Internal/Collector/AzureAD/Get-AADConditionalAccessSplit.ps1

Function Get-AADConditionalAccessSplit(){
    <#
    .SYNOPSIS
    This function is used to get the all conditional access policies from the Graph API REST interface
    .DESCRIPTION
    The function connects to the Graph API Interface and gets the conditional access policies
    .EXAMPLE
    Get-AADConditionalAccessSplit
    Returns the Conditional Access Policies in Azure AD
    .NOTES
    NAME: Get-AADConditionalAccessSplit
    #>

    [OutputType('DocSection')]
    [cmdletbinding()]
    param()

    $DocSec = New-Object DocSection

    $DocSec.Title = "Conditional Access Policies"
    $DocSec.Text = "This section contains a list of all conditional Access policies configured in Azure AD."

    $ReturnObj = @()

    $Policies = Invoke-DocGraph -Path "/identity/conditionalAccess/policies" -Beta 
    foreach($CAPolicy in $Policies.Value){

        $DocSecSingle = New-Object DocSection
        $DocSecSingle.Title = $CAPolicy.displayName
        $DocSecSingle.SubSections = @()



        $ResultCAPolicy = New-Object -Type PSObject
        $ResultCAPolicy | Add-Member Noteproperty "M_Id" $CAPolicy.id
        $ResultCAPolicy | Add-Member Noteproperty "M_DisplayName" $CAPolicy.displayName
        $ResultCAPolicy | Add-Member Noteproperty "M_Created" $CAPolicy.createdDateTime
        $ResultCAPolicy | Add-Member Noteproperty "M_Modified" $CAPolicy.modifiedDateTime
        $ResultCAPolicy | Add-Member Noteproperty "M_State" $CAPolicy.state
        $ResultCAPolicy | Add-Member Noteproperty "C_SignInRiskLevel" ($CAPolicy.conditions.signInRiskLevels -join ",")
        $ResultCAPolicy | Add-Member Noteproperty "C_ClientAppTypes" ($CAPolicy.conditions.clientAppTypes -join ",")
        $ResultCAPolicy | Add-Member Noteproperty "C_PlatformsInclude" ($CAPolicy.conditions.platforms.includePlatforms -join ",")
        $ResultCAPolicy | Add-Member Noteproperty "C_PlatformsExclude" ($CAPolicy.conditions.platforms.excludePlatforms -join ",")
        $ResultCAPolicy | Add-Member Noteproperty "C_LocationsInclude" ($CAPolicy.conditions.locations.includeLocations -join ",")
        $ResultCAPolicy | Add-Member Noteproperty "C_LocationsExclude" ($CAPolicy.conditions.locations.excludeLocations -join ",")
        $ResultCAPolicy | Add-Member Noteproperty "C_DeviceStates" ($CAPolicy.conditions.deviceStates -join ",")
        $ResultCAPolicy | Add-Member Noteproperty "C_Devices" ($CAPolicy.conditions.devices -join ",")
        
        # Application Condition
        $IncludeApps = @()
        foreach($app in $CAPolicy.conditions.applications.includeApplications){
            $IncludeApps += Get-AzureADApplicationName -AppId $app
        }
        $ResultCAPolicy | Add-Member Noteproperty "C_ApplicationsInclude" ($IncludeApps -join [System.Environment]::NewLine)

        $ExcludeApps = @()
        foreach($app in $CAPolicy.conditions.applications.excludeApplications){
            $ExcludeApps += Get-AzureADApplicationName -AppId $app
        }
        $ResultCAPolicy | Add-Member Noteproperty "C_ApplicationsExclude" ($ExcludeApps -join [System.Environment]::NewLine)

        $ResultCAPolicy | Add-Member Noteproperty "C_ApplicationsIncludeUserActions" ($CAPolicy.conditions.applications.includeUserActions -join ",")

        #User Conditions
        $IncludeUsers = @()
        foreach($user in $CAPolicy.conditions.users.includeUsers){
            $IncludeUsers += Get-AzureADUser -UserId $user
        }
        $ResultCAPolicy | Add-Member Noteproperty "C_UsersInclude" ($IncludeUsers -join [System.Environment]::NewLine)

        $ExcludeUsers = @()
        foreach($user in $CAPolicy.conditions.users.excludeUsers){
            $ExcludeUsers += Get-AzureADUser -UserId $user
        }
        $ResultCAPolicy | Add-Member Noteproperty "C_UsersExclude" ($ExcludeUsers -join [System.Environment]::NewLine)

        # Group Conditions
        $IncludeGroups = @()
        foreach($group in $CAPolicy.conditions.users.includeGroups){
            $IncludeGroups += (Invoke-DocGraph -Path "/groups/$($group)").displayName
        }
        $ResultCAPolicy | Add-Member Noteproperty "C_UsersIncludeGroups" ($IncludeGroups -join [System.Environment]::NewLine)

        $ExcludeApps = @()
        foreach($group in $CAPolicy.conditions.users.excludeGroups){
            $ExcludeGroups += (Invoke-DocGraph -Path "/groups/$($group)").displayName
        }
        $ResultCAPolicy | Add-Member Noteproperty "C_UsersExcludeGroups" ($ExcludeGroups -join [System.Environment]::NewLine)

        # Role Conditions
        $IncludeRoles = @()
        foreach($role in $CAPolicy.conditions.users.includeRoles){
            $IncludeRoles += Get-AzureADRole -RoleId $role
        }
        $ResultCAPolicy | Add-Member Noteproperty "C_UsersIncludeRoles" ($IncludeRoles -join [System.Environment]::NewLine)

        $ExcludeApps = @()
        foreach($role in $CAPolicy.conditions.users.excludeRoles){
            $ExcludeRoles += Get-AzureADRole -RoleId $role
        }
        $ResultCAPolicy | Add-Member Noteproperty "C_UsersExcludeRoles" ($ExcludeRoles -join [System.Environment]::NewLine)

        $ResultCAPolicy | Add-Member Noteproperty "G_Operator" $CAPolicy.grantControls.operator
        $ResultCAPolicy | Add-Member Noteproperty "G_BuiltInControls" ($CAPolicy.grantControls.builtInControls -join ",")
        $ResultCAPolicy | Add-Member Noteproperty "G_CustomControls" ($CAPolicy.grantControls.customAuthenticationFactors -join ",")
        $ResultCAPolicy | Add-Member Noteproperty "G_TermsOfUse" ($CAPolicy.grantControls.termsOfUse -join ",")
        $ResultCAPolicy | Add-Member Noteproperty "S_ApplicationEnforcedRestriction" ($CAPolicy.sessionControls.applicationEnforcedRestrictions.isEnabled)
        $ResultCAPolicy | Add-Member Noteproperty "S_CloudAppSecurity" ($CAPolicy.sessionControls.cloudAppSecurity.isEnabled)
        $ResultCAPolicy | Add-Member Noteproperty "S_CloudAppSecurityType" ($CAPolicy.sessionControls.cloudAppSecurity.cloudAppSecurityTyp)
        $ResultCAPolicy | Add-Member Noteproperty "S_PersistentBrowser" ($CAPolicy.sessionControls.persistentBrowser.isEnabled)
        $ResultCAPolicy | Add-Member Noteproperty "S_PersistentBrowserMode" ($CAPolicy.sessionControls.persistentBrowser.mode)
        $ResultCAPolicy | Add-Member Noteproperty "S_SignInFrequency" ($CAPolicy.sessionControls.signInFrequency.isEnabled)
        $ResultCAPolicy | Add-Member Noteproperty "S_SignInFrequencyTimeframe" ("" + $CAPolicy.sessionControls.signInFrequency.value +" "+ $CAPolicy.sessionControls.signInFrequency.type)
        
      

        $DocSecSingle1 = New-Object DocSection
        $DocSecSingle1.Title = "Metadata"
        $ht2 = @{}
        $ResultCAPolicy.psobject.properties | Where-Object { $_.Name -like "M_*" } | ForEach-Object { $ht2[($_.Name.Replace("M_",""))] = ($(if($null -eq $_.Value){""}else{$_.Value})) }
        $DocSecSingle1.Objects = ($ht2.GetEnumerator() | Sort-Object -Property Name | Select-Object Name,Value)
        $DocSecSingle.SubSections += $DocSecSingle1


        $DocSecSingle2 = New-Object DocSection
        $DocSecSingle2.Title = "Conditions"
        $ht2 = @{}
        $ResultCAPolicy.psobject.properties | Where-Object { $_.Name -like "C_*" } | ForEach-Object { $ht2[($_.Name.Replace("C_",""))] = ($(if($null -eq $_.Value){""}else{$_.Value})) }
        $DocSecSingle2.Objects = ($ht2.GetEnumerator() | Sort-Object -Property Name | Select-Object Name,Value)
        $DocSecSingle.SubSections += $DocSecSingle2


        $DocSecSingle3 = New-Object DocSection
        $DocSecSingle3.Title = "Grant Controls"
        $ht2 = @{}
        $ResultCAPolicy.psobject.properties | Where-Object { $_.Name -like "G_*" } | ForEach-Object { $ht2[($_.Name.Replace("G_",""))] = ($(if($null -eq $_.Value){""}else{$_.Value})) }
        $DocSecSingle3.Objects = ($ht2.GetEnumerator() | Sort-Object -Property Name | Select-Object Name,Value)
        $DocSecSingle.SubSections += $DocSecSingle3

        $DocSecSingle4 = New-Object DocSection
        $DocSecSingle4.Title = "Session Controls"
        $ht2 = @{}
        $ResultCAPolicy.psobject.properties | Where-Object { $_.Name -like "S_*" } | ForEach-Object { $ht2[($_.Name.Replace("S_",""))] = ($(if($null -eq $_.Value){""}else{$_.Value})) }
        $DocSecSingle4.Objects = ($ht2.GetEnumerator() | Sort-Object -Property Name | Select-Object Name,Value)
        $DocSecSingle.SubSections += $DocSecSingle4

        $ReturnObj += $DocSecSingle
    } 
    $DocSec.SubSections = $ReturnObj

    return $DocSec
}
# SIG # Begin signature block
# MIIbhQYJKoZIhvcNAQcCoIIbdjCCG3ICAQExCzAJBgUrDgMCGgUAMGkGCisGAQQB
# gjcCAQSgWzBZMDQGCisGAQQBgjcCAR4wJgIDAQAABBAfzDtgWUsITrck0sYpfvNR
# AgEAAgEAAgEAAgEAAgEAMCEwCQYFKw4DAhoFAAQU032A18/YWxkA095p+hDEkqWL
# 94egghahMIIE/jCCA+agAwIBAgIQDUJK4L46iP9gQCHOFADw3TANBgkqhkiG9w0B
# AQsFADByMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYD
# VQQLExB3d3cuZGlnaWNlcnQuY29tMTEwLwYDVQQDEyhEaWdpQ2VydCBTSEEyIEFz
# c3VyZWQgSUQgVGltZXN0YW1waW5nIENBMB4XDTIxMDEwMTAwMDAwMFoXDTMxMDEw
# NjAwMDAwMFowSDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDkRpZ2lDZXJ0LCBJbmMu
# MSAwHgYDVQQDExdEaWdpQ2VydCBUaW1lc3RhbXAgMjAyMTCCASIwDQYJKoZIhvcN
# AQEBBQADggEPADCCAQoCggEBAMLmYYRnxYr1DQikRcpja1HXOhFCvQp1dU2UtAxQ
# tSYQ/h3Ib5FrDJbnGlxI70Tlv5thzRWRYlq4/2cLnGP9NmqB+in43Stwhd4CGPN4
# bbx9+cdtCT2+anaH6Yq9+IRdHnbJ5MZ2djpT0dHTWjaPxqPhLxs6t2HWc+xObTOK
# fF1FLUuxUOZBOjdWhtyTI433UCXoZObd048vV7WHIOsOjizVI9r0TXhG4wODMSlK
# XAwxikqMiMX3MFr5FK8VX2xDSQn9JiNT9o1j6BqrW7EdMMKbaYK02/xWVLwfoYer
# vnpbCiAvSwnJlaeNsvrWY4tOpXIc7p96AXP4Gdb+DUmEvQECAwEAAaOCAbgwggG0
# MA4GA1UdDwEB/wQEAwIHgDAMBgNVHRMBAf8EAjAAMBYGA1UdJQEB/wQMMAoGCCsG
# AQUFBwMIMEEGA1UdIAQ6MDgwNgYJYIZIAYb9bAcBMCkwJwYIKwYBBQUHAgEWG2h0
# dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAfBgNVHSMEGDAWgBT0tuEgHf4prtLk
# YaWyoiWyyBc1bjAdBgNVHQ4EFgQUNkSGjqS6sGa+vCgtHUQ23eNqerwwcQYDVR0f
# BGowaDAyoDCgLoYsaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItYXNzdXJl
# ZC10cy5jcmwwMqAwoC6GLGh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWFz
# c3VyZWQtdHMuY3JsMIGFBggrBgEFBQcBAQR5MHcwJAYIKwYBBQUHMAGGGGh0dHA6
# Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBPBggrBgEFBQcwAoZDaHR0cDovL2NhY2VydHMu
# ZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMkFzc3VyZWRJRFRpbWVzdGFtcGluZ0NB
# LmNydDANBgkqhkiG9w0BAQsFAAOCAQEASBzctemaI7znGucgDo5nRv1CclF0CiNH
# o6uS0iXEcFm+FKDlJ4GlTRQVGQd58NEEw4bZO73+RAJmTe1ppA/2uHDPYuj1UUp4
# eTZ6J7fz51Kfk6ftQ55757TdQSKJ+4eiRgNO/PT+t2R3Y18jUmmDgvoaU+2QzI2h
# F3MN9PNlOXBL85zWenvaDLw9MtAby/Vh/HUIAHa8gQ74wOFcz8QRcucbZEnYIpp1
# FUL1LTI4gdr0YKK6tFL7XOBhJCVPst/JKahzQ1HavWPWH1ub9y4bTxMd90oNcX6X
# t/Q/hOvB46NJofrOp79Wz7pZdmGJX36ntI5nePk2mOHLKNpbh6aKLzCCBTEwggQZ
# oAMCAQICEAqhJdbWMht+QeQF2jaXwhUwDQYJKoZIhvcNAQELBQAwZTELMAkGA1UE
# BhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2lj
# ZXJ0LmNvbTEkMCIGA1UEAxMbRGlnaUNlcnQgQXNzdXJlZCBJRCBSb290IENBMB4X
# DTE2MDEwNzEyMDAwMFoXDTMxMDEwNzEyMDAwMFowcjELMAkGA1UEBhMCVVMxFTAT
# BgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTEx
# MC8GA1UEAxMoRGlnaUNlcnQgU0hBMiBBc3N1cmVkIElEIFRpbWVzdGFtcGluZyBD
# QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL3QMu5LzY9/3am6gpnF
# OVQoV7YjSsQOB0UzURB90Pl9TWh+57ag9I2ziOSXv2MhkJi/E7xX08PhfgjWahQA
# OPcuHjvuzKb2Mln+X2U/4Jvr40ZHBhpVfgsnfsCi9aDg3iI/Dv9+lfvzo7oiPhis
# EeTwmQNtO4V8CdPuXciaC1TjqAlxa+DPIhAPdc9xck4Krd9AOly3UeGheRTGTSQj
# MF287DxgaqwvB8z98OpH2YhQXv1mblZhJymJhFHmgudGUP2UKiyn5HU+upgPhH+f
# MRTWrdXyZMt7HgXQhBlyF/EXBu89zdZN7wZC/aJTKk+FHcQdPK/P2qwQ9d2srOlW
# /5MCAwEAAaOCAc4wggHKMB0GA1UdDgQWBBT0tuEgHf4prtLkYaWyoiWyyBc1bjAf
# BgNVHSMEGDAWgBRF66Kv9JLLgjEtUYunpyGd823IDzASBgNVHRMBAf8ECDAGAQH/
# AgEAMA4GA1UdDwEB/wQEAwIBhjATBgNVHSUEDDAKBggrBgEFBQcDCDB5BggrBgEF
# BQcBAQRtMGswJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBD
# BggrBgEFBQcwAoY3aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0
# QXNzdXJlZElEUm9vdENBLmNydDCBgQYDVR0fBHoweDA6oDigNoY0aHR0cDovL2Ny
# bDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9vdENBLmNybDA6oDig
# NoY0aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9v
# dENBLmNybDBQBgNVHSAESTBHMDgGCmCGSAGG/WwAAgQwKjAoBggrBgEFBQcCARYc
# aHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzALBglghkgBhv1sBwEwDQYJKoZI
# hvcNAQELBQADggEBAHGVEulRh1Zpze/d2nyqY3qzeM8GN0CE70uEv8rPAwL9xafD
# DiBCLK938ysfDCFaKrcFNB1qrpn4J6JmvwmqYN92pDqTD/iy0dh8GWLoXoIlHsS6
# HHssIeLWWywUNUMEaLLbdQLgcseY1jxk5R9IEBhfiThhTWJGJIdjjJFSLK8pieV4
# H9YLFKWA1xJHcLN11ZOFk362kmf7U2GJqPVrlsD0WGkNfMgBsbkodbeZY4UijGHK
# eZR+WfyMD+NvtQEmtmyl7odRIeRYYJu6DC0rbaLEfrvEJStHAgh8Sa4TtuF8QkIo
# xhhWz0E0tmZdtnR79VYzIi8iNrJLokqV2PWmjlIwggWtMIIElaADAgECAhAEP0tn
# 9l4Sf9gdog2gb/SWMA0GCSqGSIb3DQEBBQUAMGUxCzAJBgNVBAYTAlVTMRUwEwYD
# VQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xJDAi
# BgNVBAMTG0RpZ2lDZXJ0IEVWIENvZGUgU2lnbmluZyBDQTAeFw0yMDAzMDYwMDAw
# MDBaFw0yMzAzMTUxMjAwMDBaMIHOMRMwEQYLKwYBBAGCNzwCAQMTAkNIMRowGAYL
# KwYBBAGCNzwCAQITCVNvbG90aHVybjEdMBsGA1UEDwwUUHJpdmF0ZSBPcmdhbml6
# YXRpb24xGDAWBgNVBAUTD0NIRS0zMTQuNjM5LjUyMzELMAkGA1UEBhMCQ0gxEjAQ
# BgNVBAgTCVNvbG90aHVybjERMA8GA1UEBwwIRMOkbmlrZW4xFjAUBgNVBAoTDWJh
# c2VWSVNJT04gQUcxFjAUBgNVBAMTDWJhc2VWSVNJT04gQUcwggEiMA0GCSqGSIb3
# DQEBAQUAA4IBDwAwggEKAoIBAQCn0xZCT8yT681HZVY8gtUlURKywy8Nfq8uiv/j
# JJU+/Tf4HHXXJzHo96ZFo/WOWMD3WMWRYRnpj95PZbfLaF+ki/PURRhp9/oT/p5O
# 3zTv4Jqnig7AOeIL5dt9W5Uij9rDOEZhmFpVT08KCKhMNMMu7MhBs+uHBlyQ70j5
# H2IjBjePtEDYcakbv1RNDK5hU+k2UqKZEQSaqt2+riewxS2R4RUvZJ5nRraf4pNY
# qDdem2H0vJ17zHsG+ZB0YFLk/P3i6r4tJEAksYAUkuJsFDt0Yz9xM2qmG2Rr4iw7
# AUTfE5Gx0NNWD/fMWFP/2sD3VkHA8Mz8PAokDfFz21OqYrXPAgMBAAGjggHtMIIB
# 6TAfBgNVHSMEGDAWgBStaQZw/IAbFrOpGJRrlAKGXvcnjDAdBgNVHQ4EFgQURdlk
# /2RkqKDvZs8sol0UhzmJTCowNwYDVR0RBDAwLqAsBggrBgEFBQcIA6AgMB4MHENI
# LVNPTE9USFVSTi1DSEUtMzE0LjYzOS41MjMwDgYDVR0PAQH/BAQDAgeAMBMGA1Ud
# JQQMMAoGCCsGAQUFBwMDMHMGA1UdHwRsMGowM6AxoC+GLWh0dHA6Ly9jcmwzLmRp
# Z2ljZXJ0LmNvbS9FVkNvZGVTaWduaW5nLWcxLmNybDAzoDGgL4YtaHR0cDovL2Ny
# bDQuZGlnaWNlcnQuY29tL0VWQ29kZVNpZ25pbmctZzEuY3JsMEsGA1UdIAREMEIw
# NwYJYIZIAYb9bAMCMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0
# LmNvbS9DUFMwBwYFZ4EMAQMweQYIKwYBBQUHAQEEbTBrMCQGCCsGAQUFBzABhhho
# dHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQwYIKwYBBQUHMAKGN2h0dHA6Ly9jYWNl
# cnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEVWQ29kZVNpZ25pbmdDQS5jcnQwDAYD
# VR0TAQH/BAIwADANBgkqhkiG9w0BAQUFAAOCAQEAGYerL9YA8gW4cx7nWEaDFpN2
# XnaY4+90Nl8gaj6aeQj6kwIfjWLWAzByDdVNvxSkrwXdfo3dkG5DNNI3wPR2SE2i
# yImDF6zXTThccBqkwE1x1Tb5qfhaA48jf18f8JbvVgvtbZWXph1b+ALyD2911b34
# Qt6cYmolg19vkmWXZUADRjA11S3VHhhH4GLKeHoE23jSSs69tQPNC1jdS+Rx6yO/
# Ya14UrDwOrJo1qSn2xTilf9s77mSxRJCpL8Cd1PUHPvugUFHLw9nqOQAMUb7cHdD
# UREs7Brvfcyo0qRx7lyKjIM1d0wGtiBz+8kQJcSCdK9S8HGSD3y4R1N++Y8gYTCC
# BrUwggWdoAMCAQICEA3Q4zdKyVvb+mtDSypI7AYwDQYJKoZIhvcNAQEFBQAwbDEL
# MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
# LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2Ug
# RVYgUm9vdCBDQTAeFw0xMjA0MTgxMjAwMDBaFw0yNzA0MTgxMjAwMDBaMGUxCzAJ
# BgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5k
# aWdpY2VydC5jb20xJDAiBgNVBAMTG0RpZ2lDZXJ0IEVWIENvZGUgU2lnbmluZyBD
# QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALkGdBxdtCCqqSGoKkJG
# qyUgFyXLIo+QoqAxa4MFda+yDnwSSXtqhmSED4PcZLmxbhYFPhyVuefniG24YoGQ
# edTd9eKW+cO1iCNXShrPcSnpCACPtZjjpzL9rC649JNT9Ao5Q5Gv1Wvo1J9GvY49
# q+L5K9TqAEBmJLfof7REdY14mq4xwTfPTh9b+EVK1z/CyZIGZL7eBoqv0OiKsfAs
# iABvC9yFp0zLBr/WLioybilxr44i8w/Q2JhILagIy7aLI8Jj4LZz6299Jk+L9zQ9
# N4YMt3gn9MKG20NrWvg9PfTosGJWxufteKH7/XpyTzJlxHzDxHegBDIy7Y8/r4bd
# ftECAwEAAaOCA1gwggNUMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQD
# AgGGMBMGA1UdJQQMMAoGCCsGAQUFBwMDMH8GCCsGAQUFBwEBBHMwcTAkBggrBgEF
# BQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEkGCCsGAQUFBzAChj1odHRw
# Oi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRIaWdoQXNzdXJhbmNlRVZS
# b290Q0EuY3J0MIGPBgNVHR8EgYcwgYQwQKA+oDyGOmh0dHA6Ly9jcmwzLmRpZ2lj
# ZXJ0LmNvbS9EaWdpQ2VydEhpZ2hBc3N1cmFuY2VFVlJvb3RDQS5jcmwwQKA+oDyG
# Omh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEhpZ2hBc3N1cmFuY2VF
# VlJvb3RDQS5jcmwwggHEBgNVHSAEggG7MIIBtzCCAbMGCWCGSAGG/WwDAjCCAaQw
# OgYIKwYBBQUHAgEWLmh0dHA6Ly93d3cuZGlnaWNlcnQuY29tL3NzbC1jcHMtcmVw
# b3NpdG9yeS5odG0wggFkBggrBgEFBQcCAjCCAVYeggFSAEEAbgB5ACAAdQBzAGUA
# IABvAGYAIAB0AGgAaQBzACAAQwBlAHIAdABpAGYAaQBjAGEAdABlACAAYwBvAG4A
# cwB0AGkAdAB1AHQAZQBzACAAYQBjAGMAZQBwAHQAYQBuAGMAZQAgAG8AZgAgAHQA
# aABlACAARABpAGcAaQBDAGUAcgB0ACAAQwBQAC8AQwBQAFMAIABhAG4AZAAgAHQA
# aABlACAAUgBlAGwAeQBpAG4AZwAgAFAAYQByAHQAeQAgAEEAZwByAGUAZQBtAGUA
# bgB0ACAAdwBoAGkAYwBoACAAbABpAG0AaQB0ACAAbABpAGEAYgBpAGwAaQB0AHkA
# IABhAG4AZAAgAGEAcgBlACAAaQBuAGMAbwByAHAAbwByAGEAdABlAGQAIABoAGUA
# cgBlAGkAbgAgAGIAeQAgAHIAZQBmAGUAcgBlAG4AYwBlAC4wHQYDVR0OBBYEFK1p
# BnD8gBsWs6kYlGuUAoZe9yeMMB8GA1UdIwQYMBaAFLE+w2kD+L9HAdSYJhoIAu9j
# ZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQCeW5Y6LhKIrKsBbaSfdeQBh6OlMte8uql+
# o9YUF/fCE2t8c48rauUPJllosI4lm2zv+myTkgjBTc9FnpxG1h50oZsUo/oBL0qx
# AeFyQEgRE2i5Np2RS9fCORIQwcTcu2IUFCphXU84fGYfxhv/rb5Pf5Rbc0MAD01z
# t1HPDvZ3wFvNNIzZYxOqDmER1vKOJ/y0e7i5ESCRhnjqDtQo/yrVJDjoN7Lslruf
# vEoWUOFev1F9I6Ayx8GUnnrJwCaizCWHoBJ+dJ8tjbHI54S+udHp3rtqTohzceEi
# OMskh+lzflGy/5jrTn4v4MoO+rNe0boFQqhIn4P2P8TKqN9ooFBhMYIETjCCBEoC
# AQEweTBlMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYD
# VQQLExB3d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBFViBDb2Rl
# IFNpZ25pbmcgQ0ECEAQ/S2f2XhJ/2B2iDaBv9JYwCQYFKw4DAhoFAKB4MBgGCisG
# AQQBgjcCAQwxCjAIoAKAAKECgAAwGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQw
# HAYKKwYBBAGCNwIBCzEOMAwGCisGAQQBgjcCARUwIwYJKoZIhvcNAQkEMRYEFAqX
# 7GgP2SPmzCcvZ9jVj8kVgZ4yMA0GCSqGSIb3DQEBAQUABIIBAIa+LKrm5B+egYuV
# FyfiQX2lCKaNlcKc4HcxujRy0avlyBtR5sJ4euQpSmrrm0LQ6pPEVPNYQcuWVL79
# ERZGYjm5JQOMWdLKZkiR6OGIgA6ml3co90iu8dvm69n1Iu8RNZZnCxhe7iy7KaTs
# FVsZ+j+UXK6D/zOLjJMvn4uTqSMrR7U08939rxpqLWYETpY1Kiyy0oJSZ/uhuWm9
# IJXIQQdVzlRRmabtVuBde4yYzPBr6WEk/7cYEe6Q2zYPIqychxxYs2gLmvjlXmwM
# N/oOgyu41J4DCABu7bCMrtUtAJohIf9rcJtHI2KEEs6PaUzc1Z9gMbaFTn0ImyW/
# b/5ODNGhggIwMIICLAYJKoZIhvcNAQkGMYICHTCCAhkCAQEwgYYwcjELMAkGA1UE
# BhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2lj
# ZXJ0LmNvbTExMC8GA1UEAxMoRGlnaUNlcnQgU0hBMiBBc3N1cmVkIElEIFRpbWVz
# dGFtcGluZyBDQQIQDUJK4L46iP9gQCHOFADw3TANBglghkgBZQMEAgEFAKBpMBgG
# CSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTIxMDgwODEy
# MDc0MVowLwYJKoZIhvcNAQkEMSIEIBaJBF6GAh0y1/h6TmwYz34v8gFLjUwD8zKw
# hJv/XmYLMA0GCSqGSIb3DQEBAQUABIIBADfEEswualr5UQHU05dRHdOgW1RJTd63
# C2wgNU9cqzaIxttAGnAitTRq4IoCM3E0BrXOErS0dDCg/0om9HVyGw9pdVEzD18x
# jkho22eKD7iOpGYOhz0ByvDvSmQQtUOEEZhUPvaoM8oqVojJ8O5gqpObOtGlquxn
# 1u++oTRMkTPKVEE8OgUza2WbB28qhkcy72xnWzPhJhJ1bJSyyU8ezsScRb3A2ky/
# Me+oFqtVFAZyZj3f3oqLxXCXoYfAAOgPz5KoeaJm0fzdA/W26AYBuDlz+7VBdUgu
# Yp+eJRGOD80i6BdiCDIYWjrGt0P8PwX8f8rL496fskO9P7S9+dPCm0Y=
# SIG # End signature block