` — for the example above, `nginx.default.prod.company.internal`. The operator always uses this form and it can't be customized on the `NetworkResource`. (If your name carries an extra label, that's just the leading label of your zone — e.g. a zone named `cluster1.company.internal`.)
+
+To expose a service under a cleaner name, add a **CNAME** in a [custom DNS zone](/manage/dns/custom-zones) pointing at the operator's record:
+
+```text
+nginx.prod.company.internal CNAME nginx.default.prod.company.internal
+```
+
+Because it targets the operator-managed record, the alias keeps resolving if the service's ClusterIP changes. A static `A` record straight to the ClusterIP also works, but it goes stale when the ClusterIP changes — prefer the CNAME.
+
+
+The friendly name is only a DNS alias — traffic still routes through the `NetworkResource`, so keep it in place. To drop the namespace label entirely (`nginx.company.internal`), add the CNAME in the parent `company.internal` zone and distribute that zone to the same groups. These manual records are not managed by the operator, so you maintain them yourself.
+
From fa90894dae5e71ba7f869b1f71a7e82079a20270 Mon Sep 17 00:00:00 2001
From: Jack Carter <128555021+SunsetDrifter@users.noreply.github.com>
Date: Tue, 23 Jun 2026 12:29:30 +0200
Subject: [PATCH 05/14] docs: use ScheduleAnyway in spread example; note
DoNotSchedule rollout deadlock
Multi-node verification: default scheduling already spreads replicas one-per-node;
the operator merges workloadOverride.podTemplate.topologySpreadConstraints into the
Deployment. DoNotSchedule with replicas == schedulable nodes deadlocks rolling updates
(surge pod can't place). Switch the example to ScheduleAnyway (verified clean rollout)
and document DoNotSchedule + the node-count/maxSurge caveat for a hard guarantee.
---
.../use-cases/highly-available-routing-peers.mdx | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/src/pages/manage/integrations/kubernetes/use-cases/highly-available-routing-peers.mdx b/src/pages/manage/integrations/kubernetes/use-cases/highly-available-routing-peers.mdx
index 3367c89b..0cbcf098 100644
--- a/src/pages/manage/integrations/kubernetes/use-cases/highly-available-routing-peers.mdx
+++ b/src/pages/manage/integrations/kubernetes/use-cases/highly-available-routing-peers.mdx
@@ -88,7 +88,7 @@ When you run more than one replica, the operator also creates a **PodDisruptionB
## Spread across failure domains
-Kubernetes already spreads replicas across nodes on a best-effort basis. To make that a hard guarantee — or to spread across availability zones — add scheduling rules through `spec.workloadOverride.podTemplate`:
+Kubernetes already spreads replicas across nodes on a best-effort basis. To strengthen that — or to spread across availability zones — add an explicit constraint through `spec.workloadOverride.podTemplate`:
```yaml
apiVersion: netbird.io/v1alpha1
@@ -106,7 +106,7 @@ spec:
topologySpreadConstraints:
- maxSkew: 1
topologyKey: kubernetes.io/hostname
- whenUnsatisfiable: DoNotSchedule
+ whenUnsatisfiable: ScheduleAnyway
labelSelector:
matchLabels:
app.kubernetes.io/instance: prod
@@ -114,6 +114,10 @@ spec:
Use `topologyKey: topology.kubernetes.io/zone` to spread across availability zones instead.
+
+`ScheduleAnyway` is a strong preference that never blocks scheduling. For a hard guarantee, use `whenUnsatisfiable: DoNotSchedule` — but keep **more schedulable nodes than replicas** (or set the Deployment's `maxSurge: 0`). With one peer already on every node, a rolling update's surge pod has nowhere to land that satisfies the constraint, and the rollout stalls.
+
+
With one routing peer per node, a node failure only loses a single peer — clients fail over to the survivors, and the PodDisruptionBudget keeps drains to one at a time:
From cb7d26e49c1fc5606e0ae2158c88df8410f8c3a4 Mon Sep 17 00:00:00 2001
From: Jack Carter <128555021+SunsetDrifter@users.noreply.github.com>
Date: Tue, 23 Jun 2026 14:00:40 +0200
Subject: [PATCH 06/14] docs: clarify custom-zone records are per-name (no
whole-domain shadowing)
Verified on the lab: a NetBird custom zone serves only the records you add; other
names under the domain fall through to upstream DNS. Reusing a real internal domain
for friendly names is safe except for exact-name collisions.
---
.../kubernetes/use-cases/highly-available-routing-peers.mdx | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/pages/manage/integrations/kubernetes/use-cases/highly-available-routing-peers.mdx b/src/pages/manage/integrations/kubernetes/use-cases/highly-available-routing-peers.mdx
index 0cbcf098..e0c6eccf 100644
--- a/src/pages/manage/integrations/kubernetes/use-cases/highly-available-routing-peers.mdx
+++ b/src/pages/manage/integrations/kubernetes/use-cases/highly-available-routing-peers.mdx
@@ -142,5 +142,5 @@ nginx.prod.company.internal CNAME nginx.default.prod.company.internal
Because it targets the operator-managed record, the alias keeps resolving if the service's ClusterIP changes. A static `A` record straight to the ClusterIP also works, but it goes stale when the ClusterIP changes — prefer the CNAME.
-The friendly name is only a DNS alias — traffic still routes through the `NetworkResource`, so keep it in place. To drop the namespace label entirely (`nginx.company.internal`), add the CNAME in the parent `company.internal` zone and distribute that zone to the same groups. These manual records are not managed by the operator, so you maintain them yourself.
+The friendly name is only a DNS alias — traffic still routes through the `NetworkResource`, so keep it in place. To drop the namespace label entirely (`nginx.company.internal`), add the CNAME in the parent `company.internal` zone and distribute that zone to the same groups. NetBird serves only the specific records you add to a zone; other names under the same domain keep resolving through your existing DNS, so reusing a real internal domain is safe — just avoid a name that already exists in your corporate DNS. These manual records are not managed by the operator, so you maintain them yourself.
From 182aab2bc123f73e80d2d9e4764fb2958104e26a Mon Sep 17 00:00:00 2001
From: Jack Carter <128555021+SunsetDrifter@users.noreply.github.com>
Date: Tue, 23 Jun 2026 14:33:49 +0200
Subject: [PATCH 07/14] docs: expand into full 'Route to a Kubernetes service'
how-to
Restructure the HA use-case page into an end-to-end guide covering the whole
journey: create the custom DNS zone, groups, and access policy (dashboard) ->
deploy HA routing peers (NetworkRouter, replicas:3) -> expose a Service
(NetworkResource) -> verify + failover. Generic, human-readable example names
(k8s.company.internal, kubernetes-clients/-services, network 'kubernetes',
nginx). Keeps the failure-domains diagram + ScheduleAnyway/DoNotSchedule note
and the friendly-DNS appendix. Adds ![]()
slots for 5 dashboard/terminal
screenshots (to be supplied). Renames the page + nav entry to
route-to-a-kubernetes-service; old slug removed.
---
src/components/NavigationDocs.jsx | 4 +-
.../highly-available-routing-peers.mdx | 146 ------------
.../route-to-a-kubernetes-service.mdx | 221 ++++++++++++++++++
3 files changed, 223 insertions(+), 148 deletions(-)
delete mode 100644 src/pages/manage/integrations/kubernetes/use-cases/highly-available-routing-peers.mdx
create mode 100644 src/pages/manage/integrations/kubernetes/use-cases/route-to-a-kubernetes-service.mdx
diff --git a/src/components/NavigationDocs.jsx b/src/components/NavigationDocs.jsx
index cfdf92f1..7757510f 100644
--- a/src/components/NavigationDocs.jsx
+++ b/src/components/NavigationDocs.jsx
@@ -503,8 +503,8 @@ export const docsNavigation = [
isOpen: false,
links: [
{
- title: 'Highly Available Routing Peers',
- href: '/manage/integrations/kubernetes/use-cases/highly-available-routing-peers',
+ title: 'Route to a Kubernetes Service',
+ href: '/manage/integrations/kubernetes/use-cases/route-to-a-kubernetes-service',
},
],
},
diff --git a/src/pages/manage/integrations/kubernetes/use-cases/highly-available-routing-peers.mdx b/src/pages/manage/integrations/kubernetes/use-cases/highly-available-routing-peers.mdx
deleted file mode 100644
index e0c6eccf..00000000
--- a/src/pages/manage/integrations/kubernetes/use-cases/highly-available-routing-peers.mdx
+++ /dev/null
@@ -1,146 +0,0 @@
-import { Note } from '@/components/mdx'
-
-# Highly Available Routing Peers
-
-This guide shows how to run the Kubernetes operator's routing peers as a redundant pool, so access to your cluster services keeps working when a routing-peer pod or a node fails.
-
-
-For the failover model, see [How Routing Peers Work — High availability](/manage/networks/how-routing-peers-work#high-availability).
-
-
-## What You'll Achieve
-
-A `NetworkRouter` backed by multiple routing-peer pods. NetBird clients automatically use a healthy peer and fail over if one becomes unreachable, and Kubernetes node drains or rolling updates never take the whole pool down at once.
-
-## Prerequisites
-
-- The [NetBird Kubernetes operator](/manage/integrations/kubernetes) installed in your cluster.
-- A custom DNS zone created in the [NetBird dashboard](/manage/dns/custom-zones).
-- Familiarity with the [Routing Peer](/manage/integrations/kubernetes/routing-peer) pattern (`NetworkRouter` + `NetworkResource`).
-
-## Step 1: Run multiple routing peers
-
-Set `spec.workloadOverride.replicas` on the `NetworkRouter` to the number of routing-peer pods you want. Each pod becomes a routing peer for the network, and the operator keeps them in a single high-availability group.
-
-```yaml
-apiVersion: netbird.io/v1alpha1
-kind: NetworkRouter
-metadata:
- name: prod
- namespace: netbird
-spec:
- dnsZoneRef:
- name: prod.company.internal
- workloadOverride:
- replicas: 3
-```
-
-
-The operator already defaults to **3** replicas — set the field explicitly to be intentional about it, or raise it for more redundancy.
-
-
-On a multi-node cluster, Kubernetes spreads these replicas across nodes by default, so you get node-level redundancy out of the box. To turn that best-effort spread into a guarantee — or to spread across availability zones — see [Spread across failure domains](#spread-across-failure-domains).
-
-## Step 2: Expose a service
-
-Expose a service with a `NetworkResource`, exactly as on the [Routing Peer](/manage/integrations/kubernetes/routing-peer) page. Place the resource in a dedicated group and grant access with a policy:
-
-```yaml
-apiVersion: netbird.io/v1alpha1
-kind: NetworkResource
-metadata:
- name: nginx
- namespace: default
-spec:
- networkRouterRef:
- name: prod
- namespace: netbird
- serviceRef:
- name: nginx
- groups:
- - name: k8s-services
-```
-
-
-Create the destination group (`k8s-services` above) and an [access policy](/manage/access-control) granting your clients access to it **before** applying the `NetworkResource`. The operator does not create groups or policies for you — until both exist, traffic is denied even though DNS resolves.
-
-
-## Step 3: Verify
-
-Confirm the routing-peer pods are running and that the operator created a PodDisruptionBudget:
-
-```shell
-kubectl -n netbird get pods -l app.kubernetes.io/name=networkrouter
-kubectl -n netbird get pdb
-```
-
-Delete one routing-peer pod (or drain its node) while reaching your service from a NetBird client — the connection keeps working as another peer takes over, and the deployment reschedules the missing pod:
-
-```shell
-kubectl -n netbird delete pod
-```
-
-## How failover works
-
-The operator registers every replica in a single routing-peer group at one metric, so each NetBird client connects through its lowest-latency peer and fails over automatically if that peer becomes unreachable. See [How Routing Peers Work — High availability](/manage/networks/how-routing-peers-work#high-availability) for the underlying model.
-
-When you run more than one replica, the operator also creates a **PodDisruptionBudget** with `maxUnavailable: 1`. Kubernetes node drains and rolling updates then evict at most one routing peer at a time, so the pool always keeps serving traffic.
-
-## Spread across failure domains
-
-Kubernetes already spreads replicas across nodes on a best-effort basis. To strengthen that — or to spread across availability zones — add an explicit constraint through `spec.workloadOverride.podTemplate`:
-
-```yaml
-apiVersion: netbird.io/v1alpha1
-kind: NetworkRouter
-metadata:
- name: prod
- namespace: netbird
-spec:
- dnsZoneRef:
- name: prod.company.internal
- workloadOverride:
- replicas: 3
- podTemplate:
- spec:
- topologySpreadConstraints:
- - maxSkew: 1
- topologyKey: kubernetes.io/hostname
- whenUnsatisfiable: ScheduleAnyway
- labelSelector:
- matchLabels:
- app.kubernetes.io/instance: prod
-```
-
-Use `topologyKey: topology.kubernetes.io/zone` to spread across availability zones instead.
-
-
-`ScheduleAnyway` is a strong preference that never blocks scheduling. For a hard guarantee, use `whenUnsatisfiable: DoNotSchedule` — but keep **more schedulable nodes than replicas** (or set the Deployment's `maxSurge: 0`). With one peer already on every node, a rolling update's surge pod has nowhere to land that satisfies the constraint, and the rollout stalls.
-
-
-With one routing peer per node, a node failure only loses a single peer — clients fail over to the survivors, and the PodDisruptionBudget keeps drains to one at a time:
-
-
- 
-
-
-## Next Steps
-
-- [Routing Peer](/manage/integrations/kubernetes/routing-peer) — the base pattern.
-- [How Routing Peers Work](/manage/networks/how-routing-peers-work) — failover, metrics, and access control.
-
-## Appendix: Friendly DNS names
-
-Each `NetworkResource` is published at `..` — for the example above, `nginx.default.prod.company.internal`. The operator always uses this form and it can't be customized on the `NetworkResource`. (If your name carries an extra label, that's just the leading label of your zone — e.g. a zone named `cluster1.company.internal`.)
-
-To expose a service under a cleaner name, add a **CNAME** in a [custom DNS zone](/manage/dns/custom-zones) pointing at the operator's record:
-
-```text
-nginx.prod.company.internal CNAME nginx.default.prod.company.internal
-```
-
-Because it targets the operator-managed record, the alias keeps resolving if the service's ClusterIP changes. A static `A` record straight to the ClusterIP also works, but it goes stale when the ClusterIP changes — prefer the CNAME.
-
-
-The friendly name is only a DNS alias — traffic still routes through the `NetworkResource`, so keep it in place. To drop the namespace label entirely (`nginx.company.internal`), add the CNAME in the parent `company.internal` zone and distribute that zone to the same groups. NetBird serves only the specific records you add to a zone; other names under the same domain keep resolving through your existing DNS, so reusing a real internal domain is safe — just avoid a name that already exists in your corporate DNS. These manual records are not managed by the operator, so you maintain them yourself.
-
diff --git a/src/pages/manage/integrations/kubernetes/use-cases/route-to-a-kubernetes-service.mdx b/src/pages/manage/integrations/kubernetes/use-cases/route-to-a-kubernetes-service.mdx
new file mode 100644
index 00000000..03b334ff
--- /dev/null
+++ b/src/pages/manage/integrations/kubernetes/use-cases/route-to-a-kubernetes-service.mdx
@@ -0,0 +1,221 @@
+import { Note } from '@/components/mdx'
+
+# Route to a Kubernetes service with high availability
+
+This guide walks the whole journey: create the NetBird-side pieces the operator doesn't make (a custom DNS zone, groups, an access policy), deploy a redundant pool of routing peers, expose an in-cluster Service as a NetBird resource, and reach it by name from a NetBird client. Because the routing peers run as a high-availability pool, access keeps working when a routing-peer pod or a node fails.
+
+## What you'll achieve
+
+A NetBird client (for example, your laptop) reaches a private Kubernetes `ClusterIP` Service by a stable DNS name, with traffic flowing through several routing-peer pods. Lose a pod or a node and clients fail over automatically to a healthy peer.
+
+## Prerequisites
+
+- A Kubernetes cluster (multiple nodes recommended, so routing peers can spread across them).
+- The NetBird operator installed — see [Getting Started](/manage/integrations/kubernetes).
+- A NetBird account and a [Personal Access Token](/manage/public-api#creating-a-service-user).
+- A NetBird client (the device that will reach the service) enrolled in your account.
+
+In this guide the example objects are named `k8s.company.internal` (DNS zone), `kubernetes-clients` / `kubernetes-services` (groups), `kubernetes` (the network), and `nginx` (the Service). Substitute your own.
+
+## Step 1: Create a custom DNS zone
+
+The operator publishes each exposed Service as a DNS record inside a custom zone, so clients reach it by name instead of by its (ephemeral) ClusterIP. The zone must exist **before** you deploy the routing peers.
+
+In the dashboard, go to **DNS > Zones > Add Zone**:
+
+- **Name**: `k8s.company.internal`
+- **Distribution Groups**: `kubernetes-clients` — only peers in these groups can resolve the zone's records.
+
+
+ 
+
+
+See [Custom Zones](/manage/dns/custom-zones) for details.
+
+## Step 2: Create groups and an access policy
+
+NetBird is deny-by-default: nothing is reachable until a policy allows it, and the operator does **not** create groups or policies for you. Set up two groups and one policy under **Access Control**.
+
+Create the groups via **Access Control > Groups**:
+
+- `kubernetes-clients` — the peers that should reach your services (put your client device in it).
+- `kubernetes-services` — the destination group the exposed Services will be placed in.
+
+
+ 
+
+
+Then create a policy via **Access Control > Policies > Add policy**:
+
+- **Name**: `kubernetes-access`
+- **Source**: `kubernetes-clients`
+- **Destination**: `kubernetes-services`
+- **Protocol/Ports**: `TCP` `80` (match your Service's port)
+
+
+ 
+
+
+See [Manage network access](/manage/access-control/manage-network-access).
+
+
+Create the group **and** the policy before the `NetworkResource` in Step 4. Until both exist, traffic is denied even though DNS resolves.
+
+
+## Step 3: Deploy the routing peers (HA)
+
+A `NetworkRouter` creates a NetBird network and deploys routing-peer pods. Set `spec.workloadOverride.replicas` to run a redundant pool:
+
+```yaml
+apiVersion: netbird.io/v1alpha1
+kind: NetworkRouter
+metadata:
+ name: kubernetes
+ namespace: netbird
+spec:
+ dnsZoneRef:
+ name: k8s.company.internal
+ workloadOverride:
+ replicas: 3
+```
+
+```shell
+kubectl apply -f networkrouter.yaml
+```
+
+The operator registers all replicas in a single routing-peer group at one metric, so each client connects through its lowest-latency peer and fails over automatically if that peer becomes unreachable (the equal-metric behavior in [How Routing Peers Work — High availability](/manage/networks/how-routing-peers-work#high-availability)). When `replicas > 1`, it also creates a **PodDisruptionBudget** with `maxUnavailable: 1`, so node drains and rolling updates never take down more than one routing peer at a time.
+
+
+The operator already defaults to **3** replicas — set the field explicitly to be intentional, or raise it for more redundancy. See the [Routing Peer](/manage/integrations/kubernetes/routing-peer) page for the full `NetworkRouter` reference.
+
+
+## Step 4: Expose your Service
+
+A `NetworkResource` maps a Kubernetes `ClusterIP` Service to a NetBird resource and creates a DNS record for it in the router's zone. Place it in the `kubernetes-services` group from Step 2:
+
+```yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: nginx
+ namespace: default
+ labels: { app: nginx }
+spec:
+ replicas: 1
+ selector: { matchLabels: { app: nginx } }
+ template:
+ metadata: { labels: { app: nginx } }
+ spec:
+ containers:
+ - name: nginx
+ image: nginx:stable
+ ports: [{ containerPort: 80 }]
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: nginx
+ namespace: default
+spec:
+ type: ClusterIP
+ selector: { app: nginx }
+ ports:
+ - { name: http, port: 80, targetPort: 80, protocol: TCP }
+---
+apiVersion: netbird.io/v1alpha1
+kind: NetworkResource
+metadata:
+ name: nginx
+ namespace: default
+spec:
+ networkRouterRef:
+ name: kubernetes
+ namespace: netbird
+ serviceRef:
+ name: nginx
+ groups:
+ - name: kubernetes-services
+```
+
+The Service must be type `ClusterIP`. The operator creates the record `nginx.default.k8s.company.internal` (`..`) pointing at the Service's ClusterIP. The `kubernetes` network now shows its routing peers and the resource:
+
+
+ 
+
+
+## Step 5: Verify and test failover
+
+Confirm the routing-peer pods are running, spread across nodes, and protected by a PodDisruptionBudget:
+
+```shell
+kubectl -n netbird get pods -l app.kubernetes.io/name=networkrouter -o wide
+kubectl -n netbird get pdb
+```
+
+
+ 
+
+
+From a NetBird client in `kubernetes-clients`, resolve and reach the service:
+
+```shell
+curl http://nginx.default.k8s.company.internal/
+```
+
+Then delete one routing-peer pod (or drain its node) while curling in a loop — the connection keeps working as another peer takes over, and the Deployment reschedules the missing pod:
+
+```shell
+kubectl -n netbird delete pod
+```
+
+## Spread across failure domains
+
+On a multi-node cluster, Kubernetes spreads the replicas across nodes on a best-effort basis by default, so you get node-level redundancy out of the box. To strengthen that — or to spread across availability zones — add an explicit constraint through `spec.workloadOverride.podTemplate`:
+
+```yaml
+spec:
+ workloadOverride:
+ replicas: 3
+ podTemplate:
+ spec:
+ topologySpreadConstraints:
+ - maxSkew: 1
+ topologyKey: kubernetes.io/hostname
+ whenUnsatisfiable: ScheduleAnyway
+ labelSelector:
+ matchLabels:
+ app.kubernetes.io/instance: kubernetes
+```
+
+Use `topologyKey: topology.kubernetes.io/zone` to spread across availability zones instead.
+
+
+`ScheduleAnyway` is a strong preference that never blocks scheduling. For a hard guarantee use `whenUnsatisfiable: DoNotSchedule` — but keep **more schedulable nodes than replicas** (or set the Deployment's `maxSurge: 0`). With one peer already on every node, a rolling update's surge pod has nowhere to land that satisfies the constraint, and the rollout stalls.
+
+
+With one routing peer per node, a node failure only loses a single peer — clients fail over to the survivors, and the PodDisruptionBudget keeps drains to one at a time:
+
+
+
+
+
+## Next Steps
+
+- [Routing Peer](/manage/integrations/kubernetes/routing-peer) — the `NetworkRouter` / `NetworkResource` reference.
+- [How Routing Peers Work](/manage/networks/how-routing-peers-work) — failover, metrics, and access control.
+
+## Appendix: Friendly DNS names
+
+Each `NetworkResource` is published at `..` — here, `nginx.default.k8s.company.internal`. The operator always uses this form and it can't be customized on the `NetworkResource`.
+
+To expose a service under a cleaner name, add a **CNAME** in a [custom DNS zone](/manage/dns/custom-zones) pointing at the operator's record:
+
+```text
+nginx.k8s.company.internal CNAME nginx.default.k8s.company.internal
+```
+
+Because it targets the operator-managed record, the alias keeps resolving if the service's ClusterIP changes. A static `A` record straight to the ClusterIP also works, but it goes stale when the ClusterIP changes — prefer the CNAME.
+
+
+The friendly name is only a DNS alias — traffic still routes through the `NetworkResource`, so keep it in place. NetBird serves only the specific records you add to a zone; other names under the same domain keep resolving through your existing DNS, so reusing a real internal domain is safe — just avoid a name that already exists in your corporate DNS. These manual records are not managed by the operator, so you maintain them yourself.
+
From ba2dd4dc8d594638afdb4cebc29f0383c6a43e53 Mon Sep 17 00:00:00 2001
From: Jack Carter <128555021+SunsetDrifter@users.noreply.github.com>
Date: Tue, 23 Jun 2026 14:46:30 +0200
Subject: [PATCH 08/14] docs: add dashboard/terminal screenshots to the K8s
how-to
Four screenshots (DNS zone, access policy, the kubernetes network with HA +
3 routing peers, kubectl pods-across-nodes). Drop the groups screenshot and
renumber the ![]()
refs to match.
---
.../01-dns-zone.png | Bin 0 -> 138557 bytes
.../02-access-policy.png | Bin 0 -> 189969 bytes
.../03-network.png | Bin 0 -> 176770 bytes
.../04-pods-across-nodes.png | Bin 0 -> 67613 bytes
.../route-to-a-kubernetes-service.mdx | 10 +++-------
5 files changed, 3 insertions(+), 7 deletions(-)
create mode 100644 public/docs-static/img/manage/integrations/kubernetes/use-cases/route-to-a-kubernetes-service/01-dns-zone.png
create mode 100644 public/docs-static/img/manage/integrations/kubernetes/use-cases/route-to-a-kubernetes-service/02-access-policy.png
create mode 100644 public/docs-static/img/manage/integrations/kubernetes/use-cases/route-to-a-kubernetes-service/03-network.png
create mode 100644 public/docs-static/img/manage/integrations/kubernetes/use-cases/route-to-a-kubernetes-service/04-pods-across-nodes.png
diff --git a/public/docs-static/img/manage/integrations/kubernetes/use-cases/route-to-a-kubernetes-service/01-dns-zone.png b/public/docs-static/img/manage/integrations/kubernetes/use-cases/route-to-a-kubernetes-service/01-dns-zone.png
new file mode 100644
index 0000000000000000000000000000000000000000..15efd0cc903d0aae745c4aa862a1681d8a55d2f0
GIT binary patch
literal 138557
zcmeFZXIxX;wmz&NprE2#iqe%WCwC=%csuB0tb6r9QJ261@Qb^H#VtpD{R0xf_TdAE4)Psf
z+1mwpX&&VN*Y=Hr7Y;E0<8!712VS}yIQ0MaF#z88{>1>Vy}$YAJ5vVJf9-LYJ%jnb
zwwdGhb}h=}5&_J8(ejz^&`r_W}+skFmY8G95lJA%ls%
zdeiXmGrq%^Q$d8o=bk=cqCYujC-aKM=#!*=+y}0cmqqjs9eTqTRQy^iNc7K`t3kVj
zq|4tDlE%^=nut--=Z2B18Y}6P@nHqfT-}`f(r_+A_v}d#ttST#G95a6;y-QZU(E=N
zt=3bz^_%?;9iBdPh<*3me>~9tJ4cAvpCU#XM>O24ZvXCxz~PSneYn3^>2KTpdtd$A
zQU2HX{o7Igc9gwn{CD{LYkK>8RQ&&GRQxDCGUircxzY#KdXKV!vrTVMww6$o)XSdk
zt3JKEvg;kEqRrgO&KVBaIMIf@>jd>|yw`QZ?RPqoWZjzB*6CZs$(57E%}<|m=nWKu
zjVcJF&ADc{|IzU0;d}#%+hw$_I$c7Cbj~0Ip*bGBGBfIx$0*yWU21N+R{5$TXeVr-
z5O;lZw$r{ROGg$tUVj?o`M93^RZiBS_q%cDOtB+VvjEa=$9lfzr~fuq3ID2&Q16k4
zbG!MMjQqc$Q$`+#e2rEJm%yj~ooi(xA?HI5Dqs(gs9QDtJ8I27hMEcJ(yUO{+JYL#
zt@-}C*|mI>`NeTx0<+!ny#HjYu5iQxLBG(ZxaodpgFlX#5ikL%8vJNVE@!BQX5o^@
ze7HZ{=@Q%3JH%e@-g9L~ZTaIo4tdK+yI;t%(*4YW6YUt=9Kr_iYxp$%2h9|%Y@^Sj
zIOIGvU*5#02lwyP1TTKz`{O@By*-2$b3{H*E5yU^baD!{m^8hKK0Lj-`GsjgorPn%
zFYGu^3#95Ssxw(3{2=pSB;Bp}RJ8gdX#M(P_%W9Rw48Hjq}?=sann10`rw4(w&`;D
zjX7oN{HZK!%FecFXFTVy-O_x2E_4*$j<>U^Yzw)b5%>9PWB6_ER`I`%)c<4FgG~Bj
zMj7{FKF{#dvo4tAql`6;L>M(!p0e~_p)nekg!`L@KX}y5kLKt-UKtl1=o()$Y$xT$
zF|qoM!59|VK8XQ~>o4;w@|GSFn2$#;71zpF32Iqy^BE^JZ7fU~M41(Wx%07V4#xEx
zR5@8MYV|vX&CvNDnI;8gc{SsUWy*bwtV9YUdfvHw
zt(J`(woZdv`^=z954`pB9moUk=4D5A+}9an{KK087jr�RNvQa2|^xi6agz6lrkk%r5hnj~d3
zQ&zxh!2*6;>u;VOGQN#wf4orZSP!CMT(=X6w~_-uyDj$KiMMe2(JEiC|V|eSZwf-U4xr1
zp2%1G1@N#%@8-5Z84uZ=|@7|5!Y~wB23_YROd*Mp#JR6oDjY_60ChmZ7F)S*{dU7RmYdXYsGO
z<>SDK!>*L`lGZ;ZoS#L^3=?~g7V9q!cztcn|>)YNMwBuIg;vp;ny_^G-i
zi4AHl-AY<5OvQH^54sj0Zg0z={_|bgZgW|zm~*v2&ln9(wGZYkNo~xf2g`FPTWmB1
z=A*{zZB9ZVg9@w34yT%b`#<
z_j{)#vp-spyc;NAxOl>##o}UBQAT3zNDfTzA`+s|Z8F@ulQtq9y)`^#7@_Ea-U*V#jX+gb~E9dAR1c{e=%muszTA!kQG{KTG<>-
zu^NbLJ!QZAu?o%8T)PD2N*k~cO-vk+yNToYnb>=sh7-lN&^mS}XykmE#0~iuj~OJw
z9rB$yw6Rvpz_5SGXdM3b*)d&L$Y#AOvKt{_WTXIf5XfyMF&|ecc(foc1pD&^2n?r$
zUH#R}COG0B0YxxgmVE1~yWSi%{4hA&kmt@V^nv%b@4j493>SR4$|s{ibni$~%XQ@K
zLHpx}Je$+J(I?7X`&E?!8I3Y&Z&F4L@z3LWofgqh#=-kzX;aU0Q4%BO4V#Gj7(zPS
zz`c5X;?i2CM-jXMwFLuQZdLYim4>%HVl#5^9LqT_Jz5!-4No2Cv`^Cx^~OS^O8fuV
z$a82}Om
z<>%?AD6U6dQqH`_qil5P*y(D6RMHB8cbwWic)!~A0sYfjOPE((FERE|2fP6r3Ys!AC)h~VrpisHmt2Cb1(^SycWj#Z`UZ+bHMNUzIC>7A
zYpAkW_nb$en}Y@2@y-+;Z*pVbW
zU1~ghQdjVlrAM9hs=CLmwMG-{A6QbO;ikSTywbU5I+C`~_o1=E+*-)KIijt9;b)#t
zDmAB1w2&*tcoCMe;urB!s2=2>&Hyd=6W*H`$`pviYzWi4nb#jzb~b%KGL`KRo>1~@
z;)~Z$+2%R3OE+iK2$eAP^KAKPU*v=
z2YhoCRL#|7e7%VtO1xqZ``%B7pj1_pk@cfNd5Vo2P7bkUoOq;RMV1gIs5w(tkY5~5
z;xEBxqPoOxzPujf6KtxFo@!%4=lk}1dDORlC|Q`bV?=?6M22
zHT9E~Ws9g&=bwv&#G%Z%tACB4?Z2l$r_m0UcecVGV``0q>={aPz%?GdxI2*ru|84e
z*eM}z?ert)`4shwCu}v=L;QyEZ^eF?IGS>IRr3f{Fqy
z#8DsolB3b5`wEp9Qt5E=>#H$ZZNhRv_pHbi$Xx#We)jP+brr~%`2WUgfAQiFFcW$u
zjEPkBxlb^+|KJ9QO*rt5)U)I>3z19ZZ?#-aDp1MWW;2^Q;XFDB&dsP{{vR%|5VCRd
z1akQcvRN9ol87G3yw-fWwiz*O`J-Q)wzMQ3A00rOdAI(he2DQQJIgn|>YHVyE4N#*
z+y&xZaBnJiZ+vQ=juZo2vGK*@x~ogm<|kT^YFka-=UG+xdtI(7Ms!?c}Q6KR=-L28$}%Oq!}o>?iAm5g=TYZBUPQ(tc@f
zg9+`Cp+#p!BczY;I1ecvaxqp0$y!xJ=Qm%>ur<{eb~u$pisL-pf*RZ=ktJomllh^1
z81h!9DbBfNR(7M)+^b|~-a
zoV0a*zZ>p@$76_F;nneMPDa%utL2G8Mr6d6T8i1mP0(1aU${$OE_Z%cs;ub1eEma*
z7>%8AnHy07qBy>X4>Q$~A~!{3e(jTHGNeQL6^(4aR-XrAdztHPs6KJQoRQCDin}-I
z)t-P-A1OE1Qdt;Rd)YW=psBF|e_zN%4{AJLV*Bfl>
zT=}#aJ>15Ia)%gIK$`b+Cs+31D=AiG4;563Ndrg~H2Y6oBe}zw4P?oDb^R7|{W8a{
zk3nFj#ZZjbWH(>f;HI;KJo)^_gdoL2AegDVj
z1l$Ujb!kSK;JiElr!P
zZ+8^J63LHych7&}l(cVry0t^|5>K}}4GV(NcPydOse`^T4Z5bx1^_CoD_X26Ey)HQ
z;ktRoTGc;K@gj$N+u2FLa_m)#yR#GMhyW{^6N&ZecJYb
zUbSvrmhg
zhkq&RsNYr;uv*#h(WHJF3A|=-1EX=yawPbALESiO%_8%lwah@L8B+jkn*W%K4K!_w
zmDr+W(@Ar$STQK+G^m>%d4CJ4r4h|5b=5|pBT9Irrk*)B3P@l
zts2`6|26F#&yqde7oTW7njytzOan@n>697GxsD{0mHMI9Q57GwLzQ!X{z#yGYI*BZ
z;e_)QE`1-sn~lSjhZ1demxdn9S=)ERcfvj02F9DR{ZX3h3-+44b%Yv!tGE4W3O@aZ
zEA#wB4gMFY{MSHlc4TiTWw>6}3Sx$Rt>$N+xad5w!GS!fApVqtTY_p!i&VTg`lURN
zz!TN3u}jeKzky{?ZkN*odcC7*$D@we>n7s#G218@dEElJ_F-6)VC~~e;k5G4VPpSE
z^?VvKHUcXlzGcxe)ZF
zj5lKoG-(v1_gg{uWjMHEvq?D+Nrv^;)+~R;%Pa4mRRErGaK#QO7QoQTy@plp+)%Y`gX3*mO9^Vc`O`SwD`p{~dxa}l1IB%0W7bWE7qE&&wey2f
zpJx2jkL;*+1&=ov42JPQw|`h4fD*b0ozQaE&*9yg_nm0L4@R2K3Sao)(OI!EEIH%j
z%kf7Go60l+JxjW+-6cIz>4DoFoimiMLNu`ne^0AACYh?VWlOIo^?X=)tF*@UP+Lq!
zlhOK?)=0KcL&q9kY!PAMm-kCnEDXx{{Pj79{np1tOQB2c3b_tnjzw!wZCAy&GJdcnXCC|6*3#Iwnf%W7ekrcZqLuX)oYhm
z)Jm7nOy*Q>LC#WcI-tR>u~PU3!WUhx7x7}+y7gqcU%@WN#T=lDSYwCcEdU|ucG3pX
zJGg9f)R14UwGRl#Ii|ttVFc%YmhX!eBJyAU^hnjofMj`|i%(`s8*xPgua7X+K-#pT
z6tGJQ-R4^uK>(4O;k+mEL5jicA^G-#8syj`yPZ{|s>w=jW);-~>wY+bMN5jhi}9~&
zSo)58$x9LLY7Vm!3=?@zaQvNhjb85c{
z)4-5^Kb?@rq5W0DLn=xO5TCE0e!YV%B#n{2K+XQtn}xL-TAiiADe>FG3NYC2r{zut
zRq>#UfT8+^Z3p_w{hD%n*kmT9Y^GD`)$!r$4!1iO-@Qt^Ttpr?WC_Lk)GJI@sLG5X
zCo=X(z2~X~0~^iQs^=VW$`;n4hc@uIJt}pzem3w()J$?(rNEGLtf5%<9%>#=V4g}?
zOg2;}KXU){>qbqbb**3IwP@;{QN`sCS@4yT!G@kX2=?l*$v0ss0i~TUXc;V*r8`Ey
z2!|npF54itXHEn7uczI;d|hn4Q3iE#k0iJY#c~faX7b;uY=&Bmt@sP@u?gX>W4vzj8#W=Ag`e|JIk#D2&||EjG5PJXn
z%6T<~-}7tVY9Znyy!DMAY4zK_OPmi!#`o&YMh=sHhq&ZsB*HY9N2`8yT+
z8^40*Jz?J+E!|C(yM>Q}k)g_$Qyz8a25!#kuwSvTSx85Y+w7*@`l67FT*38J-Hy3R
zuU#stLI@x?F4pw%NLgOT(`oiQ%Soikcd}D7Dz;g5w3Q!NYNDk(Ee>-`LrF6L8FUF;e!2FswVZLrwa%?cAH(K?X#D%4`;}Q;
z=1p>*^B7a>^Vyjmd|;Vv%(>pX%>odQ_K+^?+V3Q6QG+|edMbc8c5yw0qf6@E{rUhe
zD*#PSy5UvOG5%K-*XiRw^JEbn^Uet@@3)r6#Dlh$?_V%v8?=T8_9$)sgUQJwH1IR%
zgCKi6GiTTK+ouN_=woG~EEgh#whcOxG}MB&7fxxEt*GaJ;4j9C^=i!YEfqKXaq)mS
zgHlQ|v(yE@d2nY3mcCl7H|SZiE_UtQHp-AdB_Q8af@1bbg@?ILUC_W;75F`$9rJBJ
zcGvelNq!xLSWG!#aPW|6=;1{)Ry}Z${b&osA7J;^-7BAd1;Tn#x9iVtfZr4fRUA^T
z<-RYNvH0Bh@@EJ@OdqFh&E@xd^i_IneU!Zjt{8KZ!JaVG+(6~umt0o%xaCE9jC*Umd7=SCKWcS^b3|}r)IG>r=ayauANyoKv)9Ae}>6%XUGYA74K2{8AUZa^1LIO
zQ;6J6dt-L}_MZXlgAeB7FHrj2bveo2juWQA~|j%IdUFS=E+P@MR4f_+lWA4>Fx<;Au8W^C
zERsP;o08?A&0b>lJ@T9&;}s+F^hq`+oY0nZ>9&@ul7i*=U&)dTu2bR>G9#UFt+A8l
zAexte_xHOct&SH&C-^&g?c!Asr-`@n~cWUVrws!mM*m2c*|t$Yh=
zH#i#IP^6|usmwh;oU-xV-CFaQl%-FhP!Evyv#z}~82)2H%6_LHsYZ%b%r#$nTvfp`G=4xi0IVY&*8#X?yc-U=wJ|1Ud
zyY;ck-kV3n#1|bxX8rlWcWHh&7doIDZBg%h_YRDJIi2F6ZDb(4ZGBDU|3IF9F?gRB
zrG88^vE*xZl?!SYH!!o`cd?UYVSOKmFSdT771Dh0KmX}Jj#0qMq_1jZs}O+j4EfhV
z|HDSy`5*NKBNF>L*FXJ^TM7^sWeKCc{BGBf4Pb6OZZ1dhH&=P$qw~QKCT`m9(e(dt
zZU0gy#fbywR+p(b@~=<+{f3qf$6>CI^UY3c`vvg5Xp^B1oO>oPPk$dL`o~uiV66--
z9gt?|zB6chyUrXr%ypq#&tpIIvUgcVJxok266EzW>c2D41w-K6fi|wcwRjlMi3>(O
z(cKfjHBcaM?zT!`~UG?G$kC^u&?hT0D#85c|EYDY<~(8Ymq&
z_eT9svHy&N|8~j0UGm?DfIY|l+a>oMIe$mV|Li*dIv#*VlC#y?*ON*1G{{Z
zR)}^eYaO>Gb2U;X;_vbn5VgFjSBNI-41`kH$KX|@M=o>^0>v@MzDV@jhZIC!Kl
zfo(izf$2y4X-jB4uE318_r!^wW3Dr~5qIsIzGDektaH+x-&n+%kEt_gXMxePh(Nn2
zgkbT(COx=RK>r~?&l8=bor8{4dEgX1cX7vLAANq3%@pTgr$V`!t_-$LO#Ql8~9itU{
zn9Bl+*$#UP3HYTW>p|Yiav*gyhVwR`foRBSl0WWze
zwjHKeXek483fhNG0lv~=J_J_GFlaQtsE~I_RG`V-bAcbdBNEvm;Pr{(ICyBhhGk^j8wFbK^w+K0STI!
zwDe~FM?_LC^&iN^-?jW($#Erw^xsGqG~kAZ8boPL0|8LB19|4gO)}s
zQUL1XBM4Nt^XjDNWSC@8gsu?0JO(Sz<`Vw8ui-IxxvX2WM}dRx-1k9$x;VaQa~wu!
zobSoD-(3@*ELIx*bf+7JhZ7^e9S2={arDd|D`iU`oDvOPV6XP1V&yJf~5xPS$E
zT>8FnSy_XbBe}6#rbXYIm;aj~!rNffYc8!ZY_Wsl&11DzV;|kB|6}m}`qbC*$*+>d
z^?%^W165OFc_vF9SDb%j>{2?F`tyl%Acl%`!*s9moH!`z+HsZlW`QLU{^Nn-nvCbC
z><0?&H-_oW=2Y!=cQ5km?VRU-$Z}D6vh9-cuSIlm5gJ@rn)Y&4U@pza;PFCl
zj@kXZh;oG+rKc6$E%GEb_77}Em3uyV6Y5pk9uWQzqh26chRjg#p57$53;P@+5#b+`jl+$G`pVfu(3`<*iQ7X2Iw%Kgtg@pAP
zs7cK_5G^6(wlk2|u?=g_$@%e@7*oOwu0)8JPOCS|{(3Nac=yGyV!W5kkp^Q+6t(lg5MbP6W8O-teHrr8jR9Ca_aGxGWfP
z^}MV6CAC87M+3u7%^2dSWvMn0tq1YJa*E@RzP(*plsK*8{ZN25Y`>WQRuX4R+nyS6
zD}G(>`@Qu23oF8OtYKJR;)A7^)Lq0j8q$pStd~VD?jtVPV>H?^u`(&@oN-3
z#il3a&Z$O8IoeJY_9EY(F-=?Fgj21}VzgX0>+tl-agmVc9K5p$c*AYI9LLV&nS^1&
zK!sbL#QDuc#hW6&)d-#gk0wIc5|-7t<-5%icE1Tr7s}nVU7u`xQ~6={GUb*wXO400
zcrnum|5f^L#ew)!l-YP7EhF1J(mb3$lF2kqnyhT>Yjuv2sbeuIb0J(_CiV
zcL?2EAHX3Wol}6b{@JU@+Gq^EC8ENmw@_EsoDOT$W)tE=IgP6?k`3Lh*
zrwr9gEX+6d&m~3)PYT%OV{pZWyMarsPBci+XjA#
ze1uAzyNUcwk$wi9*e!A9&zQEpXH;2Tq@rWTyEg`IIj0PiGtF$^XH0SpB1J*)d##j!
zrNXL7UhJ+;kEij(*Uur$;R(Pj(HqF6n<5@^Yf0IfCL2L{Wxov7PvSvKY&zz0L!Nb$
zlCoQi{pfjR-~uMINTiNBdZ2#s@5QQu~X;2l&+k9=&g+c=r~UHq3UVSvtky%BnW{%nmjhGZ3^e2PaGM
zWm8Fz2l~;nQ}pZdPHp%_k|udRyCT2Bx#t{^9?@VDN0~^Nol9)T`-ZIrQBWE#OvD2j
z^Hi(>IdH$^N>%MgXnoth(fy-9$cE!1$+?CEm-o5p-nRw3Z?2yo?|ZgUg{7rAEFxX_
z{TF)AceRN{gy#^;l*rxWFT+6k>cr(=*ZQslq;e=O_<0?nLCvu{Jq;uk{6QonlvDNN
zqw$zfu2(%V@&Jg>>L+ilSW04{D9s*>WfhnNZ6G;D@Piu65P1=jMb)LwJqOu@EF_Wc
zJkED7(H70I5rvhbr51P3$`t-Ia;H4I%EGpPV7IspP}&L;QRj?nU}+SiQ1Z?P7xgGJVb%bit2S!OnE)xbyypG|BFp6NFa=P4XR
zY86rwZ4f!YSI)Rf539f#ZZ90jGjb1}Y%TX>J8SGWGY#CDg%DGPQ(9uPsl@wk=CZ1<
z$hFW(=yGoBZl3|g_)e<4OU`Jg7fMZ0amY3_YmnXyqMww(8V4KKI)_Rm!GnlJ-aDQbdF2hgAMh9$@lI>s?U4za^dJeZC;0)`hv
z8z$+r^S!OvQDqJ{OHuW8?V;9Qfm~c?g%hugzk^h#nz_x7RT;KsD!C0@Y9n17xZ4~h
z=;n~C6^=?L_JK)_S9dR)YmdFU9|U<&0K1kCdx|;lZO2dT*lJOk!+L
zu^~RIUtIs4kvz7jWAOH+cDzI62oyKi-@S3c(yg!}LAUC;re(rV!>`pkLKJ~9!S<%I
z@PfFnJ6`iRP=MIb@M*n?pLfNrEp9S)OGi>Bw_|;(iFbumiSvwJD#A864{x*u&to}t$hY!L
z+Y?Fv_}b`Mw~_!~J*^S6bs=zA2C@Dygz3C5*S@6e52KLD;$Ee4-{%AT^3Fz9@NH9|
zuP{8z{}E-y|9dfVdnwC7QesmLPxouRHKj*id-?7%;%fF$hn?l&^&VZ}{zXZa3rFYi
zSTlt68D>5AHzmL&P*9PjiPt*d@psmtHXXk}q9!0bHPUD_VhL7NqZ@r?ms%d4wq4p5@pO$sej
z+U#rCYV5^9v4Tj_CM1ko%6EMCk5hf(sgHs~DOPA0alRjI-a}^8FBN5xB(H3~7Eiyx
zcjB&V-Lo0lN}zrn#I4Nt*iXI^jfzn5ndK_1qxs>uI}`U4+CMoE@`8PjQqhD{zT-Ws
z&w>-*eG=3R4hWvB!@GSP^UfQr58SMtej6U{sq*PEj6(fs!tVr#yF#%`QEKRPo+wVW
z1Lf~b>ETl({g_9*81i*hwFjr_WP?h6-Dt(H+mP39n)_X_P0_e
zF3YVCWk-LP`bHPxO+_LEXi44QlgDaJm+WvJm9KrS#4Z(K6jvEU`1+QKVbj{L=w|6_
zFU`>A%YR1t-h0h`Le+2CsNl8w{_KdnMMmo(_N|T`1cRclqyyxi@X7kMuN+=v^R5fv
z%5!qvq*lW$y+mmp8B)8u+B0J5YhsfDvh%5Um5Upp*qCz605s(EcWfh-FN
zp~qD(A6J=<8G0D|rALb6Tnp4^eY+T02*%in7lJDzjB(2KJ0nYt$t|M)&9eNP%0VlX
z1*}-@$YQ<>)GSBa$LR*Kb&b74>r+!~AZ4|nLZ9_9!!rYdoh9qw5T_K~K405S}oM4KQN
ztHA#L^<4M*#`HPQIs(sJn!gRu7`g8Df$O0cZF|tXy@A>$IrZZjXJJC30YC@FrXGPCxwA0M>#_h=<7a>z7TpbgLLk8FUFb*I2drBL$yYNryOOHeh=rWAuzB+#<@Uk~rqy9Kyx}smTP$)tY$ju)-pvWgAWE+PAkM=XkAy
zZ&9gFH^UX$0p$rdTUep0QGqtNVnP>0_9{6S_?suDm$BM8*S>gr<~DD@@_O?W3=cxj
z_flp?aVCZu@t8CQaz_4srf)a>SM+35U4kde>wM-kRS$45okP57w8jVR$Q#ucb`ZPU
zD8n(Q2a9=ns3D;cEGvdXTs^n%!1-Lt4p50^U-}E+$)lP(L*0!9%lf38TZ1+*kJOzU
z85y5XUwWVPIH
z>P8|q0^kt_EkUGlc(;bv=Ywob1er@1U+w;=ag-)z(Is2RFiAa6n>OaXR9J#rg?+CW
zgb2$ybrn?Uv!6Jv;CKhXc_r(cC`Q&enZ%B)TW>n8`Z%$AwRY*8hv|=)Ezg})>AL08
zA^UF3Igdn<{aNmel0(Vc%YBUOro}rTbnfRTfLL;~Qz=?IbYQOwUC^hjbya0^w((;X
zKI)|CjV8Hn&ANNg*;7&H=!O7#js4zgnVk3j
z2?>z-R01lN(pLHXZw9!Ccu7Fqbk7HvtkE~MOH{;kDp_Jmc$;WPV4>;7qw3zopShad9&k9+(#whC$6W9@3XyIS_85B7?a
z;XPrMSl{pb?C`xJz%AO~emC}$FaF~wf4k(qKJ>Rs{>FO&my~Mv%=}-`;^Q@2%(haP
zKG2)PJYXXZv}*{(iWx@W7+xkFq_uCV;EVq^zgpa7Lc=q(UhW7^J&QHy4D3o)kt?d3
z-Eb(?Sep>FTM1d3ChyLrRW-fqAzU&+@)fIx98(k!fUWpwwH~}=Rec#qX;R}bsB46v
zoCMHOh#{yffK<>3Vlmx6#R?}t7zb|t-aih(yK<6_5q4bZZMCT!E$fa+$H&}qF
zzt@>{t7k%$hA*l5fknZxE%FhMz&67-YTuz_H4J#(
zcgkf)ruJ(YKxcv1Vj?zuiA<-g+RV^9%Lc%h$u-gFD4k)f48v4%6$ldaz4`*=}EMIq!e7X4EM+u)Hqkw?yw4W~n7v0!rs3Ane!^{;AVl!eOi?(S69`w4zr>4?%
z(@Ht{Je|VjK)>7$2d|U_*hazUTcqOaDNP2l=Nu(^+SFvptS}pbJy?SRrpbh$4eMZO
z3o#a%o9HU7O~+1erRv@6XfpzT;gdRaoRh5W=g*_~R2vMX$f$n{+pbZ@xG>fLf5{y*
zcDsJa3FL1leYn7%ped`$aW9zM+AOiI7?JeZ`{Yfe+a_amF@=W99X-&UBY5u`qe&R(
zkYoSS^iqJlP`x9A1dr$yZLIj=?D4?TCqA>m?>OqyRD5o9bka4XPFipu+Q8PiT%u#@
zr(YLfzuYKk;!E=hd4&dNd^Vtgzt3tU9AdwN!U4bLujxHJ`j>=N!1E73?#wM89A~@a
zoAG%SwrWzQHirh*bX-CJ+{yDgmjqh#?2e!+u--#j7O?t24RuT9aiT`4l4n(9yEIMz
zKJ;l0|wIAIQVxN{)Dc|XA0&n^I4ZG-Oo(``~-CyZDD!cg-&OjJD
zoZdtjun0sWM>lBf;p$kVV#8-@pih}rNK{SKoZ~6z9|xHv%`;LNm_jn4h!d2G@n&mC
zEp8Z|wd5{()QFOf@*fwvuk5d7YkG2bG7l0Na^IE+2tOvNn_Xbj7Y+h{u?rALY@f65
zt*lh;q17Da7N>D5d0ctOkCJ9K|IMp}Tl`U9(hK`
zYRyL=$_nJI1zzhqzi=5~QG)8}uaKWOEc@OyeOf$hMSsa*Pf2^xG=1yT)J$SJ#Fy3a
z&qIfQNo$7|5~?Um*y{`|!B%Q|c?k0+;UjU-H=
zaplrMc+n41Q8dqFoANti{~Bi@^;+A$ZJRY{(j4FemOFyShl7`HwpZ)v8;VH1A)_b^
zZr)U4=xL3`GyyH}B!fd7C1jddP+%z5udxtUe0}6vRY@;`O#nPEp-)W=vJBj74HPab
z$F-BFnU>@G0=B!Rky@*sP0(uvvmLBC-7}~oH+qK#}>t{Fn+6pY`
zHEEbgldh6^TpK*MEJcIwKuYUj*5B?|JKwDwYfPz;$m`5}DQs%KUD{Ur5Y7BPj_H7y
zeyWiZPCg38@O8@U%5aCQnJOsE`d=BdXYX<@z+<-H?!eE=6+R*{rv&9hhI@8=PIwVf
zd>76iNL^4X&(hd%Tu>X#Gnr#$Xjq-;mIe(NqY5o6T-SE>w(rVeO9*9|SlqEfbDw(C
z?mmBwLW{Dj-nL!3;sAbJeqrbxQl`&e7WC$RB9e^HdhrvDj=ooUg)SA_09ka*JMAN#u6+noy8m747LGEcnv8xM%~Hg&5nW5TB
zKo0f|y~SiO}KvUx}VMr~aHkUgI?7(}6XajLg8`CA;FtH>9)0i&ZI|v%c35+>
z8$`SpDs+FuzE-!}rlyvp$=7?C*4zu^Lv9@5lh0%DRP2#-`3Gu&z0ax%>2-F~uLkw}
z;_1S>Wr)YxMO3m|(W|@J<6&?jNWQX@NpPgXazof~t`o(3swp~r&<1`{2sZuYE!q&MHjD4VQpZh!9=#X8(>r0muY^j
zVtB$w|D#G){tm&!Wz;M^6re8&0)Xc2YW?=W+li1M{=|<)zD)LyH9nA}ZMqx8i|eU&
z?`xi1G~sLTxY_`x``}jm!kCY%sv}1-y7`N+svPeEvLBA=zj)XU$1Zkjz!N{*Nq@)j
z=;Mk%nSr*W#QSGHFsB`JFaTdg;9lsQ!x2*hbnG->2H#9ZIo9^rbB#@zb+
zH_o_G#GfA9Z+0*q)(+=(zR4at==B3c9-1Oi}JWjNP+b{ymXopf`860Cx{EAP9puwFm
z%Mk*!FlwpA!UhS0IWkts$ek|chA;`r6r1tkXD5OPIzem)bq?uhmk`J6iX6s#2YuTi
z{)7F#{S|eJ%NQd21)Y;I=LB7PVfu$%sNIBy(boFJK&d2Mn+bnS)Wg|MfQ2IXuXc>q
z%#HdOD3k8E^kl_v-eE>#0$~rEw(?XZDL$=z+mHSL7qLe2wf?%Md$ZXf%``;F==AK&
zOe@eN*KrA&VmK!~Hd8%im;mgP0u#dZI6B>7Xg83lqJ5g~BRAV={fRZRwfJPsMXnVn
zoHiqFhkFI*w7o&plTkPQ@Uc4agxLaMaa9k#VE>iTJVL9(Mh^^n%V2f&N^_uxb0&N#
z`$m)*RHv{UYuQ|{7GvJEYQ2$G>9)lpTH%%=&h@rAN>e*%Uc;pwT1+yOL&QNF$d@J+
zsz}$tV4D`g6em6^?w)l0w1mrGQTC;Q2J%vI#If6!=|m68PTKU-@Zx(sIvXuWf&$UY
z=)+mi+ZqU$@x9H>0w0+K=^#e+Ov^9PZT<%z%N9BZA#a~^Ap8(@=3r;a8Ti+W+VF#v
z)W{jq>7edGw;!MDuUWd{kKHzF!4s(2%dMThD8)(glaOoW4FCLFn>#7R^TdJWR|_SZ
z3HY%G5s!bo44g%B!afkQ3n~2xcR&B|XS*CJ
zadt|C(D+TfDXH2PHP~?yG*>Zp8?zP}#Q5aBp8ZjMp4hb>93P7z-KW9PUc$6n$Is6C3)-P`FiEceokZrKoo{!
zEdMO-l!=*}n{F$juF>kv4U5Dz$^`<5X|!=^?Ow`_p9u~6##<_t-EmWRlg+d%$6Rf$
zrE4}+4r{uYzOf=U`kfh9y+)UR|Dn9t(wZWh6=)i3sun);()W3gRZ+p{-P1nsujh|S
z%~fI=y*=iY2>S{%hZs2%mP_;A$u!wqUkw{7cP
zSgFfW*mM1>_odFt4bIHH7(5SVd4LUCFJuzC=W~{e-5djOXA^
z`&&0kj$Q)#*kgoixRaR8oUTR!R3?FvyYl9UW>*&2G)mdd1
zd_y*@>aKc~i31lsBj$);%hB5fAgToKhR2UjZ$=;Wc{n(tGZFgzg|yfC0#^fNA9*a@
z&AySxBvc{Bc-j(-LYvU(9vm
ze62U$&yU{;>RkQq!^HY0u=LBl89er3O4F89w8cy!#Ujq+HmmyblVTXwT8X$B83cl<
zml@3#S;O98Wqy8Mz^y|@zDd*{ZRVZ%)LkirA-4?W3dd8K1VfI9BI1Q@KtH0A7c`#3
zDEV$sKdz(73gf~PL&(n}3uFFI)PX3W=zhWNG4s?FoY0ug&d6*9HZPs=Q?4tX^%!5R
zKdgvi>fhZV`N^x}b?yR2uKv#P(=ocR#kH5$em!
zYr9kq>DZEP%?C%x1}ZB8_F9t$ubgB?zShh^^4sR5H^$Y9Yy8;??LRTv+&trMpCueVW)*;>PEzzb-ld4#!PJapzlBc3Cv5IpHjF{yOEqC(1`6k?UFHJFxb$VD~y#K
z`~RqVtEjf(uGifMCHP5F}XO
zN}-uF3U?2BCGX8-rzYt8vvb9KPeaXCBI&OFksfXbd%{-4`FJ7Zfqq4Ov4ay@|h=|_?=-6T|h-+1uOP$2yctd_;0dCfoD1DO|bblst
zHxCTXOIeQSI#;ADmeU|N6o+k!qwVxMq5auiu{l9{(2BW5d&OlOSF
zHKJYfx9q<*pD-E7DI(;&Hd+s`wD+3R@bUb+7*`&?8JG{Z498^)U%QqyxDN}$J47dO
zSaOYHU$2Ae9rA&m67kA|yE3#LT-8Aou$DU^ht-L-%L5sWuWz{WxXR3PY#YhFhtA8x
z(LU%lFYNoiO7UM(bd(bAUF|TmrwDWJ6;+n#T6!b`^!RtDu-!k7&HGHZyaG_KgU)N+
z$ItXTe*{!ZjYv)KNvw%>7(Rbi+(2NyrCd}-@x$!Wr0ZNL7?byPWO43d=o&L^?UzM?
z&I#Jc;`TE})Al@1oz?!7FIRpR<<(U@QS*?+8{5BeuNt)vnT2fA;P3w8@))hgzcW4t
zSOMMczy}-^$2{|>F9LuQM=(&3!0woYfY}f`$b6gz3OBCe@B{pUw%E*e8&|FgRBJ?C
z3`k77E-BWXv9|bB2KB4h+l&E6u$WVq(VhHRp&+xeQ5@<<^Z8>@^GOG&f2lb0>a70M
zjk_wuQOfrFD}ng>U{{Zy8SvbrvT@>?pOB%}R%^dmNXQ&8_99pzf+?0Syeg=FKIV9A
z)DfEcLU$me#y~o{3!u|dkswM~J$R0C-SzMnuiafaJm*p4);rwgVKQ*l+pj2sVzM@=
z$o*VG@(7h7p<%?ba!V>)?-|0m@*9&LlBA1iQIYiN3f6W>AVAXQzDAJc;VcdysZBw_
zN&KJdlNOqJZ}b3j&Alk>@^bQIo<`g!yWe|4`2_Hfg>|jnCHkpuTuwQ?qWv&%N|fCyVs!=N0U@UrAnnnfnXQm0Zt3ITejkGqGSuz6TMBzSgbSl5B@SB3Zm$k}2s;Ix|K
zu-N>|3inK}(ueJ0987A5j%%f#hTVjp3NZ5T5oX%$CRzMye_qyR3BUqpThe*`kK;0m
z%(Lqel8D=oK4p~PmFs_aFA@o8FgDGNHw&d=8*jUC>k{|rC*=Bh{$ad?gxl1kmh5g-
z3P&weeQokBJ~g}_H_7@b3M(L5)iqTA{e_#|B$t3OOm4FSyfvZ4rtFBK+M8d#XwW;Muz?;w@F;zXRrpgJO~f7P~C&8FKt+*es6F8DB^10b72v#w0A@
zVjbaVQw>we_^DH_Ux6e)^7W|Hj=o|!xOC3VvR+j^UTv2bN*Q6zJi)
z3UKK8Yx(q;Z+@1eEn>>A1cj$dQ$z;o>H)!s3&r;R{D2#^8K$B~YaJQ9(BOUM>%>N_
zI*P7Beye3IOhO7a@~`1&Xk&sCCmWSetXALKCtYUzRFE?F7o!u{YLc0#p?TorY(IDwtk(;F%yxx3^zfp>b>M<~+-qVA=l8-Vj&^b+9>+@+0k-8;B=K+I7T
zq>;T&=uoIqWqPe0xS%?Dp9~)-a!rsz#a4PZa%g9PeFnd~^k2OBWjgzrBHj`e4-if(
zFgBD4H&M&-%es*cB0X5#$+{j-{zI8;6^Em+%W3PU?hp1nrk=W_@l*3uU+(fMZc=4f
zs$KWa^xnS1lxiy~8mNbkZunvTttiX2ZyW)>gf@ra?%6!^8|t(=l!bH2WcRSYF55SB
zE9v6C`3_LYxt2JB;O;jDYj^UMDx{r)S}BX?KabHO-s-uo(VFJ_cMTY1owSd2azGyh
zSMQR$4PRG0=KDPcU8D!|msJ!}VSp9E@y}z`J3dG~s!w#rj`a>OtW74@`-GmW;3{{o
z<7wFUmn8i20dAl0PHQVd`{}Yyl!4NMo}o*3CVY$7`VZ0rPy_c02Lw@`4Ks*dKlLF(
z1=l+4eGo13F;-0nf*iT!1`%JFRzM;fG2F{RCu&kyUC=&4xZAg(IzTe*bY1h2KJG>q
z9n0}0?lfuSdieD>+D1>stJq6m-byTUg)oS?ugr2Gjlpn*
z%_}TvMD|RSO%`V_$h-{iaNGlI~5aEb={EusdY5#2^CltQszEMbm5p`#m)4!Lz~HE;mbAX0%=K
z@O`Y#e8@mxt^5Ad@fay=cZYD9J`19x!zua~HOz+pqs2TIY`y+PPmr(-XhW(Du7
zU~M02k+&w89h=v5Noa$SR>QYX@Q3=fX+847ecT!^{f(>;Ik-iFD>n=0
z#os}~CwW2pHKQ1ZwO&)A`#msXrAZ%;;7ic1I~V*opqxT)sNbpcIIpnXd*P)zx1x(h
zuu02FVMqe&(#hL3K%$OLfGsOh!+T#^^NZT}N#E^4J$}|Ih|SBuTVh#30EP@F3eoek
zFQ|!APT+7=-|AMR$j~fEZ1m+Jx#KMbne)ZvSIr=fj
z{0FCn`-=!DMlQ*8@#Vq{)=L2~tgWfXV&peS4&9U!`^%D+R8ZE@(W>8R2m$t8knhDr
zz*S*@3?4i&vLoU((^)=uJh{iN%9Qi7&-OckC+(xhVNs%`8$iHgZy-;Y1gQ8s{gE|3
z;0yG-SPBm?peY=?&;66^>q|UOI?o%CvzX7`b$Px=S*5p5N^wr4g~9v5-L!?b9nd_{
zkhQYG$diZn;ITNN=YOnH#^kCpU}9zEG)=Zu|8bv@lm$zSgrdv1bL?50jA_EvmCC?7rz=Xh3X_goK;f2JurkI&>i
z6cw=OS{EBBe58S2TQb`p^p2g3FH5Z09??s#`QSsu!Pi|8s0pC)88m^#V9OV+WpQ)!
zJ4qcX(cK5?<`2(fKPIwHFY|DPu@C
z0F3QF#YN)kCu5UOy+P{)&Z{$^J?lBXDS&s1`v-g&f9Q$R=rKDZ`^MghQ=twkZw*JY
ziZR%7u`|fjwvWSbnwBi``_M|<>SgGA*{+Ag3*(X~?t}OBoUDhq<^EE^#b93BNe^P6
zTJZpmaoV1Iv##HTr`M;FTBT3iJSWEbopAmKq9e8|suH#)_XmTV`$0xTo-d!B_|E#)
zlIUo{K3PwaUG~@Kw+KJqkY#%VcPUTqhuV?Lf5#M{D$PD8FiiqHWr>gQf$%*K?~s?2
zcno7@?$CXFJ%mtyKo-T%h5W}SBgXTgVz^KI$55K=*xu=*pX`5SH#HG%PtYd4JKq%p
zbvLr(i7T~hMrC=<(~@8Aq^u3JRO&KQ4@SCKM_r!5-W4-#HyRS!I;;VA4y~qYiIv09
z0Lo;@?t+&4-M&W^lj;8MvXofHBJ1X#_7||lV6m*ukA_B$iA8r_QSOjl3%CUS=X%{e
zJ3R7R{>n7^X==lf36BwH<*EFQ_EIrEpH@vlXGbZ2Zlbp9Y`r_rLz?$$`OmpWC8Ogk
z3&iuJE@rl=dS)_D679P?>+yi_bnS{G)OYd(Dp2&qmLp=L`f$}-V|(r5+K7aTS7vzJ
zTTArq_P&SJh-%6ONNu6}ZmJa8FfI3u=brGj-Id0Qt%c$nm}87IZkuaSIKEaIODBKo
z7jHT4{fGFmm%Jo>clo)+@2WNStr6b_rREbs0=ww37Tvwh~
zFWueS{WUj;^mWi$@1`q2db$y+ijp#x`Ke&0x0u_#kK3>IuaF^!8IlMH?a}F0f=lS|
zuj#QdkDJqJQr6+>s*Ms#(1xwD07G#p-wwH0p5Kx2bidwEvfozwtafCkeRO}NESeHp
zp){JHcq)wD-9q@cK@=8l=XAH&Wm%*Pc
zdSAeYq~Kucf3kE*?sc+$inDDn4Q78K3FIF*jC5a~sFqBB>0GzX`s@9LV%uG5fE;6*
znBCLRr@d_ih}2L6ADoUIR%uK#s^&8Z41R9D--(iWdS%9FG*_U|eIr+~W%6(nv8)d<
z(2#zpIRKJ{zs^*^W5{ZqFCVjK+{8pR7rZx56cia3`emd61j+W5M$k{MEA{{IsH<0N
zy8-(DvLKM^{Z|Fe#Pg$=aDo3cTDkXFs281_4|#!MKspfC6HNSKVB%9jCUvpHmedP`
z!Vp!&gen(4vKGjGGyI~i=PI^6k2~i&85uf%MqXJs=}i%`)mA59ApBaDh;>ssR&1)8
zR`wZLI;LVTo^zPJ@I!4y-jaCu*0LonV56OSK3lcTk=h5Z>xPa$F(W8O;nlHAxHmcw
z;Su`lB}=XwX1kx@4^1dv;ZOBdkuyulI1G-6=$@2EU;h=}KOGa}Ak!{Wx^4s}f%qGP
zak_(7%QtAncgp<$+Snty^QPBqQFbiB|wR|KlMGy!bWhsV69Q2aY-n%?;_BwN(TR8o_5f{hdoAQQARhP
zp3K}4z3QY}8kni9z*A^6C)cxGYgaGh(mbixhZPOFvfj?YEt5-0NbV*PK^1^>i~@Q}
z3Litnc(b7=QolEBAl
zP>{H1S|Z1x)Av_-zdv<7XQtMvwtw!-9y4*rQlS#m{gzMYB+YdL%qi)});$$Kt|nzu
zDoxYs#QR}Hj-LV5ld+FB3_~{Xf3G59S-m=e)hu@B=TH)JGR%)ywy_{5G)O|+=jbdc
z^1lh+h{~X-aXhiYEoUneg(IARKU(%xKz9Zly+P?{-T0MA4Q^!!lYd%OZ%1$|44HTS
z)$J}O$gAoHa3qwIc>3Rzk=J!egRyDCws6~1xUCDeMUkmA!2G-76sN0A=;uh80;k(;
zV8X<^Ok>xTG@&6^&#b1*tcTxI9d4bxj;l@WZ-w^E+7Z(Mnu9@|?uhx96pX1KtwZt2
zyZ+$mVZZLG>pD-hwDIh%huyKzdJ+(T5ZsZOV%EWTQMMcErYtffc+%1x@KS|b69TMf
zi!nB}BO6d-9)bUSQw-T8uEO@?6bL9Ip_YI{)UF|DykR?*7({l?A*qJnJexu8M?9tirC4n)j+UNJB^lF3;%Dazr
z3}}4WkK7pKHQ*%^1P@{!UE`9&
zuqC(E(LCj5i<>9=WO!WCpd|W7m}3A=MbfV;{rf34MFo%jHvY5ZYcweLR^Ig)uR@mE
zy}pH#iu&rk8veUv?1}@?QRu#AmwS`6*1??5^+Wa6{93-HjiFcWD9yXuFD0$xo_*t0
zdPS?>IiQg4)znSo7kIjUTLK7*(Zb$_jTmVHco74F|xO0P#P?|u|mZ%
zT)I`G0H~d`
zK_lVpl9xSG<);+Tel1ob;b12WajG;*@@26{EonaF_h&PS?oAzre`f_Tm^LtL(6b
zh(Mk6BsF^a9XH%7rhUd21MS30FU)`Gu572ZB@DNP(e)apW4v}WI6P@#ijkk=x8E3Z
z*nrB5_8D}0KMucqC7>6YOA#^i0_h|+e1Sxu{^@JU;jvs*~WP)lU-32kJhnkW->Md8^;*`
zAWXX*=$cT(0*2Tp)ec`KydVngjuLzjWdXE$?`v7iGK8vHSgg2Y<*Hv9^1@?Cg67wk
z?p3-wzrG^Z?+0OH&@|DHK9Y<5`X(ab21YI@%T>TOCS}WXUcX4>wBW;I1DviBr~a;N
za$j2-Pv<0H>ok;PyH|u=-l^w_w5Q$sJzxez^vU+!_!((oOOeW^luqWH-sFgTW5!}_
zlCsR(D$;|HPan3fbSJ+wnkLxu69rCzgQW+j`VH57)*+Q^v|XBb2DsCr9I!}nWRR@c
zrX-=#`rzT=WknfEdjS3QC!eDGn0{wL^m7-lwYzo(LNFm;D2?qf+e#R%*9>-a4p~c8
zy{E1>lRxx6XxBVt6JY&YORU`3ITvfEdt|#<>=Q&I2(7pLChgEzugkt}
zhPxH7X29-^oQ;={W1F~Xw3~rV5(YFRiM8}3F-f1k!S)*%KcW54g+&`Ql-bJsQ3fyg
zho(?+<{jz_zX*cd$yiB11J5n?QaVxFdqV1S=d!q#`2OP3qod|;4$
zrMSt1+7kW^P1cx?Yvgf`7els2{B75avBq{LFYl0rwB(v|M!UtJ%v)1Ec&#?Vwrd5W
zB*N!*Ki_A-E~H=P88zg$Or69O#|e%2gRG^%mFGcFr?}8u9*1c*XY-;cWZg^-3gvTYfDGZuu)kkG_~p|7_{R9%Y@H!j
zXtf9F`hEOfL=p9F>rI?>{EZ{&?o>Y$dsMY$l7Xr1IjOe+9BKu(bZ%2I1~9)n#@?E1
zbQe8+#h(^_-(_70W#^H2)d9KH5RJ6_+myVBCGf&KtVI?mJ=hEL#l0${Q_
z5J4u_URGl6ixXg@iB})W&=W!HTB8>*Yr#-zQ1e^zdS?jfb<*r`qhk_fOmEAuiKMUOzwYsB&9oMpW1of}FN*ET4@BP+PuH=2;{;M+YG5aXK;KT>Kf_`I
z0m6(YAjg95gwR*mIFXLoNh5D9H&k=y8ODR}Q0oM5Z(6`Olnwf
z=2aDVa_d*IO
zXZWfm?zuLzV)Au97Vh?h7kbf87KVlf;j$hnJtv!F^=@NxYw1R#8la|=T5r|DvjeHbHuS@2hemaikW
zurH~yt(hdo)+~FGlZR*~pwEax(DygLa@ePD=J`s|UnR%V3>Y?h@X-evWceYjKFnv@
z`+DT^>57yS^W_{3n7EyQG{;2B5RhZneXx-eb#T@#{Beg%gopyMBa|*8g&NZf0DFJy
za64uy%kyvHiS4J`cNbb?dv4!_8zs_-2>-EKv
z)%e8GDQZw0?@eb)Y;GzPJ+p)XB@dP~omrbXZ;e2K9wuD3G`
zleBnvi*>pTl9g4OLwz^L_Yvv+$ADZC2I`X#7}FbPAJcldIIVc3PwUI$bdrZ$VDf6*
zn|>U+#3z*Qoywv>e{7HkTQ+SJxT#H3X96ajI@U3zp8L4C=6H4&S|>N>6+&VmLa`(=
zG(KHOj$DwF3BchMQTqMnhDv8+28@68QRHX0h`Va*q^G6&i|;o*KU%_l8-iDEFK$|m
za)@nMxz)Q-1?=W!!RCVsi*fUwc2~|Uza&{F(z$fmz)DXV;?$F^Wdu4M;CKJTELYGq
zYgq-5^SX6GIN#0T>euG~`AGG*DCPzhz3>Z~X(2uHwOwF%z4kn)jBQYD!o!cBp(zHs
zsQo1bXt_F^1N$zS+e-dh4{+}MBh%KQ{BarN{SEv*%F{p0pjgYFOD)0N?}0$MxS9F$
zX`O3EU~4x-K7ePX4>w7G?Vu*_vbwPEU2dl+G@vd~dURfqyQ2R?#XYB@!uPbt?b)o=
zGlaTzcj378tJiyFZ%KS4i=8tQQP-(T$3LLkj-D^RzpvT<#?VN=nt!`p`2S}C97lS#
ze*4!vlC3}cJK`cN`>^_YD^A3|(9-^s=!fo^N!~fL$un47L*L&%zo+=?`HurQqw-Nj~;Y`YWffBCa0I2f-Y5ml_WZEVlB
z@Uz@Ty&VOUQXgH!V61>$h|#(AX2ClPYTzG+_G*EsFHikc{U3TCR4EcrE$Hm_30~P!
z$$gvB?ZO@bRKyz5)U4
zF6Bt(TD)8>4<|acgR^8a3tdVn<+|=+t~}IKw)A)oQ~5%={wna>3A
z@W@^wndWJFFUF!eC->2-1iy6>_JNZ?@|bC@;p{X`-5)@~W-G3JeAXj``*NUD(%qGv
z0}o7qJo9HT8QqcYU~R8c5CBgu`T;x7t3X++)uEYY&-&40
zK9g5q80h|RbIN>k`7<}l>tJ)R#C&|wd{%uC^FeX&ZpY8@B%$YrRb;s5IC(7>d{hQH
zro>k|R?i?Kr+J;8lBdBNqLjf+GejGUmG5
zOnd)Md#`rc85WeY-t+_*7*w$2A01SYp7cTkN5S!Y;b^SSn}gw_Wchwpm1rShi}s*w
z_X!d>uYr-SkmneJOJ%yw6PMq0IAK^BWyJk-L)T*Z7pH*jLUIRFcIS7n
z&D^`(+_|eW5V$(qkxxJjC(X=(z0XuSV1srFEQTA=j>5jeAmQ1XcU?sgC`;hkWB$jPio
zVOEUnv=Lf!%Qj`K*W3XHAQs9RJ^Ow8t4&(_uFs!d_l`AdVjcbzFhd_;9in%lc>5g&
z-}_!URWF^h|KOJHqn`MLjuy_yYRkdX!mw~ygG3Gqs0n$((YVP!oLY%pElJvve
zjeUtU=Lg+CrA}3K(;rev8>P}bAjIQjFPSC^VrAZMOBkA`f%U`3bd(l529G1sG-^PV
zCaq0zE2o9>b+`M13XO|%>0IfMLrcR0a-2^exy@%=VV61i7#kiYIDSOq9|=#2nVI}fvcW=aE8tN$Zm{OJjI*m8x%AD+TWe7TG526yGy~TuQ2=+XEkwUmZ
ztlxR_nsuo99hTVX<6f!cUu4&|Um(~!ckH7zt
z-|je1%VZ<-@4n_l*i7iSzxHnE=i`O4e4f__3+x4tG7^{iV*#ExA%!TfPp%h=ale#P
zyU3Ecig=P--nYoMc)(6W>&zdQ@<*YLy>p)a1G~|tGP&fhJ^IzkqYwvW{muIBmQ;`gTO`#bz-#{T>_nenm+%iniX$5LD)Oh
zn$+S`!1isMj%@cmJ_e`$yW_>0v}bXT-u(%Z6UVit7jGWEJ#uKq6D0Rvi#`=F#+M${
zqyO1r`&G=xwiUg8+9;y8YPK9NGH5S`0o*5>$X6{i>0fwsofhLA!~$7dP{f0xB)zzse=LG`j0*7jDQrri)W5c`r^_?-9}{Y$_C~mQ98KiDJop
z#}(^03sp@YCFHy8qmF*w`=EnN(Q7WW2N6u|opSz30rG^C!kz6`-IQDBFHM9i?UKjX
z0#=ewoawhJbrLP<;?)$tht-YD{
z2Ke)oZ_4($zutbcU@*rf-tQ(Vk|uZ4Lm~^wuJJmQRO+sr2@Tfh3Xbo7-crqVaB{(+eVncfJWnbG3Lj1BB@hpp1?!)?}aBtc~-l|By-Pa6guj-#&gq
zdU1C;|B@#>+QeL%ZPsglkPFwj3clyzjQdmGcYGV|kX>l}B7VN!MSB%s{~L2IThM`f
zLm`oCtjVen5Wt*dFHQk+`Svk_rnfiGuy7wA5huadgCpX0z<7F1h!%p1{iUKE#3V+t
zD&c`#+kw7;HE)H&>yr)#aweS)y
zSmcKwMg^q1cBDUys{m#$8O-744Q%-QZOHG5|C&fSNl-P(O`IcE#bk~`m#>&BR|i?g0a-Co_(W2*kA3#9>XtfMQ>hM71s)NlBHKNhlQ5~AzQg&
zJXRAazPR4bUbFGNxIMLND*ov2-@Rlr92EcUWz5N1^iZa19jftmjy>Jz(6>B9mE~AJ
z+5E;L{Hrc~*FC010ZMK-W7n4!I9<)4Obgw4HI7J&y~fkbpE>15YaDxSceMyZdPC0C
zdWeV_UxIWn_8{8l$RJtc{Mny#Z#Ab!2TIwl%!$xYei}Y>JVbDYZp=R^d?mbc
z39FesJo)>Fu^*pg%}sJ%$z%)Ib1r&XZ%mi?=`!}gw>p}u6m)#K;3}r5?AXSeOi@-W
z2K!OwpjCkq`0^V+K-bgJ<&-g*o^Q!T@}^z63HvL}v~W>tLqfg<22HvuY4`s8j94pG
z8@Cn5oiAMqy8D&GvMN+_fqpdt5orBapI-SXX&?o)v;oG
zo@GA_1MZ@LG{v&}vSd!dLMpq>-D9c03lGr8kPktav5x&f~y
znNjZ-tv+y^v+Y0*HCxtYd1lL{eb{F>FvdNI=6!emLpZH_H6EqdyjfJ%8)z3I+Hob|
z?oNg|o{KlMai}KoT4Z#LbUbI0p-Hbn7TSaU)`DuWE(VfVZ{66~2+6tRa=uCMyLXNo
z*V}xIZ{c+xV`LfqmZ4X1`rGVRAh6ku38-QJ@jBKu7k{oy!Flmj18h7wOflA4&((7`
zlJNt-;?1?tlR^9p`Q*9pX1bsV`g1xM30OH#OU(i`4Ur_wb@%i8Kan_o$0{|r@zooSN3M0WPH$)NPPC}oQ7Sp(E^7i�a>P
zJUCkt^ESlp>a@@;jxj^us~h+*LMzw%Ehp~5*nFv$y0KxGdP#nLj8=s8Tp>_ZiIYbH
z&L&O2>P-)7)TCzf$`4e6i@=k1k=#$6E
zav=>qAe>pC_tif|F(tM5xJ&=Mk~|Z%aNb*sw)=aqh&z{zN1FHF<4bwV;<7`lyKeggdzC3>%Mt~T%D1a01+?C-oAWLzkbgZivLm1YH135VrrPr)0zrnx%1@eQo{x2E!S&j}QapG^rFb&jNQDXn=33
z8yWIQ`f-EO3J2pGt3J!O)%Lr{0;bPk%CQ}HjW#o$-P@molH5*sgB2Y@(Nbl#2pJB)^oMa{{Q@6n>#;SBaYtIn{5
zL{~XFVMg}c!&Lhx`aR9&_V62zmeTf!hM;2b;PF8k|HHJU?>aVpVVh!c&p54!sPrhx
zj90;^pF+d1g(9&B1LcuXw&Z}ffXDB{>`|R|?Ua?pD#gRYpLVW*Q-roe|9bpbWKbJR
z-U1od_uZz^j;b4q7)A+Idt5P(csc`SHW|cHOc&R}GLUY_!}euD?lr91S9kj}`srh|
ztpnaTJknT3RL{an?^L;>8Wxexum(kju8YDe;uNSj?YlrJ&1Z(kmwhi|N4cvuGOde3f9;Ul%z59@XY^S9FvfbiU1h{8`y|_OHAH℞p;J05lzdHHS
zzZv{9hISglAg*+1(j=!;Y>ZFonDeP^`Y4**9SAecAmnW`v8TC#VwT&5!>!#4&B`xL
z?|JHog+yQ{CRLn~qw6)}`Ax;jo{nZ+i;{>?IdiuDFk{KbuLcjs_62?$yxif_
z#1|`6Nj0T2+pzO4-skDCaxF$s6;`sJpALF*D~s}5R@rGXbX|9Z0F@*Y)hW@5(Fe%8
zKDzzga%r0qZiH=s>ToO!Zr|y5UeER)&Sw3{{1>;V*MU^~FH>KNeZXxRj6INKqrHqgFPQm0RtXzI$IC
znZ~l)8MyL0v{AnWg0{73g!a@XMY#(sR?{gH+VpL_AK9=s*
z0e=>R#$=$q*0F9*T!KsF`~M*`JKXK9<3obcPv8+qN1pGnif`GOYiZUAzgN8uCEpJg
zG_lZc-6YB?+35~tLaI)aJSLfZKBXOl2!V1>^4pO>de8pO;cKCFX0TG8l}W4VB8OfE
z0hMzs-dtv@#`%xRNDkeOBbiOX)
zdz3MQCLVG*x8r}hia(d07e)V8s<1EY4u$-rZ<-43*WwlDYhBevy
z1gD4O=CjMaDUv2)&)1(Gkc|WgBJNk)Z-ig#NhN5-%97(-x~ZLT+@TN7IQPVU{`orAv4`mxkhv5IsColUem*nnUb)p4m=AuxFf@O{a`wO-k3#c
z9{X^l`sxjOILG9bpQz1M)ZWuq|27#zA9K5`>axnltK}U<{-u|Q-^kcMIg81hQa;2!
zCG^XIRGh?<*$A#e(#C@-vjQtpzQ}6Hj|40>+hoE^D2o&{q3YawVf#sg@xpT5{&6nx
z)X$S-XvGV#zc2l;&Q?-v@9WxF9G@>G%?8@)COWC2yO319$e5&OPlI&y))Xo7b*4vi
zc8Y`+Tr%eB+^?GL3{m`Qbp4;n?l!xHejE^YaWw*u$E*a@8h{PX8_2|#v5a~{NDcbE
zB+J1MmnKco?6>y9zi!tT5f0=3#tc^;5J-NhV?qUrB1M2p{?`Do1N~8+8b`JCU9LGb
z5_9GNN-OTtG%39qH6ia&SxAScYxfuL_no!$Zp$`6^ny+ETZ{PRJOeBO1f6w^#yk9t
zXxoyBo3%V3GjHtL+LO%mC-j)tC=Q0Q1n4p=d=tcT%%zWU8}{IEff9Pb)^d!@FFqJT
z6KOeX_lLSA3r#EEf(wJHSG75S3zL4uItwL^DK^PTIyP?uXV6TgVE;iXVeZ28;!MiP
z$WfxP+Tb5|*7^;v%WGRTcaCP;PJE-aq9^$|(f%A&Z#61;j7M0evQ5#_s>}PYYs>p@
zs9EKWmeew4#z@Yk66!6mqP*>6HnIDBB;~OtBe{L!Z6oYVmNGj)ElE;;u`!EB>!l
zi|hteaAuT05gTKotjX%g2e2}6FKZikUH`F!j2%1h$_ca`4%1@l@D%K(D@pnrT8?Do
zmOvDD_B-++V{=)r;OjnRdakD*!l{lH3#H2F%=yQj?#gH@XT81Dq)^*nzOV+YUAbIs
zJae;SL3_xNtt0OO+(hUb78RRI+?V!Y5m&rCW&`i7_raDhXy)GB_8O*8N!GS>`IsD3Q`R-F;Q&1;%r=-wO6&xwil!`1*;mm#B-_tH`L$)!NCSSr3vS|<`;nbQv);zR%PpHaV
zNwsgh*UqPt_VG4k?YdPG+u~#A3u!KB??WliSYNmALBZfezNYw+P1l0uGra!c+@*%W
zQE!^cp=**HHxPPfY*F$>`|>J<5O*~uL+w9ZF|h+xEaz1B=1+i1W53fs-(O(9i1(JySLNQrA-zg7{26xoEyKV*&;C5pxZ5OjFRTe^
zOIT$A5+*MZ0D}}a0qjo!6sOOjuax)#3h(H|?*qW)#!_A{hII)gJrmX*J4Is)X{G=t
z6%)`ex{>)X)sUiRR61iEBE
zqdR;s-x@rWNsOnJUSau?yi@ygKKq*sV9mpNy6O7>^RkQMJM&}I5I5Ti+~Nh-sm|q-
zfd|N0@AD`#J20nWnBGAuNE>L8`rTA$vlDk(3p
z4P23A|Gt^%TBJ@HZ&EUxFs~1tKHgBS;5x1#TE|B?3#WW`gzLe
zFMMhmLRq3{;_MocvoQY|Cg%cswNhk@tic`xd>~tghb~r^Y7}c-cDgSCZ^dx>{-TVi
z{x_W{OGks&02kRA6^NRBLpm(DU;)coh|l*M=(O@oHFvV
zvrR3MP3Xwb1HgW|9+>sw5^hlxuQvsCEdg!EXBJqF_)6uU`$t3qv#mZ;z}&bohEX%$
zyFL2_WMEwp0z-C^wzrp83q+?i4ZVj|B4tErfPiP8XGwgx(-Msr5@1w`dz+U;HY`Cg
zwB)y;wGMD$_5uC5XFL>GzqIZ*iJVxPIE3Z
zVx><+AR|{{0uN;S+f!rkQG#Q~z1S~8$}YJ8g0u=opYuFr7i;x*>!X=-P2^B1|
zIb*%YzC3FjIfHty0v;un#BIm74LU$UKArjz#sqo)aNkV0*ET=``ME=b{{2OkbWDGk
zrWc(!?6T}O3dg@TfoEJppKcyj9u}#%Ds=A>#Pf05WSEtH(GiNDb2V_RO}heCOg?Bn
zZOlrj{7p9+~GNbHJu8#CN}y5tKBfF_syj$I6fUU%)0h+eJyLQxO9
zjFBgwIu1?r;Tiu|8;9o(AuDwa8%hm5j_dZ5i~nqq+5~+a%-cTZT4z)1Qv4!6z{=35
z%Zq09acznA^g;zu+xNhqGvqxTAu5q~s>&R&&uCb7c0Bke2SAcmeY>z|-{ap5(E@dd
zJ64Z-!rUcI8LlfHz5NRb+GsrU>3-*RP9kq5=;FD}qf@xcJGW}9aQ_ew4@`i~IIH!^P*zeS{8q5Cr{4j^a
zfBCo#v4?H1q3w|NRmGmaIp3Y|rMMc<(C%38tdsP*Hu$&~m)po$*3^4Eg?k3&LNLl0
z3mb|hwl5V6j((>J8^aZTNSWuI$H^VwY%0*nEw29|t=?@c~Ja&uuf
zMVnAgzy<_zvk)!5r<0(o{d*eEFF
z%OsbyvvbJV2rT7F4<4m)o3G<5au!u?#Z)h-JQ>
z!x_u63P`U4_*qiD;J4+
z%&hS1`{1y`4^RAw`k^0;tY3GC+f*E8t4nZj8)Qf$v6mX05gi4nW1g@WCVTV=Gl#Vw
z9yV6EcQVj4I6Is&#DAnu2)un;doC!#c+lmzV;^%{@Na4m9bwYz^l(1NxnhkrZHmsjj9
z{5UEH-P!B5j@@6|npII2Gs_VXFsXw@xjn*+4ZksN!0nq{|AR{Dtc(M}hq&bt)v=Tm
z7A-;+M*CLfrDn+v>pr6IvJ1Gwgz90DVEgsy7QMXt6R7EbPX3y*TdUQ|s^{m`HfO)~
z!EDChAn++8vH8^)uqV7=RK56ES;@k{n%zg&o!aSOl}>+sq)ZmL`W{LDCQYm*a)Gwz
z-IjjTaEAOUlZOslQw|p>TiCG@kuxekvY;ptuTz$OkLajKt|a?E?7e4LlijjE3`h|W
zkuFkIkQz{mARUn|MIiJ5O79({1PCZ9y@p<-_ue}qQUcNwdXY{b^cu>WXYX^)eth;m
z=YQ?@^Zt_S&V42KJ!{s?S~Ig|eseFF{!obK2Y9gGfX@)gLo%9U+DciNW~8!a&l&aN
zVqLx<=m7eq=eNUdDKCt1n%T1QJ~hdjEcBOOSW}d^?}n4i_QL69Mn18@FP1;oSz@js
zW^7K!?)3^O&v(LlQblikxk!>?uL3K5e~W+rcdp`FLM_tfPofIUcd!RO(|c{-KX3P!
z$b5zYcAxNJ?XhdZ#DP*kPT8Mn2Y-i9!5r-r*x+I^6>Yp8+vXXpuT$k#)HV}s}rnU8VQT)w~_#XxXW3Wi@idM{(BVLlyyETNp
z*w<22Q;yWl#FQJuFjz~h-QC?}W6o@UrJscuLZK=mb63Ei~
z_01Q(f11V5s+oF+)T8A$CVfSkJ-!RvMm18}nBDnGD(}ybIsdqZa7qOP;{X>QRet`T
z0sp@*7HJ?-SYGWerV{_}-~P93Vt%Qpf_axB*h^RVw^PM`Q1chz|J&ES1PuExSNmpv
zGyVQlr1CHBGZ$jijJc4Plvw^>&*{G;`CO{?=Vgu2>+|1{~vsbNybcV%*8>4)4!(VPondWA1v}>IDQ6;
zZTxLv{c~*epRc7fC^ElFX&5t7NBkS)U9w8aVEcRV3H=+=s$heeT7@lG*SCLzynuEL
z#}|3k*5v*TY5k8f{awBOqfCF-u>UC2-}U}K%JiR|>9?))KReUk*zup8>AyDD|9@s4
zWITrl6iAd1{YJA2DHw(E#4#m{%A=#B4sCawx6~q>tqiO
zPPF=pa&qz%X6sCR&p
z*y;djgRt56`D}}w-Q+B&at0s8c67=x^YY5OcL%3oZ@ks^36(^*Qxh?6=5
z_YP!SfP`4%-P5RQ+vb&(Z3QJh-@5G#7zT)->-uYF^s4jk+a%H{04ZIg5^$?SMsg2X!{ZYThMnjwxIBILA;QXeNl6s8|=zMNB
z<)4tvS@Y>iKFIRXpWlP|7YjD>i)8eAK~2ljBg!Rw=BMPnQ)#n2mz*S&YOjBn+j|t)
zzM6|OIDr^sTUVA)W`_n6A*{!cZ-Fgl91md9I4t)*Vxe?q>+j9>G-SleVlo(t&NyKAhvlC5=bs5Fm&1#pdNe!f$eQmj~ypu0sgFO>l28nma~M
zbcXVy98RB$tnOX%&yiShUAJj4;eA)%7c5U|0mK=AFH3Yh2s3-qrGD7XKiq-8`3S(s
z4s2WYfF$u_q>zA)8RF*-aJRqW`(J*gsNCUax|s5qwuQ*#hohWa-V)v_IR@|`(}ujl
z2+v89El3Aj!ho}$fz`mL!0>^X=&28;0SYSpu2)5i9G*J#IOkI
zQ*rmgF$eaauTBbHlVg(OlEw^jHO!$O*PmdMvr9sLW#RM`2eg*MG7P#SYs?p`bANHe
zVr8moKOKxieoGa{2pJ16Ndkr+YxlV{f_+u>(B=@{A14LaW9SUYmkRKW;)!8GnR
z*bejjl5ju}K+_z$Y9d~5?pWU4*$+9!aPl9HF*f;L#vkKYl;m7f`0dGme#<{!12g^z
z>s$+(k^F_FcP((xch~x>Q7ldY6a@q5X1*bCfHB-fClZk}yYZg+cOGFnwh2(O!#)`N
zA=GFtWSpXvHv@2EpD1o!hTQU5mhKQrQ=uZ2x8Zuw$BYfZ`h-^u=G
zANfyr;{G77>UG2KU?Bh3hypNkjNyZ@2`_-_-*IBi33H%x-vNIabDt73006R?C<6%E
zm?_w7bxx%5a&yPE`W&)&o;q-__o~5_zq|ZJ@%|xpQlk{Y4RX}6*De(SzdiY0x>Q<|
zd#=Zh$PxwpqL0b_=wy8ZK7LymYEIOA{bYyWeYl?Z|H@s3JAZ_Fg1KB-e-l4r!g1SS
zbsKnz`2jaKdsJ4|OAa2MlVke6biL!P3079waJ6YM8ZSlK~bcVvWlW`EDm_%m^p_b`v+j!O*w?Qxut0B=OX
z16ta(0a@9P@#=vq61nC$awf8vh2fuN{O@-@hhwzk-ST&>KR=#DodZ`xQ*+R3Qzetz
z5B8mpGbQldR^jE#d@zn4K}NA(*4n1$}%YfKETQ_S}!9s{ik(65WRAbFq=-1G{-$r*#`V$&ad
zOlNkO7v7c;N&Dwbl%5%PLrLgync89t2FV(3KYfu=DId{ZX85qY?J~88
z(E+pJ3lHCx+V`KwOGvh9y*SV%1YVoApWDto-{!wP6lUxXdKlYA=b5?m7W`M)W9GqV
z?Pp@0?JsnK4%|VcqJ~XwyO@59fRy^)*(rYW>G8q`n(>c2-%2|Z5Yl(xCJS0~H#Yj1
z^^}1Wfv~tZO6!r5FLskPiYF+5LQz%a(?169RB_K__vtm4iYVkPiS^fKOu8^pai;S3
zbCW2nZj*v6!;@Wu
zf=O0-v*nd`{cf3E>KOO(Dnnn1KcOWTc++hWY7w66*Xpg&?2)HctUbssQg6S&gXz5l
zUFFhYlX=EfdS_?4CN6?uI^|F;NkqlP<>br=nm*U8pxJs?79C8s_vlZGS559JSC&7MxM0wmruJcZF*VF;u=0I5GCFPx8!?#S
zFD~(LNBG^thSmF}P_6up%n22ZvNSfykF0O+0xNJcKPboHNM_!r
zclfze|FvUk-H2Pyed|MM0^$!~9YdmtAo`VGu=41OW4gp+Bk)Dvn3{wge1A9bjcJa`
zOvmZBs$6BWSww~?xgGf!;rL(@@#b2_t~U3nK<#@xG1
z3!&FUB5+4~#$zYPHZpxQ$6B+{pu8;A8$QK{g7KRFs9^$gN4M*BGA|BagLBM7EzJ4K
z()5(~5Jj@C*(^66qm-B$WbRm$$>cC5@1`&oIHOf7r{A>l`6d`=P^&W?DC!hZG*APr
zqlIx+Ys&%4lp6bu%D*dM5!5?OJ+i)o_h5q`1MZt?*HBKwV-x}miNxJP3__EqQKwY9
zv9-w983la&cZD1iW{yT}cJobx@Rs?dmw6qYkV^{ET6?ld^7JBoD;JPehLzBd4LL!?kJ#8
zje8tSU`YQ?>L`hgF=0sJS^>Hxf`K0F7U?p>WUN_K9Cce}M3+n6%o2(^jaT+4l}mu%
ziOpQA1SeVcFoMmZqOmMs+mnsTbp@mBj*f*~D(rrdq9<0%_9i#b7|X|yB3YB;pB
z6Xmw=S53tl>i@MQ@W@(=v6u_
z?l?+9QDU(wjh}XNFnx_hCJbA><4su>?ZPTt;4f(UG4<#6*WSk{x`(WudVhcq=BYGH
zGsks!$Tf-w!-~|fhNf70zyCKD0QUXIdY$h6$E)k__+BR;%?ba3m`&oPO=2lp`Lyvb
z2ff1Vw}-O>)Djv^^JQ{O^HrbJ>+xIk>SXv+YyRZ7d@U4wE5A@4@_<&*Y&?--9NnRx
zRvB+tt?W}+?DPIk0Ojrso1`jQ5ne)^zB7?&R7d}OMICcU$zN@Cmtk1`he{$n1;LX?
zkf7*}$T7>l)JEc*iV6%gAM937zHwOWz(BIiO5FN=eugl_XZJs>Ysf8#RAjpNL^05v
z;^pF1{XE}W0#)H-t-}1bITs}K>|8n}PDNAYH&|)1fGXFXyXSkYrz|RH_xu9B_Tb=$
z8&kyzzCv#UW9zcGOjRXht0q2UV{(QcEQ5-(ybjJ*9%8Yky6=a-Ut9+{CB0cZfAez1
zd^u{D^f6?j*grlaPc2m6jm`s$(AaBV&wAnE9{BSfPTY60JpuCJ6U%PSm`%M7@)u6f
zlNSLG;t{sE>A-uQq7ZECf3jEa;^Q2#FLnVP#v3Yw?+U|KaMf@sF^J!qVbb
zaO!GayzsGNF?s9sx1ArDD8+wFjwP*7!eE0{p(8F07UIdgU#LSaGpAiHy&NEV#6iKP
zG@mYBWxKALbTy`C;aN=$u&W~CjieP+l5rAzhH>Cq^d!(5*+lDocVZ%?Oe}VZG@sgX
ztB+_jh2w^WIw!nr$nyFm>R0{1c_>3jbZemvEGw+_|}Y-PI{Z;UistQOOd{I$&l(f5Vf+N%%$
z->Iw~Uj3@qE=n)OKQM~F0)ZcgeQP426J)$p3MXDL?BWnW(7L-Hr*1D+1Yc=Q70^P%?^@bdW2ik|vdF)-*Z!;Ms?J&L(?eHPj
z5@k{Pl2`8(OC)k=vdSRqeX|nGt>S!ai|A3QydFL(MJLVgdNFz#mDNh~WF?a1=Pty<
z51D3Q(R22`lS4-!m5zU3yT*ElRNtvtfsaSp+}b?pakM=uz_3IcZqD9a!ATH
z_}<{<(!%5G3%=PC4oSxvy0?)RCA#fzmD6l}T~E=IeK*sbHEN#|)i#Xf3Km)Ep#bw{TIY
z;v@9dTbx$dB+6%NYUsoAg7=|2(#WhJrQYPLd4CGE8QJ-qPrJ*fyC~xP%DXbNVM*0N
zc6YPo!aZJ`oELXw7oVV=W}x9Ht);%+8i1s(aa6zpj(?l1L6}hOaij5*$Q`u~OPXQR
zrG|YJiRcZTrd#@%>#NA?7V81NL~3l@ds0~c{jp(%gG(fE`1yEyYD^_VkV`j2A5-|C
zl$Zy#&u}2b!4tR{-{hYLW_F0rJeiY&t8mS!w^`1S=5Q88spx1GUVYCl4nz@VjjihD
zCUNTKsV1$|=_`2v1AkBfQNCLE|
zriTW%zIAeLBx?pwhTl+;@_5XZyz8gYyHnBs3YfJc`F@h2iU?$k(w-we_2~$>w!VdD
zF(pytf`Li|rV8e`yxc8n^<)CCe60v2
zY3JT)4^)(xtK+ZJFhV!ZUO4JR$+?U?x4E2s!Ea9|NyurQJr-6OLgRn;q|S6Lh%9Dk
zLZa2DxiGevOY8EIC@T8xbwi~?SKfu@(#83Mi;bNlqc2bhl;gW&^?Wvep4#0A8Moxc
z$w{9Txha);?;Y=AU&kZ|DvdNck+S8(!&$dtE#qoGO}mPiI-MT#{_p!EDx_tP8@0Vk
zkzK6B!e?f4c^?qRIWKzTshs9{n-({OL651_DFB6aKt%q&_END_y1nS>6D>2_>krH3
zkY}#z0}3s9da2MdDoyTTtJC=_)Z`bZWA(&qhO75IhQN+PH}
zVq8zv%~*+hQYn66YwHIMo}ysh#-RbilIiyP`a~sS;TdtqhB@rCC(q~9fw1jbJPWD3
znPclPzn$bq)@iEK{QNAY@T$#s)uvwx8;|2oU5I}?59r8CeXdCG+;`&oXR3r?;?J8g
zLAeapKPtzOaK|!=#l`&P%4H&YahJ*P!Fnte828>3uU}uhF5bKPMX{0dcT~~QcG@DA
zTGRkNa$lHIKR%-9{L3RG&u^JudNJ!IeeJlcqdfg#&5
z>hl+zR5T_-OezTjThLy$nJ4rtnL8{>+Wt%z;T
z4s_bc(!S$dxOA<*0HgIfdWxy7bkp2fd^_=jNvb;*3&*ybuQoGbAK~6=@&@4u1l~u<
zh07N?@b&Ogg$NXXmpz-h6*d+TXM{NW=|xFD}&J4dKhrB{Dx?N`oTccgBq
zBEtSsz`jDNh~!P~R(7#Ai`D^`GQ{D@IS~`^9d~sIf>hFortatjMrTGf6H5J4tw2B<
zW)Cdl;D?m&z4;hkcWxI#Jy>+MsqgyO5Y`6L)3fx40*n&Xzvd}brg+F0fR8v8q^XHZ
z%-th^lSSQLhI;Q{d)OrUpY%nGYrT#E@7JNT{uu_2(Dl;M;=GK*e
zEle{fQfhU%+xDS(g=MM8T_r%Nlgo(T1v7T-B5xHuFPtM%vg(nrW!9nAXn!=XGNQ>GJV`m`a-nz4Y8e3-8vupB6vA$S#H
ze%j1eJgyDD&9HuOK!g}`*tjswU#{I~^Fqy@6BAN>O!h2fSYE-r^(RpK4$#oX=!N9P
z9?@y@sg5mFE`F&iSh)73HeuadU1>dV>%8M$Yu#R3qx6ptasc656vb5|?dvtd4900f
z*O$=zz`%L*l{~FuZV7Y3M&sAxg(k3Q1GHdNQ+6Gp87cY84}C4~9!T{>?Lo#pmdyTn
zBHOR!{iY1ORCqPqmHiu5avv8z_O{D0Wi)#RVi5seO0=;TWHrrJyFPp7)BOt87DGR*
z?l8k?>(8L+L5=rhb2_zXAYJgWm}5~nWFxX
zAJA3hUA2a?t;D%HN&8R!?HoRz%WB!w(i9ut
+