Framework/Helpers/WebRequestHelper.ps1

Set-StrictMode -Version Latest 
class WebRequestHelper {
   
    hidden static [string] $AzureManagementUri = "https://management.azure.com/";
    hidden static [string] $GraphApiUri = "https://graph.microsoft.com";
    hidden static [string] $ClassicManagementUri = "https://management.core.windows.net/";

    static [System.Object[]] InvokeGetWebRequest([string] $uri, [Hashtable] $headers) 
    {
        return [WebRequestHelper]::InvokeWebRequest([Microsoft.PowerShell.Commands.WebRequestMethod]::Get, $uri, $headers, $null);
    }

    static [System.Object[]] InvokeGetWebRequest([string] $uri) 
    {    
        return [WebRequestHelper]::InvokeGetWebRequest($uri, [WebRequestHelper]::GetAuthHeaderFromUri($uri));
    }
    
    hidden static [string] GetApplicationInsightsEndPoint()
    {
        $rmContext = [ContextHelper]::GetCurrentContext();
        $azureEnv= $rmContext.Environment.Name 
        if($azureEnv -eq "AzureUSGovernment")
        {
            return "https://dc.applicationinsights.us/v2/track"
        }
        elseif ($azureEnv -eq "AzureChinaCloud" ) {
            return "https://dc.applicationinsights.azure.cn/v2/track"
        }
        else {
            return "https://dc.services.visualstudio.com/v2/track"
        }
    }

    hidden static [string] GetLADataCollectorAPI()
    {
        $rmContext = [ContextHelper]::GetCurrentContext();
        $azureEnv= $rmContext.Environment.Name 
        if($azureEnv -eq "AzureUSGovernment")
        {
            return ".ods.opinsights.azure.us"
        }
        elseif ($azureEnv -eq "AzureChinaCloud" ) {
            return ".ods.opinsights.azure.cn"
        }
        else {
            return ".ods.opinsights.azure.com"
        }
    }

    hidden static [string] GetGraphUrl()
    {
        $rmContext = [ContextHelper]::GetCurrentContext();
        $azureEnv= $rmContext.Environment.Name 
        if(-not [string]::IsNullOrWhiteSpace($azureEnv) -and ($azureEnv -ne [Constants]::DefaultAzureEnvironment))
        {
        return [ContextHelper]::GetCurrentContext().Environment.GraphUrl
        }
        return "https://graph.microsoft.com"
    }

    hidden static [string] GetResourceManagerUrl()
    {
        $rmContext = [ContextHelper]::GetCurrentContext();
        $azureEnv= $rmContext.Environment.Name 
        if(-not [string]::IsNullOrWhiteSpace($azureEnv) -and ($azureEnv -ne [Constants]::DefaultAzureEnvironment))
        {
        return [ContextHelper]::GetCurrentContext().Environment.ResourceManagerUrl
        }
        return "https://management.azure.com/"
    }

    hidden static [string] GetServiceManagementUrl()
    {
        $rmContext = [ContextHelper]::GetCurrentContext();
        $azureEnv= $rmContext.Environment.Name 
        if(-not [string]::IsNullOrWhiteSpace($azureEnv) -and ($azureEnv -ne [Constants]::DefaultAzureEnvironment))
        {
        return [ContextHelper]::GetCurrentContext().Environment.ServiceManagementUrl
        }
        return "https://management.core.windows.net/"
    }

    hidden static [Hashtable] GetAuthHeaderFromUri([string] $uri)
    {
        [System.Uri] $validatedUri = $null;
        if([System.Uri]::TryCreate($uri, [System.UriKind]::Absolute, [ref] $validatedUri))
        {

            $token = [ContextHelper]::GetAccessToken($validatedUri.GetLeftPart([System.UriPartial]::Authority));

            # Validate if token is PAT using lenght (PAT has lengh of 52) else go with default bearer token
            if($token.length -eq 52)
            {
                $user = ""
                $base64AuthInfo = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(("{0}:{1}" -f $user,$token)))
                return @{
                    "Authorization"= ("Basic " + $base64AuthInfo); 
                    "Content-Type"="application/json"
                };
            }
            else {
                return @{
                    "Authorization"= ("Bearer " + $token); 
                    "Content-Type"="application/json"
                };
            }
            
        }
        
        return @{ "Content-Type"="application/json" };
    }

    hidden static [Hashtable] GetAuthHeaderFromUri([string] $uri, [bool] $isPatTokenGiven)
    {
        [System.Uri] $validatedUri = $null;
        if([System.Uri]::TryCreate($uri, [System.UriKind]::Absolute, [ref] $validatedUri))
        {

            $token = [ContextHelper]::GetAccessToken();

            # Validate if token is PAT using lenght (PAT has lengh of 52) else go with default bearer token
            if($token.length -eq 52)
            {
                $user = ""
                $base64AuthInfo = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(("{0}:{1}" -f $user,$token)))
                return @{
                    "Authorization"= ("Basic " + $base64AuthInfo); 
                    "Content-Type"="application/json"
                };
            }
            else {
                return @{
                    "Authorization"= ("Bearer " + $token); 
                    "Content-Type"="application/json"
                };
            }
            
        }
        
        return @{ "Content-Type"="application/json" };
    }

    hidden static [Hashtable] GetAuthHeaderFromUriPatch([string] $uri) {
        [System.Uri] $validatedUri = $null;
        if ([System.Uri]::TryCreate($uri, [System.UriKind]::Absolute, [ref] $validatedUri)) {

            $token = [ContextHelper]::GetAccessToken($validatedUri.GetLeftPart([System.UriPartial]::Authority));

            $user = ""
            $base64AuthInfo = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(("{0}:{1}" -f $user, $token)))
            return @{
                "Authorization" = ("Basic " + $base64AuthInfo)
                
            };
        }
        return @{};
    }

    static [System.Object[]] InvokePostWebRequest([string] $uri, [Hashtable] $headers, [System.Object] $body) 
    {
        return [WebRequestHelper]::InvokeWebRequest([Microsoft.PowerShell.Commands.WebRequestMethod]::Post, $uri, $headers, $body);
    }

    static [System.Object[]] InvokePostWebRequest([string] $uri, [System.Object] $body) 
    {
        return [WebRequestHelper]::InvokePostWebRequest($uri, [WebRequestHelper]::GetAuthHeaderFromUri($uri), $body);
    }

    static [System.Object[]] InvokeWebRequest([Microsoft.PowerShell.Commands.WebRequestMethod] $method, [string] $uri, [System.Object] $body) 
    {
        return [WebRequestHelper]::InvokeWebRequest($method, $uri, [WebRequestHelper]::GetAuthHeaderFromUri($uri), $body);
    }
    static [System.Object[]] InvokeWebRequest([Microsoft.PowerShell.Commands.WebRequestMethod] $method, [string] $uri, [Hashtable] $headers, [System.Object] $body) 
    {
        return [WebRequestHelper]::InvokeWebRequest($method, $uri, $headers, $body, $Null);
    }
    static [System.Object[]] InvokeWebRequest([Microsoft.PowerShell.Commands.WebRequestMethod] $method, [string] $uri, [Hashtable] $headers, [System.Object] $body, [string] $contentType) 
    {
        return [WebRequestHelper]::InvokeWebRequest($method, $uri, $headers, $body, $contentType, $false, $false) 
    }
    
    static [System.Object[]] InvokeWebRequest([Microsoft.PowerShell.Commands.WebRequestMethod] $method, [string] $uri, [Hashtable] $headers, [System.Object] $body, [string] $contentType, [Hashtable] $propertiesToReplace) 
    {
        $outputValues = @();
        [System.Uri] $validatedUri = $null;
        $orginalUri = "";
        while ([System.Uri]::TryCreate($uri, [System.UriKind]::Absolute, [ref] $validatedUri)) 
        {
            if([string]::IsNullOrWhiteSpace($orginalUri))
            {
                $orginalUri = $validatedUri.AbsoluteUri;
            }
            [int] $retryCount = 3
            $success = $false;
            while($retryCount -gt 0 -and -not $success)
            {
                $retryCount = $retryCount -1;
                try
                {
                    $requestResult = $null;
            
                    if ($method -eq [Microsoft.PowerShell.Commands.WebRequestMethod]::Get) 
                    {
                        $requestResult = Invoke-WebRequest -Method $method -Uri $validatedUri -Headers $headers -UseBasicParsing
                    }
                    elseif ($method -eq [Microsoft.PowerShell.Commands.WebRequestMethod]::Post -or $method -eq [Microsoft.PowerShell.Commands.WebRequestMethod]::Put) 
                    {
                        if($uri.EndsWith("`$batch"))
                        {
                            $requestResult = Invoke-WebRequest -Method $method -Uri $validatedUri -Headers $headers -Body $body -ContentType $contentType -UseBasicParsing
                            $success = $true
                            $uri = [string]::Empty
                        }
                        else
                        {
                            $requestResult = Invoke-WebRequest -Method $method -Uri $validatedUri -Headers $headers -Body ($body | ConvertTo-Json -Depth 10 -Compress) -UseBasicParsing
                        }
                    }    
                    else 
                    {
                        throw [System.ArgumentException] ("The web request method type '$method' is not supported.")
                    }        
            
                    if ($null -ne $requestResult -and $requestResult.StatusCode -ge 200 -and $requestResult.StatusCode -le 399) {
                        if (!$success -and $null -ne $requestResult.Content) {
                            $resultContent = $requestResult.Content
                            if($propertiesToReplace.Keys.Count -gt 0)
                            {
                                $propertiesToReplace.Keys  | Foreach-Object {
                                    $resultContent = $resultContent.ToString().Replace($_, $propertiesToReplace[$_])
                                }
                            }
                            $json = ConvertFrom-Json $resultContent
                            if ($null -ne $json) {
                                if (($json | Get-Member -Name "value") -and $json.value) {
                                    $outputValues += $json.value;
                                }
                                else {
                                    $outputValues += $json;
                                }
                        
                                if (($json | Get-Member -Name "nextLink") -and $json.nextLink) {
                                    $uri = $json.nextLink
                                }
                                elseif (($json | Get-Member -Name "@odata.nextLink") -and $json."@odata.nextLink")
                                {
                                    $uri = $json."@odata.nextLink"
                                }
                                elseif($requestResult.Headers.ContainsKey('x-ms-continuation-NextPartitionKey'))
                                {
                                    $nPKey = $requestResult.Headers["x-ms-continuation-NextPartitionKey"]
                                    $uri= $orginalUri + "&NextPartitionKey=$nPKey"
                                }
                                else {
                                    $uri = [string]::Empty;
                                }
                            }
                        }
                    }
                    $success = $true;
                }
                catch
                {
                    #eat the exception until it is in retry mode and throw once the retry is done
                    if($retryCount -eq 0)
                    {
                        if([Helpers]::CheckMember($_,"Exception.Response.StatusCode") -and  $_.Exception.Response.StatusCode -eq "Forbidden"){
                            throw ([SuppressedException]::new(("You do not have permission to view the requested resource."), [SuppressedExceptionType]::InvalidOperation))
                        }
                        elseif ([Helpers]::CheckMember($_,"Exception.Message")){
                            throw ([SuppressedException]::new(($_.Exception.Message.ToString()), [SuppressedExceptionType]::InvalidOperation))
                        }
                        else {
                            throw;
                        }
                    }                    
                }
            }
        }

        return $outputValues;
    }

    #method to get the raw response in a GET method
    static [System.Object[]] InvokeGetWebRequestRaw($url){
        return [WebRequestHelper]::InvokeWebRequest([Microsoft.PowerShell.Commands.WebRequestMethod]::Get, $url, [WebRequestHelper]::GetAuthHeaderFromUri($url), $null, $null, $false, $true); 
    }

    static [System.Object[]] InvokeWebRequest([Microsoft.PowerShell.Commands.WebRequestMethod] $method, [string] $uri, [Hashtable] $headers, [System.Object] $body, [string] $contentType, [bool] $isRetryRequired, [bool] $returnRawResponse) 
    {
        $outputValues = @();
        [System.Uri] $validatedUri = $null;
        $orginalUri = "";
        $skipCount = 0
        while ([System.Uri]::TryCreate($uri, [System.UriKind]::Absolute, [ref] $validatedUri)) 
        {
            [int] $retryCount = 1
            if($isRetryRequired)
            {
                $retryCount = 3
            }
            if([string]::IsNullOrWhiteSpace($orginalUri))
            {
                $orginalUri = $validatedUri.AbsoluteUri;
            }
            
            $success = $false;
            while($retryCount -gt 0 -and -not $success)
            {
                $retryCount = $retryCount -1;
                try
                {
                    $requestResult = $null;

                    #before making API call, check if previous API call was throttled and if we have any retry after value. Wait before making any new API call if required
                    [RateLimitHelper]::WaitIfNeeded($validatedUri);
            
                    if ($method -eq [Microsoft.PowerShell.Commands.WebRequestMethod]::Get) 
                    {
                        $requestResult = Invoke-WebRequest -Method $method -Uri $validatedUri -Headers $headers -UseBasicParsing
                    }
                    elseif ($method -eq [Microsoft.PowerShell.Commands.WebRequestMethod]::Post -or $method -eq [Microsoft.PowerShell.Commands.WebRequestMethod]::Put -or [Microsoft.PowerShell.Commands.WebRequestMethod]::Patch) 
                    {
                        if($uri.EndsWith("`$batch"))
                        {
                            $requestResult = Invoke-WebRequest -Method $method -Uri $validatedUri -Headers $headers -Body $body -ContentType $contentType -UseBasicParsing
                            $success = $true
                            $uri = [string]::Empty
                        }
                        elseif($uri.Contains("mspim") -or $uri.Contains("genevareference") -or $uri.Contains("loganalytics.io") -or $uri.Contains("1es.kusto.windows"))
                        {
                            $requestResult = Invoke-WebRequest -Method $method -Uri $validatedUri -Headers $headers -Body $body -ContentType $contentType -UseBasicParsing
                        }
                        else
                        {
                            $requestResult = Invoke-WebRequest -Method $method -Uri $validatedUri -Headers $headers -Body ($body | ConvertTo-Json -Depth 10 -Compress) -UseBasicParsing
                        }
                    }    
                    else 
                    {
                        throw [System.ArgumentException] ("The web request method type '$method' is not supported.")
                    }
                    
                    if($returnRawResponse)
                    {
                        return $requestResult
                    }
            
                    if ($null -ne $requestResult -and $requestResult.StatusCode -ge 200 -and $requestResult.StatusCode -le 399) {
                        if (!$success -and $null -ne $requestResult.Content) {
                            #check if this API call was throttled, store any appropriate headers for rate limiting for next API calls
                            [RateLimitHelper]::UpdateRateLimitEntity($requestResult, $validatedUri);
                            $json = ConvertFrom-Json $requestResult.Content
                            if ($null -ne $json) {
                                if (($json | Get-Member -Name "value") -and $json.value) {
                                    $outputValues += $json.value;
                                }
                                else {
                                    $outputValues += $json;
                                }
                        
                                if (($json | Get-Member -Name "nextLink") -and $json.nextLink) {
                                    $uri = $json.nextLink
                                }
                                elseif($requestResult.Headers.ContainsKey('x-ms-continuation-NextPartitionKey'))
                                {
                                    $nPKey = $requestResult.Headers["x-ms-continuation-NextPartitionKey"]
                                    $uri= $orginalUri + "&NextPartitionKey=$nPKey"                                    
                                    if($requestResult.Headers.ContainsKey('x-ms-continuation-NextRowKey'))
                                    {                                        
                                        $nxtPKey = $requestResult.Headers["x-ms-continuation-NextRowKey"]
                                        $uri+="&NextRowKey=$nxtPKey"                                    
                                    }                                    
                                }
                                elseif($requestResult.Headers.ContainsKey('x-ms-continuationtoken'))
                                {
                                    $nPKey = $requestResult.Headers["x-ms-continuationtoken"]
                                    #Azure devops API calls for different resource behave independently w.r.t continuationToken, we need to handle them separately
                                    # Pagination for build definitions always contains queryOrder
                                    if ($uri.Contains("build/definitions") -and $uri.Contains('queryOrder')) {
                                        # Handle the pagination for builds
                                        $skipCount = $skipCount+10000
                                        $uri= $orginalUri +"&%24skip="+$skipCount+ "&continuationToken="+$nPKey
                                    } 
                                    # Pagination for release definitions don't need queryOrder for pagination
                                    # $uri with $top returns continuation token, it should not continue further
                                    elseif ($uri.Contains("release/definitions") -and -not $uri.Contains('$top')){
                                        $uri= $orginalUri + "&continuationToken="+$nPKey
                                    }
                                    elseif ($uri.Contains("projects")){
                                        $uri= $orginalUri + "&continuationToken="+$nPKey
                                    }
                                    elseif($uri.Contains("auditservice")){
                                        $uri = $orginalUri+"&continuationToken="+$json.continuationToken
                                    }
                                    elseif($uri.Contains("testplan/plans") -or $uri.Contains("distributedtask/environments")){
                                        $uri = $orginalUri+"&continuationToken="+$nPKey
                                    }
                                    else {
                                        $uri = [string]::Empty;
                                    }
                                }
                                else {
                                    $uri = [string]::Empty;
                                }
                            }
                        }
                    }
                    $success = $true;
                }
                catch
                {
                    #eat the exception until it is in retry mode and throw once the retry is done
                    if($retryCount -eq 0)
                    {
                        if ($uri.Contains("mspim") -and [Helpers]::CheckMember($_,"ErrorDetails.Message"))
                        {
                            if( -not $returnRawResponse)
                            {
                                
                                    $err = $_.ErrorDetails.Message| ConvertFrom-Json
                                    throw ([SuppressedException]::new(($err), [SuppressedExceptionType]::Generic))
                                    
                                
                            }
                            else 
                            {                
                                throw $_;        
                            }
                            
                        }
                        elseif([Helpers]::CheckMember($_,"Exception.Response.StatusCode") -and  $_.Exception.Response.StatusCode -eq "Forbidden"){
                            if($uri.Contains("auditservice") -and $PSCmdlet.MyInvocation.BoundParameters.ContainsKey('IncrementalScan')){
                                Write-Host "You do not have the permissions to view audit logs. Results from incremental scan may not be accurate." -ForegroundColor Yellow
                            }
                            throw ([SuppressedException]::new(("You do not have permission to view the requested resource."), [SuppressedExceptionType]::InvalidOperation))
                        }
                        elseif ([Helpers]::CheckMember($_,"Exception.Message")){
                            throw ([SuppressedException]::new(($_.Exception.Message.ToString()), [SuppressedExceptionType]::InvalidOperation))
                        }
                        
                        else {
                            throw;
                        }
                    }                    
                }
            }
        }

        return $outputValues;
    }    
    
    #only for builds and releases as of now
    static [System.Object[]] InvokeWebRequestForResourcesInBatch([string] $validatedUri,[string]$originalUri,[int] $skipCount,[string] $resourceType){
        $outputValues = @();
        $success = $false;
        [int] $retryCount=3;
        while($retryCount -gt 0 -and -not $success){
            $retryCount=$retryCount-1;
        
        try{
            
            $headers=[WebRequestHelper]::GetAuthHeaderFromUri($validatedUri)
            $requestResult = Invoke-WebRequest -Method Get -Uri $validatedUri -Headers $headers -UseBasicParsing
            
            if ($null -ne $requestResult -and $requestResult.StatusCode -ge 200 -and $requestResult.StatusCode -le 399) {
                if ($null -ne $requestResult.Content) {
                    $json = ConvertFrom-Json $requestResult.Content
                    if ($null -ne $json) {
                        if (($json | Get-Member -Name "value") -and $json.value) {
                            $outputValues += $json.value;
                        }
                        else {
                            $outputValues += $json;
                        }
                        if($requestResult.Headers.ContainsKey('x-ms-continuationtoken')){
                            $nPKey = $requestResult.Headers["x-ms-continuationtoken"]
                            if($resourceType -eq "build"){
                                $originalUri= $originalUri +"&%24skip="+$skipCount+ "&continuationToken="+$nPKey
                            }
                            else {
                                $originalUri= $originalUri +"&continuationToken="+$nPKey
                            
                            }                                                
                            
                        }
                        else {
                            $originalUri = [string]::Empty;
                        }
                    }
                }
            }
            $success=$true;
        }
        catch{
            if ($originalUri.Contains("mspim") -and [Helpers]::CheckMember($_, "ErrorDetails.Message")) {        
                $err = $_.ErrorDetails.Message | ConvertFrom-Json
                throw ([SuppressedException]::new(($err), [SuppressedExceptionType]::Generic))                
            }
            elseif ([Helpers]::CheckMember($_, "Exception.Response.StatusCode") -and $_.Exception.Response.StatusCode -eq "Forbidden") {
                throw ([SuppressedException]::new(("You do not have permission to view the requested resource."), [SuppressedExceptionType]::InvalidOperation))
            }
            elseif ([Helpers]::CheckMember($_, "Exception.Message")) {
                throw ([SuppressedException]::new(($_.Exception.Message.ToString()), [SuppressedExceptionType]::InvalidOperation))
            }                
            else {
                throw;
            }
        }    
        }                
            return $outputValues,$originalUri;
    }
    static [System.Object[]] InvokeWebRequestForContinuationToken([string] $validatedUri,[string] $originalUri,$skipCount,$resourceType){
        
        $success = $false;
        [int] $retryCount=3;
        $continuationToken=$null;
        $outputValues=@();
        while($retryCount -gt 0 -and -not $success){
            $retryCount=$retryCount-1;
        
        try{
            
            $headers=[WebRequestHelper]::GetAuthHeaderFromUri($validatedUri,$true)
            $requestResult = Invoke-WebRequest -Method Get -Uri $validatedUri -Headers $headers -UseBasicParsing
            
            if ($null -ne $requestResult -and $requestResult.StatusCode -ge 200 -and $requestResult.StatusCode -le 399) {
                if ($null -ne $requestResult.Content) {
                    $json = ConvertFrom-Json $requestResult.Content
                    if ($null -ne $json) {
                        if( $null -eq $skipCount){
                        if (($json | Get-Member -Name "value") -and $json.value) {
                            $outputValues += $json.value;
                        }
                        else {
                            $outputValues += $json;
                        }
                    }
                    if($requestResult.Headers.ContainsKey('x-ms-continuationtoken')){
                        $nPKey = $requestResult.Headers["x-ms-continuationtoken"]
                        $continuationToken=$nPKey;
                        if($resourceType -eq "build" -and $null -ne $skipCount ){
                            $originalUri= $originalUri +"&%24skip="+$skipCount+ "&continuationToken="+$nPKey
                        }
                        elseif($resourceType -eq "release") {
                            $originalUri= $originalUri +"&continuationToken="+$nPKey
                        
                        }
                        
                                
                    }
                    else {
                        $originalUri = [string]::Empty;
                        $continuationToken="";
                    }
                }
                }
            }
        $success=$true;
        }
        catch{
            if ($originalUri.Contains("mspim") -and [Helpers]::CheckMember($_, "ErrorDetails.Message")) {        
                $err = $_.ErrorDetails.Message | ConvertFrom-Json
                throw ([SuppressedException]::new(($err), [SuppressedExceptionType]::Generic))                
            }
            elseif ([Helpers]::CheckMember($_, "Exception.Response.StatusCode") -and $_.Exception.Response.StatusCode -eq "Forbidden") {
                throw ([SuppressedException]::new(("You do not have permission to view the requested resource."), [SuppressedExceptionType]::InvalidOperation))
            }
            elseif ([Helpers]::CheckMember($_, "Exception.Message")) {
                throw ([SuppressedException]::new(($_.Exception.Message.ToString()), [SuppressedExceptionType]::InvalidOperation))
            }                
            else {
                throw;
            }
        }    
        }                
            return $continuationToken,$originalUri,$outputValues;
    }

}

# SIG # Begin signature block
# MIInuAYJKoZIhvcNAQcCoIInqTCCJ6UCAQExDzANBglghkgBZQMEAgEFADB5Bgor
# BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG
# KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCDeIklDmHLUwGZE
# f2l8lofsdYbWA7KE+eRGpr8eYKsI5KCCDYEwggX/MIID56ADAgECAhMzAAACUosz
# qviV8znbAAAAAAJSMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD
# VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy
# b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p
# bmcgUENBIDIwMTEwHhcNMjEwOTAyMTgzMjU5WhcNMjIwOTAxMTgzMjU5WjB0MQsw
# CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u
# ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy
# b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
# AQDQ5M+Ps/X7BNuv5B/0I6uoDwj0NJOo1KrVQqO7ggRXccklyTrWL4xMShjIou2I
# sbYnF67wXzVAq5Om4oe+LfzSDOzjcb6ms00gBo0OQaqwQ1BijyJ7NvDf80I1fW9O
# L76Kt0Wpc2zrGhzcHdb7upPrvxvSNNUvxK3sgw7YTt31410vpEp8yfBEl/hd8ZzA
# v47DCgJ5j1zm295s1RVZHNp6MoiQFVOECm4AwK2l28i+YER1JO4IplTH44uvzX9o
# RnJHaMvWzZEpozPy4jNO2DDqbcNs4zh7AWMhE1PWFVA+CHI/En5nASvCvLmuR/t8
# q4bc8XR8QIZJQSp+2U6m2ldNAgMBAAGjggF+MIIBejAfBgNVHSUEGDAWBgorBgEE
# AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQUNZJaEUGL2Guwt7ZOAu4efEYXedEw
# UAYDVR0RBEkwR6RFMEMxKTAnBgNVBAsTIE1pY3Jvc29mdCBPcGVyYXRpb25zIFB1
# ZXJ0byBSaWNvMRYwFAYDVQQFEw0yMzAwMTIrNDY3NTk3MB8GA1UdIwQYMBaAFEhu
# ZOVQBdOCqhc3NyK1bajKdQKVMFQGA1UdHwRNMEswSaBHoEWGQ2h0dHA6Ly93d3cu
# bWljcm9zb2Z0LmNvbS9wa2lvcHMvY3JsL01pY0NvZFNpZ1BDQTIwMTFfMjAxMS0w
# Ny0wOC5jcmwwYQYIKwYBBQUHAQEEVTBTMFEGCCsGAQUFBzAChkVodHRwOi8vd3d3
# Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NlcnRzL01pY0NvZFNpZ1BDQTIwMTFfMjAx
# MS0wNy0wOC5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAgEAFkk3
# uSxkTEBh1NtAl7BivIEsAWdgX1qZ+EdZMYbQKasY6IhSLXRMxF1B3OKdR9K/kccp
# kvNcGl8D7YyYS4mhCUMBR+VLrg3f8PUj38A9V5aiY2/Jok7WZFOAmjPRNNGnyeg7
# l0lTiThFqE+2aOs6+heegqAdelGgNJKRHLWRuhGKuLIw5lkgx9Ky+QvZrn/Ddi8u
# TIgWKp+MGG8xY6PBvvjgt9jQShlnPrZ3UY8Bvwy6rynhXBaV0V0TTL0gEx7eh/K1
# o8Miaru6s/7FyqOLeUS4vTHh9TgBL5DtxCYurXbSBVtL1Fj44+Od/6cmC9mmvrti
# yG709Y3Rd3YdJj2f3GJq7Y7KdWq0QYhatKhBeg4fxjhg0yut2g6aM1mxjNPrE48z
# 6HWCNGu9gMK5ZudldRw4a45Z06Aoktof0CqOyTErvq0YjoE4Xpa0+87T/PVUXNqf
# 7Y+qSU7+9LtLQuMYR4w3cSPjuNusvLf9gBnch5RqM7kaDtYWDgLyB42EfsxeMqwK
# WwA+TVi0HrWRqfSx2olbE56hJcEkMjOSKz3sRuupFCX3UroyYf52L+2iVTrda8XW
# esPG62Mnn3T8AuLfzeJFuAbfOSERx7IFZO92UPoXE1uEjL5skl1yTZB3MubgOA4F
# 8KoRNhviFAEST+nG8c8uIsbZeb08SeYQMqjVEmkwggd6MIIFYqADAgECAgphDpDS
# AAAAAAADMA0GCSqGSIb3DQEBCwUAMIGIMQswCQYDVQQGEwJVUzETMBEGA1UECBMK
# V2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0
# IENvcnBvcmF0aW9uMTIwMAYDVQQDEylNaWNyb3NvZnQgUm9vdCBDZXJ0aWZpY2F0
# ZSBBdXRob3JpdHkgMjAxMTAeFw0xMTA3MDgyMDU5MDlaFw0yNjA3MDgyMTA5MDla
# MH4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdS
# ZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMT
# H01pY3Jvc29mdCBDb2RlIFNpZ25pbmcgUENBIDIwMTEwggIiMA0GCSqGSIb3DQEB
# AQUAA4ICDwAwggIKAoICAQCr8PpyEBwurdhuqoIQTTS68rZYIZ9CGypr6VpQqrgG
# OBoESbp/wwwe3TdrxhLYC/A4wpkGsMg51QEUMULTiQ15ZId+lGAkbK+eSZzpaF7S
# 35tTsgosw6/ZqSuuegmv15ZZymAaBelmdugyUiYSL+erCFDPs0S3XdjELgN1q2jz
# y23zOlyhFvRGuuA4ZKxuZDV4pqBjDy3TQJP4494HDdVceaVJKecNvqATd76UPe/7
# 4ytaEB9NViiienLgEjq3SV7Y7e1DkYPZe7J7hhvZPrGMXeiJT4Qa8qEvWeSQOy2u
# M1jFtz7+MtOzAz2xsq+SOH7SnYAs9U5WkSE1JcM5bmR/U7qcD60ZI4TL9LoDho33
# X/DQUr+MlIe8wCF0JV8YKLbMJyg4JZg5SjbPfLGSrhwjp6lm7GEfauEoSZ1fiOIl
# XdMhSz5SxLVXPyQD8NF6Wy/VI+NwXQ9RRnez+ADhvKwCgl/bwBWzvRvUVUvnOaEP
# 6SNJvBi4RHxF5MHDcnrgcuck379GmcXvwhxX24ON7E1JMKerjt/sW5+v/N2wZuLB
# l4F77dbtS+dJKacTKKanfWeA5opieF+yL4TXV5xcv3coKPHtbcMojyyPQDdPweGF
# RInECUzF1KVDL3SV9274eCBYLBNdYJWaPk8zhNqwiBfenk70lrC8RqBsmNLg1oiM
# CwIDAQABo4IB7TCCAekwEAYJKwYBBAGCNxUBBAMCAQAwHQYDVR0OBBYEFEhuZOVQ
# BdOCqhc3NyK1bajKdQKVMBkGCSsGAQQBgjcUAgQMHgoAUwB1AGIAQwBBMAsGA1Ud
# DwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFHItOgIxkEO5FAVO
# 4eqnxzHRI4k0MFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwubWljcm9zb2Z0
# LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL01pY1Jvb0NlckF1dDIwMTFfMjAxMV8wM18y
# Mi5jcmwwXgYIKwYBBQUHAQEEUjBQME4GCCsGAQUFBzAChkJodHRwOi8vd3d3Lm1p
# Y3Jvc29mdC5jb20vcGtpL2NlcnRzL01pY1Jvb0NlckF1dDIwMTFfMjAxMV8wM18y
# Mi5jcnQwgZ8GA1UdIASBlzCBlDCBkQYJKwYBBAGCNy4DMIGDMD8GCCsGAQUFBwIB
# FjNodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2RvY3MvcHJpbWFyeWNw
# cy5odG0wQAYIKwYBBQUHAgIwNB4yIB0ATABlAGcAYQBsAF8AcABvAGwAaQBjAHkA
# XwBzAHQAYQB0AGUAbQBlAG4AdAAuIB0wDQYJKoZIhvcNAQELBQADggIBAGfyhqWY
# 4FR5Gi7T2HRnIpsLlhHhY5KZQpZ90nkMkMFlXy4sPvjDctFtg/6+P+gKyju/R6mj
# 82nbY78iNaWXXWWEkH2LRlBV2AySfNIaSxzzPEKLUtCw/WvjPgcuKZvmPRul1LUd
# d5Q54ulkyUQ9eHoj8xN9ppB0g430yyYCRirCihC7pKkFDJvtaPpoLpWgKj8qa1hJ
# Yx8JaW5amJbkg/TAj/NGK978O9C9Ne9uJa7lryft0N3zDq+ZKJeYTQ49C/IIidYf
# wzIY4vDFLc5bnrRJOQrGCsLGra7lstnbFYhRRVg4MnEnGn+x9Cf43iw6IGmYslmJ
# aG5vp7d0w0AFBqYBKig+gj8TTWYLwLNN9eGPfxxvFX1Fp3blQCplo8NdUmKGwx1j
# NpeG39rz+PIWoZon4c2ll9DuXWNB41sHnIc+BncG0QaxdR8UvmFhtfDcxhsEvt9B
# xw4o7t5lL+yX9qFcltgA1qFGvVnzl6UJS0gQmYAf0AApxbGbpT9Fdx41xtKiop96
# eiL6SJUfq/tHI4D1nvi/a7dLl+LrdXga7Oo3mXkYS//WsyNodeav+vyL6wuA6mk7
# r/ww7QRMjt/fdW1jkT3RnVZOT7+AVyKheBEyIXrvQQqxP/uozKRdwaGIm1dxVk5I
# RcBCyZt2WwqASGv9eZ/BvW1taslScxMNelDNMYIZjTCCGYkCAQEwgZUwfjELMAkG
# A1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQx
# HjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEoMCYGA1UEAxMfTWljcm9z
# b2Z0IENvZGUgU2lnbmluZyBQQ0EgMjAxMQITMwAAAlKLM6r4lfM52wAAAAACUjAN
# BglghkgBZQMEAgEFAKCBrjAZBgkqhkiG9w0BCQMxDAYKKwYBBAGCNwIBBDAcBgor
# BgEEAYI3AgELMQ4wDAYKKwYBBAGCNwIBFTAvBgkqhkiG9w0BCQQxIgQgM+IsTo5l
# JKudPSHb91L8oPvAtavxOD/3TYfl2sgBNFgwQgYKKwYBBAGCNwIBDDE0MDKgFIAS
# AE0AaQBjAHIAbwBzAG8AZgB0oRqAGGh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbTAN
# BgkqhkiG9w0BAQEFAASCAQBNeGM9GcIAX58jVFJs6A636JVUY5rrJIURzq5qkYx8
# qSiWiNLXt6eP42kZ2LeYZRmtQhRZeo1+jHUbGjysB/GMKecQtyImmS0/akjHaGSl
# A6yfp4slF3McBXmrAADErbHR9IAsxs+vtuxPmvsGAuJRExLIEiWFKH6WjjHfCa6U
# 7gNGKxAdocGn4trTmjhYJCe9QSrnOksyAZ4/23ziuCoekMq4TJ3z5NXPefBMvCA7
# gsc47e5oS4i5KcmxMUf9BZp44IKm2iMR2AKYQr+F4mCBcNTiHA9tF70cbXRo+Tnr
# VDOr6O2RQm8IfwrzADkJlJn3an3BVD1C/x2guTNQUKmsoYIXFzCCFxMGCisGAQQB
# gjcDAwExghcDMIIW/wYJKoZIhvcNAQcCoIIW8DCCFuwCAQMxDzANBglghkgBZQME
# AgEFADCCAVgGCyqGSIb3DQEJEAEEoIIBRwSCAUMwggE/AgEBBgorBgEEAYRZCgMB
# MDEwDQYJYIZIAWUDBAIBBQAEIC+tzaWbD713l5Hw4KaovWBd+KANc3WJZVTIC6K5
# pYWwAgZiF5bsK/cYEjIwMjIwMzE1MDgzNTE0LjY3WjAEgAIB9KCB2KSB1TCB0jEL
# MAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1v
# bmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEtMCsGA1UECxMkTWlj
# cm9zb2Z0IElyZWxhbmQgT3BlcmF0aW9ucyBMaW1pdGVkMSYwJAYDVQQLEx1UaGFs
# ZXMgVFNTIEVTTjpEMDgyLTRCRkQtRUVCQTElMCMGA1UEAxMcTWljcm9zb2Z0IFRp
# bWUtU3RhbXAgU2VydmljZaCCEWcwggcUMIIE/KADAgECAhMzAAABj/NRqOtact3M
# AAEAAAGPMA0GCSqGSIb3DQEBCwUAMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpX
# YXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQg
# Q29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAy
# MDEwMB4XDTIxMTAyODE5Mjc0NloXDTIzMDEyNjE5Mjc0NlowgdIxCzAJBgNVBAYT
# AlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYD
# VQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xLTArBgNVBAsTJE1pY3Jvc29mdCBJ
# cmVsYW5kIE9wZXJhdGlvbnMgTGltaXRlZDEmMCQGA1UECxMdVGhhbGVzIFRTUyBF
# U046RDA4Mi00QkZELUVFQkExJTAjBgNVBAMTHE1pY3Jvc29mdCBUaW1lLVN0YW1w
# IFNlcnZpY2UwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCZVz7+tc8X
# HoWTj4Kkuu5sOstNrdC4AdFVe7L7OzFfCSiCRPRr5da4FpvAfKqPxFGJlBC929s6
# rk1ETE54eJoK2RSxDTYRIB70LP6WgE22x8Krzjq7ei1YcImWqS8OtKvuYwGrBxFj
# tx+EAZ8u+WkxKiOgCeTtF6P6NwmdjEh43fgXeH0nAA1jfrSgZgIhLuks6ixZX5vG
# 6D26JNlgT9dyXJg0Xpd3Nn/MP/hTmnFPgxlCbMEa8Oz7xwN0D+y1l+P+vL6LRdRg
# 0U+G6pz5QqTCb9c0cH4IOwZCX5lLQZxtRS6fhU9OEcmbqZEDAvnLzOm1YQihxtN5
# FJOZmdRraJgfYQ4FXt4KPHRJ1vqQtzXF0VFyQN5AZHgnXIXLJu5mxQ/zHR06wQSg
# tC46G4qUMtASDsPpnGZkmdLwHTd7CT9KlUuqxvrpTarIXgHAO3W5mSMRnt+KcihS
# BLPgHt9Ytgh47Y4JjEgTRe/CxWin0+9NdNm0Y/POYdTvncZqsrK4zqhr+ppPNi+s
# B9RvspiG9VArEZQ+Qv354qIzsbSp6ckIWtfNk/BFahxwBHfc+E0S67PMpkUngN5p
# MIuD/y4rRDhCMVF5/mfgf7YpAgSJtnvMh4FfeOCysgJvPNKbRBfdJFWZkf/8Cqnx
# jGTBygjVYIGLO/zjP16rBEF1Dgdhw1tAwwIDAQABo4IBNjCCATIwHQYDVR0OBBYE
# FPMG5nRrrknO4qHOhZvbl/s3I3G8MB8GA1UdIwQYMBaAFJ+nFV0AXmJdg/Tl0mWn
# G1M1GelyMF8GA1UdHwRYMFYwVKBSoFCGTmh0dHA6Ly93d3cubWljcm9zb2Z0LmNv
# bS9wa2lvcHMvY3JsL01pY3Jvc29mdCUyMFRpbWUtU3RhbXAlMjBQQ0ElMjAyMDEw
# KDEpLmNybDBsBggrBgEFBQcBAQRgMF4wXAYIKwYBBQUHMAKGUGh0dHA6Ly93d3cu
# bWljcm9zb2Z0LmNvbS9wa2lvcHMvY2VydHMvTWljcm9zb2Z0JTIwVGltZS1TdGFt
# cCUyMFBDQSUyMDIwMTAoMSkuY3J0MAwGA1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYI
# KwYBBQUHAwgwDQYJKoZIhvcNAQELBQADggIBAM1/06j3PKELmfWMLyJTs0ljf0WL
# OOHFnAlslj9i3CfremUyVNJoGl6tqfnrp+5GiMYlK/cTBmz5Gu45TZP9lEPHhUd6
# wse1yUTwaYwzWpMxpk8vwjYWtGZ/k6ingapzE100QIEKVVmafQrMV08ypFrn/RHo
# KaComHSa68iaKSAe5u+iGxq88TLIdBr3gcPj8s0p39ghoIoo/P1IDl8BrimFDgS/
# PZq5j1JSW4h3kwr0flyNZXAHEK9gAP7UJb3PsayEmU2OoG9a0o7onQB6Z+DrPbyD
# upzsb+0K2uUfj/LbvL6y27BZc2/B2xJ3WW8HgzrcC4yX1inpq79cWScbMk8Xqf+5
# ZHomFC/OHjQguB5OEuZiF/zP5oNvivY4EsbU/YHpoJNbZhCS3tOlSfMjRwoavbXc
# Jsq0aT844gdKwM7FqyZ4Yn4WJQkKJXXnCHdplP9VP8+Qv0TiEMEDAa3j0bzyBII7
# TH2N90NlZ1YZsQteVKYDcQ/h5NirtGuiVjTgbx8a0XSnO5m7jcDb3Noj2Uivm6Up
# HPwShAdTpy7Q/FTDQH0fxwCS9DFoy6ZFn/h8Juo1vhNw+Q9xY4jbhBiW+lu1P2nf
# V+VgSWZznCMamUCTL+eQlxPQdkQ1d6fFa0++3iByiqml4k8DdL/UPnsovfrrt6ki
# vTJXb3QTai1lsBbwMIIHcTCCBVmgAwIBAgITMwAAABXF52ueAptJmQAAAAAAFTAN
# BgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0
# b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3Jh
# dGlvbjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9y
# aXR5IDIwMTAwHhcNMjEwOTMwMTgyMjI1WhcNMzAwOTMwMTgzMjI1WjB8MQswCQYD
# VQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEe
# MBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3Nv
# ZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC
# AgoCggIBAOThpkzntHIhC3miy9ckeb0O1YLT/e6cBwfSqWxOdcjKNVf2AX9sSuDi
# vbk+F2Az/1xPx2b3lVNxWuJ+Slr+uDZnhUYjDLWNE893MsAQGOhgfWpSg0S3po5G
# awcU88V29YZQ3MFEyHFcUTE3oAo4bo3t1w/YJlN8OWECesSq/XJprx2rrPY2vjUm
# ZNqYO7oaezOtgFt+jBAcnVL+tuhiJdxqD89d9P6OU8/W7IVWTe/dvI2k45GPsjks
# UZzpcGkNyjYtcI4xyDUoveO0hyTD4MmPfrVUj9z6BVWYbWg7mka97aSueik3rMvr
# g0XnRm7KMtXAhjBcTyziYrLNueKNiOSWrAFKu75xqRdbZ2De+JKRHh09/SDPc31B
# mkZ1zcRfNN0Sidb9pSB9fvzZnkXftnIv231fgLrbqn427DZM9ituqBJR6L8FA6PR
# c6ZNN3SUHDSCD/AQ8rdHGO2n6Jl8P0zbr17C89XYcz1DTsEzOUyOArxCaC4Q6oRR
# RuLRvWoYWmEBc8pnol7XKHYC4jMYctenIPDC+hIK12NvDMk2ZItboKaDIV1fMHSR
# lJTYuVD5C4lh8zYGNRiER9vcG9H9stQcxWv2XFJRXRLbJbqvUAV6bMURHXLvjflS
# xIUXk8A8FdsaN8cIFRg/eKtFtvUeh17aj54WcmnGrnu3tz5q4i6tAgMBAAGjggHd
# MIIB2TASBgkrBgEEAYI3FQEEBQIDAQABMCMGCSsGAQQBgjcVAgQWBBQqp1L+ZMSa
# voKRPEY1Kc8Q/y8E7jAdBgNVHQ4EFgQUn6cVXQBeYl2D9OXSZacbUzUZ6XIwXAYD
# VR0gBFUwUzBRBgwrBgEEAYI3TIN9AQEwQTA/BggrBgEFBQcCARYzaHR0cDovL3d3
# dy5taWNyb3NvZnQuY29tL3BraW9wcy9Eb2NzL1JlcG9zaXRvcnkuaHRtMBMGA1Ud
# JQQMMAoGCCsGAQUFBwMIMBkGCSsGAQQBgjcUAgQMHgoAUwB1AGIAQwBBMAsGA1Ud
# DwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFNX2VsuP6KJcYmjR
# PZSQW9fOmhjEMFYGA1UdHwRPME0wS6BJoEeGRWh0dHA6Ly9jcmwubWljcm9zb2Z0
# LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL01pY1Jvb0NlckF1dF8yMDEwLTA2LTIzLmNy
# bDBaBggrBgEFBQcBAQROMEwwSgYIKwYBBQUHMAKGPmh0dHA6Ly93d3cubWljcm9z
# b2Z0LmNvbS9wa2kvY2VydHMvTWljUm9vQ2VyQXV0XzIwMTAtMDYtMjMuY3J0MA0G
# CSqGSIb3DQEBCwUAA4ICAQCdVX38Kq3hLB9nATEkW+Geckv8qW/qXBS2Pk5HZHix
# BpOXPTEztTnXwnE2P9pkbHzQdTltuw8x5MKP+2zRoZQYIu7pZmc6U03dmLq2HnjY
# Ni6cqYJWAAOwBb6J6Gngugnue99qb74py27YP0h1AdkY3m2CDPVtI1TkeFN1JFe5
# 3Z/zjj3G82jfZfakVqr3lbYoVSfQJL1AoL8ZthISEV09J+BAljis9/kpicO8F7BU
# hUKz/AyeixmJ5/ALaoHCgRlCGVJ1ijbCHcNhcy4sa3tuPywJeBTpkbKpW99Jo3QM
# vOyRgNI95ko+ZjtPu4b6MhrZlvSP9pEB9s7GdP32THJvEKt1MMU0sHrYUP4KWN1A
# PMdUbZ1jdEgssU5HLcEUBHG/ZPkkvnNtyo4JvbMBV0lUZNlz138eW0QBjloZkWsN
# n6Qo3GcZKCS6OEuabvshVGtqRRFHqfG3rsjoiV5PndLQTHa1V1QJsWkBRH58oWFs
# c/4Ku+xBZj1p/cvBQUl+fpO+y/g75LcVv7TOPqUxUYS8vwLBgqJ7Fx0ViY1w/ue1
# 0CgaiQuPNtq6TPmb/wrpNPgkNWcr4A245oyZ1uEi6vAnQj0llOZ0dFtq0Z4+7X6g
# MTN9vMvpe784cETRkPHIqzqKOghif9lwY1NNje6CbaUFEMFxBmoQtB1VM1izoXBm
# 8qGCAtYwggI/AgEBMIIBAKGB2KSB1TCB0jELMAkGA1UEBhMCVVMxEzARBgNVBAgT
# Cldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29m
# dCBDb3Jwb3JhdGlvbjEtMCsGA1UECxMkTWljcm9zb2Z0IElyZWxhbmQgT3BlcmF0
# aW9ucyBMaW1pdGVkMSYwJAYDVQQLEx1UaGFsZXMgVFNTIEVTTjpEMDgyLTRCRkQt
# RUVCQTElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAgU2VydmljZaIjCgEB
# MAcGBSsOAwIaAxUAPk0vggR250gHB0agJpXRYFtBmmqggYMwgYCkfjB8MQswCQYD
# VQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEe
# MBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3Nv
# ZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDANBgkqhkiG9w0BAQUFAAIFAOXad5IwIhgP
# MjAyMjAzMTUxMDI1MjJaGA8yMDIyMDMxNjEwMjUyMlowdjA8BgorBgEEAYRZCgQB
# MS4wLDAKAgUA5dp3kgIBADAJAgEAAgF+AgH/MAcCAQACAhHOMAoCBQDl28kSAgEA
# MDYGCisGAQQBhFkKBAIxKDAmMAwGCisGAQQBhFkKAwKgCjAIAgEAAgMHoSChCjAI
# AgEAAgMBhqAwDQYJKoZIhvcNAQEFBQADgYEAOrqs9j1HoocsBouchIrl06PNNNJ+
# ko1crJmdc/TA20jxG9ADpmoJO7KmngiXEoMcmp8GC+gqv5j6CxYpdNeiPN069NxT
# 8WzUpAYrutS/S8SCjbpKfmVErMhCxDF5nRf+BJGxeuVVvqTkz9QkF/dWDuIztrcq
# 0w9sV9tzXSmnb0sxggQNMIIECQIBATCBkzB8MQswCQYDVQQGEwJVUzETMBEGA1UE
# CBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9z
# b2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQ
# Q0EgMjAxMAITMwAAAY/zUajrWnLdzAABAAABjzANBglghkgBZQMEAgEFAKCCAUow
# GgYJKoZIhvcNAQkDMQ0GCyqGSIb3DQEJEAEEMC8GCSqGSIb3DQEJBDEiBCAaKZFU
# pUKyATgSFzM1R/LQCpWHb+4ioebHuirg/2Aj1TCB+gYLKoZIhvcNAQkQAi8xgeow
# gecwgeQwgb0EIJdyBU/ixsYLlY4ipttiLZjunRQ1lvJ0obujuoPMhccfMIGYMIGA
# pH4wfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcT
# B1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UE
# AxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTACEzMAAAGP81Go61py3cwA
# AQAAAY8wIgQgPDL/DHu2XgCHngGk7N2p44YGNArU33CdTMiGylhd6RwwDQYJKoZI
# hvcNAQELBQAEggIAG7rtO3cJ4T9/+lMByK9bRla7ye3Ha6N/kC+Decenwnatnc7v
# L+wn2YPxEMX0l14otkQ41HZ98pktIXHBoAdOvBfohty6Yu1k7TztAuZScb5dh5aQ
# BcGZOFPAlxEqRjh3rtZ9n91smbjOh1gzCdr3n1xgPhSPIx/pU47zUErpomB/Y46O
# rH+v69UywaPyxrlusu1iA3/hUF3LAjpl9IqKabJZXpWOOF0wl290qtQ2t1XCS97T
# v6LPDnPMSouQiCTRjvZlTsruXmXK4M2oEP7PHKx3n0ikTZLkTZQMDmPZdofFQ7Is
# MDWE6VAchA7dO76LLMK5k3qR4pi2Fg5BybhoqmCEZufFJAXBGBk0T7PYw24c/qa+
# 4S3DYc9qUPf0GpzR/8TgDT6YE8aYGUrtwbEepbDLmC58DgTY/4U4S6vXF8zFq4cY
# A29savIoBTnUGr0rperDA3vhk7ZO4ZYTc5ZlZdzJmh2ul6Q1tM/z7Ds0OmEWAeON
# pd/iJOtBa7V3ijoDuf0w/FgDvWcT140YeCr3MNK8K2pBmiPcIHvFrCdlVrekiSdo
# 5wQWy8jKBNRuDOemC3zFsr5D0OHzUNHBj7E/amZMRDsWNs7+TAybfAbJMVS6Jch6
# HtBHFpEqvQJWFz3CKmycvAU8FWeqnMnrkKo6JkROx4J4nxxOtlMaViVyJJM=
# SIG # End signature block