIh++E^rRl
zmj}x%t1=`akfEd#DGV72a_^_HKyI=8mg_0Ikm&ohWRMVEg#|oc3vJ}rZG;yiL&KR8
zmIA~=pGW&A)=m~&cro=K9m6ds9=euvu(|q>3`pljc8sncdlZfs`D<OeLZ@Il(xy`K
z?Eked%?n-@l@c7$;Cnda2m#ON=)4#;ME7rs+_CMof3ko_49O?t3>}wQiIG43(w7(s
z@@`k=%FPnqNN)I&v(Wg-Hn7EuTmN<NXiNbDtC_`d^w5Rr`e;2cUF9U(hXqfMlN#(L
zO8KD*x=ZqsCz@Q9tWoGlvfF`!NXmyzU2P0yZRiEwQk47?a^{PE+=DuQUD?-Ch@VOT
z#;Y$LvJv^%U2VZBP!uL?K+~ArVyk-mw?k8q_M&AA4=t5AUiT-LFQZiBR}pWaJo0)L
zk9eZBtk&hB301MZtuodK$8zYaTs@`Cq`9k*!Rk*EdENz}0IMoDBx$ah=K2qG2v|zT
zshGhyxGaN2@yr%@j)8E7v``!TeU`yXI1^~!F~OcsXaau&uKjx1TwscFec_1fb0sw;
zE<{*X-<wTg+o1*zz3e0-p5P@jF}(uoy(57GU;QsJ!rAv5b?N<~KA<I5j$(|Z>R!@^
zKG9Mi;|9@0_s1`rL4eZ`75X;%{Hd-w!)woxRN${}ruRJ|@;@otSocRK-#XSD#~xY%
zdxrjiuUp43{_~E4qV>R1_mjWZ<6GTjV8fcXkf<F^XXJd}cf0-6pVLAO9~tz(V=rg(
z%J9!cU}k`QdA^LV@7tf!?Dz)ou@A>i{%_bXxas@N8KeWb+YG*j6<g}G^)mCwkSV9Q
zxHaRuNC;j!&o^>>kjP(EciP@BrOhJ<1cFrSrWd92fa=fQ)ZXG>IZ_#7i@MjpAev3!
zo`%84qOyF~E4SW9)PD;}!kV>1mkOCdw_pDnGYgf!`#$>X!k<2fV}E<~XDIVEQ2*$9
zl@=(KeRsi3T{`MJA|KqNqwILC2^IMJb6<NA$ra+71M8(Qt!AX#9T3X=`JkpZiS&8#
zam^6<sRcSF1^olQYyE0qstzI!_<XX5=4qp$OD-^aS_eKS5NxY+_FL+FmKl7W9_^E}
zdzmt188@iYVA>Y!r#H_{m)eCb`?x-wrX^unpymU0+&){gRjOoH$dg`Ds@SF0rx|37
zZnwNaLz+VUWbisheSWRmpEp_?z36^wgP*OJck84|e}{p0r<C>gT8kHXa&k1Y^FY4(
z5JO#T<dTVzKc8J6qs;z3Cj5`Uj~lKG$Wd6vD*rH0iOkNT)^^u>Qet=-vk)wo$-j>@
zN4rK|T~JBX=QKylC@C8M??hr-(EKvyou)b8Qr8RXQFz*cuRvL9*g=>fP+&DxU9R6-
z-}&R=O~z$A&thshY0P>B^)lK2W8Qb_JfklMo*lIRuAcAZ@-XOj)t3T#z5)&d-{U~<
z-M6GetG|veM-db+eazb_DFi!nJ+mA6_C8i}rqV|@ecnHw<{#Nfz7VOK4H9FJ+xvfi
zO?^?>-fmKN@a=RDuHv0QX_-(&|MV`p!=!>4i>r<(m!$Gg$tJua&t<FofJWHecGmqZ
zmZDo^I|h8DPYBC2qah<AR>4j%!{<l;aoUNcg)J((u(Cfz3_?|OUG~8*sIUS1T8n_^
ze2eKQYG(!zBHj@W!-xNx+>hF@$1^ZRnJ9cwKhXmtF|5-7{tkmy`pcNBm^SDIIg<fH
zZUPBH1vuym8gM?Yp_-yCT^K=DfRGOjcssRIoNwU2#9Jyb;`L|mSL)BYIWR;$upyUT
zM_#^BBz7l)w;RLIP}tR2^mrdq#YD{DMD_m!3T>S3{^VnS>d&t#vvK*O%!brF*uRlW
zX!Cu|-2NW#{HMdp`tJleC<Ycyp2#X|5;Ji%Jec3I?PnbmEG?u*>aE|oP)vk=ud7;L
zc>x_8ZbuW0ZJ}NP%bOH-(gl%c&z>bwZG#<{vK`_PX<Wp`Z^5S&_DKZDg}8@{(Js70
z+Bo>;$E@Dv2@L3~-#x&@RZq`?zKb_0g$Fgb2eqX$oO<E|iUnaLcS!#fy-pBTYH?1y
z4Zkl5HT^$?y<>D_-Mj7`+qP}nR>yY7wr$()sN<w#tCMtW+jctksXWj5?{~j@oHNds
z8dYOWtU0UJs(an@`dw2;>nWVuM!wUxo9}2#fOC~(dEN(1QhpHYS}`&rmJBu|&CaI?
zX<jP5vX`u<zas;7E9mEZNIV-Y{OORyC^JYml35Lc7OP`-Epr>hTPH%XyhV(f5QrMd
z7D?f>QO8?>q%uCK%wKDn++X0f=$qS868xu+`UA*G93a8JbxYcX0<?uc_VD8Cnpu+A
z-^HN3W)Be9f?oI9G2ECjZ;(usPXnY^?U~)7Z&eKI)$U#4AY7^1`)U`_O^3*$>MEqH
zs3Em4_iqRHvLRt(v>^$9DvxUIr5?Q^nSjdAo9J-$kUR%X@A$6mwk8g0vL6aUn$=I>
z3d20(;NKTdPUzAdP*SsBR#zQt41jP$RV`Z9SJOfWK*#*qz!=hGC%Y;>=l;FslWFaw
z)|p2@G<zAIv2W_q8IdBiJ00AJ@*YdE_7IxClybCR6oyrq<Fgtu?G$-!;UuKu5R+>W
zJ80K-?$r!RPST|;*C|gDw~mSCLExygR3w{|g2ezvkD4i|1olF-%??ee-;R6s62}@*
z8Dx^s+<{E640i4MQLOfALAWMRk2;OyERutM3XaV|+|Bpc@y6oB1AUzs_R(eSIJ9qi
zu0|^{I20^}?S{=6@wjn4EM-hVGngTWgO`e=t@`X?JU__+5+!H`f^QiwQzjN7J=hFm
zGwLRKgn52@NWTNuDTMmYKLS}#HHSJEh*J9@_R?2qhZOPzix9yRQOvG8I@+Y#;hW#&
zW}&*QmM9ggq{r;RQI8x$O;}0zN?va=+lK+7*`kK9t%XW^jr&4aCf0+xd<9Im?J|(c
z!X!622&p@Q>qD;veE`jQ5!@%ReK}vjHO{ZsCHm34q76&CrOtqI(+$fnX8SCiPD?vU
z;t+eZSKhsryTc97w4wC_nn80RzY09o-y^U(W5J^dtTl(RmUmHjTcwi<CXv~wZ<APl
zngVJr#TcDb=`wo52q?5L2|(KO{V>rvbhjaASG8IwX;0B6>NP;R;VVoZ*ee66K=cS9
z<+#$~h83Z;92y{MwyNrNl`ZK@6dh9ciNgRz_RA)XEt`lp1bVeJBvm=h?X#O{!s1+x
z@F3_)Eq);tBW1n_s!bEC=8<F~L{`2N>LLX5&L&SJQ2s;G);p2Nv4InVOdX4+-IZSh
zTN0Z=-bbYJj+TU*zS2&Fq`T%W8Av*vM~pP8*lVAUx@!klkKbGiti{DQkA+`39tUAz
zXG&{*=2(@mZcp6xM^mUWIjU_ZB-YPm*HWY`n9ASymTH!z?`t@8NN$~Td*aRaP`ONf
zc+ssV(clteN99E4jkdGT%{)oRp*BD*yD6Z#wM;WqD?nW(n<Yp{n<q5=#lLwqrC}uh
z07J#8stcz;2i79=@kNU`Y`Yc!*PDNgYxmaUKgU(Xkl|MY-BF7oGy>sQ6FcD<WjXH5
zoAq)h{FSiH>l8n=u!d#t6@k1e?g%bUm<RIqP5Y)6(Ky~8@OO#34w4I6h7F&mv}kI#
z(L{omC4KnBxB#~d7&*XK8Y`$<F;uGZ!K$~x+IizlWR(^r!*oy+$MDqoNSf`Zu!3DY
zBeZO6hK$rEP9><0^F6u`!nN{FJ>e1YG37x(*~6cj?E&bqf+*y&Y<aI`Cg{H;bD;^4
z%myMuFq$L?3oQc+o7#HIX|hF_ZY2m*yeD##WCrN(3iNJv%nVZ<57pphH?hsN>j9ff
zdP`o%#D9oer5_W{zzMRjd7s8j>Bjdk=fUTn1{WpX`G8!c4x*uK6lYmpajoNkX?9Xr
z3xeT4Uz9N9kPW0h-P$mAED=TK)VuN1>sXzZpcVqzyT3c-gKExQya?l~X~4z;6A|<U
z`|U<4IU>4OPQwJ--LaW1r-J=r9yH?uXx=h)W87W0Z-l7f0#Tagra%lOz4@gWt2>*R
z5_F1lkK1-NoR?dez>6t7;je3+fW%kZwa^oIiYS&|`yXN};Dk{G4un`bMFSdZ(lg@n
zV5b4_p09&1CsxKW{aRC>wZ|F@%&_vZ&W5TFP`nd!C5WQ={<$nn6R`}*86{tBry)nL
zh_1dxe&Aanzjm)>clDJ$a$Ik7cNj+1mNF(xpEgQUTEP>Lmb|4zR1R@VWZSN$KM_bF
zViH~GPmlDX`=pT8{^UahJAw5P<@c60<76sE>NFsFEzv<$52H0*=v*?y63FcfNl+<<
zjTjA=o=_<a*RpEWo1-;5CeM1asNlL4WpbbqoG3n5DZ9>|>f?cjRpcuCQ&bHanYSqx
zq4PHS$H7~Z2g6xBEtlX4ig+IAnT1Es8K==CJW<bD>+u$&&aT^VHv*DOD_IU{&UJ_W
zn7(hi7htBXBC*))Ht@RpvUk;=9Y7dK+PAs#U=s&-q7y+6_{y0UZL5?Z=}5Fpi>f+C
zKb*)z{D9)oB#OAc0Z-Io839@T1`YboWA}&`u}oHL6crvX9-zevb09$<5v3f^9zqbi
zyR`k{r7}nq?yE+=coOd0yZ$ExmY{AA(s?aBz{sHXul-rOKA9%vxFRJRVv$)q+3fqp
zj)TSE0Ch3G^x_;}1MwkwzjKsb_Re^{=#k;X()s3R47Cj{?F}_!QW`&BN7#A_76@WJ
z0ezyp;ey3HtBiiBK*0#&E7|F>(G79x64GJcJ@mk+j7=`4_wViN1tVqw$ad6amvcsN
z>TD?O?F<*H6w*cL!Dg{#Ui=O|J?)JlRrUHvZby&V`V~KS5YAn0ZA33>!3dzgY8}nT
zg~@yhzxSi!nH0L^Y}}0O2IzSNRMm~vI%^R=A3EdE{O{mi!j5lBNHfH@<AUY;X4ZU=
z%*SkOv8TCwh+WM@k1J+8P<=Y^%Q0U`C>2Y|391(ob`>OHMF=U??=sX*4N+%eFbK(g
zm^cvGuxMXcfV%y+TY{h9>oRNu02-(L-&b5X2ldj=K<zM-w+oA;8N+FYzKBaY9w=<S
z^rH~%CHIL`DX>nrlU?+v)89c2ahZ4esVCI=63SVXrGCw&&|to%U@mqC=py<Z6K_EV
z+{)qY`@|#(h>L4+DAGP;%#JR1CcL28$I?UEXo}x7=SLg;RxN$kS6C;#6{mNq-pxw6
z!@<17Z;1Srgs?ZK4H{{@gdI(hPntY@I03B2#bp*ZkfcaX$(&+bHSFS0yyhs26xvCb
zCzaV8v2;Y`+bk&*8BWLDspY|QqGRtlbQn~vt=o|nx8cIM2BczshO%^DVA<hVr|Cke
zRsST{%zLzM#AhkT_o~w6a8%FGzKAv^9|eDjv8TLcpYBrKjDx8qn#zlpE|xN~_v~?c
z+EB~KukU-~Eb4h62(Tg0_}KHm?s=L5xGQ{0e%@>WbXx!ef-eQwzn}d-?-Mv^)rtSn
zdZqNG;Va-r{)TX+9JKziPDCk9Vt|D73ij=C^LAtZQEnDY$^4^msrJ05&;QHX;Qh$I
zXK9HoX)Y3{N5O|wQ3{~bogwiRy|<^r0f?iVH=^+CaBg&4j6RGuwjK<209vooC(7L`
z7_%2UtIR{%_e>`%m{JwK<FF^}OlT6j_+^T5d!<)utMWkmGJi_n%Gbz4#Gz+~_e+Pj
zk;AnORmwT07e%Gs&qT9NI|iCZezCA81mvoSV79lJ2P`@7H&xE^dVz@ucI?WoaHn(v
z{~YET&%>map9C^6RUmDZkw3Y^md}_&$d^}KGx#bcYP~p9#`Qn4qFi|{=IQ;yl=0)l
z>N4K+KPHG-z<#<-`C>Bh|1A!=u+a9lO-=1U5@*Fr+Oezb!3f_6!rm=4r7&D5Tc{nA
zo7Mi|ep<o=JNu3EH9d9s%0J6AFb~uuA`m8$iNL5UEVer}4KrF^k8^C6nZ^rQvH&C(
zN>6lu5R1fx#IK$li|Q}kyy%B(wvL76R0p7#tV)eJ@Iorx;{sB42oSXSQQPJ(mX>L!
z_G31x2EL8PTBm1GB_r!N;z1sGW~G(t9BJj+a7+mopI5qz*P6L}5AZ|baJHrP4S#!h
z#~2uvc$yDF^5SW@>V~S)Tnr2c0VjkCV8q{M{+hQHSl3*9VZ&0EspEC4DYL`BR`p$U
zUg<P)F$kAQ(0!{+V(Zyc8nL(ucT08u+(tw%(O4GPM<@mBRuXq7W%l0XQ^?ypFW9Qv
zg2&pntoI+-*Yowa;NLI3=|&VRxfRB#>h7%-?-P|{^>Gd&nWKy9CQ3wVF5=aGR{)`G
z*ho8J7EETFV1vcy(M)|$q@$9rqk1J>I>a)nUO?KHsW&4F)pOv7;EUJopcm|GGqub-
z96$K>7v}@&l+d$Ab<i8#e}5Y*X!aWBSw~&<$6%RahN<wBwl1?Q?f9Y~t-C@)B?iQm
zNjJ<3(KpTkcdZR1@I;zO-HPY|^#qN(yPPc7ZZmLD%t$2L4@hcZjL2hlH%o5|xH=*d
z!MU2~ae}{nbW<5w_YqouXvXvBX%B<jWyr^2G!SEn^N@!~$LjU9m?Jlf7@4hK0#nf(
z8;U#i1*m8zGTEqf)mX(^8N;9=WcN*BD5*oKljO%<B*(03jQmLxtGssN@OMO<7hv7R
zLe}`12T)U<t);|H?{6C8#YeUASZUiMZ)NYTZsMZ(dQ{VfcoAZVA-YaM3q*)3*`yjM
z0KQvVS{PS__b82{T5=7Y+re*;USS#5%wq5es*CocFEq4h${<}u2Fe%>Jm4*+3#&Wx
zMD98@fAQt<u|%P=l}H$tn1|I{-Ax#%U>uWRJFHDhSJ6kKC9BU>Zv?PKrYY`t)GdK!
z9_Q};8;=Upyhq^4iuB!R=w@t^&Q)P{QdPr=A>c)~<rAxSSjKS3jP%ARf}d+(yaTlx
zA5fcU&eKMtuRONkmE6OTy^`eJbUZVpVH1+aG7^y}iD|)DIv3M?;~`l>LYwa49Bt!>
z)mM=`u!@fzk~0gLPKgy${L`5uZA!~nlJqG`Df9U}Y};z`{v7<ywuOq#(Fx)xs7wgq
z@mf{#&L08Kc_s0?<OB%!or7Fq{`_j<qPEB-y6hk>#+N8tQLI#85lstsA##=YR`WQ?
zOeo;7;fHY&63(ul!BJx^`jDC(esK`6vxpVN;}DKq;a(?2RXA?2$-hr_)WqnJJ<Xm*
zWCOV?vbDH6LQD+oj#c3H*^q0hX6NH%yTr#CRvLx_a>*oeFRpnYvBu!l6r`ZtQ2@`=
zQGh;3iUvP34OvmHL=vebz`J6bYkg!&td*_uYpbcm>;3DX*ZVXAX_a@RT(Fq7dmzn@
zdgZWA5z1v2j!C6?L_tBA&{{}M2h`Z`>ufiyYDLke8Qkh%W94-@hUmQ7_&x~kZs8(T
zB5uoY{GX<S<aJF3m)PBH?bn9ta;_(SPBHvgl)7~iL5w8~{aTD6t0sSS;@7la<-*Mq
z93ghlsFiaRcU&xEl#V_}Uc1T_S4qCJNlkguZqLTHD0%xsMJ5L;<(F;5^J^gl@$3HR
zzOl?MbKJz#9m`;yW$-^28HqLMc+q`)wnf5w#~M`1v5kJmT{Y$Hfj%A^qo)?V(!Tvg
zLN1)l*cluN!d{ZH+5j^8ZF|M@LS8)n*L#y!l#e+~(Jn>m=KL=aa>--_v583V&%{~}
z$)tAD;7xraQM6M$q35d>V!#Z|>kv@%&0}*v<`PNFo=UBXD~^hEky>{3DO>`M1AYti
zh=!Ix_g;mGjruIGj4Q9n^%23vt_`Ck5^AC$UI1Jy{?aB;4<{J?xs62V3`OiYJ!u*r
zc_d?5GdPOZ=@)#U8&<*MtY3_5(!^PMW(m`4Lp^tVuA!uo^OQr5G#w|H&R~wa#7`Yj
z__|2Af)%PnJF|2SlhGLaJq6(OGLJHD1q}bdvm*3X(nuI<JQ&f0P#Kpr4&wv}zPdbN
zIo9rb1CT@dlz{Gh&pD;-vUMp-9Lor7j*xT@`Mz~yX;(+lq~g0v^4EQ8(=(Lio<717
z%TqV?tOkkbJQP8R;%>RQbmE3tw5L|O%Ld{*o*1T^U%M@m$r5m4r`7({I+tBC-NaXl
z?k3$Vzg~(ZPPeOM&wM#Tw2Q=Q8npjb_qR^rT>l1V>aHz-g0Y6uuenrOLu%F+rE<gC
znQf1;^V!MWW;d9S=iJ^Q)ff%}Xwccg)+z4PEp>1B>QUyWlJFUF|LDAlPv4cb{hC8+
zQy1OFmskdYe<gn;S*C3Tbx^-2VSu~&zyYyMky>NBG$I#eJq5Q?O38n_cOQX$!qdWL
zeW$GmJH|DI>g<PF`=NwQo-+^~#CT@&%_7C2Z*!RUNbEz(Jsuvo8M-SLM`JR9G|^is
zaCao;o75@mzE}<^*-mB^>DA`fmDcBGwy7{z2uZFpDAbU*la`)t&KeRJU$mWiLp+!s
z0rRwp%AD$L4K;y4`gXjatWMNKX^_yd*7f|rywcH#NLVD-sWA)RB~`nO=q(=DXv1=o
zws9%j*%F4-nUxYR9kb@&*bhY*DRgJFDM$gl`aL9Gg2;oNnlKUQf~oI83xRN}FK>uU
zh&Sfi5r)IM<nHNDr-%0);b-tC`j>gtQH9j${lF;;Alr`)cwFmozdE5uo4{2z2k-<v
z(T?fhvug~4xjo0=6t7?57$E=o_+zV)Tb9hyxn!_kHpMrW9KLum!4XPdcn}@HBt<x)
zadhPk&u8{%0thGb|5#4_;~@1FeSLns62ASXCBYMlq{aYJ{|!`HVPo_P($E}z1-iNJ
zZ&`<+fSl`>N?!2wKc-yP*3|NIx_60arPLTEDXX?sBAzbG&FDY$6*_4EaT_3y+g^Y8
zk7ED-*(na+XZ%;JhrCC?XQ}k{jyO5`#`-8sMTzX*YZsQSZ8P0-(=_l-{cy$b&a3dh
zhB0OT^4ws7BbF;%bPEN9_V37%q|YX~0vax3ifXku0n4fXhK>Jbn7^FHzWlQQ!R%En
zAo1MuDf@x?_G?d2<DK#=n63P92JY?>uX8*Yxli|hyq$u4mCfDwa=60i2bfyPw@^8;
zSSx7=uitAthyr3s%_{R7fPx?XAgd~ZDvUebz6V8p>)M7n((wy108HMQ*Vvl<I>utZ
z6*n_bS;JA#dAD#Y-4_kOwGFS`x!T%Am}PKJ65Q@J2Qvet+Y%1<XO5(z!pfU9-_F`J
zrBv-Cqh~!FdwijK>wk#<ZL7vG)6udA!{TJ!Vm`oAlHrOw=wegn2g6dW@8A!Sa&0X5
zSUA>oTjmF$r?jNAx@|?L*(K)2;Bp%DF<_)MQnD1M*PRK8b8EBV@HdE=S}@Wn+&OeN
zI5uF50s7><S%*7jELt|wwv2lar%ayy+t%r&@6BP4y|HlQ_LyGMbcMXUJw_|-tYegv
zW92)%BPkUzf&jhJq-$FZwwNp|^G4!+*rz6}VTVDD&W7<r=&*ZRSV<D77oNix7vT7|
z7ZpH3JM22*f^(QtR!aO29#AItzIm_6Q{oRa7Z`?B2aU4S>urz*{Fl5bl7wp=XJf7K
z1{Y>Co02J~nyRea_1ZwGPk$0G^fo2^dI<ZbjH4NrhFZ<}J%8YZlO-c&tT`MZWhn)u
zLxQi5^D)mhLV^i9*;Y0@Y6vg3bE3=q>I)1A%VPuASt@5>SaH$Y?sangFEl`>@FF4-
zm--(z;NuWnoXKz`<PXa*IBwomsW0LTw8Wr@yaP7L+_%(gNBaLs2Z#*{F;MoR#onQP
z{1zAm@xBcb+3FSR+ZGUL>gR-+!SSRWXju=?&>1A>L0KeRrV1Ng15!0w>iz4$hyp-8
zd)FG^+#7;K5e#R+o<vA;N<sz9-<yfRnr~;U9M~1d@~f_(Q~qpqG#T{{2>>&ABmdr#
z+5sb@oH=6rdzBmV?v~mn!+R58{MMy2CKc>A1@DX`+mlSi?|jI>#`#A26Gc%cvzMeL
z^U1qK9XVRR^|gxftp=gh-l?8ox6*CJB=8OAW3&33iLi0MnaHWnq<0@Iav4n?UDE?R
z_JZY0D5~e{58CTTgc*56LHHA%Q)d_@Nsg1eJ-)wm#r~Vd;0syrAr?zL^v`YH+S+ej
z!HsjE3IrZ{&6bjUPAc<-Np@?u>2+|o_<{)23j8-7XN$4d1E9NC_+_~S4m1@+f}mE?
zbF>g#b7Y>~`SD~Ygj+kfo&<f_I7H<ZRrSgaRyU6b^YVxs8)CK{d8i>${&mMP5QB&V
z_(x9ZiDCB`4?dSitp{n32<Cu-3-X9thF2$jdaxS*ArX?9Q?8ogJd0_HTWX0lJk7A!
z+`dXK$|G)2xhP1|3`iZG{uhuS1<N1lnqO+C^PP$@jD4)roh!P>z1Gbuq8x^$za4|Y
zXbu6p0fO>R7V@4{?5;i*<03vUKeU_;pur`1L<aPbq1wzlD{JcB(P7X#4rX>kD8|W~
zZ&k4kPu}6yrQvB9A(9@cNWhD2B?GHjwq&JXa9iMWorShwd5x5BUHwgSpt79Mr9}Jn
zE+bKOXjG%iu%mZeP+M}FRR=c9d4Nf)%_V?XnT%57BFd`GwCHU=qchEz-q@j7rw+GY
z$`O6*0&SiPZfehingDPKC+fIOO=48TQ1g=!3jG|o?OFVC@I+suUzSIlJN4Sd>rg)S
z?Ua*PoGt8(U*Eo?(dCSeYm)cr0N%aQ!z`W?onJA?N-UVL%dxcii0wfkfg<**d&n~5
zo9$}mMOdNTEGrH}iuM>lfqm;b^K<b6sB0!|&G;m;pWCs>#ax2a)x=c6%5y&=CFySP
z{IBva?%-rwLsVa#zt996UQ6h4=|O)o-L-+sR8ecHLlFO~gp0fD`OIW_wcO$`F=%9~
zyU|wvPF;qn1HVpNI$hYZ4UXaG3c;Z*UK3t^rUQfkGKnNwEC0)?gWyMciK$o~)$$Q?
zVe+<>9G^}(n71y`<~dQ>YW^D<jkyn9(0LX<pT*(?P>Lm+nuxGl;*U+@wG-fSwzN;h
zA_4tZX9<rjqdS75GO~!kfN2|f9({^Qz?9eL62zPmjn!jOi=p1Jlz_XAm$-oLM^EFe
zRtBcpKLjVcTLXl?mw0~bCX-!Hj#K>O3Ai~Q|8%W{Z-Wqgrz8`>B%){RB2gg6hizE=
z2un#gdqOO=S<NpJ5T7l*zHfL`c!RJik0{DraSl;ly%3IpP3>)T=R<^XPucbBHuYHY
z1%b`!clOU(9#{0KOI!q!D~LX%lYlM3ZYsAe$7we&tkKGk7~qSXHsgyp1=M^bAdI1C
zIX$7~+OV3y_uF0Id)zB-`iLW&4jc2!+&Cl-2c;a_%uvAOD7KB)1pkp6PoyPA0jn~N
zb>gvgNf$dE?x<Zi10AaN$t8DQ1~N%E+db^(+{2z^cj?sO%>lmLT&jH3Kt%kdpBoUE
z{%HVaPU`><7{IVeQKB$qeT=o^JDTU>A(@_alL&!yhj>ejsSf+j7L{|N`mx2e&91SC
z?g}v1COpNicQ_*J6R{tr`QgfM=UyFy*iT%DjaYfaFS-u#ljfV26Gl_toNL>|(eK}@
zg+}&FUWJEq*H_AiBr?M&Q=7Q5Hl5xfZ&NrM3w!22og2BJCWHR`V4=8b$IT_knLIwZ
zAE1^bQML5JWn>=JzOaZ@trhsV?CaT>6i+Gpq6PAAE`LFP!gBRa%-<39k^fr}5J}aM
zkY*Xg$vKvXBG8dJXm(VqV;$mY?x;y!)~iBpnhAu*xQ91DxXH%`!i|eEtj(Rc@FM)v
z>A#S<WP&slD86Joum0A5Xblpf%HT#7%0gfF!sgtY%8fp9P4LW5e}xTR8(x0n*(-Zh
z?m)b@I!`ng1}93T<MjD{CCN*C%g5cC-ErTsPYNf=%^vga(sTUgT!IRm(?7+8-aAds
zmwlh#au1zVXAzpHuC4u8a5mSM`78Ony^&=><JEoxZUzbv*`-JNq=!U_dI$W}gfCXH
zP!@}Cs$@3baQuF$U5)<bS~Ybph6c3iQ(woV5%H5c%g@)POhomRer`^~yg7rG$c6+J
z0oSh*d{Zr&s1Y)5Xy{RpKr=d&q!sYPvs#u~A3{eRHz*b_JgPp_g_cGmJzQbjjFDL`
zl*>u!fnVt{_uBqEH|DPeT-qw3tKzA*ApVNM)blLNx|7y|<#1OBm3*~I(4Tu~SE53+
zqL%1+ul5mY3E%90ZY_Y;$|G7WWF$+l7(H&8CG-Cel7ob?q&r4DsibP;OcINQXwz}i
zg|h0f?pja6ifHkKn4TBx{{uUCXqp(ymnir8PG_a;_!K`moi+4S8E*VbLK`#EpoPCh
z6B*RJ^Mp?Bwd21ED1p|?BU&z83zW<@g1!@Ykm2D*(j<(2yq$NQ$1h-``#a9F)YwzT
zvx(&WAf*he>)RC(nHBJ}p~im<cT!16#K>^<N}vf6>fjyF+4Yo~TC;`JO$yIPPytlX
zkhmWt^zsN!ubqbeM(u+~`&hns#<K|00O%1r{s5$ve3KPye_DoK^V<|D4zbt+i;l6W
zc(MUPx^|&iAll;bO_+*5p26Jc!y)*`FK~-og6aAVtf8W5E>Ju=QQs3;g__76DP1+$
z=L=YWKe71ZAI!Ne^+r)HMz^>hQ;o}Y3)elV>Ju}?F^Ad#U$b<^7lz)!nFwY_1CcZ8
zr6O9l+yfnw;P*1?t*PJAM`A|1s)^bxFciD7_b6vp>LJ0}9n|~y+4HCgI?uyjY?{j_
z@&=@eA1)ywnO|MM<0azx0K~Yi@5?>ph(SpPMfO3cG-=bl^d#^bBI^@eXD+sJWEl@o
zv&__XjTGT77G|BOl?3ZWCY(a!S#;UDeWpX=G9b(hF}pZa5-w2U?A6SMXvO7Ryb}NW
z^Jz16nX8xKn0CI$-2VwG`3%^=M;hyssY1tu9Y?Y-*~COPzS@M_6+AUVb1JqJRXn@f
zPHRGTdM`IFk738Tx0hDH+MDd=Kp9L5Px<6W$3kY!=48FnBk6tO-2EX@Bhb>oTD!V&
zr?b`mnY^7?f@wyybOOx8f?d9AXAMq+Ld>W|D+M!7+aPlzT;B0A-jJ4<eK`S&Nm{mg
zQm)Xe+EC%SP*}C`ZsOWCKS@K-IkhMFynu<FC>8&~stBDehu0@bZ1l@9#&~SP)}PLy
z*b>zOP%)mGJELfZapJUGDWA$Thw9Wu08J6oX(TGX9qI0~iyw8i@7iOJTgc`cm|g}}
zyYXjY$u}a)($Z%?#<zBA%upoLi#W3Dfp6y}dyN>5ewnC|Z`aZhD~oaYhrDJ-tWKDO
z2n##}JrF(hOF&U>UQw{J&=`%B+SusGRw6Z8w8A*V3|CUq!x1n95b!;B6>jbEY+Y^m
z_+f5d0{c&I>mwL2#G|Vloa2U%yJ_-^A6ayXE-TvDv+*Q0BLL3Ama98}AEU7u%Zu_a
zCcdAW*Xd&NlqR$S8%voI3JJ59A4eI3&6U&)$$ogG=y9q;z@l0(qsrDDC(qsa9oo;*
ztXwp}`Lmr7-ZLeX#Ib$0q5LE;J$7S2Az^%`-@*)hjntRSuY`!^$B!imwk<97FM4JE
zQ;(Vn=d~GwOkxq@H#l^B10lDy{;jFqUp(t$GainYm!DRFKX$tqCxQOKV+w;9i&)aV
zDmF|Lu(*^+=~zA{?n{x^_3pkI3&+jNFRQSn86n@u!s5uPUwkVR7u*?wgo4hT&@Jyf
z(l=32`^r;?jcw=VMPayZq|H5AbJ5#*qau(>*8?GN0RUK*>~wIk9mOB))zq9ESFC^6
z_N}qete@ZMat#|MABs`#6<sF#Y1w<x(vgh<xBUHJ_{H!hHaRGv*f7`NkS!xTx{8}T
zSl}P?vc}^@TMO%&SRayJ2+FXd^Tsj#9g+f5ZG><MXCq$y+jioXa$r_&-Yk_p86^p}
zJ%8b6yS{I?(r_QzBfxm)sUCJ-a?-iZZQ{o(#Z(*2`1#$Pom#eZm}Md%TJ*+7=9x=t
zseG>683=k73q6kkJVELWyN{f&{g}JuA9~g`rSE2?M+qHfp1H0DEmSf_buentO_3#^
zl8$b_qtck*c??<|qZl6~h3N0_Nzb&)+5NCsdHH|pMX%Ly26*u+we4Tq`;8)~*L&~4
zxX)Tk9h>YTb+7dwx8f=mkcj1sx^*YYXP>zz5}TElI&|dKU!F-sa~xQ)Pc>RO5?~ej
zX>Zo|wf*A0Mdo_9eVS0cvqJLV1jew=N&Q4zTQzhL#cld^L%Pwd1bLpjGI!_l!G2F~
zWRL;ScN6od<^OMnCR))0|N7TAa&P`8u4?j(mvK&rlVv!3CNqV(InTZ77jKXJ>`7sp
z5KUV{Mxkg0teo9FrcO50^`UA@F&-CJ$e0;G%b)Dz(ry0%ZlVQyt$y7JO%jy-$dm~B
z@lk?0cx>s_Zm(E83DZc;ynB+w00O+?Z6pg*mA@iH>3{Ph-NS`z{iGbdTqgSWBqHt!
z{RfaiH<}Jgo@GY*-fv#>?Zg7Tw6b=<%F+*Tg0Z0EfaMe7zasyzIN-D;CR@`LAQ2ms
zIKHIY_5&Rvg-6gLyd9(cSY1bgj+&rU>nGTzRaSw~SJbcf!Jwfe-Pt}G8;DLGr=04B
zQ({4xy@_}pY$1<oFGH;Cfql7o>XX{F^Ri%NL*kMLIf0B)nYNKV*w)YCcXvvzqw%=k
z3BJuW*n30tx96C^o6>Lzd2wstI2SoS{+j6JM{O(6aBZLgx!R!RH5tz<DZO1Hub-4&
zTylx{+s+vR<xOXL5sAGo#VLqj-c7}83I`~n!x46*Tq%c<9;rgHT4x{&b414Yo1kBd
zyfX3CJ_Vmu0`N_|pNVKxegQ(!4z+GqkW_Xf+Ah7&U<z*cH-4wX>%3NOUfK=!=e)^R
zk3XdmoOX&Bx`BB(g4qzsE-&~h@0Z~Yzpfn)D}vv|u3>Nuh>NiN%)=qv+Bu?<c^GYu
z2ctqdb^ve8pzPed)Rot@JGX)skjeJ6zXL?tWWlp_8cymODmLXnoV@&96Pc`cXI{JT
zj5XunE&-%rL+k{!iz%--34jjjmN{}<J2n|LoF-}e;EB2+LJ2j@9ijM(Yegl}RPtUV
z@__+28rzqbhN<5=502tkH)YUA;D&_MrxLUohrOfzLXz;yD<__Lr5B=cMsX}Z#4<*<
z^`Yk-`>9<-1svKvQy?!J(jfqMK{#pyH)h7Hj#l!w>oT^&KVS>9pRy#?HPGF^RRVwH
z<{bsI%R7793W{?c((twoPSXC&Dj2SH{Pq)6l$U>O|I^?J$+f&GJ6@#d#gWqs1`pqk
zUNKf#L1^dbk0zdoj#21^7sI|<IjA@<zi7J6*$THyIlz|J4}ytGv67JUO$vZ4k)R&k
z=WT-oZznbcOf7Vh0{&jEY7De5i}1*~No9cEKHoh`gJz#qB`9iSVeW-GGOTi4oRgZn
zl;N}7yu$9s)TYkf58n*>)qbE|&`F|u+n%zTt0BcWX|&RL>Dli5tq|jOQ+&Tt^{$(T
z1pHa9Jigm38nmJxd!hX|HVTzqKkEeNxs%Acuy<KL{z*)U$`}vmLP)Z<aiy9M)=}RZ
z8GM<CfBh#z2s*u^RN`j501nC9$^E+{2~57L7ZKL%q*E(V1FBWstc>3DHgX<kY8tiS
zAsSjg0Frt=8+R{X8k=zZrZ0sMY>~ptsNAq^+}1&WG3u69#J&ZE8iIfPBsE%dwv7lh
z>RP7=z;;ma@8OeaaYq!@XQ);F!F!g5L;#pjOlvNIDI<ynDd60STR95hGFQ^hObYDG
zxkd5Y92mBz0p)2-1hz5Txb+dupsJ63ppZ2vf34N)GQ$1?NrlG9ZivIU<pXxG>i8wS
zI3=<%=>(^G>Aj-oI_ZKkE)7z*+j~DAS!RcmAVyr<kmFcBB3|K^FRBnD)72vlb2n+S
z9jNKM2^E@qAhwFGZ9Me5<48{ev!FwsPQeRG<O}1HYbwjxQ*_JkKc#w>f4E@8fN%YU
z*mhmsRG$Hs{B*obpAuMEcijy;(bK{OGqjpy&Yi#XCT4RARq)<amqBnj^wMG~5_jY5
zo0~<zVB6=Fc&K9TLXZaphaB}vlfLh7`PzXAYBxa&{c!XWKLV#)eQ{sDcTS9exD*^m
zTimOR?^B>sI{k@DyKUxp8`_lc|AUs?_zwRIT55;Vy!~Z;?+cOIs9uq@!_Vv)E>j8_
z*7gs?WPz<qNO}y*lF!X`+X}K_-#NW4fRmU0t*z#BbJrs*CpnWLecu*;4i!j3_|*vr
zXVVpxW}&&FI&;#mSa9|lAx$0;COSV0T}=N^*1A>g!d||f`{vcAfjAp$sGGsa?8LQw
zN@g|^jF1;GD%|w7yf3@bwNydoWKD4g%;xvClO4+NnUD@#*v{9Khody=D3-Fno|Eh=
zPULUii2daOjoZ-Un2JY#Q(fd<@<t}{1`$&Z1ZS?}Z186WWf2rj%h5W&vOMyMJ$jDT
zHy2wR=CU1c`H^=CU`>Yfgw|*uTE&w)(Tsjk1vE}o1+3O93G&4J@s=p2GuL)f9(O-v
zj*2Auzn&Q1*aqHRnLs}Li6auO(j7V<b&9j|LiYn^Ml@hkt6s>ScJ2liBG0De;kY_k
zFQit;V=?(oswEDPeO~Moe)Bp2T0jGpB~|Q_75@1vj^pv65oO5b-W)o^9YSAUSr2S8
zaP6cZBS*7JBrbv)%fyNj7Kq?T3FmNq((Xya^pZ+&Ug%=&f{^*DMtHp&tMkms#S38j
zH5dn|5XNO=^qr<S)T6g_Q&4I@;3B0sh|JL!oApXU$er0^>Eief;8Fp{|0{QmP|?>_
z%A&?rtv9=S!%66N5+0WpZz;O(>-_qaxQIIDuvuK(+|n#3Jjh|wG2@x6owjD_qo#Fr
zDt14MKsc`|D%=zQX%WaZ%=#Cl*E*Huv?R5<!{(Z8pB9pZ3f2nE?kDue=1kq3Gv){3
zLnF<ADH<^=@uHD9Oq1kd!?kWy)YB)N|JC%x9gr&I@H*aq1F<?`X8_=lp@%>c!aoI&
zQX-KlLlQ;JTQOBpR9JC*&8wSl7{t<}w1EXU<G#{OEr5(lbI|0&8e4NkY|_grd&0S;
zo3L&N<o4uffTLN@9RW?g#w3dW)%L|5Q3|jMvb2&^{P-zikYo-1t&0hb)2z$S0C-)_
zt>3j59$(3)_FRIn`lXb3-xSCyeF|Jp!D1d|Lmy7&M}qFZ@UMXL1~fFS>_h*^kRyQA
z3<Af%%`f_Qs(ZcGY98sIg8?dMKk`)fK|~nu_f&~sKzN67nsX+!zmkBP@`&_JPbVj@
z=$6Gq35YJg7E?M^0;!+}Ij%3V8ertC|1HDNv}h(+gC*vB(LUa&Uw@bO(b+x3EDv5N
z*ynzUoy8w$N&m6Avvv}gIdK=e36U33!ykHfDya*-FTr!FrgV`y<5O2HoB#TT(sw&t
z74NZt_|<Za4j=~xfT4eSkNHN(n=Ebo-(fAxfy->Byi&=W)>QD4rYG+u_LDmz*RYtB
zP(6j1ljxA8pDZ4`DlfOEr4D&R-dF?PiW$5Z{#Wgkxdg?NB+OPuOQ;LM;=`@OJpd=u
zs#G*%YZUk~^>_U10zg)sL8dgkoYl-ZmbiNNfO<w1djdB4=82yTsI95o(pgU`f_Gqx
zx9r~xO$_z$_5i7TPivJS)CIgs)XRWMA;(37_D2UUxc?Q><y`=3l=5U~P6OR~gR?ZN
zkRDaozr<4`Cp92}z6;1=|G}jyZhM^y+~;jd1f$U#MLfV~o+<9#;*H_uZ=4?n8WrVr
zB97#r3%I-bDES`P<4)x6RaSmw<W@HL90@W@0Zd~t1s+*Tunx8>QT=C&H-VSmp})}J
zws%z2xZ{u*6D8r`XLN5f-`ex>7wY7B_7Ca=NG-PkZaR7iu#lsqiNU{O4ukWRKjzrt
zTuj7{?`m(I4<Hy3;a!kKf(p)KbePskqPu@Yi;`NBkz1r7L2m{t(A6h0=g;+j0}s^I
zMPiOO4Rw2uER+s_*>!#|FUqC2v7Hl_Ph)Zxs!5aRYmwF6{|2H;q<-d(=p=~w&39c|
ziG5Om<#L_J|6@@_`LAY0h!oS0N{eeO6>&G5qS8Y6&~-*9bYh#e&~^_<JpUSSiTZ&4
zp9VfP>i~0A`hEKG>axE10MsX(wuqdG6K=pB59`NE)nQK=Np8~|lL}m@FgJt&b}0EE
zD`p_=@PFJN`c-C)8v)O9ifaLOoZ|SHR3?T}Hs}(@hZpU1r)IPfYQACF!O9{bH)sCA
z8&lxt6jlpjPZlu<hwJmpZC-1TrFweml1#xHcB3gbw^AmL<jBAl_zcd41a1vtZQiE=
zpakZu`$Ylk0V}Fj{Ff!+nj&pLX`RBU+(O?yj&?g&*{{`AMSi>LqWs1#S|qh^NB)Pr
zQh$8>1NQPScoj4gzS&qx;t61_xRnNnxgw-@V`NG2{&_2K{j4<n8~pXRY$03^`rXkP
zL#K9ZCu8I`p*iq%PkQM*`RM_-(ofNcelu(!bK2j5kQLF)*cl1wAaU=t&sfvSwc>uq
zGe7FSU@H;-KKYUNds0_jm((5X1J`Jg-vFx2>yC>8LdOt=v<=C7_1v|3)aWk>z>?8}
zxLz}qPqo58w^KeCJXGwwV~304Di^RY+=+FxHN}cxpTXk=(jTy)K?;A$gW%gJ^7Xhy
zy~2JSjzi$t?4vi9jEqbbz2?s-AewxC9DNIXDp#Eqqf}jNaBNjmL$EZ(Sy3*em?MBG
zfLJcH&mzKSq$4zI5|~ye1=JlzvPT7>!;A7z>Cev`HjcHviP)2Lym51QXqG<L*6PIt
zbZn0g>h#4`A@?ynPiE1uSkPi){0L`!7yj0o8q3VRk<4e)lz`u^vE+g|t?tyh)OsVF
zQOFH)ESmq(m2=bcZCuAd?aYtC{Jd9(Fs_Z+)4t2!xH9#`7pj}326a6a`tiW;b?7KO
z)}G?^K9YyDbO|;5$J2L@uK!M0xum^(m&*+VC>5Xa%F@&13rj!U%tqiIl}jdjwH_Z0
zuVWLxz5Bi<8@xRXc$|N}?AfzGCfS#GQ>&Qo=V*kyEz_9k``%xS2~vA{JpXleAm!Nf
zA7QLk|5(qlICpzwmG1u(>`=QI|Gg8kjhuR}`TC<fFQbKKt?pqWom;Sz?g(F<olT<U
z>3%8MR+^oyO_8zf<K?}$?Mi_aaLAOcO-Z`x<zC^ITXY1*T_X8C`Bo+Cd}0Cf2kg+V
zFNEqJ`@GLl|2M?{ZE*@fsy;n8%`@$g8~hon*FF5b@4<p$<*;b?GHnm`0tn%$C3u7x
zpy+erB&$Gi3G(hOBAr#*hSW8xL<m*;Vjq#FuvZ>}rtnl$BeXw+l5U=&fp)nBRe1=~
z>nKicp;)OT0H9TAIN#usn;HH;zNsDrqFCLAtYwl{rXe*@cM0_kXa5SWe5Z0yzp$$x
zf@1;Gav}E?_+^F+d`wDgI;aeoe2?%!h}wl1$lZ`fQvk3Dd9hd=_oFbFa-uGyjoTgx
z3j@GmP2k3xE-Y900zj>-oRe0s)BAedjb^VO(=t#?+_(IE^abra>o9(WiAWF6yBVkZ
z3lA|(IRC;~KE$|y&1Itqp3O%ko7rPb$U*?j?5KChgs1!e3DHV}U}b|}HrI0gBD9EP
zFN*r|MzT1=V+LC!TKXQ34(CiURaD1`jT!Y&Hh&CR-jg+(wOcWe;=H>s;2!Vl$wOb&
z`>MOEDsuRa1ZKfC$)=p|0o8qX8MacIQqyXQ1u4JEY0e?JS<y(ez-x(>e7a3b=>`bp
zu+)^itESEqJOu19QvO0#N)RI}^-V#9mS~Ad=h%TMHP-ML0|YFipty$!0a7x))jy8v
zo325)F|oNx%0^~^jokGgs(o!#IE_RF2@zqff8vn(jV3X6y1C@^d4I!wnSb?(tZFTh
zkGX8xzVJ^E(07<|JSESK`l0rvrPd`&qoRQX5U1cGvYg#YJ_3PR>tc%6+T+MbOP&{S
z`Gb?N4koN8yCMc=u$uMsD1HbQ;0$d1t5bt3#C|&fPnw@6%OQ6FUj~dd^t^1K@68}H
zT`|UeWDC(+uwDgJMT5FP{muirCCywOQk9L8t<troM;|Bzs+DJv+yU~Pya1L99gmRM
z2hBEVE*9*EqJ|WuAH&QO4kT_JTs^5p+J3Zfb|f9YD7}}#IpankU>!6A^k1AS`WvA|
zgc63p4wj~VDL6mQBa;@V&@@A#Zn>w@@l9T7FX<_`rD2*`N6$<XM!#Hh=pZBnzcCbj
zOum#_DLm=o6OIHCgI<IjiJl%@TF^OxkJxPn4T&eE=@j%PMka!YK-j);9Exx(gIC)i
z{;+Z~rlRclE{rgoS5Bp{otDNs)HY8H6n%PqY)LOz2u=co7AATG>N9DUX8kJtsn>7n
zWViwAL{hV1HQ`7RWTZBeqI?TY-I)8~8j_Y8FR&Xro)Ab5#2szgLuTA#w|>F}B4P^g
zDT>iG=cVnZAlU>?6#MTjWoI*i<u@^>vf9*t@F1k`DDNR*rysYC)21&E%g;Kf0G2jW
zGAsCm6F2im@JQYnGs)tq?(}u|k1=NwV#q373chEm*dUblI^c`8%Vh00v3+;4V1HcW
zGaFsjavZ~Jz?Yo=ZreO&aH0gw%rYWt&mZqBeDlOwfHxYG<Q^BgGvJ5p8N(e{x}j~(
zgDZQBO7a(#w4%RAmm(*Tz3eze>TR!v33Cu{36kK*C=e$8)Kqe?d{u|kpKgcD^=Aqi
zASFM5WSS~8=F(Q4+^r>{Pwic$;in|$K0mHEUx<dv_CF@J8dGQoLG2=w9fEDoKBKyB
ze1R<yX+=mQ<6P{cAq(E&CIpUhk;tH|!R->?p?_Sd!TBrA@kCI&t4()OL2!bSUK9Xa
z9Ggtdpr53ACBDKB2_h%h%ZTe*YwRYNEfk7j^hat%q)Yuy80EXIaD>G5ptItD=SWtP
z-cQo-$(zcgKB15;jI>lK3Pzbhccf~fasmvhYad#xQWMqb!)*4`t$K_ZvxE+#>AFqY
zI|xt7o>)z7uVyP`$q?>Y<~RuBknVyl40OgD@#en8N#vvhE=#i!o6=S>@KPd{X`Ju$
z(Z9$C2ci2w2lMDHz=gZda8_PT44NVuEAhd0-7bxU9orw=B6=flNboxmu7jjWVo^mV
zUa6tvn{Vwo;doY0Ebh)bLcwZ>+@zr&x~*x*BK3zUZpt53n33AR&PP4OmGRlgx;S}+
zjIDTq0@bl@^jwfahxCm#!1O_H5FALb1B6~`ja|u3EWq;>uwf)AM}-sIN{bf~?-u3Y
zR{QipK}8Y{wa|b|gSCH{Vx~q|@b&?qtkB{_w4Yw|7q?O>TtNZ^E=5BIm9l->gf%G0
zdPe{j%eD7W+&tl-ww!?lH<qnk*s6+%PPXs1;@iIz)|vTV)R1<IClq8_n;qT-N?^N%
z_AZvd)>WNK*fl5UO>-=@N!CP!FU0Egp&EH@F1fFvl<=>OR?d(p2duC~r35!nl9gHV
zaffka9>!0`JH`Fd*!X(Gzy1ZFz1rSAVldZ@cT{j{nTE0U8N0+*ZBtNdJ!_b48?iGm
z!3cLPXGbz3l1Cd*qTm!D<W?Fk8QSMs+x03XTtc}BbR-=_&e_V+Tr;a`z9c92Dm$JG
zvY$UPw28q%sGC&9^2TV!5eu$~?7pkqN0x0m&zu~i^Nn1dz=Cx8)iejV2p6jx_#i1^
zpcmN~c`k$LrB3#X3I|k9Jp#3~H6SKMBL0CK#bF6RHLl>Rv-PY+SViNjO+N((URnmt
zlW{WU+>iX06iEv_-EoAI=-gcmsj?7x0UKk%p$kiP3fl+rxN!)<zU#Agace|>?5K`E
z3be1=WZ^@}xrqy<;W|Qrj!_=O{)f`e`nR(Q;q|PvG}B$<&%cH6*NWjR0Vf$5I~fDK
zxs=aQvgay0fpgDYlx|CcoD<0L=g^-z!5JLN)y5t}9;&N>-chq#X7Tz-us?y^aJr((
zXVz&bNLa#nGDc;pXt|Q$<+9?3Ymj0D6l``?BNDCfg85}+`*$2#FYwNkEF~3PDY)JB
z^?LAnH!aVv?5E_s1t|sz2>f7+Z>dfzXm85d@a|psX*4#$iDGcr<Mai++S@Z=;txOi
zew||n(SO%g)i64nHT=P5!yG=5j@qYQ!E9WLcOzZvjG0E>C&}%6ayqK7kxk6k5X)_g
zDjTdfqO#dWWFtm~jAK2lGK{*m`^54+UixYfjfX7C?7PMGeu*l~4<a-923z5g?+z4{
zA*e;xnkznaw7S{K-{X}8WGG*;!83UJLk1*Cc-=fFx~UK!q&@5}mob;SMW&sOk|!Xa
zuNTum_1t-W{qDChLo+;$$z1O`N|v6;S>q^Qwvh1|TEqbE*ga_^dp(lO7JNV>7OWN<
zW(}W3%?M@3bu>dj1=w_U3lBR!l;d4Pu7&b1Gqn+`S^c(z`w^Nb-upt}KrRFFi{H)q
zF6imUh^0`Dyn>PT@qZ(Ul&7Ll9LDM>P5qIiHy;wMOLrkoUw({hvt*{pK~`E73=+rE
zGd@N#=c)I<2+aE7<by>Iwt}0WbPMzO+X1W}h9NN}mG05fed9{Kb|(9b&f~!8AXoEF
z8>Z>wC5mr03iSmrX0xLIEI0l9+^gA$b(bk_mM}+CQ@B}9paoDtpMV#D2{UaCe(Ziq
zS=~kmlE1>N&?y`SHm%>PqNEJdKOwSb6a+w%x!Vrb1aOo7+5^@9%K`eImwz`zjsFKW
z`iBkrEc!ABh=z>gORtl7QZG_rOW-j+baj2E2xGF#D1<JaEE~Ds^c^EpE=KgPW2F8M
zQZ(N@Y1ZCsbeozd|82)5%GH5Uje%8oKttR{@UUNu!soVYE#9wNc8ANaBm2|@M}m+B
z=Bd-4x(T;jJ+%m7i#RAo)3A2PuqKL)dM!@+r(W{2iE{RX_ONY<O1$F)YkDXBy`r)q
z`fzUZb`G$7MfZSy{OA-|q@K=5gB4h%yXbfN=`ObfvnBROT*@9tHVW?CNhb_J(egO^
zs6YFUxfG1wYoe3Rlvj$*NJ|1v5;@7w--r;uw7O>cZh`GfY2Yr<is53}#Jw=fh1fga
zEjvdQR8>RNiqugVZu=EBp8yh;oj`K-$wE7r2BHm@27j%{H$Ro=>v?fJaT-|s#6Uxn
zT>=(<w8bWWAeldRfC>9ksIoLs?-CO=rc@?Windc8O`^(eL&9Q;#Sa_yZHFTuJbUQ<
zTj@jRS#fPN+kqE`q8|KFF-PGKYZo!IpjgA4Bd;ET@#?l51|Dh6CRF&Rg48j>sLpK(
z-x${lzJKW<O>})MxxW{`j&me*f_Kp~An|9bcHyN+`KaKPp34%^$CL8(C%W~s)@(*_
zjA!~lCM73@*|&)uAo{X2zS$eXvdZJrcuO4=uTUXRePKk$=&YHkZS?7t@`3pgBA3R0
z#%kH$CWkkiYFb4Se@z-EhX|Yw(3Z!%n1Lgok6wT;u`QS_sQ+1=94j?Po4Sr$-8^cZ
z^tPoumEuOe;<gtGcX(i9ukcALhvQ<Vts|w)`op~(qO>jFe8X~)3!Z7_L;6uqV_@>T
z#s!lclA1XWI{5Fwaidx@7;jqjY3_h2_Vv1hZKuy1PllYcTinOr3QSakD|`aGVHh7L
z`Alf)wm3iQCLD4n^hhgWcCy0IW?c-8ai-84Xw5e7EWLZdnGquzrKl_XfQr$sGB}9{
z%_1?V+IDbGr9{VH4m#;;j@$+fLBd!#BaJFV<V*#~nZazmNXP`P400A?74^#5(+%UU
zT7RrbyjGzuTKSCB>tLMa?xQq*DMPdRs)>1+lKG}(sri-U5LoEN^bx@i#!lugMvdKp
z(o*jxP3d1%q#kPEWK@DUIa1wM&~@P?&}r(cYe*(3XWTD`jR|V2JEOniMw+D7$>8V1
zPM{y<Ium6*5)9Bh^2DNGqa=EfF_8S3Lr-nluIDmSciH<ZEB#BNsUEY-<5wGR)Rrzk
znrC%jCYdx|%MA5T^Vyl?m%yLk>3i(7W4mtNx<QMG6gZyMzSt(wH54^L^;Zd392Jew
zddxDcFuqj{*1towa)Z|Dt=MZE5<2KLQuz%n^S7Bt#&W%-J4>l<$ml4IE#Y+n+o;$W
zN3Gs>V=)wnA60EIrdDZSamba2Mrm0Pt*l?cN9BJaAz_o7gg(r$*wWfyXc5<wI&D^!
zp*Xa~r<lT{)Yaf;RQB1GW4y#^KX%e^(P+4$k)N}ZRkrm*6_x%Pv!ku<A<~ysr((KX
z$bk*LmRO<-0->$0Z|#S&uHH2^nzx3gpx$ry0vQdq-fvf?%424W))MZcGn^4<ykQ&j
zn_OR%hymbyA`@+j(>&}^(GXK0sXxR^kTm@KFu3^(8k<zs5bEgQH@}DAxUl+WH;%?G
zdgVZTaYKy4ZrSeDAH4wPsB4_Do=@lJpS)xUhaxdHj2*^QA=rh<3DybU?lm9)LG(7W
zEUtbaVS{R>=#ejd78ukAdJudgWRX3M{!z*Hqj+fd^nda8PSKThYrA&Es@S$|+qP{R
z72B%VNyQaAskma>wryk2df&D7!q>ioeenM$Ihbv>F~@jjA0xf@d0)@95)fboW-r&_
zyZEYB{X@NK@iG#?s9fAEOJbAEP>rd!q<(b*iz#biEqk=XSfMJ2L7LX>8{Anzixw+|
zD=~A7mwPPK4Z%W9I9+&CpIZsG+m{C7Eoa+t%UjgKc_X9G{pd@QuMW~u&9O+H1`srK
zO4z20a8f8v6+#7z)=;B!g$o4Q_r~IZTH&h<;9A6B-2e_p#ha3KVrOdRzK=A){%0A<
zH4tes02t8O4=_*AJ<n}L?IBXExLacIG)<lsi<oQU;6EjM?fToS@<gIZH-{-(sV`Ke
z;YRg*9iZQj{aK23*UBPTuP>aV@>PqcjmI0bl-a`Rv2*zxi!D=Ysypy8=}|hI<6~w~
zuu`|~wy)%C6O^u_#}_EYzsU4n!|PZQS8?zTpTSUyInL%{M`M?SvS>h|Hg2v`vYZD}
z)Fv0`0y~z=zR_3y^izV!;BSV`MvijBARHN>KOeE^h(pt><EF|B?=cg0ZOm7&-&E9~
z+*EB;B+@oWZ8EJXCyewClxsZ4lSFB|s`4O-w^swMtg{M3?7Wg*WhzmQYmxODE-(Jp
z_=gsH{6h<&*es>89JHgW=4<TNNb1F2W}0PAwWaH>WKsrJUQli!p~AD?4DW1+HnjVJ
za;Qqi$0%S@64^<Sl&}^20dg4X>D4u(m@n9Z^aN!B(R~_0$9yOa!TmTKJ3~aV<;umN
z(q5I!G)yP<p9+^K5El+E3sF<aCG(?Z)k!@pCqq6MZ?$__WY;I8oI~LqwRgU{znW%r
zeoe=Zr@5Neve=$R+GD3pzW>7z(GxWPVTeGf<Tg8_ys8s2hjzI~JDBK&i^NV0HcgX(
zev3%4mQ*Z|-JMpXI7u^I)PsY;D^2AE$^M)J$;mt^>}4L8TkOc|ChvzM*3rtJj^S!Y
zZilQ~wiGdFHr@%<zrNH9lVPSR_YT%gJ=3yEAHNBv-l?uH@JO*)`Oz<Jh()3b(^wY$
z4P(34j1Ak$n?D%Ay0=#U2JCm8GgG#zPZW&sT=&Ayo7yd_dw3bblQRegrIEOOGV$i9
z<gZI5=<9A`K6k);x1=<68`Tyaa)Z(ce;o}(`OnW*Vow{9n6lPOPE7QwwaT9Br%@s6
z#DzDJdY1tL$@Rq}`FeOb_!$7Ktg+>iP_G;Fh3wJ5YdB>0w01Ji+A$Ut>bgS3+_1wp
zl8WAnN_hu1=1}m+(a-thpmZ)Mfz~)zbJ8Jdc(fi<IbeT9eV`sgpNMM9>-(SzlVxFI
z*$8%d-Fd;(`Vs-3XJg@XkE_y<we(ec-Wng7SL(yIaZ<#iRBIkO6xyp{HAP&CEZIig
zs!v2~%CV|yaW?)R0x2;qHP<2xkx!{x3U$Dp1b8~i<5L4P0sZy^5ejfCdh-Ck%@+dx
zHp?De{F6j_b?O4lxbXiW^Y}dC|5)_{OveC_(5l}DHaCJ~2KME>NQBU`XURV(9mjp)
zD_&)m003Wf#7gt}e=Q)_`nI(F`m=0*q)P!iw~y@zsx$4(u42(!ZU{tFfERVUHB+sT
zB~P7fKX%%Qmi!)m07xVNk8`d67h3+GWYRhR=d+mOgXa#v3sU_e@}*!kc^UCv8kX0f
z&-#3iKd_C?<+tnE^)I;so~!-Mf7?as0p6xRgcSVmnddAP*!+oH#$WH9Vv+!u$pj~m
z{D$TauMX&|rijZ4zF3*|AA}VCXa8Sx`rl{O{doq!&L1~FZu!w2_Buov!Q|P8{!C>1
zC{&5>J&gnb`@*RUWU{w^3bDiv`S9cY4<P?~3FrW(Eq#4#Ntpn6^B=8AGRq|ZbTUR{
zJJm7*NTMo6=k>GHLH{qy#s8sw`{T3wlk0<c|6dxC?hhq%_TTYwiTzie;D@$4ntrDI
zCY|ds{hr{vx}EP*8a}=C{h(c|&9oI^s74?)ZKFbOao9CEd2WAsM#}X}t}qW3!ojy%
zc}*yC&=gfwS2KZJwW$kuDy0VB_W8zgnMsrW|Kp2tE6AL~EJFFfjYG^x(ChUC=#<Tc
zIVGZ0Id*pb7L70-W&P#<%7OU0L&X0-Fr(Bst{}2SFJ?S*9iAWyOTuFAgtZ!6YO!@7
zMRON`-Qqu3BgYT-EfcU7x^%hTEaZC@lh5Z8Z#Zk+Z1+Xs<FpST83-(+J~9a%kV_v;
z@S)T>vdAq5YZv>d0egynmyn45?-CLM+GKmLBLNRt${OoFVsGcm<xmSyOG@w6nY<lF
zabkPG3vD9ApjCO~vfT@=Wl_>>y67A=I=Yf~2!7g-!~ugT7TiWVV$jwt-<=`9n--vl
zM#yb;CqPA+#=)@hY|6jpEIE?{7&l^A7q5PvJ<wD_rgar4{KXqr2**RYa4uoM;QKkH
z6i37^_cYs=%`P7dXg*#M-d|)+kcw;&Ddq|N2{4o(Dg(L;CY*je{3nUT#rJ!2Q-tdO
zl}3W^Sw;5$%J%@}up9;XAqGuOz!|~k7w>lo`ptUkvc(Y2==d8_k@>`0$U&%Ip-QFb
zI*sS{MSady8`oCn@G#d&Q*NyxGodTrA@4TW30vW5$t0x+?sB15?ClWq+&D<}DBF3s
zxLu@{%8aeo2UCjGV4Aif*fXYrbcP;dS3247Etn69<mVII=8*H)Ihob!eU^*_k#|Lv
ziNTw|nj_se%+jpJn!jnO%mSXyR0?=)8dumQuU3b}o@CqAX|ZJB{dbeE`(BmCc%=!o
zXiZG&mh$KEjM_AfU!m7$Bj%xtZvG1aA~#%B(@5_!dg!X@S3*_-OE=VoL9ew8i`EQE
zG#U?gEEIE;uPJj|9;+|2wyB*9K>2U-CpTObRX#=QH8lE!<-I4O9d!m3@IF5p$nXAC
zghZPTSxDB_P4QV4U=7qIWEbSD^O)}OY&(fk6KK-wgR(u8kS#R2bw)H`kxUPPOuTR;
zqW~>QGGWei7eGt0LJT;R_t!sK60DjFE@@1$Dy{}_jHh(fjZ}GBz_k;=6EqZR+s-W@
z<q;4oa1-;PQa|wM3~?-%P1N-(9ZttJTrpv4N=M!BIR(v9dr%2o9Fc`urn{!lro4Rj
z+pP|U6bjd?=qSeg?oxdoJCABVq{3LCX_m64*`#s8{qKAa357_R#<#OO5(ZV%sG<ju
z(uYG|8(Ksbw;80g#OTj(sr*Q1Z{@{H8bGbd&E>dMT@$d7NJUDfsdqoFomzNOU$2`O
zlLb&^%rE-IwoGfg(4;FPxW6P|NLH1+x74S=Z~VgGWj|3UB17jOvoCRCQ<YyfDt)#%
zk5F&PcsRt$P1)YACkts<4sKh%I=68iLX)<Y#2WQ0QN*u)=Ok{oXY~B;tb$|`1FH*<
zWaimiQx7Ozl1rSaW;9AZlqcqFAeWhPD-aSZID2eCl3b(dFq$;4Bt&K}flm?=QMAG$
zMz$gaviy{aQsSK;54i#upt>ZnRBeJ**7td$Vk0>iyqw5|ZoA|;$R*Bz;z+cgOkzwm
z1aL20Jh1>lQ`Qex{D|4k3=RZTHeSbUvD=93U?>>@3V5MTj5C|9Rhr0^#58bDP;OYf
z@I8w*B@m}r)VGW54?=_e^?x8VOvMRn2y%Qx=YZ4LcVEx%YS0M5;f&JSK5o@{b<Vbc
zR5^nclb`dZGM1?#)IpTp76zQsS6ALzHk=5BqW`jwFaqTfX1R#0WCOmq6a{vz21@n&
z1&ja5yd)EZJXjg*ug-_krC2!{oY+u6XdcCr4v_>0#1;(VR$rpNnjYj$KAS=rH+v~U
zZfbE9Mit$_m1haWt}XFEbD_5+4pDcP^B?<cG@tX&e9LtXYCrUcA6(=J%I0d)uu}Zv
zBN^0lKhJ8r@>Bl#jFa3TOlv_SmtGDt)H*-)WX0YstrneK!MLk4*$OyUwLXK}yEW@R
z9Fn^7cJh7U&1x)8tNH+C4XYCH3qtAoFRKU_+umG@OGc%rwE&`JsE9H-g@#n5d801W
z6>Tn^_5d0Z8;E%%SP%{uHa65hxVa7lP$tpPm_8pJ#_l)K|JINIA1IN@{Lzr?7y?E|
zhs6KJumGF=LN2Cpb#MxR(x$m5Vm&B~k6wEJwY+B-s_>2HZC+i^hr5=^d7^y*b+WHy
zR0-D|V&)rQI7TfIZXq5%`}neD;@T<VsYngqznJJeWhcjXTnmhUn-|?jx_qK4j8=mv
zg;1tpCHa4`j~M>3k3<zU5&vOPV&X(^;&Ohi!Znk?3*r`A1oKo!pTzLrU4hdx?mpID
zEn)%qlb){*iIeQOP(!tz8(ahk(~yL9smoZ@W*I&-Z;#|=+KWYok>>*(cp(FrTLzdX
z()ylGvR}n_%Ctu8_1$;h@u!Jj%w-O3->{U;Rq)U~%lYj-som^}pw?8rawOjuhZ@!T
zAwv?r-xWR9wA&FU;B2=}NzWML)cag0*@bgYUWPsCDtwRoCrpz6M~pE8^GjWS!tsR;
z3wsdok1hGsDQ0cYt}mcdF#sD>9aLEVcxsPINN+Y~gVhOwg~e-$B;{`|h$zLE3cpFC
z?9#VI$V)FfAYbav0ocf1h*X#b-n`M23OynihgaNpuY;Q)B_vscI=R?XNWsRm7w`}{
z?#vb+y8jtl#I#^B_nVa0Fq->yMFN8wM#b$^fJRqB!jl9OSmVTc$fPi`trE3FBDme8
zvS9{FRtp_m!^-TxH6w2)QPC28s)_mzFIxF2Ek+vULO{~Autm|xqS@nNz$Zd<njWm@
zye<Mx;Eooo+x|rx11q?aTM?N{vV)eiJ8w+nNCBwzRW!9JB5GAo5H$D94NO!-e|#;Z
zwZ-X7gecqu)6M~wsDuGUQc6GkOU+bosd(~0?9;k0`f0N(-dQz?j_VqkMx|je3??V&
ztVIEL2UioWvJ-=NfqurkaskiuP_CF{xHl4|0wQytUkedQjf!x_LUpE-;*gvMX5Bt6
z`(HeUoi=q7ky+<kDlV})B9cZKL4QaQC`{Qu@r!2Yv86%FVT3Lv#OK?;P>~i%Rs!v_
z>l|7k2BFvs4eH95NdZzDCPzqo)?kDbDY13W8%*lq2sJS>ybZKtZ(?3+eIY<N)|K#R
z+QW;i&{hzBrUlccRt2>!ImgOPD@k`Xz+?BPH&wc?!;gmr%pq&)_#x^a!D+VVkXEPp
zOPE$`tbm6tm6^+@zC(WEwc?}X?+W$~R5YU6zp)mX@DWHU4J!0MKnRBEd5q-l6u;QJ
zEiUVe*WkiPg)fSsG`Kd=8eL3oaFJE*-Caz`nh42mrTCrxV)-OHv}Q?v3ziCc)3-v4
zwowU@9R$zN%@D+tvVPELZJBcM<@M|qxiGJjGLi73hZ2~2xN2HsvfQy+CFTlt5lHF%
zogP8(%)5W+LSU94amVgX*c1cSlxQ`ZWs3-sd%260+^*zs<$o8kj9_z)co>AgSbB^?
zA9nJsr)*SOsgmKoquy9oaB!}t2w!CEH)64Zxy?u%tn7SS;2%$!sS3f^m#Pzi7$8EV
zqur_tM)$&@TlYBui~~sNqI>{m(N|IrY%3LA@&Rwm2mJGQa;{9c7v(ge_cCiBUCIgB
zW?#uaF@?2!%2_NyC}~zxlmenF*7tV0wHc&h%9z}!qMitURobT=IZs%qYyiXb&C86T
zM@bdasjk$5gh))IjLP*YAEVV`uJljtpBpw)?dMI*%W_#wmxm5Nsvx@bd|Y=8U7MXK
zjhdlR91Q-wi=mO_Vg?3aiG_h2rJ9Ce(t|@Q!A#0Mb6mz0gqR|yzO;sVI0E76$?NDR
z;A(_GYjDe}E^ixM<KnqO?*a&w01)NWW9(1|-r49jv8n!<V_^&X8!jdD-WG6Y;UsYU
zismDQo|$84>w<${`;X+r>^`z7XD!RS`G8yfCz6-$$WccMIjuC&PE^rsdRrTY6NMd3
z6Rf_v4c2WEUzwscJAR1R{jS{|3J2F3*LljJ$BOTFt2yaMGky>Zl#==H*uE|!a4tqo
zJ8?Ir=wK8crS-sD^1tV~S<PO*iL4~I_<sn8(5J{z+I1GTbTs*i4@>^1AVg$gG53nN
zhz4Mvfi$JbE<0<#bqh!O_b7bg;%%`A$IR=i8N<MgWq(1diT30KA)6w~2nK`z_Y~sZ
zZ81w?w`tfuR0ds&9JA1-?(c@RL7Vn*7ptUzRs^+%KElB@(Q6s6@hpT&#OPX=jBEdY
zr1ZhxteXK#j$O?zBUCDg!t8wqK{E)hgcFiQ8NnGqEyb7qg!4D!exD1@EgOTIuVX5U
z2CzQ{JuaqSDpjXu?q=kImy+jRG2;TxpY@H-rq(58`_VJs3Xqt`seBeoBRCT{99vCq
z$SU<{(%>4s^5RuwrC8ORh=_d&9Zrrhp(sC!=Fm$;QD(LqeSIHi1PDqP1#DNvKU;17
z1nLcF86KJADLjfR;<{#*8UKfLL><qO`$sFeS228i*9<1h+&Rrp5Y>jDIo(172(Fp3
zal4c#95X6(D4J|R5NmVJW+Uszf5hqqOEnzBDX&s`2?I-4@Xa8+m4iW3COi%0MB3mw
z%Zc_ja>met8!?|t%5aaSkPDP9?GuD38YQ$thfoZQIh+8WMlS=77dUblqp+kYC-Pn8
zhqfC|yETo6i{gre9E(;G_pEG`cN6HJ2YS7(i;>5SFhahKIj31!&{E!+fcPpRvm`!C
z$k(3gWspo{&r)bGn(X5qlC(bYLA$)KIx!)Sx)vY2{eSC3;sLzDLN?vk8kb_2+1_`J
z&nB6n+MZVM|2Byv08ApLrzFB(q|MtTYWNrZXb^>zGQllM_z`&ewzoZ}979B$s_vuK
zs78Pfw?wC(5j@`<q&B(8vEOL3&+~h*9j3LrN25iiV_@ojf7)W3a!(O@<NHlb;uP-7
zp$cvSE?NhQVZ02QCgR~c;$JoqMhAdRgk8_V0Uvg9w76Z>{T6MIc`s|srG>=)G!0J=
zU67SJygib&W!_-RO0eyseY4|tq=gyu`8j=xUA`+^{b9cy&DDkS0v&$Wsn+`hpDN#E
z3z>G6fXhE~@(&2VA#Ph+e!uSsBh3XidRN3JUB7BPnS~-cCPIg4tCt_>(?htoL?v-#
zzU<Cv5f%WZGftuL7#dgsC%Vv7KCTTdzkbeR1~#lw{sN58CP+rGAenO$psrmWsot#B
zWmG0<*DEmiVht|m;9fE`P+MUl@R~Ap93;tt+~i2WqO5$90eZy}XvyeUW<~~$jvmi&
zVJ|SnPBEGZ+ZD<<|15^XAgZWd)cx-OdK$#Hc}T6eM+Th4Ixt~S6@e;@jEN`fEm%Kn
z4%auoy8fAEB4|fU(IJ`eM#wdx^LSJSv}3kjus!mF$q7sWp~b3KQWvEy(iwrDfHm0!
z+B70-{&~ScKREP;cd{X@G^ybLQ0Y`7s|pl9lrM+RQ?KBPrOA=eu?-@bSQdg9T=uq}
zf~3s2#a%Y*wAj|{{0~xHnry}sbwjZ1^Iw)Ws@SCWjn)LqyJvy!d_>@Vk!e)U>L^9v
zR-3VJfa<t~SqP<hD@w>K4da7;*Wo@m9#YvWJRZSVr7Q=Ntl?U@>YvdpIM-?|_RiVx
z=sGd2i+>a@+XWFUv*kpti`q+|Pnp26O+9tp$9MRbC8QK!2@!r$>_(S1|NfvYArgmZ
zO-FF2#2>qqB=Loft+$d0tA{+e)&<=1w{#2xW%$2R=~>wybZ6;7NhGe`F@u<fG})pn
z)z-$x18daaiu!GI%$2D$9Yy@rmyXd5Ff;i1Dlf6z)b?kwfahSpVAC%OoBvH1lCSbd
z7^28Q^#rI~&*gm|wI7}vFJs-Qoq6we&Cq~YUS#Swo8@^?p@|+A?fH>D2JLeDGBmc`
zv5P={6#@RtKUL)e><Tl|X)ML0q;+C^)1?X`=L4Jz@E~~AYN^3e{LP=`m9hk2lR1<P
zf@bnCT@4<MaF^)Q^SQZJ4Kn7E?BF9;z0>fA<G@Vm!(~U-gbQ1e^-bNThOk!usB%vQ
zQ%35I3&1Y2*BhEu>k@kSctIeu<&XTG<9(-2Bp%m9R&^q@46vwmL4!mo%7WoE*KDq{
zumRbeU@PwuNv2DgctfzyjXSvDhe)`b6C+AHR_Zi&k8?1{mjZkbt`;U=_VaLC;zU?}
zl!L{mi-(lqr<DMn`I>kHC-0$FSwAQUY>{$FZd(YttACAG(l96%0Y*7u&Cw!H&CS$O
zm4^lDj_YHVnQ`sNF0a;5$<=19ORdWQL{{h`hX;w%6(IYMpi*fU14hLj5n4&L-oHQf
z=jc!xchv0e9u~Pl2uNRxr1I+?r@oj}|1KVP&4b>Ddp0^A1GPFs4-=b_keZ?(B+7^9
zW3=w-u)hZ6?bS{IdHYPcaKM#4DIg3*0RPJ~l9a`__ygEmd9!A&kL7eU6Nwy5pC<dh
z8_5iAXnscG$t@zPUDDs`)#|+@$c<3-Pw;*#s)!j$=fEp<*SCgXS1z*5(Ko^IaN+s(
zS5890pc1JF7viL9gJCydmT<Ya{*Zla!?1Y3{-9MAdB!3pFNzJ_q7PVkpqT)Y>(_ut
zzF8TdJj&CErS-o9FgR-gVd|Ggfi)f+y7wLD{Xf}#Li?C~>iXO1$zLFhLGzrCMhs2S
zwJt9cep`T6SG{(QMu=sdja`dFykU$Y(ErT2Uq2l>851A26O~v(*zUdsGv^_E0v!Pk
z7iUYh_1a?L39VWFOX7QcF2mjzZ$RMQK9Y-0VW=x^i7I-4_ITA*Q(Lg&gn13;&xVHn
zC-$3f6&=4*i5-gcEdBET8h1Z_cl!6Zdx7u&7Iz;i{Qn^Cj$84X5S~vqa+PVf#XkQZ
zd3P{c*`9OMdWL@m-u-8JUzpi~c!vaz<d-O0e)|@ZsbRu(YktQY>@$FoF(N@XlF#g@
zQq>fhEglYjNZ|dqh`V=N$>D{s*S=MWtsCfjgOI!dM$M~Lp<rb*Yv{HMh+oNey!q&2
zBM;_0Vkuu|RC<k{+l=Y?n(oY?=UxBv7uRAn*@0;?IuoJSv%(1~WqmcVA{brS(wW_t
zXE9b($jI40E)mpl9kFn68yN0bnk^<csIEl?6P$hnYw;f6`)cxmILx5c*KKvA4(^S$
zwKFF!bai-$FYlGc0&<TeAxuI`q??+`qU66XedA%h67Y-b@+&IWO-PUG@I$ASC2oCl
zpX#kut}AfS7=!n)s>2MUB~fp<%F_uM)`^OpabE@~-p*udN;u%7<BB!2Fo{Lj;V>z9
zv3f$Y^swj0{8Jvm6S7j(VvpC-0}eKWu<>SXjTeM|@q|@K9Ls3QmvT-r@vA=`AThoD
zm9z))(2}pC==xRBj`-4BAw|C2hLTispXEKRb*YkPRIs}g7bk>dg&)peniKHVN3Gvf
z0fgMd#|%bqn>8~ckK#GERV6Zwue>Ozp&}ih+EeS=r0;7yLy$SiYQo9*qYRBenb*R^
zJ*f!>ohgbINJrM~!jJ$uYYqBuc0o!IQ6&hfLf)wFTFBc!kSI+CXNtOln^U(AlUU~H
zr9x9&1rtu180{vl<5McF+zjMT9(U5^0r=UAZXyww-u>wGmG@@NP7s6XJ!I~;7vjKn
z48BwXEoi!;><66q_>;sqY&8(nkwGKXzU%nZ>FHRR(f!2sgE~bq9ciT|tOzVf$vqRh
z{Fm_<fx?C#lmgoNA=V@tl!@u$;C!{bH!Yy7{niU%;h~|f+zIij%!aHE5qoR|gjkS9
z!8gP?)W4HSm%O3+F$w|6J1wO;vA*fV9SwGvF)TwT1D=u>8K4zkJt^RA%t$z!Xvmak
zbsgAA()QW)o?1%VpAz15sK;hQFMyzhmB}TsqUmL-ZCi9wB>ABV=C=zP3?-n&Y`I1%
zV`)x8?S4yT%VV3Qa0|&5n}VZebKDNG@O(r|zXBXE`uUkCPm;n`L!&(V7|w^_lMPOE
zRNggB4Lv+EbnOZuG07odLUKAz_L=OO=?OnUvR&<v#1~t?P<)m&t<7Nuxn8zi1rerR
zfeYaFamdbmg6vphwE=EXn2Qh%u+E{#+I*8WhI@^K5s6m^-uxovhC=gY4|?*-v2+yb
ziQlJ~()^?=QPEaeW<BuIl%Y9t?Fh=|C2{YGJVty~uQVybHgA?%))``70yXPMl*dhN
zSujiD9odA0>y>66x#YsfVv|^y8AL1P?$={qeh=tP0~eBy0fq0+WnmPbB^Njg;9=0F
zzZ?~Qjm`X~HW44sOk<JfDF!8~|A4*Zvl63gU97)01V~dA!vPpYuxM%NUJB2d8Ir)M
zB$)wmx153NbQ&1X&_}H)?k|$ZJ&F)kqP5=7h;U@o#5YaYl;3lSY2r(=@cOO9DvGo)
zLo!om>la*IO4+|d^_vY*T(f2a%rRC@9sF%$8lBboui^OS)klS7ECU^WJhq(i-toc3
z5=_1d$j2=33r^H2F(kN+zT`>)nPBKlcu)$=g~|bIV2B`bC*MUh6H^}BJ%x5UNFe&C
z3FJb^Y2TR_(%4zNI`Oz3#d9*pa~V~FC*M&D*BuHcz@2@(!eII&5mkY{4SY@Gu4Tk_
zyUL85o$A;TV8G~95dZQDoq$rK+R2urkNA+p9bg3aXdFnGYy~GWWM)Sq^(qm5Rio@v
zT9g4o1lY3IMaqGy1Fy_*>{0<wDC7!lzy0--dZPLI18pDa$RlVf`Eg1(tyR<|7g};a
zJiib5SqRNhgdsl-NYhx(i1Bfk&1|(B`I@JzTS1ds?7l!oERJ@+-lJSry7l3W4<3U)
zG!lmjPs_}w#}0?C)M=S5AD%GH<Sifz-360DUrqu9E#6RJr7CV0f#O-4s62nvszs$<
z#jR`wi8g)52={ztABY~=xIR?dF_p;b(i~Gmx8tT~ryL<Q`ez;5gVTz)Mx<s~9KXu?
zqhcvyr)tGF1!hJ7^4gq|bQDW7nvCuR)Yu=2U~h({p}X#`b$bNVM3@xb)fB-|=j&Gc
zDapXAEMqwaf2v|ED!QHY4h%xhT}H|-EwL5#C@=0p5)XS$s?u7&qf1Xy44A6!K1z*S
z$4b;Lf}#!egF7Z#{4`{D`zdbiN^_yb7q=`RSv#$V=xk`+Q=VXLsXhOJeJlxC4MITW
zW+UtDjD_ob%fupuk*f2%2A}Qnee&K0M{?-N#9Mr>J%yhZ-+PM`SB0YVP_xwG2v{dZ
zp~GiDO!3|@pXfEEHr}{#@1%`hg`2-?@0tb1ZRV=^jF_>-L~60qfvUq=_j}`XO}$*k
z5A6;f%lxnBX`XPz@ptBykS{dVjlB;uSxP}h!gtFG;EBhKJtyaN16t<JJSxdDL^c%j
z2{+XFMrjtez1L`5hB5d|t^y~c#R44Gq@-0O?;bex5<k%CuAZ4tKu&?&HQTlYz!J96
zYK)qiXF&*Eg^!~xTFfm`FNv*3_{6OmncKEBIZf;`9Y+U8G$f_Vn_;EsfaFV1o1o!6
zrooCc@%SQ-81dqg`Ae}#*f+dZBCAW^B3`n%M?@1Xhb@Xzlt-af^jkw;c;`jwHZ}-9
zX{huKb&*oXNeK+W3u31a`pFPsWxoD;bcH6#p{Bg2r0^%-Rl`o}p5$Z?Q5vE&Ldr9?
z9;?@?qtj5sH+Syi8W0LvvDdDWSBXx26c|Z*Gc{(jY~{?Cl&wxjB_jEihAdR!)XR6B
z86nOm65kDb`1yGRGRTF1ZG>p~jnJ)kDmsGp@;>XEF;aKVZOt0(PtwD{(s{j`z^GP^
zg#uz0LzUC8-t8v2hGuf2R$ZH)KnSkjFvI1i_;}Oa&F^=SnjSN;w%!v5Veef{1BjFx
zh!b*SZjC9$`@b^j!AL4p&Qn1399_N?a7CmDwBeAcpCy{KJ)e9D0e2{GwfrKHy)C4K
zaVb&ktipsv&~!#-dpLX$>ntJ>TXB1r<%mv{dBacC3(+SX)m|`b9%nV|rPMKw-j-nV
z_)FM5%EW}WSarRG1l)FPZ(4?nsvM}h>gd|S8Cde5nnUpihIp@Xjqg~AO5zqT@R0N=
zrFa-yf{JwKjYKB?)m1mbhdR8;I|Ki_vU1tycQrt7m+SBYD<Uf+;U#jS^z-&{%v1F?
zo0!lP^m`PLQruHZcPZz7C2G$+YexDQgaJlfB1G$9HP+e|<BnZVHqlVium0Emcu{GT
z^KO3Sun#Kc!Z7jIVmi>4><LD+^?{xvnM2U|q?jL1Pmrxbqirr#hq}^$mAlNPQ8c$z
zDqO~X_6|`D?Wr||*j{DX9KvCP&Xg8Wed8LjipyT|MKeBX4Kr$~d%^r@B+8EN<B+5a
zPQBa3*}ieCJ6AZ8P5oxDR@-+iIa^>H^^p<NuXRQh5o*W-%T}&q?-+@Pi+T0gG8EJx
zc2x7v-28i<*Tf$q0XMiG5B8s6kDK9mDi*R~<&>}Ney_j$m_M!z&Y$joFwCDdmg_%%
z{thhC=aOMXPD`adZPpKZ`n;IB(m#IrSgE7DyW)l@S@w_D)0*%0oZ0&3dyb$Q`7S&|
zX1i#UlJ20~?8g4_`1!W&SGo}HQ<A~+A^j~m{PSJk^KGYncz4<lqib#PzJvbua`UAX
zyX*)kcFDqCN{dp>vaq?bCQL(EmS*vb4Wzt!|A-AWK7^pY=Me$Lpa{%k^b*Q1B{yG`
zrHUpWFlxS%VC+lG8sYt#FwIbNsZ<Oj$yU5PQgB^T>d1Ic`hH&I<uGO`9k!8a`=Akx
z=6VZZv7?-juPjjscC3L~h$RUr2-ujz{MMhPP;e>?AqVTskN6CF<>!z9?^)AiPd}87
zPR0ucYj)VZ%-bd!Mz!j<U@Z}g9|1hmdOFWbB+&Yr(j}rIw`aY+xi9Lv11^v87-~(e
zDSzm^Nr5ves`JoP=JoS}6+8E2+Gz>MS95}etP@Ymk<1IbwpQ!PN^jGO`5Ff(4U(RS
z7K-9FY6DJ&Mp#d`_g`W{M^!psR)4HzhwoLJblElQ*3treYDQl;iuuLdsB#-bcN{iZ
z#tjStE+7D05qz%?z^1lxk2{gnIv&+t>7SwTd%dECcX9Fv!JY&8QekbOGt7(Xp+RIY
zZw6j_mS-rO4Bz)4e2St}cW3Q!)d_BlL5W<(hFF^J8w^#O`Nk%8I9SnzUUEu_Bz*R4
zM?rxQSshaVU1~ApJzR~Du$Ca_wuh(|C3$$F)lRgJy<`zKN$0{G=Ycfti5S!`)>>xf
ziT+(wuc?s|;s=tBQ2gN|3`=gw-9{#8$KE*R&CnJQf&?Y~Qy~J~><-bxxx0ZLb23>Q
zLvV<D7{!H2=Y3Fr2_Z$?)q26<l^{*(HPR_);7YVIW=SRiYIyA%P3WAMR59fSj!Ei;
zBcIWeC|&|?yS)P9*x=|H_iV;o!Ng3Z6Xn&SXBwYJ;JhO2%^?UmYW_uct=|g<fy>>z
zlgUP39C!KHSu_R19SPz2fIenf6ZJ_rx~)(0ulxr#V4uRV&R<4oz!3ofPaN(<!Q`P|
z;S>!^bl*tKIjYYYAHU>D2j(1(Tp=ReE9)KA3Z0nP2;*Jl06!FmoNJ>8gMa4@HtyRU
zo7B7V1qB3LJbayIxF&$CSBCv_$#o}eN@cLL(06F;W~Q)_W=B19qHYafGp0I+vm1w?
z7m-?Xv(q@YJ!^rm7#9l|#uO{v`68O~PG*bT{ke<*N4piE-4__m_SSRwS;#SyVG#DM
zKN9;;5Ut7(YYj+}&)oC4Noe~i4T7(G1DSj0ffkY#&+F<H<35mYcgM0*dc)^7Yw0g0
z@cCw?7ZXoUAx_*GqRJ{wyIbx1A&7@IR~L;i-Wt?PPYI=-4&znelCT__)AabeOI&4n
zaf~6>K*6I2P9(7Yal`L~>$FEX(E&SrA5}3?E@n|v+)(J09hN1X_*>~D40{|t9*gbl
zBwlj&OzK+k#Mb;BHTW_1z5Q)usU#Owc61i4?bi;$rZyf8a9%!9@|#-d02t3K>K`n3
z8;)2*4A_*@Jx}QpEs35~lnP8MM1@NNC(M@dkdpEvTzk;L)5Scq4~UqTOS}ez2>=+;
zt1dW`N75lfeUFGE66h+-2sjeb&_>j1KYY<Jq(<D?`$iziaBgOlBoC72uATEKlK0rI
z;*?u1<@6YzbP{r(gLzmCD)G=nh6$aj=H=*32nuC{YYY|IP@gO$AY!aWs$xG6I;dei
z=BjJKp?Ly+C&~6QMHe4aac*|Pr={YVq&+}+jBYl_`S)Joa)J`@%YrK`OM;;T9&>=&
zog&momB5q{7&(b3<rLpp>8ax&)6TrYPMJ@`cUycI;TdEvHz>U4#}viR<bhKZ8_P7r
zCWiW9n5Nsdba^%ZY|)qS!hQ*8E*VvLF!uedLMa{^AX&Iykg#p*C5Atk?P0x#6tV_q
zy7IvG<@FIfD>)b`yVQWkm3NSyF)V&_iY#~se&1J%N*rJ_{xoh&{UU;~)Q-;xTSDpm
zgV{nm%KhwlDBBBhtF2e|@rCpzId&=3_nJ8_7IEJ+2le+%^fB=vH%lU<>s9==njyO}
zy#&@!mgUr95R$^TZlN!yO(UtO7nj}y>W#2!IpHkg*3;d2-V6@?!Hf{O$H;bOVLfm8
zP{;%v2Ez1RJW-^*=q`PGkpvG!=w5L*)ZLs8vvRj-Z_(T46zfww%DK@XRK&^TBM>y$
z=oOeTRdCiJIjluL_r98?RQglK<7fD1DYE=+!XxhpNjyZX&d{OG0?Z{6ZjDtybth~w
zBW{fFo8N%evS@*<+1_!$HU{)i#q!gsq2&;~s*506;{6U6lsPpZ$QVe7KBoPOYRR2M
z@9TJ!w{?s(A$f_!*q$2J_Y;XoVsBP0+;M5jL3YF#Yf~B4Bo{ItmO1C0{KzkU(HI^<
z5J_Nl+A;dyhz;+B4|40wZ&}Z1AxuOSlQ<tSv=iXvyD?C^N1%#DSB?j4Kzm1u#fVDw
zJ*gnHqo(22=~G*7kji~R(x()=+qHerL=wx`kQGmwF^IT$u<f~j2h|i9$53%?PFNTb
zA!8We%adYA-ii!AgO}kj`A*83z0n6iHxCBY6q<$^@`Xq^OyQESf{rS?XeCwx8d?GH
zK;VZUUN~34Qt7i)ez@jgc-0b2neQ65;?^Z@vCrO)Od3Wncm7*2Nvr`ZG~#3&s4#dh
z?@mY)SJmQ3Z5LOxzicQsUAqTe=xJSiRU$cw+yDsQmu^JEoH*8Eqi6-DrtugqkOJHX
z=lD8tjHh`LC@D!y3x3Y18%?Jk5Ig7`e3!1bARGsx#nORx$`rIpDSAj)@Xa50B7xzY
z(61a!;{_+34i#@^AEF526as=bdPrYeR9kMCs+bbCjWuJnljVwoe)6P}6W#Q_=<^;s
zkZxpc+d5}4$An_)A`iic?ThsWkX!M>&X}#MExAZU8Mrgv9*W#(VNAmA;qP^q^s0N4
z-(?|%mH@eZ?X43=(E293;#d~8i34?B?&9x^Xpx2>4TKX)^E5or29MVQPlPpE9||X5
zSV`wYiV7{A;2t)LdGKbIkW@1LiZGDsLF7q@o!j(Ss#3AdoApH!EY3fC=m*v{r$cFO
zG3ssZEa9P?#?6Tb;S{2mmsVQ<Jn?b5-0jm{GFMJN0T%&AUH76o$)l>kQL0oVk7mJ^
z7va>LAtAGsWEPE5L=SQ&A#f=(M~PkB+%w_dGQkK0mzX}H7Aj(=Rz8%tZ#`cF6X$H$
z;IVK?Ec=pzm8a130O(p4NVDKZsH5waX8c#}kgEWc8P)BBZkj7upq~+~=}?s}JMLf8
zaym6VDGDd1j_*Z?{{~!(jK%9xJ(0j59_m2NocDpM&<m&(k+^*NEcM!a5z=Y*0)~M1
z^jn4a6n>W2l2<$RaznSkwSR!ANtE22XBM?F0=gYtr-nx7p6cKT+Mf7GPASF&)%#Q9
zLJ-zw2}C9bdum1fG$Ps3%ge=(oa|HTo4*I*pLXzOp%CcbP82CkTn_FjXdvspQG0py
zG?H_-u7I<Vt!rFJ1?3%f)91=>z!IlimeJ@zL1aTC+EhFXZY+MlgyfRw2&?z+ANwVm
zUm^^A>%HFo(+Xh{u|ICiH*vWd^2({Q5os%%WnPc3AZ$e69YYR+wweGhMml5_Iwl{k
z<s@5@iV*&?kh(iHjPjr2!?2V{5)*#Ir6lKrdK~D18Ijm}f?H($U!lOnKS4AT^+5@+
zDFPG1-+}o-31_-#2lhSK+gXjgJeAPy+>wM!(J#rTh2dI>{0Jf0e@GgRj|@Lco5=tA
z%7i;1Q6ORxQ-Vdl?BoV7#PJWHcQ@E`1=Kw+&*q4;YOwLaH)5|pVc}g7t@w(0`t74a
zaX&OGjS-hd>#1)fGv6z-+}jP_s|#zBffUFlO>RN{dmu<76NN2UA<tQGu><LL;WaED
zuaCsR>CY}-QtTs|A1GKPPHs4!Ton@1m19(Ip+2N=aUhRgu@~ELe^B5Bw_fo)Q+(*y
z9KD3QhA2h692nhT75BKu(OwqR3aLnJDa3e|58+$$<m`jGl4FHJR6qOT1`w=3&VewV
zEk1E7*gC#A0&3fp)IhY4X^yZ+iDaPu`GoWx6lnMzzL;5+g@eUYb)GlgLd$JM=Xf;7
z{!MiFMtXL<(tSb%iT!P++UXXMY3XjU1(>*iQUP5&t!2D-mwpJuep%_f)2qZ^(xBxa
zadfFwHCfrg{mn9FOdXZ#M0ZqNJfq(&3fRYkLY?stY9mZRm~xO!RqjL~ngRuimA<rS
z4c9B`1ILYJq8<AksvtER2Fo{B8@0S?$<%+nrcvaIlCCEqMaAV=dH}#fy(ti)OHGAy
z3Bw79rB?#H-d30&I<x~}6ku3vdGmueHSy1sKH;k`A8sp<XMJDYxrZTUBY?_aC!dhQ
z-zOFz^Me2$7k-&!l=wJ#E}PMT<e&O>?kDO{`E4z=FTLF(BvD`LeK?mPWBo(FM}LTd
z#Nmw;h3grBDMJf<b3Q$OXH><jNUY#JEjc)Du4U9{mpjfShQ_=C67z>a7@?R6vh~SJ
z0cSwu0(fR1_wa*g!09)+v;0o%Xcp>As%5FrbJ<x3A9KZ(SwQc(tp=d+HducFM1O2`
zuZ-&&_YC$)5o`<~7ndFkdOzJsZiN&Q*--t4%pm+B;pXo9?x&L+A{3$YAOyn@BLg{u
zET#FfoC)kaZj$3#oLJElCFoy+#5k|F48Jg}<tT<XSums%q^ow|#m3pAs|Ia|R57>j
z8$r34TemIcsLxQME_8?K8xP}*VX**Um-ZJ+9CQ$U4v3ya-i34+b)HuZ4!^#P56RqD
zX9om2ZC}#QC}=D$g>jVaISB!KQWQ2&X9YW`Od!qRRM(=uP6O8U1=kJ<n~V+z9`naL
z0~tdVZ*E#Ojb$f8+$MdlQD8mF5_>!NuwEZrkk+ET%Ut*Dy6*XG+}547V>V~P&^`{{
zWf#xZ>ZA*e6(MVfy&%HDSjqT_>3MaZtPokVi86H}8zx-nO~c^ma<<n<gT(z8wX%Xf
zqZv2-&GFmb5g%g0(`jA4<OJEdy8Rt6p_(GGYF1Cg=@i%>px3oDe1(styX%C}>g=XL
zWl25lgk#KJ$LU-gY;}YUNsvF9kNOO7$ndi~SA?}f?j5qS5>KY4am6Hxur2ZABQ>ve
z_#hwR?mGsSZ7*$j%SIPWg)Zp`AN!3#Yz=Zd*Ozd7JaW;XV!6d4md;#kgpyhGemXVl
z&B<mWpB}Uinz*Qflcg>YnX-K=DeoovVw*H%YFfB=<01<T*Z-{+K3Dn~6;U@+L&~Py
zaP>11xFME~;v`nGGp~NX7tr<P{Xi4W<Rd3n76GFFGzm6f6@g8C-_mRs+k6PD^%4bO
z8|vQAt*MRm5^7&RYwc1?M}If7)^eh%lb~BoLH3fGk&U7y(rfru7OTjWg7_L-TW9Kz
z-FHnGyLgOKWxoCe{w_Sj^+`Q8Hs-gB>Ri<v>;~Cg6qrt9KQ7A0rZ1&oMo6D9j%|IB
zy=$7N<1#v_kamX0g)L#Nw10d<;Mgz~dLd<Qt&N5sxf@^qHCItDs<hV^b0+ZX4URG%
z4YAGmm#i55X+xO#CmG}#i*bB;4>Ma2iKV!HDKR>g6Vzn8B5QZvNbAIrh<o0*^QYuS
zuztGwTsAGqrh@k1k{dB!^^a75a)?Z7S2%6HK0EfBQB`Sj&qQm0b?qMV=Q%O)UczAw
z`rr`9-u;ES$0cV-it9r$NG&M`B0Y}`q=z$wv})f`AJ^LO`EjT^P_f9FvIFUhm#1~s
zJmFo5|B7oyD5B0osfb0(w3jwbuqL8p5bE0W3X-uc_eFSbii@$W$5uXZ<c=_2^^cC=
zpCD_L)~BWzd?x)?RA!n<(}`(lt<7YlsBdF;oyKg}s$CID7eI@4qeU)7R$dQVgaLl3
z7dV#4nj!{uUt)!RNYGn$TOR-3^ct+u#<ZLhK9j8FqUj8FGTL5hI=}YLw7w^5OtsU_
zD1v!v6UM3jk^aR6V_T4Sz7=XzoMWY`;MU^Z)&4^Mz9&1RO;kNaK3jiKS$)y<mklGW
ztTz1xB(+R2LsG*hzAgJkOMMMS+rm-gVnOYXY|z|ZNcf|=$tJ;-t&JhOF=Fl5ft|iP
z`jh&dKc7IT=Zzcq-KHV*Of*YT_LuebGPC?MT?~YaARO$VL>Qx>8GQwQ&YAiA_7{4_
z!8{=MEyoxjEGzT`^b4pmX?|mhMf#Xk6}(I13{j!U!z_szT{Nt3F^zd=hm3su&IYGz
zUCTuK^iVOs2SY1X3EA4NJiRBum#p|4Mt{7F^3HCecj6vK!4A?yUC!6grU5orGRSV7
z@BBP0UO)gXr}0<oB?ZMbbWbq--VNw-ek(ZB<tx1*&aFabyVP{x+~w+G&s0g@5fHiR
z4P+FQv~X1Kjg1%KjfLiVAulYQ*B6WZt#y)>v3W=rm%a`PO@cpAnqs=Nac@)N-GVe<
zv<EMF^?4NpSoXw4SC<m2Y!^n~Vk6se8f<KYv-+~L#qX~JCOZo`tgMDN3H<09=^w9x
zUhg2k3*xJ@FGgv$xlEyvx~BTrwcw}!T8{hnZT@baePK|`4-5CYZaQXkEJ0dG8U2Ao
zj<)|90X8(ze0pmi-#7k)<y#s)IBWsc+4xi2xNjfxXf};hZiVJ;N8u1v)8x`lkyg)+
z@7&UBS_AU4Qg^>()7jHQO*1~r%}k+YHHjnN2=3(J{I~^lRI??Qq>fUno?EKnrL`b|
z<8M1Y=mNqb@I&Uo%Ey>s0>{tan%@&fc4oyU6AhA?a4y7UUm#mqAoMJk!{d5CrLZ$H
z4M5e!Z18+;7Kf{vcHfQ<yqjdwL3A=mbHwHkmN*?gba<=k2$=$q!z1@K<!J#zjH_YN
z`=+BAzq<HMS=1j+6tcRo#<2lHmAp|K*U@0vdh!iNGoQ_lo6i+&D*NHx^a@Q{{MOxo
zbV@LoGL}uVHT$k7Ih|{Ya;P;tVt~LL9Y7=F|L~s6%dY&}Pw}?1%tYHW+Uk5iT(NDP
zz=emqeB;vI^5}E%6A{C1Vt4=_TembmT#?!<hl*C9`GsGwOj&*z<$42yBKD)k4CP^E
za|aLnF{<%%4`=@YOB?^^N4uhmO`8Er7M1lz*OqU`f&8=9Vu6iV{4cV4<qN}5jd=kA
zPmc=FzAfL*k<ZeI`r5r%+JIc*>m~-5l7}jfT{Q5=AT9ZA3+iE9ZD2sVYTF-Y7E{Fv
zQeo2+Y`d(op!WHKGl-tjZhI?<+(p8W7yKBFp^L8=*C5g}(=R>q=e&N>5dJ#2Q4o*x
zqO+2`$6b2ZD*if^qmf0&EKj(L6C2c*7?}bNuJ?yp=m?nKBe-Zg37o%FclLAV%O%QR
zC~+<w`d68Ub2X4>_u+Y~FY>xsa&JS4oNvgufM{)kyk!0C`1QU9a$ze65$KN_|GfZ^
z=Wd0$#ms%>O$ipRttV2uLzX_B#TR>q-kHFQD#e7H{<N1q(+#**-DCeKu}&Q5`x<`q
z*<SPzBpZB5!@xS?wK3|Ih)dmj;nU&C-^MjH#la&F#CIqyd)N(HFkdC;`INKd@e{dn
zpEd>UNDqwFXcedz55cgegU;n^beAFr>(>Tz9t8nR&uQBQ0@ylrAY}uv_r7(qszZOY
zU_JJg%2*@##oI0kpdyL+WhxbV^jo`eCV|J?LRRizN25WY^PrPi>!CTX)$!GAgaHo&
z&RidbI*OF)JC{G!U7I+<i=U)Jl*%LwL)!6EMU?IPUkz8N^xKESB4n->e9j&Ut~Vf^
zal%UFiVaydP(r;oekXBVuAVPX1_RgXNo({X30~?d*#IB7A>I~~yRmH6pgU!#X#Ozk
z!vc!%Xl8?B6O+-Qg*IlmK1EvIXkKm$bR2)nBCGpj<9$2pKenoyPdE&v*fNq$$yH0<
zpa1gJ=-$qvo>`CX%bq_+_drv>o^x165wnBSrk7>H>@kfw(5A|dlc!=08Q;zME(ELs
zf%f^LFRbrvToaOIiv*Y4UBV0B0H7_q{bel(<C0xLpL++RUH$%=ml1vO9;R$(c|W#g
za99Jb`5KbwCXy?qf>~fsOL(J}+d3g$S*Zxy)!dE<9`hBSYw;fxJ?9edNa;i0Dob=7
z#Z0jEIFzD7#P|37Vf5S?%$i7wd%Pp52Cis^sV4;km`IC8Q)TxcTu20qYl#LIvCAew
zyN1h2t7b~9q9Z3X>QQ0MhOls_QPnh3iowrKnhmR_vqfA2;1?SA*a+A8h3~jSoaSfI
zZxKF|bTdh(`gfaey`dg<V~ZS%N8#>6I+AvA=-0OX6sATkDAw{UW`|hF<po1%ssJT0
ziJ|r?ps7bT*p+gbrs3^xO1v4_Zluh}o5J6!zf6A%i6EwGw<H@Mu?892_r3QgHe5DF
zqoMFq7Yb4{Ckx#uLTuuIrD&mQ!~v`=Se_<%m|x;|ovDA-y{>H^X2yEkv8vP2+L2gC
zi^9OzoE+l#`-{^~$JQJ)=0M6A_5Y$Q;$7T<N6{}Q&7u4Wrw6#iIMwUodlbZdLSyFA
z^cn>7X_CKW!oMG@<+29H7p}O84~4R*s}%OiZ<prizZXZ0q|Zw4_td47lwC1Wn_ffv
zmqND%PDP5<QLJJSVKK2-$>AYi(2wlRGDn)bi@($Iqaz$OW|t77T6j!yN}Mbp_2Giw
z3&fHGI5iqZ#Ses|)GSMBux!@5-*69c?VT3AJs#WpL^8!4^#rpr^$fG<+ROOEYgH~_
zc=FZd{>dgbBUq_{H@KOh#0ijMJs^8%TJRaT^y9!0PS+aid4i<vI^M(Vl|jQc4E})5
zAs<5|W$~{abwMO$%WXgFH7Ru#jG-)i01R43Nr{vi#dw{@RxY6fzAy?GJ-TLHvyqt~
z`$u+POxm}30#Wj)QW05*W3s5yEFEW>T0)&Tv52oktaL!%nrl$sjxfJ6O`X<wq|;aJ
zd5=Sb8(NT94^RfuI8BwKEoqp*i7Sn7?Tg}NQtz}Ys*CJp+Tikx;{LLH;RlA35{$}(
zPaj&|p|7fjz4^;mtT0Ed*8$KK->LSC!wTJV%|{z$Pa)}*${uN&wSq#pFnl_~1~YY$
zOb8zq`Biis2S?5EybynEAk4y76o#)JZQoaEm1Z(n=yeREq_IdwlNQpgLK%=YJ9XXG
zc*H9Sz4WmPSd`5>P}1DCwGb~><e40Q#nj%$hBXQHYp6J&dSFKyrZP_E5<t%=ch?$4
zE=8Uxzxa^KinsYvXDeuJocHyH$Ym{m>O7NagV6maz8JcJ{6<Bd*>UvPsoI&9<5<NJ
z*#!N3&^27`=1f#abcdX@9;-EEl9!U&!6S{QtrRFs2xI}3pSTcZ=Bfk*aoUo1mP)BF
zR}VHQ4Ofd@|BXkC+xNu^nkZ}kX3$E3ei7nH(&S7he>u6K#5H1Uljo+2oXtEHibD65
z5MUlqOGqCBdsy7`_GxXJbbG=Rl(iI9>o8@I^QIvXygWIcBivzBT|m1+$IPkZa*EB6
zUzK?Z0q)|Pm9$Nv{x7XY*ZK0fXDZ|^HEn7<#;NvCleGh(DMug0xfso%<3INJ(r!LH
z`56`hg_I);?7TaV-JjM{^7TTQU>wOb5$fH%n}3Nq?!o?ALT)@$u|sHs(D<MWF~ZO$
zraR2H+}9P1ptd`&aFtvvBUHYk9uVsJEGkd+z9t4$m?Z{1_Vk&r>-s_QEP>%zORjK0
z8Y0nO<~ms(imr$qv5cC0zzYGU?YaYK;-OlXsA(M&(h4die?D#&*-0hcuFlFDd<ZGl
z-oTM0TJ&7!Eh5lueay=Cerl8!FzU%$X)akI&fAxGXGQS|W1LqHY6kJ#nx20-bh3-@
zj#?=(pFl|l8VZ6*`v6LfLrCv~+u$bDM(K_yENcUFjc{_`@K?ta)+g=kq3#T(Gewyc
z6{`{tbm4`)wPfr(H}Po&Aw88m>a&V(*OUvCNf3)Wh1;TY!rLp1q~sJ11u<1~hQU<!
zWY=mbwYD*#Ou)F{_G5G2!DXP7U$Ez5U#;AhZm6IUMed?5DDm1VHzefpySbwkc(Zn+
zhIBp+SX2~DgeP(m<l_gpk3{@(=WrAD^oDlq{to~ILHoYyU(QaMlLmO3(6yI&lU2FV
z!l9w46uK@ygtFsV=Ea^`M=`1XqHbzmKDh=0cNn4ia+X#U0*9tzh7oG=4lL+a>|?Hl
za;Kc!a*MjDdpSCFHVxnoBdmRio>mPHdC}}3HThilR4Q3HrQ9j6E_QLTHP19PEJ)u?
zHSKPDU5ygynB}vujq7Vb6ic}=K)OS$FMy(EMfYN~iLDK=ZcUnSsTYMZC_K=l^*})(
zN|Eb)pp9FK)90!Y$${I1E?&5<8WB2$PZ<!&W^3!k8G(C%Qfh=qwU8}}=jyV_GmBAK
zNY>`m>vwHjy?$G$=T!k%X+1SOt$NyoKFE6?nrW>Fr1%*fKIHue=JI1#9tH9JIDM}!
z$9JZydHd`ifBc>2d+Yxf&_K*&M&btYxsH{R9)EET+7GoQQ%ppaua~_;=R39^fBay5
zn&#c!j%{81M4Nspk3N;uE)fs1kmP#32&RGQx^xPQMm>VcHH$y1#di|B2n8!x!taXu
zcq_jrv*@`oQ%0^&h|-6u<SCQEjD}-juE_{Fw`tCDw%snxgI=kQq}8rM+u(K;b{el~
zj7F&r4NnV{r&nI24HAJ7p~!AOu7p85+0jD?POjUfhuVd%RUBNS4sPwEywJ`2<V#Hg
zXAaEfV22TEE;$PO>C-z2SaI3S^rn(zV(keU_UK>GekkFMjEpdK&sEbp{aW&Lek!fz
z2`XgY@*GeLaWzRwugI9ffix+Um<JuAQMeMB|B!f93@0w7jxBzd?2{H9xcYWlH^H!b
zBpgy5es74_GW?iknT&K4b;8!!+uEgZcoyegDol1Ny`x|iD?REj3hz+Ma*Lf*j}$hm
z6n~Ezi_5caI){eWOX_B7SppHumVE5)93tKSMs~JP(BIslvMXT++CLTc(>*t^Itb&p
zcBvWE`X%IwWv7xKANW<gW2@A}McywV@}5pW8zrLl`Y@f{TP%2&O)Xp0XgjW-!tuV5
zSyW4wnYKHGHmhBb5!UXzM?ZEx6@yy8gjjIXyN-SdDRV9NwCGaH9kbXHSFla!ipyIo
z_-VVzN1v`ED`r+Fe4fnWJ(XS}>V&y#o;VWHFJSSGB;EKQ^g<jV3Uv-niCFjI2B{?$
z#-r116MFIN(hwk_&3Wu+^Y;0^Gv42;&a5p8=RV|p2!3(5tI*MQm;?KHhc*sjXLb2$
zNb6PTLwF{^x#Cf9wAsVfhWwlaDHpVQwssNh%~ri<YrWtnYQc%m(TPylFI5s+BBLEf
zsJ1i(uxMi+EbZ#17^NlC1&VwF3tgS<lt^EdzzSO`e*V)7-Mg;68tlvhpN3&!{1Mfz
zX%>noJ+i!dmRjtbWfu!$3A9lnTFcugxTBpht@BCKuO(fbH6G;+VA|TwD*1sD^U8TG
zd3TcyGYO6^#R73vwDq5a?ubanq<YAEu=h~MB6Oy{)e4W2NwZNR8^64Lf`30rGf48Q
zVoaodxn80%%zxGAXyoWF;tG<EtX1+KH@}{j>-fY8->b@-84ff5#hOwop#De}eTtYB
zW`9;T=dt6mK}m{^Gcgd$4Z)T%=e;yynGj0^iCZ=@me6by`WD#btrJ}I{jr8@y1Jpo
zjCu|pkQnAa!6U|qFRCi)f%9Rknx6pRPsgvAZ_b;~yKI<2J>5c?@lE_G;1U&&wRN0(
zIlBb~#0wN`N%b!!Lt~#JF_w4{yd2*}u}$b5zcdMGnA#(sEK9WWqLWY<=D&(b2FsnQ
z?K#6{{ZEkF3G<NNw!T~Ek=4^IxEoqEcT6+B@m~VvzA(~&Kb(%N=cKTYsEu1j-E3T8
z!!PD!nr_ORB@{c1u+x2wkC!A#i`4E3A5l6kbbGj&s>5`#qn-tv6o&b)Fz09=cdb?Q
z1A?;9_>1$^d4Gq)5HYd}X%hrn|8pLuY3g=XnzKf8#}ogmbbpzqFGJ?XN{+%ot8T2y
z!NchU_B{^$uJ?;ug1gk~Fv4NhGKfYDWC{q&Jr%M@F*_7K+0GlGCz#ak;bgKyd1J0g
zV>#!0S0`5o6o=iY=dpZ6@Q3S&rbAi<_g*F2kjHoVbmd=$O4V@&;?YXW!>pDFCT8bb
z>UpEidL2eM>Dj}-g+W+HOJ8^`I<L;xJc1R&!uUb@B>5H+?gJu5QYyI58Wg(F1fHpB
zLlKl7L7fyg*T9X>#-%!tC^G(H-rpZk;nZ;BlkmLPW<2hvFWuZgRyV}h-FdTI0K#F2
z7D<z!8}N81C@`I!ZUn|hfuGRViWPVj9~CT7P}jw~`vWALvh6M*&#UtZmvW79ZJ-L&
zn2tWcT2d60rYh#easdeIJW>ROxdY4_u86<RT!W${VTZG>6Y<nkR>!zn8kRr{y5A!J
zVQTW>c`a25iQ{w&eBZ4%H^=&J{X4Ph;LeZd{e2h~S)>8f>xpJ#zvK&kWp~_{suOWx
zh_y0^c60S!!4hbj(C-mwaLQ&bQ6E=I4`?P5J_YZ6k)T{-=CQ?g{R)2{m$6>Rhc?Y7
zd?QfjDy)E-I3;Kt)JIPvZMsxuq8+sWTB764<R$lr4)?Um+cA7#u6+dC6a7Rb65a@v
zI*t=qlrxX!OJ_Lb3(612rTc}M*VW~IlgKH)jixqiIjbLv4-$XGi-#?z@RKpCr@fJS
zXoe;54kNrrAi+Gs-y9O_aWN)%BX|%T)vq97UU3m357xFA5|xMPY)4J5_s%ir3|G$3
zH@OFE(GwmhYo8$>;v69f&t%rGnz?x40GTSI$P#FyMBakIzn5qE;T|r@pO+N<@F^DK
zHVyM!;26;DbMtT?h;Ox?N<CWD^%$5E+UE_fru*59slak^gS{(^FA){+y@w(gUN4>K
z*ofE?180dmM4`LULp<r(BP(#8){`$D);n2wETNxQEz{7ks}?6JeM`gq6Ie`*6&cd)
zm$7|J_Ac$i$0!r;m2^Wd5-j$^UQr+|n@qfAxBC(sVX!j1GFIJ|D7C)wm2X}2ZcY;=
zme5qed`V-cMl{TSf!ly<97aR-V&1>y!lN+Cr1^n4v8lzEVe>j8Vm=J4(x9LnM)<bN
ztr6;~N^q<fUWU!<i}N<jkA2N$i9-4lw8IGBrnxnn#FCE?eOZY=DH7(*!`QD<pMV`k
z_!iBr!=xj8NeIcyngKTkYmCf(a9)Qw$b5-6A>9euVT5n7@Wd5~)OO6t2qVMgR6RrR
zC-%6ET{=?cLmB-ky@{YvB5$qWFXgFpfDV^CRQicf8wYSPtoeB#4)0}IasxRl=u?_V
z8YS}9%CGej*UXMNDIqc>uY)kKtNE^I!_G|r%t0m$X;6wK(%UirwU${Eu$9;gf$M@H
z5`Ruj0nDvr55gM3W~`6!mlEm7`hY8i9uIg-xlPFYI`9rRk*a<qU({eP>?JmtH3B;n
zdo1A5cZAG?17pxqv2=!t%o4sWI;7`d8@Xe>pcZ?<17D8cgv_@C``vj2HA`p2SmJ%Y
zo_Haxt}1aM>$!lTkWJ4`1^jd3BwqgNb3o0~89DczAUN+*dW3HBLe?vSO%7c5-ujrg
z6cw@a>qNZCq+U<-54#Gh1x{cnFFMxXppr??-qA7-k9F(k@w_6)BVjL7OJWE&x$r@z
z0<Pbf<^wLb67%F3p_lDAuP4~+VidNJrmQqDKZ=!%#2C*cSV?_V+JX`DP3i-9LVI1U
zH!1L#!)qkPcx@%;YCvDG*93Zf-Dn>cS#sv*N!X4M<F6GotUV_=gi*3Upkje*u6cn=
zxN?LiZXm<BkhOD4Z*bzEaS(AHxUSaenYSlV6Je|*_LCjbL9q)U2~ZN1%?*49JK!L}
zSV=mtq(9gpFizm8fD~1;19ui22{2aRDo0LwhzCV{Q8o_Yw$;P@EpbJDv6A=-*A}pk
zwciK9q6<CDR5w9zfJfqs3rWxql#8LYL&)CYb6axO9wETt@s@@uctg+p?`zVFze<8O
zVTZ_7qzKIV9|SVYfBMc@dYS<LJHm_ClAuu-kMk5}{SN_{8p6ksSHpc{tAS>~cVri%
zg@aCET?}}tzTg2M!~Cc2evj2bGvMux=pyuR&?{_RVmysm|BFC|`A^<yp*ipYIl=g&
zZeiOc(ZuAo2>DLIoIxPN{3osgEv+7!1K$UN3oi-U0iWtlRNYnx4{7U%)WT|_N$?v_
zZ*dO?T|k@9NW8`_hpyosql;$2-;!Ib;GhlY^F2r5wRPv<P8UssKPyOVaRD83JF+ei
zTaDg-fF6HHd$H~n#_FPp*fm>CYB7RN33Tp#h5A}aI*C0*M_Zl#@9Hb~`^&5Iz3ZS`
zm?N|ZkcFBxg1*+a0<=sVxj&?>PXB+8#>_q6Se^IXV_!kzbQVx(wc>r9-RU{iB=9l=
zCH99z4}`ZsMeWtp)w|{`Xq?L8vJ$!1zxSnl=S#|gdz764hsL$lLNk%i-fPGJk;MgM
z-RlB+3yt!+<UzoY%pa0IIiPyi^tG!6<p$adk;EccXoZ^bxge2gvsf?50}HgWC+gCK
zgY|o*vUWkDX^>|FfrW>ZMqT_|^KiZ-4D3;KX~N?v>ao*YJcO7y$bhG>xP&Zd$H(GO
zZ1uTONf3an{(onndiASwY58FaNxQ7l1WX*#A+I<^c+g^W!c?vG$vue6)BZ=AARhrM
zo55y5Vhi<hiMS&4QVZIlsCA&kMJb1N0V;6}%ARt6wP~OPb!aOZs4EUS^06nD@Uk07
zpWW5mlGOQ{MbUh}(3I>=p&_kUf&Rj^f(<5x>OJ<Qd_YRY-G*jrkJpn$(GYC5dYX@M
zYCI$g)sYk=ZwEacxOg&X$by{VvqoZ^RH;#ZFN#Y<$TXwvD%w`rO@@`9UQb*B`SOTJ
zl{92Q!u4r}u~$^fcM&NSb7r{{_2RNbhcv$i-)Tn1X)x}6JyEG<a`9hCZx^)XLzlI0
zIRu92-w0x#BvBMqRW#=kp=}FP2r+s6a<fq=vye#5(it+iDa!`Z+qJA81FuIfUKhos
zK9|&7>{1F+3cXnwq+;m|7U;evuDQm1v_Hjs8W{4S9(sIkuqYz&b<^QC>Ke>h0Xa!z
z8Zyhybb}rJ06%K@%)I*VYGzL7>O@cx`Z<*)>UF>|V#D!q<f({@ZO6;3*6^{LiF44f
zo}OY2%QR@hXc5LZQx@Z+?Jm2|>Y=flm_cU+$ti+VrZ38#>GP~s6%9RNdebOl`jo46
zPS$T)Cg`XsHc)d4b%iU~d?4hto|dcYdc3*0IX5NeSQ|B`tlzXuupy>6!F^fMoJrib
zVecZb-=t6i?VsvsDS$KwX6>02VNb5!ZyqvAr}vZ;E8q!^szu+r560n+^J2dVQeC(u
zqzJt<jpi7MU8qwuL5&*u2(5vRVhuFcR+Bzi`jarHDkX;uZ+4=z2#A|)vHT|Tpi5uu
z6|(RqEoB-{H9JvkP^fgq37I;BWo!|=De26T7KzGE=#R9%+T6Gn*o>%B=`12+F4TQ#
zfxM|xUpqnCA>Zw9AZS+3KqDwsI%7pfMRLyLc=Ny-H2f{%FO1lavLo{Wm?%{`BWK;;
zXx`Kw9b%Z^<HuiJq;{`EP^sVF<N))gKIy#r&Ey`xybzsVxWEJlv5A@`yFxJh$;2JW
zSGZ73P!JoaS=K8rxL;1xulkC<XcxRtO)?Y&$D0~9e)}&cXmft_c(IyTPd%}Mrdl?B
z_nQg%u&=oBf;DNWCwgeAXXD3T{(}j~-+o1p7pJfXCbSbLXsT`FcmHjIF8%mZdb~Kb
zy-_0|7DcmH4@GU?{>zDZMZ@@|y;udY^-~S$giDNR>90-mUjEC;b?end?(;)j3-kb-
za$=n{{mm%zM~1kseldyo&)>ZINRDspMT-)c5KaVHe>1d9i~MrGEWyL`I8GTlUgKi4
z{TZHa;v|`BpYY?y&%gP_q~I^{$0_6e&o6d`7F)WB9`5b8t_h*f=`8=N<d6OFPhP&d
zFkYMHHKJkk1Hvz@aRYc^n)lsTU%f16`0Be?7t5=5!KcOyC{s<WrIxiV(ff~+EqqNr
z>*Ds{Bhf?&YHMEPFTSVwk@C~UWDEEXM?P$gOJBlI2!`*!d~;zu{i<r3iAJWaed?2E
z!TX>7{37|EW<xR&U~OF#OpYob@BhiK&!2x0qy}7X;2s#B*2hIZ|MH)FUFxU4fB#Q@
z`k&rhM5{*C6cdfWyPdI)4sU*5((s0T?uBv|_kiy-l5AY`s0VtdJ#y3?ZN*vC1HIE&
za`SA+B}!l(OExcBPc8A(Sb%vnx&QB|CDxErKP;Kes3m%F9zUqX#-S5SjDS-=M5#YI
z&`Q)|lh83`3u8?y@vyC8lh84Qt!R{1LUdQwVM+~e7USO66M>tPSj7{gc=x`Zh}`E4
zxZ+{Ij=6O9#}lI(lKZ-($bC-6j42CV#a%i>CKuz%hr##IeU4+sum$DQx6?)I>>Gq<
z62K)WvOp0ZHCo4);#&{}w)ogT(MfDYuN&CXMzD-dq7fTCg)Lpc+S5r?0y}IuOv;i;
zj3W3_&0C<7_)_%hhbQbsMJkCc<kb&d6h8_8EC*VFFU@#)MJ2Hpy@umUGbDQ|35nNm
zWbqvC)BXVS&wS!b!X38ZO7GhWy03|32~(V=Ye7a8K|5bhY@t?(;7h_f&eB;S#!{%o
zqr-N$T8!xj)-l%7nb7I=#0Kv3H@38V>J`$xuP5Smw=kwEhCbHwia-to?-rh%+%-!g
zQ9`XM#28avAsIy{$T)MFc!NUXM7JAAQx}6ma?+CrOzE~;xESYdY$j$iwVQ?u!|esR
z;f<3*Qfo-7&`rGyRG2rD5g(|atax?XT!h=IsTGn|Kiv8)f$NvQW^%$Cti1sL$EuL5
zb)(lA;1vs8oj<3T31h)2j=``?iGYWTN@2#MLh@34X{YK!m<KHMMfqW~Sd@>@<pOpo
zbkI~d(rAX;a2L>UJ+TS<!f;_(*_&KcQ`NHFSdZl8wp=?YQLoTF30(Cjd#yO>QXcrs
z=Dmz+9qma8A;*ev$S$S?(HZ8tK4|_6WUY`z=o&xfVZvgqI*e7~4B%x=O(F|8{cMp5
zR4V^QxomD?uFx>gBu(>er%JzAsO6+0C-kA-o_kGmZeuh5eMXaYb_?r>hCc`~Qa@<I
zCSZ0D>A9dpxy}k=?Csg}q9Q#f+Az*jrtI35KxB2I*|zG}YO%T?$&mRU_^0e%-$U1q
z89@!4&_{<}72!Cw9N3^{*~|@h#W>e{J@8lN?Stb?qT~9re_$=vLf5WyvEJVoM$#%I
zTG4FV1g->kqo(SmU{@-b>63(7dS!BzXs^QYS5a+73!Nege9^#I=ZAOfI)mN5es9%^
z2Dm16S7*Xr12@oh0V595d|=J_8O#Tg_=a_ZoL+D}^TJ17fw7~Kb>b~1mE$8qGAK3H
z$T!0}1kv@EWUF-s*R#tB$ha4zF~kvY`LR?pHQGme{6QlT5;^B~<dxiMcg8K@_bkYZ
zV8@mwF&7Sx^Xx^=4pn(X2az=664Y}qX78L+e~rqh7rLjayXCs&sZ%wm>0@*Pf6NC`
z?iI7Xs|3ocIs{M5Dr_CIa^Cc0n7o*kA?vM24b<ujiS(4hyb!D3%F-G{T3MYRk?RRa
zopy_^H5dcs9WahYOLOF|XK|jm`WprXSxJ>AufGkR*h@^ARx6C!E6d5z(8zX0q17R8
z4`1^ijnILg?>HG-^>SAig}j0oB*lNn>bX%1jp>AuDf0SGXk;;0NWUn037m!vFMcHH
z)I1jU!s!nO4Jl)U1nc=)KLfDlV4qCV*om6DX1Be+Md4cV*aL2fp=dZ3dGQ5(5e4T7
zT2)W&bXmUNIS@g3Nyd@L-sS!fpXdw=H{KhVLC}eiebGoQEqby98&!JktOFdbsbh2!
zewz>IMF2$aWkjS*SX(U8$}n2LhV<0VbDW00p06J|qz+>#;Gtl!UX`o-riIh!|E|dd
zuc=>!iEo@6;#A~+9?!#3&9+fN^h}l7@N0`5^XXS15l*9HzMMhWBN;TIFn}G<Jqh&O
z=e2m%^1+eFtP@@Xvl)!%;JU7kr#=!B1P}No`{F!}^Uxf!RxGw=JH-Q)eh@uPu$4<R
zvQ~Bt%;xAC+FIHId{S7@aHXO;-gk<&DA-z^z<PFcyBn-fdk`jO7M0A<-Gl0(9i`LI
zc_@3r2Vgif_15s+G~}S21;;Dg7XfhMU_D22b-+%g2VwL{hEjNjFS37FKDW8F)D>Tv
z>Q!+26=Bb9YK4y^H*+ovrAGdF&Fa_j*&IcH)uhRA;`OB6vo+_NeF`|FQLf2crNQs&
z%l#W!y`IQOiLPxf<ki~ne9T-!)UYdN+9dKa2ItVFK+<xTNyDD*e8`EdQL<wkjgIi0
ziU2WTwy-aPdOGgn<E0<08P);B8O|fCxm=~?{;kL9Y(^#*<5jX+&S+!NaV4L&0xvt+
zLZJIfl?eafaJcPM4Ls8<hI6rDGHAw{a-P~E08~4vIp1Y|rYB)rk6u01L<P?0axNNr
z*N$|<a6hUdSNr$9wa4iUnq2Rzwr$w%Vm&&1z^~57mLyN0Lxf)66}|vPEEF~dx{AgJ
zk*`*BxaSIhp<6s+RtKzmYnf+sdOZ=iY0F4{mm6_NR)d;50Xr*mIvaz2i4TzPR4`g*
zve_ZVL^F$$ukj0**bct9Q1b_|d#mE1FV`wK{6*Nz2PVIO!LB4%Wn+#~1C{ZuEe2pK
zBB0Z?f_=Fgs{#nMKs~>gOf0j$7hc}StRi_?QR5lx-ZA+Jtz|M?IG5xUIT4FT%lA%%
z(-XCHJX#8Vh^pmT4ajBInp5vm_6pnu>T!o(-tA({UIBA&>P(>0_QyKgEs=P)YFTk>
z7tg}oil~I$X1g$w+(?VKRCdD-A#NrRc{g=7(B`1@uc7_9QyWN6<jQ}{?c#2ck*DP~
zYx{GH?G|J^g#9iM8c>PM&8@ZYpa1q>{P(JR^{S$F^f#SBBe9&!C9$Kw=?tA-PpoMj
zeNJb@*a+**N9$m&*AuOK2e$S8w*LzM`G4g<{@Z`?pa1^*U-)n1KmK3&kN^Jr@4x-$
z|D*r-?|=Mv0Xe-zp>-hETNIz)&_0XS(dTqF`0KS1QM3-$dZQ(mrPgZ^JGmJ5IGy>6
zeS={C*?;~&`j7wqKl+dVwY74sPm9_)uEIX2Ge>@0=)uJcF=-urPG|mNU9SG(ydv0t
z_MiWc{^P&@kN)F-{OA9p|JZ;2Kl+dV=<$_K`*`#|=lx534gbS)`#Y(U3MNiZO4jDg
z#+;2=*z&r?8vju2$Nn`&pUHoDthe9tkRHM?Z?ETnmy?IqYRYj2(y_dj|JA79w^S4T
zJVRfv<$t!g?=98X8BFOl`r8%v<*wXIh^^EV;-s13{IP6(GNULVzFw~n74PoaN{!`D
zFd)va%M0$*AZ4pMF|E|B!0FnDu@|fSTD|U#2aj#kAg75OPsmAz#k6N%IVCpk3dtv1
zNrW?Sq5pMsUlrkQ2fNc<p$ZGB0G#FtrqL9s`LJG`H6DIwq2>aehJNt>h|-@jTIrur
zMC8O5AtC)G?_#E-FfXg1{=hBcBE>F!Db2+jR!@~!QH%8-N%4#j*uN-aXNovVPPc#u
zR-}zPo8|B?4TSVqq8TkZwNMkx(-2+FQ?}kgm1U+VUUIfolOT~8^+IWKvHDD?mtIq}
zd%mwHT5)Tquros7UXyIXtH8Na2@<Jr=fowc$=5rg07&>cN}to2i0bvko;mUK0Z4>U
zHW4S!B0lOd&nBb_>njz^5K3kw4*T+PFg>lzX>OYa?KBl?1@zwtaA&61O;%R%-0R37
z7vquhKN9n!VrJXwD^lFd7=|k0+?TC?ab*Tos7PU{)>e`Ew|b^oQhS4=Mk|>^ZT}id
zkJA}6x!#xCA?1;Q3xECt>{Fq(?b(wtpKMktuE^0;BB3hml)%1lv7F4D-V-(MW>TlY
zIqGWs`bmG&nR41U2pXqWH7T;S{_(C$r-vup5f7>mM#|;soa20+NS>}Ay=!QjL`;u~
zyegr^d0bK~9yxE?VLX+d_c*K`9WNBMf2`-cFNJYq_;AgYI5S`wN|T#xyE41*%B|Em
z*ISS6Q0i(30aTCS6`<W1Mg=Gtx}1nK-Iu0U6>Q(Uv5lH)_NQSC^tX}nVlvQZk)Q!9
zRFbr&s_2|7EH(T(eRXL0rTtA*A@f8zBNp*NVhu=Kl}Uw0Uq2D4V#wSwjpSr7C`1`2
zeeAtQGhTCQt%g7FjJ{!i+$22RTL$=u0o$dSstIcfRYz?3k4TK8zMDr${NmX2sWct<
zgapaAOJjyXnBouw3$U}PrOJx&BxBLIn`?B^4cGLo(s-y#aJ&Il@5VD3{_yM}Yb-E$
z6&}YiO@*vIFy0rqk|+z4D(tP&SmeB}Yau-lFQ_*h5-Q7Z0aYPWWkLq>6vv<QaZU|(
z=`yq@s}SGjByG24TwowNat%1WzmHI3rK~|k%4gEasmLfnqJpK`ITZ>i<8dTfk(<IR
z@tPG>A$^q&TMhl!OZuD6pb__@gI-U(5N$oTcd?4o7or)rnHI|zrUN@I=g90IT%7VO
zfl;AnROrcwi!YqBRVq{^JT^6ARIt^MzxEUN^z?e-pEWA@fzk}8jXmy+lx*NyMb!g)
ze8K@#*a;Ol4eS^4`~c1}d&=q>1K-Li@aoq}`kc;avHEp&W?b<9ZmiOC-mz754gr@r
zK4l0=1Jvob#Z7W<IyN-55{`v)me{t5e66I<=}b4R`&;MK+U&DPtTTFc|K<w}tOC>8
z^Uv5JyE5!e<Jmlz4e)BabibWnZo=~oxRP0agOq6tOqc_N{$jrk3w`3B26tRY-_R=s
zuVv6y%hb0!zwQ_cC!l6|lN^>tE?m%slm|smg{KUkoQ_r9uH4w`=+)HLOUsRATtoE)
zWZyz(i(nt^TJ439GaysHXYbd&C(qoztEI@RDXOZl?YW}6w*%Kfoa^k*v2kElp$vBS
zgN-_^6f6~cK7R4KQa<{R|Nh5+_MiX$Kl+dV{y+MU|M8#ykN#u-`TyuY{>Oj*n-Gq?
zw<s2o)a!|F-n`cnkH^=PwT`}~vwBT}XWt+^y8X1;f8%iEYcHN#8@YCLnx^<#C032S
zF|rKy=zSi$0?$r9?~i$(WK0!pzHppg>2oLX7f^qj?{rO*zBW}mjOha?s$nHY9bCYp
z#GHkF*~6zaR!tZMY}GXy+W-MxYx|>}4iAl=uww~*k-_uEyC39f3%>6J+@N7JwNd)`
zguE)rD(WOin}M>!QFucC?K|OjSt{VdjOU|eg+>4|Z%T8xA+-xaZ(YB>V7&sKA&BPI
z)#fEr2afTK5C&wxRp7ejqNh#CA|tuTNp;hk_YD?3EB+3sI(~y)yH-K4G?oT<4F~V+
z<~xpvN05+#M+lwu?F-MX#k(+5;QEA(mPtjO7f74pp;1yOk_zX@$IT-4)XcCtp$7+S
zWcwkr-)bivy4h(p`57RYHXm&^!wrC=;H}NU@BqLWSV_X_6TByU7k;?n<(-(z07ort
zydm+LGxTkyq>_GnBLp<fIb!1%Z{XA!?P%%^xnaHykvVLyF~|Wc97qa%MvxxQRViM$
z@eq=Gqeum4)Xf`CiUFg~r@Ivy4T&@7Eq#jgxzT&l(I!=esTAEVXVZ;fr8+ZG(Xf8i
zxuW>{>Nf+ljy6(C-_!QU&{M9BkTu_>l^G{3uQRUZ0Mzj$mK~Hjo*uAx1slyeA##`n
zLKX(k<X<YD8M}~}u7P94v?=CugO)$DHY?0|wZE4<?MxrG1jwA3l9^M-eFmMEGPe@a
zo14JY-j4F?jK%otf0|+zk6?$XHfcs5S)qD}PtGwc=5V5Ce21OP=j3@^H}08XL{_T6
zqkipHwF4tX$DRY?claeW5_djAPnN(AF|fi8qN5#~$QozgItVmEi~83bV{{AyFc76I
z>D^_13qC_ut;R=8XaPSlYlIC%4E$(b>o^!~Xph1o0}78+$MROn2rC~@$w1&{qAZa}
z=}|!_^Sr62^24yKYzJ<^E~ZqSFMAfKtSt_s55|1iqbA_q(X7SeReCu<R7TGf0kuVM
zk%3toDFJ(6zV7kl;#dmcF7^2?IaHk$0@7vyv`M6qCi<yFI&CMx#03z=gKm_DmUr&1
zNPe$UHRU0p$LS0i)sS2+blZVTz{Qm5c@-0Z>9WU7POE~B^z73xOa}vB90?P`K!X_h
zE-`)t#yjUg55x-B`jw7bKrq_SAsu7_^>vgh;_(S0!@E0yvo#hVS`8N`ze)=oQ$es*
zJ0EsR<EPgXtpxnWEwg!>1XV)}!2WbG$V@!(K-3r>9ROthRWu&(p0PblIfQ3p!se<;
zA1c}_XtP$dhKvMdA|s<hpxPtimt@vo+GXYQGa!jCCU5ND*AuM-vPN)N!A^4%v_D;#
z#hmL42O=?09>o=5gd-l9zXB1cY)z*x-ShzpTzFn$1#K?SbLB?)7&BuNGL!=TWI(hF
ztfSJySitG=)##1Mfj=%+a?UG)tpFOG|K`w170lZnNTi6856zj&zTy=xaWdwp<$(mU
z(Nw_}Aiq@N3QcqhOjWH>hs0Rz8)PRQ;3<d9pGqsTZ>dIkklbnn2fkks)D-OM#!ia8
zei+R%=S)Dw_Azdz5Q8f@XS14ZqNsp3*bWxYNKtypNT83#o}sinkj%Ai>gF7~BU)R?
z=7$`e0$0vUA!Q-G9?V_AesjZQ;Tk0(yYzt2r45l48Q$ifBh&n+o)qsLH=W(k2U-u=
zAEcoQVtfXsVvC~UfmBI?rbV5Nm9_7-x<-#h2%UWk^IQn8N9@924iK5Ci;;Ig8GyZB
z`D!hNZHQ!wi7Nx*db0e+%x(Fnu<k=2QQn)U{`3cner7MyEFc-xeG8$s{cRGxt0I&<
zvjetM2&MOmc`hf!>!C}EU^pmb)^Tk@7u{x&QY@{ASjsE0=+t-%(Bu>|Hpv<IqRr(X
zLEF<(i+~rSUUfYW#2b0nT>O}kA5QdfXAH&ZkuiF_aJnL%;TbsF+~?aq!b?(G7xCPs
za|7kfgqh1qB*gXmK16rG*vy0Oh|U-$^Z{iHRS!)Gq8+?k_^5F8me94D92o9QJfaJb
z)5{t)q_-(v8HkCmzMhD*P<ghVi8fO0Up{EH3;mGc-V?rs(NfyJ5+FkJBZcBr@%&T|
z-Pz;R@R?|rd5*PS*>KdaFpUzCyqj*k1MCvp6}gHgm003O?tjSpbl`Dkwg!=>iu-^E
z40P$>rbTULv&`w{rsvv!Wr5tWQbqq)2DtcqJQ5{epndwbC_Ydx101d9wj5-@VYBTw
zW2d&@vN$aUGglkhHd}8TLloE2@<E9JIw@2*MDKx4SOIjpP3WQpX$V$JB2UylY!}I-
zb;G`9|8mfA#d>r9QKrpzbWvl08(KbhWSh~EiQyyWNu^%D69u`iT*!yHVh#`~n8lY*
z$ooG<X-j0G_Jw;DfQ-p`Lxn>O6V_N#S~e;aFhI-M=`qc4b4Lb30*eGyy87BBvf}Q_
zz-KWd>q-Y5Aj)c2c&dVb#)_l2CE`ujg}9O>lVUG^+%wlOkpmAO#OSd_kx~UwC&3O#
zMYCP0HB|%Dazavev;~ETG!}A?XdxnxtuBx|l&M4<jp1_}AqyD+DaPHz;%|%f#Kr3Y
z)8s+CD0v_q@<&G%_D0;3QO+~oE_9^T=(r<9JUIfgCM?}ygz&-}1y8<(kP_%EQlmM5
zA{Bslw3!3VVqc{J*jBgDqKoCaEQj)DWMnx5`2+4qm(b!QS9D)neN}PbCs(?|2*Ks(
zS{#|eOz+I~nHMZh6!Am1kHDl?$BFTvG4Lh2Bir=zXfDcB>+V2mRF4(lw&IQw=qO3z
zEw~~_?MfeCI6k?qc&{b!jS>N@c8qO}nDg6>+c4+))W8yxVsG%A%kzx<VV$FE$oAa<
z;|Xm?39>I(J!l`}#z$X9c<ziX@I!$|6CMiO#=#pKCRy;(>WT7M>CRQ4JB(0iaUV0A
zf_bxT2_)M}ItHp*yTVC!EWj}@4TcDX>iRSy)G(ORv$?&7gV*k<joX6nWcz}p4_nqJ
z*aJz1zl8OR&dv0tSgDGFHof6&a!n<1Y_I9CO_ZV<a%hX`bwL8o^fNBAi?s1t?SyxO
z(+iR12AmXoXL?c~+Ua!qkeK2kJyDx@_E)kgRpEfq)9<McAI55?B6b-i1<>b&a;dIa
zTj>5O92sAas0?v3WF)n@p*X`XQ}z2`21b|*f2|5!mFgXB>m%o=bhO%^m<}TZmsUn3
zQ%dYJcyxS%NrBjze<M$%fmZNzi0;PPHxr$%>5KT?<?BS|M+*`4Kzed!Bog|tO|2S-
zuIqMADl63H;;D`y2}B+^UMfFUq@q2UE0+;3Qv#Z@MyA6EN#3Kz@7fsgn}a9hA-7?k
z8Hm4iXMG-fD7mbXzWMYpwDnIY?mSEMIfKVMtE0^pKv&bj9pLQQ2BUN$0r5tO*w#qG
zIZ9{do-cwqyLV>)>b|luPQM%%2d&<Xi{+g=Ev#Wt823K#P9rB1^1=X6D=M(sK&}hb
z+*`@lv9MvBo)VB<xDF$1p(JGJ;4l`CyFH63IN9&aK#N5pwf+2Zkm~hAt!SgufGoao
z=Al;s<}_jrJ2_UIgj%$D$D8zWqjjaL73Ay9ID5`0Oq<Z#9~lyzh6Qi$cwe0qd%@c!
zf)dSs<PZ9;?Ad$2j#Wpg*bs7^Te?lQI#*}9T`SJrIkKw<Owlm#=rcW?Dl1cWk6Q&p
z_La2;IgRC&uA#Ex&V~sTwOK0tw?I7?K&eJf*Na{KIr6iv4-xPNv<dwqYWz*GM$01v
z;~s?XFv8mZZ+(OSzQYI~pMdW$!bd1zJB;vA3v$l;;}_%F>(PJw_y28dypXRa(mMK_
z&WLd%<m-vBU9TiIH+;|a?@HnuI=!A46P4LL*sd2V;|e$PADitxPG`{MdheRXF|nh+
z>5QCxgFxi?6MOZa`jM~$w(C{hNb_ZR-u{DNYw>$+I?{X@x3?Ako_Ve-!5rAGSJ)%X
zjg>jDT`%HaM){uj-$nci$w|Dd*+7~v<Ms;4Q)9uM>r#Y&u8;)WxvqBj)pdQ)93mdh
zG~4#S(`NfwZ{-%S4_0iL2%cT5W1M3=Lt~lP0|vnD1)thsjN9;kS?AUnGD<ODPlW9q
zQv{r;i-EQKrrjv!>xr<vW9@)3ZvFmLty^bn-s}E`<`^q5=Dz}dxz??-wQ#sR##Euq
zrE1I@I!K-UDxh{GO2CN##@Kp82X1%DA&jlIBwmUM5#}<tt}ThJm=Iwu#IxSmf!kM9
z`E|EfKygY_xf;_l@9P@Z%5&yWp6L*^B@t9kXuc-G85E~$4xm=2uWR^2_?$6+^H<;U
z2bss1DutQ*Z<P5RqE&^hN$kazPpOQL%_I9tI(_d(sjRlwBBlELY+^pf|MBJyo8W?;
z8czOoBk*3nH-j9wIj={m&%#EYHlnpBaT2@Er!;f_jUP=6GybbLci{E~E3Y*9n`8ba
z@tbe#fbQLTOQo5IZ;bip#BSbNlz1tgdnvUE<r_YlcwP+IrbI1XbDAqlsNRIZe`4&}
zFZ?IZ9u;pHs)8i<LJjA%(OPQ-Oyiw0xhu$APd^5Ju+F;=RlO>MmUj2yPOMVfwsb{-
zjp4-_Ci-AnGp77X`QzB}(!EeZ*-43MKUSo?v(r>D9y6KN{VSn7Y2;UeRfpbP#TJDX
z-{+w)b|7~OFtAEh1SiV$Ou&cx-bSneR`#2m$<ogm_9<#SXB3`JpG*Uf6$3ZyG`Frz
z2?s1tm78%F9(d;Mu>-YkGq@UZ6kx>O!IVts(g9OQ9TI6W2jUv37_%)r4a1~r@QjFJ
zP4zM}AEP^hWQ<j*fz({XjiOfDjUUmq#X<wniyiCR)Y=EM?W<7-&U&6*RU7yb!bi_8
zP-t`q<DkzO^eNggBxGW}dd|QNJ1^;cg9mh<p(-DOQTYbUO*nS!GAHfXslkldv?Q29
z>hrO%Fm~{Toi|}ohXf3W+NbK4HO0$Jn}x+Pn#*scN5`6_sX9-Lf*9D^4+AzPoS(1{
z+!&9}pT4as89En1=Uzw&z;gyv?k4$!Z|xu&c3w5wszjsE0@TGw##Shb6;F(}o*Oc$
zdT`scFZ7TW<ozg)1szLvhB!AJE<{m!)&n3Yocf6&agLXijkDrF^MZ^+H3)R=575wb
z9@u>Ztdvy1Aj%7c96ip+gcOs}d&B~$a#k|<*m{IU)w=PY+m)zA&l{@Jo8yeL$GBkw
zmy>s8Trox0!y>9s^7As$jO-S2=4P5$P`b$AzJM(?-#*7XxrSx1p7FbqX|iBb%CkxV
zd^0?hlc7Y_6QPal&ma4K87Z@+l#EeXOAJ7@RF%pueLoobZpbXe$fP&HjeYIK(0=G&
z3GT@imiem{p*kUzm9i)6%~j2PpZ8@kSIUi@4BuNRy(OMagK6NsGSb!_uAJAtlJc}s
zt0-4ugA`)nX5JpXwR#~1wB#1`l5-B^l=c=BW)B`1K!T<uA@9_T0JxDD+xIr}f89<D
z$3ZcqH6xoDsnF^j3tccHFs@v9M}JlrWEsXre9sM4PD{%4$<Z<m;N1$7MeSpCj_x6|
zgdrGap^M@KYJG+mW)!HNuq<j<=?CSTX9hszduGhn7G@L@E*|iekCBdz4fNfb_kZZG
zzR3f+&!`opBRrIW1DSbyOPI;+-k!K9<|nnA&I6g-_8UEzA4kTEIu>SFZT1Az=6PAU
z3vVF!1D<QR^l0}d@zF6(K%&{W(Uf`;U9#)rOf%kTe`b{jv79M->WPu71|&@817#O$
zu27>K_{N%@o5mQ7tWrjHY9g909HU$blpUW8Z;9L|!TPR|{1$NrYumEKRy3+Agg+4q
z4V|Bd+#)42@{ERr=4IzJIb#zAz@xdec81LyDz#X_6Du$|G*ejF%t$l^oYvjRFd64y
zTt)g(+xplHeA|YRpJ~xFoOe_(vkg@P5>^@S6dRB%R<YmDY&6I6laYa%4jB^IqV$=c
zW*MY%?^&PJQzBJnXdg}EN=W_q%^uj@Q8gK;5(6X8Grg5h2^Hu~{@ELsqtnFmQ|OR(
zU3yli5J@aQD4Pc|zHuy4IGH0i$*M?3U}sDxaDq_=@pwM3_+A-M*h*q77y~csg&Y6>
zArekTcOw)nk}Ot<qNlD>^IlAf<ukaElOLb}^Gq6^#Z~~#denc_wnQn;p423fK0?nD
zDy)1UU_LQn6hqRY%0O+{QX(eS=W!R)93=E#+A}`L$9;ccZ7y~=5)(#XKGS;8X+x4K
zYXO}?_kG8tFU*W1A)_z?CID^{#{g#QsXa*%N^U*jb}oFO6#frr_LXEppwe+ERslZ<
zXvyg(4R}wUvVV?^=eG#|zikO_#92k5hjw#hcrvb^h&0Sh&YjE*8)r4Rt#lJAO0y%A
zfRCIcq0k56o_0c}$6=^gf~Ekb+QCV6XeszTagi14F|)uM<unamKmei+mT*RHgi)@Q
z`(6keKEpAc)0Z@p+<@XH1)EJ6CyJhr^^mhf1`bZ;>blschV%2ptANwGL=9Y%zpIP+
zUq}qo45tpMRl>Ulu+Ds(;Reh?CAy$Qt<wSELfYk8H5*BQq73@LQ%20P#A&c&r8M{q
zz}U#sDG>Vhgeh*-wUSMV0`H)mx@3=@suY9CqDF^W^nvEP6(!16RgT&r*_VjWxYN(-
z_9e<noK+U;F41L*MKtsF_-Z*y?O-yw1Yns=L3K7iFtZ-Xj=kRm(2)gw;9?YsVadiC
zmGOkHd@iW6R>LIb51!b$S&}?d=^nM~EAp)ep$2dVg?tvBxe>TsSQ>Zog8pU?^iC>_
z>CPl=2I4QoW24CwJGoI^FFji*p-4#0Wnx^703wQBSxVpD5Ou2>G(_VWv7>LXIl+Y5
z^%bRUtOI05Ap%lzm5uv>qjA?;n5coo3R8mNpIB8&ppNae(Tw09Q+-ew(R!-<b-jOJ
zNrM-1JAd4lC;dMxrQ2T31LjSG_Qp?oZvD;G@ps-QnhOzmxykk{T<;%M1C2~`sTi7e
z@`B#RL@83M3OyaHNUnxkfz7-<AXv~hf%|haQy}}fs;lJY=gQ5R@Ro_F62%)evVSb_
z11TMZ#>KG3&D6)Jc_VPM#Hu3Qxi56)Fy<=ZwKN2@D9AR9#KR6WO*^-Xf5QiSCsoFo
z+u6X~tROBx=P2^A!FNmG-BOjcF3g!(eBpAHO^Cr(`Q60ThWCIHmRf0_qDH+N(ry1-
z^_^CF+AU@G#1!qI8b`uH6-_5fioj^!O;X!NG3tsBG)+78)o%jm^cDqtCwD5-8(xY5
zS#ck}+3u@i^@aj9gE=aNsds~yc&&Rn-sh?o*Q)2n(E-lMRUc|&KQT%WWWJcZfK^zT
z_fTydBjH1oiqo*r<};>!28^p-twxekePrMeHU{K5OV>BQku>!>IlV>kiz`+kc+c9e
zRTQp`wq&!KcwZuZa6qo9&J=H}ot}4H76YW-a8i&#eQxhz2a(aUWMtYLY9gB}xt3yO
zeT1uk8|=Q3GNy@Z0@g;4UGu`{HM10iIlHPMN-e+#^WhooVimHw!=~|bNYN<PdOh(q
z_U7w}N)_9zSD8!T8O&p=KxW<^)tW-;ZN-6S(}kRj_hej#Zm>Bca`Xm;oZEXZ`c-e_
ziXptCpgcKRKksVdBmWjAMbCyM7Av5id5<I8j%zE*n7B{z;%=>2h{OYL+Xr04W-rx7
z=+;Ni$Icci-t^(_;A6?JszgoWKQ*I&vfjz*^~Be6e<I}TiQv8LQ?FIVedM_W?#<LI
zL9HO{$ojomZtA3&R<kgk%fuZs-UstQ>{ezES}*!nw~FZjeB^>dU0pcOtlG&NK<}(3
z!whgDEX2;J!^D{8X1+B^ZIl}{lGn{o&VD|4!>s{diQ9DbK*xwS$IbXXK6@Hlo%*Fp
zqkj9J*DZf{IvdP+LB!ccQIK|qbj;y>`@5O9M^p{hF+L9T@pt%aikpwCDi>2RKc+<3
z!1A?E_-v1qeYm&vE>-&3JkF%TK{ie{-V7;fqc`iBm`<ne&e`x4kT+Y0F3>p6E$nAT
z#sO_$qUXb3Tr=HA>b=;@fb*%Ub5*P!7~}Me3)hjp;lO%4l*@B#(r<s?H6m#qE$|=1
zN>c*rFF<wH6=vgk<Zc>BDWfKC13!fJXpRA`{W=ixt0Y#|?0D8YjfSq<i9+^u03LVX
zr&NLT1JZ}P7K0G0mvJ!1wA&NCf8cJS=2v17e6CVvqI^C(g%3Ztcp5xefQI*kY<-Z%
z$pd8@%S~d$FCR{)FMD8~*Tlr+J2mCE+nXpwGNo~e=i*^U!(v;m^9xdfq*ui)v-r5b
z^Lth*7XATre2xx)JwDh^PKx4}kK`_+Mz$?kGz+`_SJ~%xovm^uvv`?1kpiDQVIh1N
zw*Hi@CIquU@fZcu0`U_W^l3y#U;P|$Y>Dkna04hS3%3E?;h#<3N4j0FzHknak3b2M
zK^NDH`z<89&*)4vRByyBotw-7aQ@Y2R|nvPd&|XDfxL}R4)qasF#Zx2S~J$AD}Y0}
z1)60d;SPbYK0xD)Q80-SKRdv{wi%Z{c5nVb@C&zU(-VJ<jnBM2N0<42NB`A4orV7+
zA*@x#70YND9gDGzOjU|k!><5Gv4=q0ExdCz<I0jlMc|I8@&a)gU#(8mN66UP&xP9q
z7i$j>I4OmaI`oc&2|IN)0vRW~W4$}BOQryq$2a7+->_f{Gi4Z3CH2_HvR+CXH1qaW
z+ebr^s&sURN%0>yd&{_b@7Mi>SC;6c4){}QuPmdVi8-Z*;EG+t9P*jixUXYw@6pyP
z7_RKAG1U=SIXiwj>ggz3N&&0vHa?2?_RU-a{M6+e-?5+Ddv^x!#dC=7BWWMD*-`7A
zr&#XfdJ(^y=jcqSy$kTEy!X+tq<x9}N;b^q_lns71D_l5$lrIZPSjNrKgn7U?umL$
z)++%ai&9j}s>D*O&anuje%8nt)ez%|Y}|~?-)MKD6b<i}B!q9eUI!)7Z|zw3J2m9;
z%?q}0;-!kh^jmX0I1U8Yp9uGYhF|{j8y9?G)+|v>nd%x_vgbn%RDb{51Aa+7a@!NU
z1tv=qPsSv+r>g8eKn_G9-oH`H;lKQ`YXw3P@5s#(^ao#;_LphutZ`_9<)CmSx(D?9
zI=FnZNAE-M6@G6A=fGrn5`V_tRuK*gmTGLuYv8guTW93-dg5@2<BcUr1$=)q>JQCh
z693%Jc^zCfY3qy?S$mITINmrdIfi7Pin)hoZ4%~q9b7hQ>x>vdTrXD`Z}dKKxh$3R
za!=H2T+!`etPG@taqr#XN&S#grJI{y2S0Dr))_kI6#>T^EhEA3$L=E@rCD2N%15xk
zIqF1$n<4cmZwf*3nTOvY!)C-EyVfX5aZ>G2;V`K0-`*U8<c$Ueno3WVf@+bX%qu*&
z*a`nF;?lKA!JUZpc#!5d+NIzI4U+toUoiMzu4M`*QaL0@^9#4ODR?WgG5Zj={n))}
z1j=urHTnE3^`B^;f)BthDLV|1{f29yf*U}D0J1;uziXu;SmST-XQ}(NQ^AjYg$$a0
z*)O}6D!74qpkd<ifGlTxgobIghGYl{qPMCId}o$G8A5{St!yy&n+yjgtq2y<G4@J<
zwt|bw(Cb`+9{q?bcnj&6d5;?zlUJ0viTA$oOhN_7JXV70mkH**FH1HsUV`a2wehCh
z0=O$8S_12rIht|qK_w!Kas!m~R%YEo&Qum0a+7ZS0t$i7f*nBBnQmTJ03#Dx@Ew5N
z8SWKYa0?-Bg6JJE<Le8M^_Gb(_#PaMc(`YBi*f^w20Y~c+yJlF6Cu6h;ApBtEY?};
z^~6Tpu>ywmg9S&^9@H$IA(M;o{C<vA_yyy7Jd*&AMmyLDD^#*{Moq5web3MyT?LNj
zIn3r-M#<9IaLz1Jz@vE%^Yw5r%OZRSkES}*OnSjBJeujyGB)8I!_FAjmmmq~gm(<K
zGsI0Pv~a*D%wwo(Gu#k#I3N{{aWa$K(WRB-UOEv57hqZN*6{WP+#f4=tz;P7SyQ~m
zu$LUfM2Nv-Zid(BdN7Pkioqd=O_*T&d0-S}yW73O{KHv6BWuE6RuKDHgNmgyXk3K7
zxWM@>wD!J&O&D2U;Sl%pb-#S-K8N*#)9Z;P=Ffn`*2Y!MRuI|jIaafDMozCMg8mFR
zs-rioYO1)~K)Uz!M6AC>L#yRrwcK$u=Ahr-<UspdG_k9_tYr2{GnluPaTSjH3bx^y
zI)m@5VHK__X>ADf860wxDs&QQ9+*Uf%ZV23<S!V_>Z+t_L>kNoneb#TJFp~CJ2BH~
zaA+!cXpE$Al-)Fjz@!??Z6z6w!9b>xuMK}e{2P-bs?B0-W#v-r1@~K;%5|Lj2vV92
z4lm7Q#5I*%O18m#$mJ397_$dv$_)<dN**zPF}be|;tl4oH;9qbrjn*|%xDbwUnxQ)
z7`wWvB;*}44F_{OiI_e=94?c`Z0i}Bf&bf(4~<DP?YpLm7DHrgg%iCgQy(X`qiwcB
zW$b|yk<^Wsz}HO`F^0@o4JWGGlQ&qBqN$?B&>6enL{x#HlGrFe;x-G+lpW0Bc^y^;
zYzM6{y*pOKqsb8*TVOsMkq$HOyeX=sD*HI%5B6~5nMpjD-FiYqvzhb8XBl8OnvZZY
z59TmYk34LSr=6K$R~)Cdm&{-rxv>{6KEno-+N5kj@vc5@Y&C=A%1!>!2tJtoVW?&s
zY;$Zovtcgm3OMa7M|&VSmclJf1m`e(+}vhuT{yQ3Vd=k@<3k9}6-ApJn~$gLor?s+
zu^(EPsliT5K03~I&*6sFxp9(ASAa$a!puD0Tw8-=cgjg5qGM5nGeC>%^^N1nfT*-k
zu?nMg@h3L!vcc5ozR8NYY21pMr897H-+P((JAT_37ky(=$gk&3SIyEHF<x)(8@nV+
z<EpLcFlY1YtD9n+!@82yES)ivyZ3xDso4SvKf2<ky}BNTH+gR5T~$yVOqUH31`UBh
zGq?tV4Z$4}EV#o*7#xC!KyU^R7Tf~CEf7M0AVFpZcXwxShru0Y`Tnha*vEa|hwkdS
zU0wIys_vK5=iHly_T~4MA~Y~KP#YbrCZ>3lxP>(Qd39mBBE1zbgue59xNHl!fqMuf
z>g0EM0Ojr^mESxzx^uBQV<aK^T(~dpvVG>mWQPTK{Jg}1n`>R(&Of}m+qxUR&Or~M
zAy;vab0!*olyfzFjV#|feDZX<CIPvArv0FBWaLtl@MhW6LW0C=PKk)C;~N0K6pX?$
zw)zC77^dRcVM?R0cqBJgGtl+qC!I#cu`(CnbCB#&%bwXy4~;`Rje|B}Vgb|>a`|<u
zl9#fQU7t5g#+_##0oo7)AZ$Sh_I3GSaL9oKvW>SCal{|IMb!6-WJ#7D!s6As4>N_*
zDPBDA@y;e?)2tvfRW2SF2bYlKgAf|dKm$Hl=Ca+X;d|=j%fBwGJxeIcw-=Dt0uaRw
z0DD^PQ?u<zA-5mNj3nM*uapmQU{M`5!x;hU3TCgOHW)xQEHh65qe4j9CAGI{pBtUM
zd_c0Kbo4A?nJAHt6%)c5xfM2_-j|-?-gWClGkYr+wqGhfexor^ga6pM?z_=P&J8{1
zPZ%ZnL+ovOBUT@oy#yTM^5KiDYP~RE8v*veZu(%hp_d9r5^WB@YhaPf+>J*UxWlgo
zd}Y0mT?ue>S0cQ^Vt6TFXb*LBX$ZBm>jmj<Zea5^B_7#huup%JviJLlz$@^YIC~rm
zrlMY2A4&BrsLd?-AYn&zMKR<n)&ef!M|ERe89-P8qqnun`|x;W(4KMQ^1Wp0zPwQk
zuFF&cB`)L#0Sax}?Yi{<N~ym5H<{Yi*|IcqN#P>ElwWq5becr#cakNX6-KARlzan`
zu_qeeRlDBwsm-=Ew3}B-XunxcQn8abFL|2%z6(<J*-<pn^xMxudO>3PkZB-n3=^g`
zOjJx*$Es6slB$ZvU5f7YdKFChm^1#06W)@#^%ByucWKM*G2OM^?6Kw@Q&Q;$l%9$S
z+WKQzZxng)ZxO<0kjrk9Lx(30OkUBAuoCtPS+Aulm_aD}%-u@h5ricB*CRI{Vhn`w
zl5+btYa7a+X%tuRG*wivekMI&a(XOywbl!{YX)se`8shBZoJ#s>>oVJMXW4nci+y%
z;G*6hNwgAhg#LXFTYQe2&F-avU7?lg$>8PisN8OSHEpvcA3QDhc%KA!LM{s)>sI?>
zweGQnQVtH45p~^~a?Re_2U%6n<`DOqu20#c$sgPv9-mJD`aTXlb+^@wKF+xSmx=2H
z#O@B|N%Iypx=rTjEgIR@8~Q<iJSiV@-fAG*_7m+~yl@0BsFQE%PdH_o*0FlEpb`&x
zo&Ch*B4hTn`VOSx=Ec_JSDRzdSE%NHDW&KP^xdWO!zuF7(<Ku9KX!U_`SqjoHR;=b
zL-=1CPIuk^F$JKf|2wY#FjLVFF8|sIqEAnG*faZ^ZlpBKL)sFyczWv>J@7yz*^?~0
zvCwf0{iOPS<9Vx=X`a%L-wCoqof<!ZxUxe{#@3&G=b_`Uo)>8uc0Uj@r14Y5Uvw>K
zkyR01+>EOJq}^yDgtMHaKW!oe*cX292p+v6SmyhlEsWjd;dJ20v8zOnRjKNesbO>+
z9wyRE?>0>q>%csL(kUMPIh%@sxNug$u<p16EJDs0dN(vnOTm-#lFFvlY@{^r14vIE
zkRn=tQJ+vb>H6#X0mNz3yjm5L_wOsupY0~eZ_no4lFsBp<!vK<;G!gx6kKK3fkn6c
zh7nB!!IBMey^XI2<w$}G6wSti5JXw<KVx_g3LKwTatWy&@0D&vdpie5Wi>tY71G?o
zJ&`EIelZh{7k}wzw(wAhaQ)ApMk`4m`<P?nSzp8I%XeQ2x?6Qk`LR~l?(5jd?X75n
zlnd)pJspo(giWZ-OGAk<vRVGtHmtq+F-x!@s(4TFb8BQSRxkar4bArYHx?5oH2`G9
zmr|31fzFBvuNFW9r^jr=KBsruS>8+dN6X*;J{hzWs^jkSn_W@fSp{Gkr>nShz&b~8
zM)u$=fY!>X`D2N<LXjL6MoE1Qn(%9{O3Av$2ZNOa4$|<59|fwx^x_WIKi+9`K7<7x
zwB%UJwS&s{C1j6EU^?QF8iK_XXS=v5DIOmD*ac-AS3t@rFmru5ZxK8j$n!mArMzf2
zNQmlpkv!c8*F(a9wTxw-mXEKtRqU#MfC48Mc<?z+%d;EmW?sKIsatX=ymH;o!y*6D
zzk1&|1Z~8PiP>7+`i_|Tsuq3O@80m^29t_s+H~HBoHq}icwF6jUhR5L<|<V?Sl)HF
zKof0Z!oE)n4;VVM8<_6yBzbM(-)xH$Jh*8&eFvw7*J>qZDJXHYH=X*G-h`loQZbW>
zznq-QIR;qyivKWr56bK%K`MjCou~n+#g%`^zVb;UJ*unP7S=`gFY6p|kLA9G&dey1
z-~uKz+oWcr>?zv3b{E1X<0}Pc8My|s%|KJK5xA(i@B^8&5bLif=t)JamlfIVY=$^R
zW4~Z1s^ANbAN74(kQ8FOtL8$FLw^OYa{XDnEuucjHy9hd*8STlde=>{^UB%$d+!I;
z`4>$g;uK=`{4@CKf_p(yY+pN`<h$tk4QZ_Kz!hW$O#q(9-V*w(7Mplh;uS$(ChYsw
ze%;JrSXgWPdeV^ZD^zs*lt(5fKPzb_H>drKR6Xun;nt~MMnzT+7qe~r0gTQ{wr?r2
zMVrc1ap7%kn`hg_6)cX!J8UiNh+K%@aa|xSBbiZbWu?2NCi*^!hq+@LcKG%SZgQV0
zN~B!6Vrkz(wzXo<@dd8$>P#jwa<&iobeBqVhkd^g$A-m1jM6%CS-f8ExZfl($dCN#
zhinPJ4d349pKKc5c~jhikyUDV4Wo3s&!7Dxlr5r_l*eGPiM@>Gh}4GUN)m%_d=|n#
zyDWKoe}!tGp`*=HoE||ZBN{V#;i>pM`j|Op-pXTd8@Ia!_?0x>bfzg?`_ctf-l;I;
z|4_Y(<+Jtm3}lwD!Bk=4j3guBG-g-#X3E*`7WgDHvVYZIFA<b(sD)&oOiDp7HjKPK
zd=iHVZU@SeNHbdZD?e*YZDbnmf*MMF_u8hKtsUUOZmZ`GM;AyfVx+QwUfZ%u%Cn6!
zZ#Zeo<i5yQ?GM)o%xyJt|3<JIpNPezH@CT&G=Yit!eQu4{7sa?nFwEN8#_@lJ}~Ct
zQtIJNGyFkUW=D1$P8k{-b8jJB14hRy#b$jN@%L$Z=0bH>5|q=Co3&O>MSB;id$`&|
zDhrmb0&>+;uQx8um(Nb2%~~}PQd;k}$&5LTX$cBnpDN~#3}IKq3<!iv0J>=yR9cDt
z;R*u@+F?eeC=IJ#^bPQH6fpm@iWOW*`6s6XLot|_6m*A$>TdNH_W#6xq+8~a9L(D0
z$QZ^S1#c`B0T*JEm}c^WwRhk-=jmAWJ28^?7(Q>(`Us85#Q@ugEu_X)P)czEAmbq{
zya6TglEf}JGCQqA_VRY@XfTBEZIuDeU9qr)GcDgQ7Oh|6z6;QeTbCLIYfKyeNuxyW
zUsxNh<zl+ut`uyndubJU7oJ+tHAbe0bD42f1jkNfr62$!&<#L^%M|NHeHFE6!Ad9L
z$1fi+CDoX8tg}%zfA)hmx%GvrZ!rS}8iTlG@trLX>jB!4uABbeTUn(%^;F_fE3;9Q
z8n2flc&M4A5;laFmoGzAgNvALdS-J;Ih2@pnI)P2#=E)&T3Z%B&Gbs$e0Q80@14M}
z{@#RNPT&ts{2IuFsp&&67Q+7&rVx9ip~>!rfbkm)Ozb*#Fq<_Yz#--@p8<J4Fj<&U
zdj`i-mQ3k!lKZTm1y--HdX580=VfLs7ZWQto?mEE$%3lj$47+sgC*tA*M0`QC#i|N
zL`~nnof-orh&`j|A~Ulwcp;f63Z9ZX%&DlM#}metY^i6@k7GIq(o}E^So9+Km~2nz
zUaT@A=}{dCZtW6(q`8hDMkBf(MX{6e*tGtJ)Yw;PJRcngoike%t=fC&Zs(OiOvyR(
zkls4GD2kzZ)5C74%cio}4-Gj*0}5H6s#1!;dOk_InNRMYf*d@6!X~WejmlwW8a=Ud
zS}6?IRll%+ieT!Myf?_nG)lZLEc;&*tiU0v-5Ikd`1FYO0c)E%wy_Uy+To{DFKBBE
zcHiiz>DQ9^)iDW<gV$Ii#@>rqBn<#d`6U}4o>2|a@tC8?B!9bOp|YlZn_cYvWEr&u
zjap+!Oh*QebSaZsR9?F#a$%|sg=T6Irf=qvyA)4#s2g#@{S>xHdOS_EGo3+Ce?Jk7
zy(+Zj%QHF-3Fm3$9Ml$Js^Tnp&25iaAkqbdN)*m^VAl+Hm?8FlvUY6vP>a4&3>suI
zsUKV&+AV;B3pSg=c^yYh$dgC?wx~HMs8bF*v{<eSws%+sPMQu2&+^RA<;GCO@H24@
z&!8j;u7nQ&C$^nHm!TFVkGA=%OjlaZ#m>AwnHe9kjsA9RL#C=CiQt|jl`$OFui|ua
zSaPR}AzDJdmrw79bq$$VnRq%LJb5!Q7mdgl7$utXk%e+H+j@c@-9)x$(r~ktcG*bP
z78*}|O2r6|W|L`OJoiz>ull}2!&F8Xw6uSow&fHw`zzPja;H>p{7~7P(E-FCn6XrH
z_FWej5SF7%k46PHdx0<e2^#dAiHGfQT=3cs>0arSmN?gTL`<bOS!dIRuO2v$oc&C0
zQVx5rv1-qMS|wDUnJ7h<r?P*zuK%*8283uihn3`+G{=$b&@man_cD*`3T|Rq2<ku&
za>2+moYPaLl2{!{ydKdJot^^A$i-f2np#T8^H7{&u9|mz%TQ4w{!tW6z$PAr`HD?k
zY-Yvnx4Kh8!x&NgRvV40;D#fugVH;*7e_lu`9Bt&=Q(9%iuQ3+0vMCO<lV%k39N1$
z)OD^eVtVEkaoPH-_Te>cQag}i*lf{DQ0M;K_w0g9V~3!;zcL`bZFPgo4o_H~uwRN)
z|MP50wDlpvMVV&bQ03rlm?&N}@3IwT+!u+B#HhD&T!DU+xEZ7yFP@vWw-euGc+;1f
zXOR~_9q6n2nnSwwj#tuL+3;-HDukVja8RY{0}&#G<u@*?gb`C<WY#-r82Rt&mYP6e
zTsRF@UdN44%PF%OA$|Ea&yD$H{x>TsQa?&IAgSU>rU_{UE=R3H{};#{{d(9JT@C!h
zUv+8BNjHC;wh6U@bW(u4*d8K?@2`UM>_^Kc>Q$`I4!2^=Llq+Gm2y+-pTDT1RbhBp
zXF&eMr3iH9V<nHaw0Ikdw08C=ll`Ts>jACYk4T~}rSMnN&Rj&?w+0j@v*T5PyCf9Z
z$|`d$9*k+a5Ecnp!n#t0l-QOemd_277~*<+BMqq5TDY87Ra0<%7hHg&VqlA4wgZV1
zOPArsXAJp@WXIRB<^7JN%AWlWA^_2g-jOAH5T)}2+iL4mFKJ29t|sa_qvFS|Dw;T9
zVA!^qm+*CZl_aLbCFYnRCx0)~zBzIp4NOdzya<=6kf-c`7)CQFpv$0Hn$bn9O^5v)
zAQ|xW(AaY9`sXkPCDlr9M-m?h_N3?DwK4^1)XH>6P&pTP3XXg5Cu+`UQyRO4Or@t<
zmLhl}QrZk{yvA#n>PSPx1N0{fH;$Lm`1W~)U$(P3NhKOs0YK2leK95#2NvIn!w3c^
zFvWngjV@s^>#COPYZ4~=oXbMjp7tj(7!L|Lk^z$MHd@|Ah)|ges`Qcq_0CrTzvTpR
zY~LDuh&-e_f`>JzxMTBQq%5l|)tibETDIwTyS*GsmWpfyDya0$b1cwthP~O~z)TUR
z?>;`tNW{kFE^u{a3Ejvl5n&Mg@=W*0;;l`7UwFThOXsD!oU*sYcDZ0<KW9ybenG>h
zjdc!V6Ev|~?kl=QX9Lgl-$|9xdG6;|cYdd~N9BP*Qom}?uQ?sRmh?^tTe`yoxkn}0
z)d!F@xRBu2YmQ#*eZ0W|WQ{`5Z#X+7$V~DI5cY9y`O}v?xltIZ#ng%%a`TV^(1QIx
zDNJ`vjfN*&<*#Y<^5xuS7^8KqMhw88HZQapi}?GR*WlW7VdBc7(X`CPZMY7Kj7SVF
zf=)hliG*?Pj|T0z2}(sjF(CTN^I3&g@O<O~#4C&)vC#UN-P$)Dpq?qSLjmg@HBg#K
z8t(F94dX@hkkQp~C8g$Ch->k)?ffA06^tX5ool0ZBJMGw-zajb7$tHR4fi7n7M1GH
zt;Tk~&~ub5Uk?#;M|U7DshnDu1r-KwA`U!l`<JXXbNd%a0yfNJ0E#-=n)jgE54A#t
zAwoDdsB4+IPT>0=5k~m?z1~D8e?(cG0C9;<Z*B=E6?N}6q>0a>YR+`_L+=d|I7q3J
z*#w#X^x9cE_dB>_84Zt5eUl*)Cf>g0`$9YEY6*Ro|6*#V6%QJPVKbn(j*F7)!4p){
z75meBuA$V1upTayQ&p?%mfx1`hZY?4Qkh5c{pm|M_w%<jUw4m6zV$B+Su~PC*9Z2k
ziX`ioewdZFjeq@`jM&M?R_CXkUX6{&LC?#2qWf<No@Gcy)>&BBOCM9@qLS-QX(Tf?
zeU%;nvMpoJv2N_aX<imgZZYc5JRrqpKoraE%|`z2?7f}m`+NSph4+&a>Q?Jmiy{D8
z&N0)iKzwNNF=`$GnZntcNK8enD4LNLB}O)aR}qB|)vey~sK;W284;uWOV4s#BCgT{
z{Iw|mAsE^VvJl4SG(K$)e?#dl(#=r7B<ZdmwnEdY6OB3%8k!!-Eoa`Kbby8WzTG*H
zUT7@hDCMT!v$oaSZVafUqD0-3a^v1YA<`9#V!UkmUR=WP#R{lqnKNPk&Gkpit4!$%
zEKhVYVO0Md@=pH2OGn4}PnoP$c0hFr?Ewi@x<V3nGvgT;?xazi-j|m+?gAhlN*s~(
zNw8lyalvu=+o?L`Icmw<h{VPx1{g2B8ZDH2GFu6Po||^6NwWSp&@yemcTtXu6(5SI
ztXNSV7Kh#=VF<7Ts3nd(08O+!&abg1A3&acJ={7#jV8j<VQz8UmVTRatqturi^KxP
z7z9|rI)oSQgfZu?)Jdy3p6@t6ARy5BT!RYQ1nXUfiVCMZ>5}P0O%BEB3@<`~c$*T-
z^2ob2eO^mxy5D;s!&9dDNBr`?@r_3)Bmgb^u-1$Qp^yJ(`3R%@2TS>XI6W%X{?Ez(
Lt7~TV!hG^yC^+~N

literal 0
HcmV?d00001

diff --git a/pages/vpc/reference-content/understanding-nacls.mdx b/pages/vpc/reference-content/understanding-nacls.mdx
index 443d666fd9..89eff2a178 100644
--- a/pages/vpc/reference-content/understanding-nacls.mdx
+++ b/pages/vpc/reference-content/understanding-nacls.mdx
@@ -7,7 +7,7 @@ content:
   paragraph: Learn how to Network Access Control Lists (NACL) to filter inbound and outbound traffic between the different Private Networks of your VPC. Understand concepts, best practices, and key use cases.
 tags: vpc nacl network-access-control-list default-rule stateless inbound outbound port
 dates:
-  validation: 2025-03-26
+  validation: 2025-05-05
   posted: 2025-03-26
 categories:
   - network
diff --git a/pages/vpc/reference-content/understanding-routing.mdx b/pages/vpc/reference-content/understanding-routing.mdx
index 183cac3811..fa914e239a 100644
--- a/pages/vpc/reference-content/understanding-routing.mdx
+++ b/pages/vpc/reference-content/understanding-routing.mdx
@@ -103,7 +103,7 @@ If you create a custom route with a destination of `0.0.0.0/0`, this custom rout
 
 Previously, Public Gateways could only advertise their default routes to the Private Networks to which they were directly attached. Resources on other Private Networks within the VPC could not access the public internet via these remote Public Gateways.
 
-With new routing behavior, this standard behavior remains unchanged. Default routes' scope is still, by default, limited to their directly attached Private Networks.
+With new routing behavior, this standard behavior remains unchanged. Default routes' scope is still, as standard, limited to their directly attached Private Networks.
 
 However, you now have an additional option to enable each Private Network to receive advertisements of **all** default routes throughout the entire VPC. This includes routes towards all Public Gateways advertising a default route, as well as any custom-created default routes. This allows resources on other Private Networks to find access to the public internet, even if they do not have their own attached gateway.
 
@@ -129,23 +129,34 @@ Your existing setup may be impacted by the new behavior if you want your custom
 
 ### Example use of NACLs to mitigate impact
 
-Imagine the following scenario:
+TODO CHECK THIS EXAMPLE
 
-Your VPN has three Private Networks using the following CIDR blocks: 
+#### Scenario 
+
+<Lightbox src="scaleway-vpc-new-routing-ex.webp" alt="A diagram shows the infrastructure described before" />
+
+Your VPC has three Private Networks using the following CIDR blocks: 
   - `backend-net`: `10.0.0.0/24`
   - `frontend-net` `10.0.1.0/24`
   - `monitoring-net`: `10.0.2.0/24`
 
 There is a custom route configured in your VPC, that routes all source traffic destined for `192.168.100.0/24` to the Instance `vpn-gateway-host` as next hop. This Instance hosts a VPN gateway, and is attached only to Private Network `monitoring-net`, with the private IP address `10.0.2.42/32`.
 
+#### Problem
+
 You want to prevent resources attached to `backend-net` and `frontend-net` from sending traffic to this VPN gateway, under new routing behavior where custom routes are advertised throughout the VPC. You want only resources attached to `monitoring-net` to be able to send traffic to the VPN gateway.
 
+#### Solution 1: NACL allow
+
 You could create two NACL rules to **Deny** traffic first from `10.0.0.0/24` (`backend-net`) and then from `10.0.0.1/24` (`frontend-net`) towards destination `10.0.2.42/32` (`vpn-gateway-host`). When combined with a default NACL rule to **Allow** all other traffic, this would effectively block resources on `backend-net`.
 
-Alternatively, and aligned with best practice, when the default NACL rule **Denies** all traffic not matched to a specifc rule, `backend-net` and `frontend-net` will already be blocked from sending traffic to `vpn-gateway-host` on `monitoring-net`. Since NACLs do not filter traffic between resources attached to the same Private Network, other resources on `monitoring-net` would still be able to successfully route traffic to `vpn-gateway-host`. 
+#### Solution 2: NACL deny
+
+Alternatively, and aligned with best practice, when the default NACL rule **Denies** all traffic not matched to a specific rule, `backend-net` and `frontend-net` will already be blocked from sending traffic to `vpn-gateway-host` on `monitoring-net`. Since NACLs do not filter traffic between resources attached to the same Private Network, other resources on `monitoring-net` would still be able to successfully route traffic to `vpn-gateway-host`. 
+
+#### Solution 3: Modify custom route
 
-TODO CHECK THIS example
--Would it be better to modify the custom route?
+Another alternative is to modify the custom route so that instead of applying to **all** source traffic, it applies only to traffic from within Private Network `monitoring-net`. Change the source IP range to `10.0.2.0/24` in the custom rule.
 
 ## Limitations
 

From c32ebb22ca3dcb00ceec97cdf8c3df42d64d44cc Mon Sep 17 00:00:00 2001
From: Rowena <rjones@scaleway.com>
Date: Wed, 7 May 2025 11:26:56 +0200
Subject: [PATCH 05/13] fix(nw): finish routing updates

---
 pages/vpc/concepts.mdx                                | 4 ++--
 pages/vpc/how-to/manage-routing.mdx                   | 4 ++--
 pages/vpc/reference-content/understanding-routing.mdx | 6 +++---
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/pages/vpc/concepts.mdx b/pages/vpc/concepts.mdx
index 14a62801b2..80a5210ca2 100644
--- a/pages/vpc/concepts.mdx
+++ b/pages/vpc/concepts.mdx
@@ -114,9 +114,9 @@ Routing allows resources on Private Networks witin the same VPC to communicate w
 Each routed VPC has a [route table](#route-table) which is automatically populated with routes to each of its Private Networks. When you attach a Public Gateway to a Private Network, and tell it to advertise a default route to the internet, such routes are also added to the VPC's route table. You can also create your own [custom routes](/vpc/how-to/manage-routing/#how-to-create-a-custom-route), to route traffic towards defined destination IP ranges towards specific "next hop" resources.
 
 <Message type="note">
-If you have [updated](TODO) routing behavior on your VPC, or created a VPC since TODODATE, routing takes on the following characteristics:
+If you have [updated](/vpc/how-to/manage-routing/#how-to-update-routing-behavior) routing behavior on your VPC, or created a VPC since TODODATE, routing takes on the following characteristics:
 - Custom routes are advertised across the entire VPC, instead of only on the Private Network of the resource designated as next hop.
-- You can optionally [enable each Private Network in the VPC to receive default route advertisements](TODO) not only from their locally attached Public Gateways, but from other Public Gateways (or default custom routes) attached to different Private Networks throughout the whole VPC. 
+- You can optionally [enable each Private Network in the VPC to receive default route advertisements](/vpc/how-to/manage-routing/#how-to-manage-default-route-scope) not only from their locally attached Public Gateways, but from other Public Gateways (or default custom routes) attached to different Private Networks throughout the whole VPC. 
 </Message>
 
 Read more about how routing works in [our detailed guide](/vpc/reference-content/understanding-routing/).
diff --git a/pages/vpc/how-to/manage-routing.mdx b/pages/vpc/how-to/manage-routing.mdx
index fac85ae0f2..256d8fe0b9 100644
--- a/pages/vpc/how-to/manage-routing.mdx
+++ b/pages/vpc/how-to/manage-routing.mdx
@@ -46,7 +46,7 @@ If you created your VPC before TODODATE, you must manually update its routing be
 - Advertisement of custom routes across the entire VPC as standard.
 - Option to enable each Private Network in the VPC to receive default route advertisements not only from their locally attached Public Gateways, but from other Public Gateways (or default custom routes) attached to different Private Networks throughout the whole VPC. 
 
-For more information on these new routing behaviors, see our [detailed documentation](TODO).
+For more information on these new routing behaviors, see our [detailed documentation](/vpc/reference-content/understanding-routing/#updating-routing-behavior).
 
 Updating routing behavior is irreversible: once updated, you cannot revert. However, [Network ACLs](/vpc/reference-content/undestanding-nacls) are configurable via the API to let you finely control and restrict routes within your VPC as necessary.
 
@@ -98,7 +98,7 @@ Two types of auto-generated routes exist for VPCs:
 <Message type="note">
 By default, Public Gateways remain scoped to the Private Network(s) to which they are attached. They do not, as standard, advertise the default route on other Private Networks in the VPC. 
 
-However, each Private Network can opt in to receive default route advertisements from across the entire VPC, rather than only from locally attached gateways. This allows them to find a route to the internet even if there is no Public Gateway or default custom route on their own Private Network. See our [dedicated documentation](TODO) for full details. 
+However, each Private Network can opt in to receive default route advertisements from across the entire VPC, rather than only from locally attached gateways. This allows them to find a route to the internet even if there is no Public Gateway or default custom route on their own Private Network. See our [dedicated documentation](/vpc/reference-content/understanding-routing/#default-routes) for full details. 
 </Message>
 
 You cannot delete managed routes, as their lifecycle is fully managed by Scaleway. The route will be automatically deleted for you when you delete the Private Network or Public Gateway that it concerns.
diff --git a/pages/vpc/reference-content/understanding-routing.mdx b/pages/vpc/reference-content/understanding-routing.mdx
index fa914e239a..117adeb79f 100644
--- a/pages/vpc/reference-content/understanding-routing.mdx
+++ b/pages/vpc/reference-content/understanding-routing.mdx
@@ -59,7 +59,7 @@ Bear in mind the following when activating VPC routing:
 - Once activated on a given VPC, routing cannot be deactivated on that VPC.
 - When routing is activated, all Private Networks on the VPC can communicate.
 - Network ACLs, to finely control and filter traffic within a VPC, are in Public Beta and currently available via the [VPC API](/vpc/reference-content/understanding-nacls/) only. Alternatively, users may choose to configure NACLs directly on certain resources (e.g. Instances, Elastic Metal servers) using tools such as `iptables` or `nftables`.
-- The scope of route advertisements for custom routes and default routes to Public Gateways depends on when you created your VPC, and/or whether you have updated its routing behavior to the most recent version. [Read the full documentation below](TODO) for details.
+- The scope of route advertisements for custom routes and default routes to Public Gateways depends on when you created your VPC, and/or whether you have updated its routing behavior to the most recent version. [Read the full documentation below](#updating-routing-behavior) for details.
 
 ## Best practices
 
@@ -78,7 +78,7 @@ For example, you may use one Private Network for frontend resources and another
 From TODO DATE, new routing behavior is available for VPCs.
 
 - This routing behavior will be applied automatically to VPCs created after TODO DATE, or where routing is only activated after this date. 
-- Pre-existing VPCs must be [updated](TODO) to accept this new behavior
+- Pre-existing VPCs must be [updated](/vpc/how-to/manage-routing/#how-to-update-routing-behavior) to accept this new behavior
 
 |  | Old behavior | New behavior |
 |---|---|---|
@@ -117,7 +117,7 @@ If you wish to exercise more granular control over default route advertisements,
 
 TODO: add explanation about what happens when you're receiving multiple default route announcements?
 
-See the [documentation](TODO) on how to manage default route scope for a given Private Network, once you have [updated](TODO) to new routing behavior.
+See the [documentation](/vpc/how-to/manage-routing/#how-to-manage-default-route-scope) on how to manage default route scope for a given Private Network, once you have [updated](/vpc/how-to/manage-routing/#how-to-update-routing-behavior) to new routing behavior.
 
 ### Impact on existing setup
 

From 0199cbe032f9501dac9a8377a5ed1e7600939c3f Mon Sep 17 00:00:00 2001
From: Rowena <rjones@scaleway.com>
Date: Wed, 7 May 2025 11:35:14 +0200
Subject: [PATCH 06/13]  fix(pgw): default route

---
 pages/public-gateways/concepts.mdx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pages/public-gateways/concepts.mdx b/pages/public-gateways/concepts.mdx
index b0054b9b4e..0d1d3d9c17 100644
--- a/pages/public-gateways/concepts.mdx
+++ b/pages/public-gateways/concepts.mdx
@@ -22,7 +22,7 @@ Allowed IPs is a feature of [SSH bastion](#ssh-bastion). It allows you to specif
 
 ## Default route
 
-When you attach a Public Gateway to a Private Network, you can choose to have it advertise a default route to other attached resources. This means that when the IP destination address for a packet is not known on the Private Network or elsewhere within the VPC, the packet is routed through the Public Gateway, enabling it to find the public internet.
+When you attach a Public Gateway to a Private Network, you can choose to have it advertise a default route to other attached resources. This means that when the IP destination address for a packet is not known on the Private Network or elsewhere within the VPC, the packet is routed through the Public Gateway, enabling it to find the public internet. The default route is propagated through DHCP.
 
 By default, the scope of a default route is limited to the Private Network the Public Gateway is directly attached to. However, you also have the option to enable each of your Private Networks to receive advertisements of **all** default routes throughout the entire VPC. This includes routes towards all Public Gateways advertising a default route, as well as any custom-created default routes. 
 

From 82fe666e589d581a8ac238317e451fa760154479 Mon Sep 17 00:00:00 2001
From: Rowena <rjones@scaleway.com>
Date: Wed, 7 May 2025 11:39:09 +0200
Subject: [PATCH 07/13] fix(vpc): routing

---
 pages/vpc/reference-content/understanding-routing.mdx | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pages/vpc/reference-content/understanding-routing.mdx b/pages/vpc/reference-content/understanding-routing.mdx
index 117adeb79f..ec9fba7590 100644
--- a/pages/vpc/reference-content/understanding-routing.mdx
+++ b/pages/vpc/reference-content/understanding-routing.mdx
@@ -82,7 +82,7 @@ From TODO DATE, new routing behavior is available for VPCs.
 
 |  | Old behavior | New behavior |
 |---|---|---|
-| Custom routes | Custom route advertisements are scoped only to the Private Network(s) to which the “next hop” resource is directly attached. | Custom route advertisements are scoped to the entire Private Network as standard. |
+| Custom routes | Custom route advertisements are scoped only to the Private Network(s) to which the “next hop” resource is directly attached. | Custom route advertisements are scoped to the entire VPC as standard. |
 | Default routes | Public Gateways' default route advertisements are scoped only to the Private Network(s) to which the gateway is attached.<br/><br/>Private Networks cannot receive default route advertisements from Public Gateways they are not directly attached to. | Standard behavior remains unchanged, but now each Private Network can opt in to receive default route advertisements from across the entire VPC. |
 
 ### Custom routes
@@ -129,7 +129,7 @@ Your existing setup may be impacted by the new behavior if you want your custom
 
 ### Example use of NACLs to mitigate impact
 
-TODO CHECK THIS EXAMPLE
+The example below shows how to achieve desired routing behavior for a custom route which is now advertised across the whole VPC.
 
 #### Scenario 
 

From fef2b768cc3482a73fb399c1114e75b0ae7aac63 Mon Sep 17 00:00:00 2001
From: Rowena <rjones@scaleway.com>
Date: Tue, 13 May 2025 12:10:20 +0200
Subject: [PATCH 08/13] fix(vpc): clarification

---
 pages/vpc/reference-content/understanding-routing.mdx | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/pages/vpc/reference-content/understanding-routing.mdx b/pages/vpc/reference-content/understanding-routing.mdx
index ec9fba7590..f615d44a6c 100644
--- a/pages/vpc/reference-content/understanding-routing.mdx
+++ b/pages/vpc/reference-content/understanding-routing.mdx
@@ -77,8 +77,8 @@ For example, you may use one Private Network for frontend resources and another
 
 From TODO DATE, new routing behavior is available for VPCs.
 
-- This routing behavior will be applied automatically to VPCs created after TODO DATE, or where routing is only activated after this date. 
-- Pre-existing VPCs must be [updated](/vpc/how-to/manage-routing/#how-to-update-routing-behavior) to accept this new behavior
+- This routing behavior will be applied automatically to VPCs created after TODO DATE, or to pre-existing VPCs that only activate routing after this date. 
+- Pre-existing VPCs already using routing must be [updated](/vpc/how-to/manage-routing/#how-to-update-routing-behavior) to accept this new behavior
 
 |  | Old behavior | New behavior |
 |---|---|---|
@@ -148,16 +148,12 @@ You want to prevent resources attached to `backend-net` and `frontend-net` from
 
 #### Solution 1: NACL allow
 
-You could create two NACL rules to **Deny** traffic first from `10.0.0.0/24` (`backend-net`) and then from `10.0.0.1/24` (`frontend-net`) towards destination `10.0.2.42/32` (`vpn-gateway-host`). When combined with a default NACL rule to **Allow** all other traffic, this would effectively block resources on `backend-net`.
+You could create two NACL rules to **Deny** traffic first from `10.0.0.0/24` (`backend-net`) and then from `10.0.0.1/24` (`frontend-net`) towards destination `10.0.2.42/32` (`vpn-gateway-host`). When combined with a default NACL rule to **Allow** all other traffic, this would effectively block resources on `backend-net` and `frontend-net` from accessing `vpn-gateway-host`.
 
 #### Solution 2: NACL deny
 
 Alternatively, and aligned with best practice, when the default NACL rule **Denies** all traffic not matched to a specific rule, `backend-net` and `frontend-net` will already be blocked from sending traffic to `vpn-gateway-host` on `monitoring-net`. Since NACLs do not filter traffic between resources attached to the same Private Network, other resources on `monitoring-net` would still be able to successfully route traffic to `vpn-gateway-host`. 
 
-#### Solution 3: Modify custom route
-
-Another alternative is to modify the custom route so that instead of applying to **all** source traffic, it applies only to traffic from within Private Network `monitoring-net`. Change the source IP range to `10.0.2.0/24` in the custom rule.
-
 ## Limitations
 
 - Managed Databases are not currently compatible with routing. The VPC cannot automatically route between Managed Databases on different Private Networks, or (for example) between a Managed Database on one Private Network and an Instance on a different Private Network.

From 99a61f629ba184b5453424b868661f4c0fdb06fc Mon Sep 17 00:00:00 2001
From: Rowena <rjones@scaleway.com>
Date: Wed, 14 May 2025 09:41:45 +0200
Subject: [PATCH 09/13] fix(vpc): multiple default routes

---
 pages/vpc/reference-content/understanding-routing.mdx | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/pages/vpc/reference-content/understanding-routing.mdx b/pages/vpc/reference-content/understanding-routing.mdx
index f615d44a6c..1a83d27793 100644
--- a/pages/vpc/reference-content/understanding-routing.mdx
+++ b/pages/vpc/reference-content/understanding-routing.mdx
@@ -107,17 +107,19 @@ With new routing behavior, this standard behavior remains unchanged. Default rou
 
 However, you now have an additional option to enable each Private Network to receive advertisements of **all** default routes throughout the entire VPC. This includes routes towards all Public Gateways advertising a default route, as well as any custom-created default routes. This allows resources on other Private Networks to find access to the public internet, even if they do not have their own attached gateway.
 
-<Message type="note">
+See the [documentation](/vpc/how-to/manage-routing/#how-to-manage-default-route-scope) on how to manage default route scope for a given Private Network, once you have [updated](/vpc/how-to/manage-routing/#how-to-update-routing-behavior) to new routing behavior.
+
+#### Granularity
+
 The option to receive all default route advertisements must be enabled on a per-Private-Network basis. 
 
 This means that each Private Network in a VPC can opt to either receive **only** default routes from directly attached Public Gateways (and local custom default routes, if they exist), or **all** default routes being advertised throughout the whole VPC.
 
 If you wish to exercise more granular control over default route advertisements, we recommend that you configure [Network ACLs](/vpc/reference-content/understanding-acls) via the VPC API.
-</Message>
 
-TODO: add explanation about what happens when you're receiving multiple default route announcements?
+#### Multiple default routes
 
-See the [documentation](/vpc/how-to/manage-routing/#how-to-manage-default-route-scope) on how to manage default route scope for a given Private Network, once you have [updated](/vpc/how-to/manage-routing/#how-to-update-routing-behavior) to new routing behavior.
+When a resource on a Private Network receives multiple default route advertisements, the default route that is ultimately used will depend on the resource's OS and configuration. For a resource running Ubuntu, it is likely that the first default route advertisement received will be prioritized.
 
 ### Impact on existing setup
 

From 221e9b746a964a612e8b92ceaae74dd919ab4228 Mon Sep 17 00:00:00 2001
From: Rowena Jones <36301604+RoRoJ@users.noreply.github.com>
Date: Mon, 2 Jun 2025 14:08:13 +0200
Subject: [PATCH 10/13] Update pages/public-gateways/faq.mdx

Co-authored-by: Jessica <113192637+jcirinosclwy@users.noreply.github.com>
---
 pages/public-gateways/faq.mdx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pages/public-gateways/faq.mdx b/pages/public-gateways/faq.mdx
index 7621a51580..2b2040a606 100644
--- a/pages/public-gateways/faq.mdx
+++ b/pages/public-gateways/faq.mdx
@@ -22,7 +22,7 @@ No. A public IPv4 address (aka. flexible IP) must be assigned to the Public Gate
 
 ## Can my Instances and other resources access the internet via a Public Gateway without a public IP address?
 
-Yes. The Public Gateway can advertize itself as the [default route to the internet](/public-gateways/concepts/#default-route) over the Private Network it is attached to, so that Instances and other resources can access the internet via the gateway. Resources attached to other Private Networks than the gateway's network in the VPC can [opt in]() to receive its default route advertisement.
+Yes. The Public Gateway can advertise itself as the [default route to the internet](/public-gateways/concepts/#default-route) over the Private Network it is attached to, so that Instances and other resources can access the internet via the gateway. Resources attached to other Private Networks than the gateway's network in the VPC can [opt in](/vpc/how-to/manage-routing/#how-to-manage-default-route-scope) to receive its default route advertisement.
 Moreover, the Public Gateway supports [static NAT](/public-gateways/how-to/configure-a-public-gateway/#how-to-review-and-configure-nat) (aka. port forwarding), so that ingress traffic from the public internet can reach Instances on the Private Network. This works by mapping pre-defined ports of the public IP address of the gateway to specific ports and IP addresses on the VPC.
 
 ## What happened to static leases (DHCP reservations) when DHCP moved from the Public Gateway to Private Networks?

From 3da9a5954866833470eb72a656942e453a174a97 Mon Sep 17 00:00:00 2001
From: Rowena Jones <36301604+RoRoJ@users.noreply.github.com>
Date: Mon, 2 Jun 2025 14:10:00 +0200
Subject: [PATCH 11/13] Update pages/vpc/how-to/manage-routing.mdx

Co-authored-by: Jessica <113192637+jcirinosclwy@users.noreply.github.com>
---
 pages/vpc/how-to/manage-routing.mdx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pages/vpc/how-to/manage-routing.mdx b/pages/vpc/how-to/manage-routing.mdx
index 256d8fe0b9..1191d144fb 100644
--- a/pages/vpc/how-to/manage-routing.mdx
+++ b/pages/vpc/how-to/manage-routing.mdx
@@ -50,7 +50,7 @@ For more information on these new routing behaviors, see our [detailed documenta
 
 Updating routing behavior is irreversible: once updated, you cannot revert. However, [Network ACLs](/vpc/reference-content/undestanding-nacls) are configurable via the API to let you finely control and restrict routes within your VPC as necessary.
 
-Follow the steps below to update routing behavior for a given VPC:
+Follow the steps below to update the routing behavior for a given VPC:
 
 1. Click **VPC** in the **Network** section of the [Scaleway console](https://console.scaleway.com) side menu. The list of your VPCs displays.
 

From 8f7b4979fe11082bb41d613409c9091be1fd1f8b Mon Sep 17 00:00:00 2001
From: Rowena Jones <36301604+RoRoJ@users.noreply.github.com>
Date: Mon, 2 Jun 2025 14:11:14 +0200
Subject: [PATCH 12/13] Update
 pages/vpc/reference-content/understanding-routing.mdx

Co-authored-by: Jessica <113192637+jcirinosclwy@users.noreply.github.com>
---
 pages/vpc/reference-content/understanding-routing.mdx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pages/vpc/reference-content/understanding-routing.mdx b/pages/vpc/reference-content/understanding-routing.mdx
index 1a83d27793..9e33eb7293 100644
--- a/pages/vpc/reference-content/understanding-routing.mdx
+++ b/pages/vpc/reference-content/understanding-routing.mdx
@@ -87,7 +87,7 @@ From TODO DATE, new routing behavior is available for VPCs.
 
 ### Custom routes
 
-Previously, custom routes were scoped only to the Private Network(s) of the “next hop” resource. Their routes were not propagated to other Private Networks in the VPC. For example, in the scenario of using a custom route to route traffic towards a VPN tunnel, the origin of the packet had be in the same Private Network as the resource hosting the VPN.
+Previously, custom routes were scoped only to the Private Network(s) of the “next hop” resource. Their routes were not propagated to other Private Networks in the VPC. For example, in the scenario of using a custom route to route traffic towards a VPN tunnel, the origin of the packet had to be in the same Private Network as the resource hosting the VPN.
 
 With new routing behavior, custom routes are scoped to the entire VPC as standard. All Private Networks in the VPC receive route advertisements for all custom routes. This gives enhanced flexibility when using custom routes to route traffic towards VPN tunnels.
 

From 30ae39a43ec459800e887ee2ec61c31977afcbbd Mon Sep 17 00:00:00 2001
From: Rowena Jones <36301604+RoRoJ@users.noreply.github.com>
Date: Mon, 2 Jun 2025 14:12:02 +0200
Subject: [PATCH 13/13] Update pages/vpc/how-to/manage-routing.mdx

Co-authored-by: Jessica <113192637+jcirinosclwy@users.noreply.github.com>
---
 pages/vpc/how-to/manage-routing.mdx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pages/vpc/how-to/manage-routing.mdx b/pages/vpc/how-to/manage-routing.mdx
index 1191d144fb..0415fbc8f5 100644
--- a/pages/vpc/how-to/manage-routing.mdx
+++ b/pages/vpc/how-to/manage-routing.mdx
@@ -132,7 +132,7 @@ Each Private Network must individually opt in to receive all these default route
           <br />
             1. Click **VPC** in the **Network** section of the Scaleway console side menu. A list of your VPCs displays.
 
-            2. Click the VPC who default route management you want to update, then click the **Routing** tab.
+            2. Click the VPC whose default route management you want to update, then click the **Routing** tab.
 
             3. Click the **Manage default routes** button.