M365Documentation

3.2.2

Internal/Collector/AzureAD/Get-AADConditionalAccessSplit.ps1

                                Function Get-AADConditionalAccessSplit(){

    <#

    .SYNOPSIS

    This function is used to get the all conditional access policies from the Graph API REST interface

    .DESCRIPTION

    The function connects to the Graph API Interface and gets the conditional access policies

    .EXAMPLE

    Get-AADConditionalAccessSplit

    Returns the Conditional Access Policies in Azure AD

    .NOTES

    NAME: Get-AADConditionalAccessSplit

    #>

    [OutputType('DocSection')]

    [cmdletbinding()]

    param()

    $DocSec = New-Object DocSection

    $DocSec.Title = "Conditional Access Policies"

    $DocSec.Text = "This section contains a list of all conditional Access policies configured in Azure AD."

    $ReturnObj = @()

    $Policies = Invoke-DocGraph -Path "/identity/conditionalAccess/policies" -Beta 

    foreach($CAPolicy in $Policies.Value){

        $DocSecSingle = New-Object DocSection

        $DocSecSingle.Title = $CAPolicy.displayName

        $DocSecSingle.SubSections = @()

        $ResultCAPolicy = New-Object -Type PSObject

        $ResultCAPolicy | Add-Member Noteproperty "M_Id" $CAPolicy.id

        $ResultCAPolicy | Add-Member Noteproperty "M_DisplayName" $CAPolicy.displayName

        $ResultCAPolicy | Add-Member Noteproperty "M_Created" $CAPolicy.createdDateTime

        $ResultCAPolicy | Add-Member Noteproperty "M_Modified" $CAPolicy.modifiedDateTime

        $ResultCAPolicy | Add-Member Noteproperty "M_State" $CAPolicy.state

        $ResultCAPolicy | Add-Member Noteproperty "C_SignInRiskLevel" ($CAPolicy.conditions.signInRiskLevels -join ",")

        $ResultCAPolicy | Add-Member Noteproperty "C_ClientAppTypes" ($CAPolicy.conditions.clientAppTypes -join ",")

        $ResultCAPolicy | Add-Member Noteproperty "C_PlatformsInclude" ($CAPolicy.conditions.platforms.includePlatforms -join ",")

        $ResultCAPolicy | Add-Member Noteproperty "C_PlatformsExclude" ($CAPolicy.conditions.platforms.excludePlatforms -join ",")

        $ResultCAPolicy | Add-Member Noteproperty "C_LocationsInclude" ($CAPolicy.conditions.locations.includeLocations -join ",")

        $ResultCAPolicy | Add-Member Noteproperty "C_LocationsExclude" ($CAPolicy.conditions.locations.excludeLocations -join ",")

        $ResultCAPolicy | Add-Member Noteproperty "C_DeviceStates" ($CAPolicy.conditions.deviceStates -join ",")

        $ResultCAPolicy | Add-Member Noteproperty "C_Devices" ($CAPolicy.conditions.devices -join ",")

        # Application Condition

        $IncludeApps = @()

        foreach($app in $CAPolicy.conditions.applications.includeApplications){

            $IncludeApps += Get-AzureADApplicationName -AppId $app

        }

        $ResultCAPolicy | Add-Member Noteproperty "C_ApplicationsInclude" ($IncludeApps -join [System.Environment]::NewLine)

        $ExcludeApps = @()

        foreach($app in $CAPolicy.conditions.applications.excludeApplications){

            $ExcludeApps += Get-AzureADApplicationName -AppId $app

        }

        $ResultCAPolicy | Add-Member Noteproperty "C_ApplicationsExclude" ($ExcludeApps -join [System.Environment]::NewLine)

        $ResultCAPolicy | Add-Member Noteproperty "C_ApplicationsIncludeUserActions" ($CAPolicy.conditions.applications.includeUserActions -join ",")

        #User Conditions

        $IncludeUsers = @()

        foreach($user in $CAPolicy.conditions.users.includeUsers){

            $IncludeUsers += Get-AzureADUser -UserId $user

        }

        $ResultCAPolicy | Add-Member Noteproperty "C_UsersInclude" ($IncludeUsers -join [System.Environment]::NewLine)

        $ExcludeUsers = @()

        foreach($user in $CAPolicy.conditions.users.excludeUsers){

            $ExcludeUsers += Get-AzureADUser -UserId $user

        }

        $ResultCAPolicy | Add-Member Noteproperty "C_UsersExclude" ($ExcludeUsers -join [System.Environment]::NewLine)

        # Group Conditions

        $IncludeGroups = @()

        foreach($group in $CAPolicy.conditions.users.includeGroups){

            $IncludeGroups += (Invoke-DocGraph -Path "/groups/$($group)").displayName

        }

        $ResultCAPolicy | Add-Member Noteproperty "C_UsersIncludeGroups" ($IncludeGroups -join [System.Environment]::NewLine)

        $ExcludeApps = @()

        foreach($group in $CAPolicy.conditions.users.excludeGroups){

            $ExcludeGroups += (Invoke-DocGraph -Path "/groups/$($group)").displayName

        }

        $ResultCAPolicy | Add-Member Noteproperty "C_UsersExcludeGroups" ($ExcludeGroups -join [System.Environment]::NewLine)

        # Role Conditions

        $IncludeRoles = @()

        foreach($role in $CAPolicy.conditions.users.includeRoles){

            $IncludeRoles += Get-AzureADRole -RoleId $role

        }

        $ResultCAPolicy | Add-Member Noteproperty "C_UsersIncludeRoles" ($IncludeRoles -join [System.Environment]::NewLine)

        $ExcludeApps = @()

        foreach($role in $CAPolicy.conditions.users.excludeRoles){

            $ExcludeRoles += Get-AzureADRole -RoleId $role

        }

        $ResultCAPolicy | Add-Member Noteproperty "C_UsersExcludeRoles" ($ExcludeRoles -join [System.Environment]::NewLine)

        $ResultCAPolicy | Add-Member Noteproperty "G_Operator" $CAPolicy.grantControls.operator

        $ResultCAPolicy | Add-Member Noteproperty "G_BuiltInControls" ($CAPolicy.grantControls.builtInControls -join ",")

        $ResultCAPolicy | Add-Member Noteproperty "G_CustomControls" ($CAPolicy.grantControls.customAuthenticationFactors -join ",")

        $ResultCAPolicy | Add-Member Noteproperty "G_TermsOfUse" ($CAPolicy.grantControls.termsOfUse -join ",")

        $ResultCAPolicy | Add-Member Noteproperty "S_ApplicationEnforcedRestriction" ($CAPolicy.sessionControls.applicationEnforcedRestrictions.isEnabled)

        $ResultCAPolicy | Add-Member Noteproperty "S_CloudAppSecurity" ($CAPolicy.sessionControls.cloudAppSecurity.isEnabled)

        $ResultCAPolicy | Add-Member Noteproperty "S_CloudAppSecurityType" ($CAPolicy.sessionControls.cloudAppSecurity.cloudAppSecurityTyp)

        $ResultCAPolicy | Add-Member Noteproperty "S_PersistentBrowser" ($CAPolicy.sessionControls.persistentBrowser.isEnabled)

        $ResultCAPolicy | Add-Member Noteproperty "S_PersistentBrowserMode" ($CAPolicy.sessionControls.persistentBrowser.mode)

        $ResultCAPolicy | Add-Member Noteproperty "S_SignInFrequency" ($CAPolicy.sessionControls.signInFrequency.isEnabled)

        $ResultCAPolicy | Add-Member Noteproperty "S_SignInFrequencyTimeframe" ("" + $CAPolicy.sessionControls.signInFrequency.value +" "+ $CAPolicy.sessionControls.signInFrequency.type)

        $DocSecSingle1 = New-Object DocSection

        $DocSecSingle1.Title = "Metadata"

        $ht2 = @{}

        $ResultCAPolicy.psobject.properties | Where-Object { $_.Name -like "M_*" } | ForEach-Object { $ht2[($_.Name.Replace("M_",""))] = ($(if($null -eq $_.Value){""}else{$_.Value})) }

        $DocSecSingle1.Objects = ($ht2.GetEnumerator() | Sort-Object -Property Name | Select-Object Name,Value)

        $DocSecSingle.SubSections += $DocSecSingle1

        $DocSecSingle2 = New-Object DocSection

        $DocSecSingle2.Title = "Conditions"

        $ht2 = @{}

        $ResultCAPolicy.psobject.properties | Where-Object { $_.Name -like "C_*" } | ForEach-Object { $ht2[($_.Name.Replace("C_",""))] = ($(if($null -eq $_.Value){""}else{$_.Value})) }

        $DocSecSingle2.Objects = ($ht2.GetEnumerator() | Sort-Object -Property Name | Select-Object Name,Value)

        $DocSecSingle.SubSections += $DocSecSingle2

        $DocSecSingle3 = New-Object DocSection

        $DocSecSingle3.Title = "Grant Controls"

        $ht2 = @{}

        $ResultCAPolicy.psobject.properties | Where-Object { $_.Name -like "G_*" } | ForEach-Object { $ht2[($_.Name.Replace("G_",""))] = ($(if($null -eq $_.Value){""}else{$_.Value})) }

        $DocSecSingle3.Objects = ($ht2.GetEnumerator() | Sort-Object -Property Name | Select-Object Name,Value)

        $DocSecSingle.SubSections += $DocSecSingle3

        $DocSecSingle4 = New-Object DocSection

        $DocSecSingle4.Title = "Session Controls"

        $ht2 = @{}

        $ResultCAPolicy.psobject.properties | Where-Object { $_.Name -like "S_*" } | ForEach-Object { $ht2[($_.Name.Replace("S_",""))] = ($(if($null -eq $_.Value){""}else{$_.Value})) }

        $DocSecSingle4.Objects = ($ht2.GetEnumerator() | Sort-Object -Property Name | Select-Object Name,Value)

        $DocSecSingle.SubSections += $DocSecSingle4

        $ReturnObj += $DocSecSingle

    } 

    $DocSec.SubSections = $ReturnObj

    return $DocSec

}

# SIG # Begin signature block

# MIIoMgYJKoZIhvcNAQcCoIIoIzCCKB8CAQExDzANBglghkgBZQMEAgEFADB5Bgor

# BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG

# KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCDd2bQkUbCRRfXj

# tRVAsI0RlosuaN8zMildQDE1TPFisaCCITUwggWNMIIEdaADAgECAhAOmxiO+dAt

# 5+/bUOIIQBhaMA0GCSqGSIb3DQEBDAUAMGUxCzAJBgNVBAYTAlVTMRUwEwYDVQQK

# EwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xJDAiBgNV

# BAMTG0RpZ2lDZXJ0IEFzc3VyZWQgSUQgUm9vdCBDQTAeFw0yMjA4MDEwMDAwMDBa

# Fw0zMTExMDkyMzU5NTlaMGIxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2Vy

# dCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xITAfBgNVBAMTGERpZ2lD

# ZXJ0IFRydXN0ZWQgUm9vdCBHNDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC

# ggIBAL/mkHNo3rvkXUo8MCIwaTPswqclLskhPfKK2FnC4SmnPVirdprNrnsbhA3E

# MB/zG6Q4FutWxpdtHauyefLKEdLkX9YFPFIPUh/GnhWlfr6fqVcWWVVyr2iTcMKy

# unWZanMylNEQRBAu34LzB4TmdDttceItDBvuINXJIB1jKS3O7F5OyJP4IWGbNOsF

# xl7sWxq868nPzaw0QF+xembud8hIqGZXV59UWI4MK7dPpzDZVu7Ke13jrclPXuU1

# 5zHL2pNe3I6PgNq2kZhAkHnDeMe2scS1ahg4AxCN2NQ3pC4FfYj1gj4QkXCrVYJB

# MtfbBHMqbpEBfCFM1LyuGwN1XXhm2ToxRJozQL8I11pJpMLmqaBn3aQnvKFPObUR

# WBf3JFxGj2T3wWmIdph2PVldQnaHiZdpekjw4KISG2aadMreSx7nDmOu5tTvkpI6

# nj3cAORFJYm2mkQZK37AlLTSYW3rM9nF30sEAMx9HJXDj/chsrIRt7t/8tWMcCxB

# YKqxYxhElRp2Yn72gLD76GSmM9GJB+G9t+ZDpBi4pncB4Q+UDCEdslQpJYls5Q5S

# UUd0viastkF13nqsX40/ybzTQRESW+UQUOsxxcpyFiIJ33xMdT9j7CFfxCBRa2+x

# q4aLT8LWRV+dIPyhHsXAj6KxfgommfXkaS+YHS312amyHeUbAgMBAAGjggE6MIIB

# NjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTs1+OC0nFdZEzfLmc/57qYrhwP

# TzAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYunpyGd823IDzAOBgNVHQ8BAf8EBAMC

# AYYweQYIKwYBBQUHAQEEbTBrMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdp

# Y2VydC5jb20wQwYIKwYBBQUHMAKGN2h0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNv

# bS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RDQS5jcnQwRQYDVR0fBD4wPDA6oDigNoY0

# aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9vdENB

# LmNybDARBgNVHSAECjAIMAYGBFUdIAAwDQYJKoZIhvcNAQEMBQADggEBAHCgv0Nc

# Vec4X6CjdBs9thbX979XB72arKGHLOyFXqkauyL4hxppVCLtpIh3bb0aFPQTSnov

# Lbc47/T/gLn4offyct4kvFIDyE7QKt76LVbP+fT3rDB6mouyXtTP0UNEm0Mh65Zy

# oUi0mcudT6cGAxN3J0TU53/oWajwvy8LpunyNDzs9wPHh6jSTEAZNUZqaVSwuKFW

# juyk1T3osdz9HNj0d1pcVIxv76FQPfx2CWiEn2/K2yCNNWAcAgPLILCsWKAOQGPF

# mCLBsln1VWvPJ6tsds5vIy30fnFqI2si/xK4VC0nftg62fC2h5b9W9FcrBjDTZ9z

# twGpn1eqXijiuZQwggauMIIElqADAgECAhAHNje3JFR82Ees/ShmKl5bMA0GCSqG

# SIb3DQEBCwUAMGIxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMx

# GTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xITAfBgNVBAMTGERpZ2lDZXJ0IFRy

# dXN0ZWQgUm9vdCBHNDAeFw0yMjAzMjMwMDAwMDBaFw0zNzAzMjIyMzU5NTlaMGMx

# CzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5EaWdpQ2VydCwgSW5jLjE7MDkGA1UEAxMy

# RGlnaUNlcnQgVHJ1c3RlZCBHNCBSU0E0MDk2IFNIQTI1NiBUaW1lU3RhbXBpbmcg

# Q0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDGhjUGSbPBPXJJUVXH

# JQPE8pE3qZdRodbSg9GeTKJtoLDMg/la9hGhRBVCX6SI82j6ffOciQt/nR+eDzMf

# UBMLJnOWbfhXqAJ9/UO0hNoR8XOxs+4rgISKIhjf69o9xBd/qxkrPkLcZ47qUT3w

# 1lbU5ygt69OxtXXnHwZljZQp09nsad/ZkIdGAHvbREGJ3HxqV3rwN3mfXazL6IRk

# tFLydkf3YYMZ3V+0VAshaG43IbtArF+y3kp9zvU5EmfvDqVjbOSmxR3NNg1c1eYb

# qMFkdECnwHLFuk4fsbVYTXn+149zk6wsOeKlSNbwsDETqVcplicu9Yemj052FVUm

# cJgmf6AaRyBD40NjgHt1biclkJg6OBGz9vae5jtb7IHeIhTZgirHkr+g3uM+onP6

# 5x9abJTyUpURK1h0QCirc0PO30qhHGs4xSnzyqqWc0Jon7ZGs506o9UD4L/wojzK

# QtwYSH8UNM/STKvvmz3+DrhkKvp1KCRB7UK/BZxmSVJQ9FHzNklNiyDSLFc1eSuo

# 80VgvCONWPfcYd6T/jnA+bIwpUzX6ZhKWD7TA4j+s4/TXkt2ElGTyYwMO1uKIqjB

# Jgj5FBASA31fI7tk42PgpuE+9sJ0sj8eCXbsq11GdeJgo1gJASgADoRU7s7pXche

# MBK9Rp6103a50g5rmQzSM7TNsQIDAQABo4IBXTCCAVkwEgYDVR0TAQH/BAgwBgEB

# /wIBADAdBgNVHQ4EFgQUuhbZbU2FL3MpdpovdYxqII+eyG8wHwYDVR0jBBgwFoAU

# 7NfjgtJxXWRM3y5nP+e6mK4cD08wDgYDVR0PAQH/BAQDAgGGMBMGA1UdJQQMMAoG

# CCsGAQUFBwMIMHcGCCsGAQUFBwEBBGswaTAkBggrBgEFBQcwAYYYaHR0cDovL29j

# c3AuZGlnaWNlcnQuY29tMEEGCCsGAQUFBzAChjVodHRwOi8vY2FjZXJ0cy5kaWdp

# Y2VydC5jb20vRGlnaUNlcnRUcnVzdGVkUm9vdEc0LmNydDBDBgNVHR8EPDA6MDig

# NqA0hjJodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRUcnVzdGVkUm9v

# dEc0LmNybDAgBgNVHSAEGTAXMAgGBmeBDAEEAjALBglghkgBhv1sBwEwDQYJKoZI

# hvcNAQELBQADggIBAH1ZjsCTtm+YqUQiAX5m1tghQuGwGC4QTRPPMFPOvxj7x1Bd

# 4ksp+3CKDaopafxpwc8dB+k+YMjYC+VcW9dth/qEICU0MWfNthKWb8RQTGIdDAiC

# qBa9qVbPFXONASIlzpVpP0d3+3J0FNf/q0+KLHqrhc1DX+1gtqpPkWaeLJ7giqzl

# /Yy8ZCaHbJK9nXzQcAp876i8dU+6WvepELJd6f8oVInw1YpxdmXazPByoyP6wCeC

# RK6ZJxurJB4mwbfeKuv2nrF5mYGjVoarCkXJ38SNoOeY+/umnXKvxMfBwWpx2cYT

# gAnEtp/Nh4cku0+jSbl3ZpHxcpzpSwJSpzd+k1OsOx0ISQ+UzTl63f8lY5knLD0/

# a6fxZsNBzU+2QJshIUDQtxMkzdwdeDrknq3lNHGS1yZr5Dhzq6YBT70/O3itTK37

# xJV77QpfMzmHQXh6OOmc4d0j/R0o08f56PGYX/sr2H7yRp11LB4nLCbbbxV7HhmL

# NriT1ObyF5lZynDwN7+YAN8gFk8n+2BnFqFmut1VwDophrCYoCvtlUG3OtUVmDG0

# YgkPCr2B2RP+v6TR81fZvAT6gt4y3wSJ8ADNXcL50CN/AAvkdgIm2fBldkKmKYcJ

# RyvmfxqkhQ/8mJb2VVQrH4D6wPIOK+XW+6kvRBVK5xMOHds3OBqhK/bt1nz8MIIG

# sDCCBJigAwIBAgIQCK1AsmDSnEyfXs2pvZOu2TANBgkqhkiG9w0BAQwFADBiMQsw

# CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu

# ZGlnaWNlcnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQw

# HhcNMjEwNDI5MDAwMDAwWhcNMzYwNDI4MjM1OTU5WjBpMQswCQYDVQQGEwJVUzEX

# MBUGA1UEChMORGlnaUNlcnQsIEluYy4xQTA/BgNVBAMTOERpZ2lDZXJ0IFRydXN0

# ZWQgRzQgQ29kZSBTaWduaW5nIFJTQTQwOTYgU0hBMzg0IDIwMjEgQ0ExMIICIjAN

# BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1bQvQtAorXi3XdU5WRuxiEL1M4zr

# PYGXcMW7xIUmMJ+kjmjYXPXrNCQH4UtP03hD9BfXHtr50tVnGlJPDqFX/IiZwZHM

# gQM+TXAkZLON4gh9NH1MgFcSa0OamfLFOx/y78tHWhOmTLMBICXzENOLsvsI8Irg

# nQnAZaf6mIBJNYc9URnokCF4RS6hnyzhGMIazMXuk0lwQjKP+8bqHPNlaJGiTUyC

# EUhSaN4QvRRXXegYE2XFf7JPhSxIpFaENdb5LpyqABXRN/4aBpTCfMjqGzLmysL0

# p6MDDnSlrzm2q2AS4+jWufcx4dyt5Big2MEjR0ezoQ9uo6ttmAaDG7dqZy3SvUQa

# khCBj7A7CdfHmzJawv9qYFSLScGT7eG0XOBv6yb5jNWy+TgQ5urOkfW+0/tvk2E0

# XLyTRSiDNipmKF+wc86LJiUGsoPUXPYVGUztYuBeM/Lo6OwKp7ADK5GyNnm+960I

# HnWmZcy740hQ83eRGv7bUKJGyGFYmPV8AhY8gyitOYbs1LcNU9D4R+Z1MI3sMJN2

# FKZbS110YU0/EpF23r9Yy3IQKUHw1cVtJnZoEUETWJrcJisB9IlNWdt4z4FKPkBH

# X8mBUHOFECMhWWCKZFTBzCEa6DgZfGYczXg4RTCZT/9jT0y7qg0IU0F8WD1Hs/q2

# 7IwyCQLMbDwMVhECAwEAAaOCAVkwggFVMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYD

# VR0OBBYEFGg34Ou2O/hfEYb7/mF7CIhl9E5CMB8GA1UdIwQYMBaAFOzX44LScV1k

# TN8uZz/nupiuHA9PMA4GA1UdDwEB/wQEAwIBhjATBgNVHSUEDDAKBggrBgEFBQcD

# AzB3BggrBgEFBQcBAQRrMGkwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2lj

# ZXJ0LmNvbTBBBggrBgEFBQcwAoY1aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29t

# L0RpZ2lDZXJ0VHJ1c3RlZFJvb3RHNC5jcnQwQwYDVR0fBDwwOjA4oDagNIYyaHR0

# cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VHJ1c3RlZFJvb3RHNC5jcmww

# HAYDVR0gBBUwEzAHBgVngQwBAzAIBgZngQwBBAEwDQYJKoZIhvcNAQEMBQADggIB

# ADojRD2NCHbuj7w6mdNW4AIapfhINPMstuZ0ZveUcrEAyq9sMCcTEp6QRJ9L/Z6j

# fCbVN7w6XUhtldU/SfQnuxaBRVD9nL22heB2fjdxyyL3WqqQz/WTauPrINHVUHmI

# moqKwba9oUgYftzYgBoRGRjNYZmBVvbJ43bnxOQbX0P4PpT/djk9ntSZz0rdKOtf

# JqGVWEjVGv7XJz/9kNF2ht0csGBc8w2o7uCJob054ThO2m67Np375SFTWsPK6Wrx

# oj7bQ7gzyE84FJKZ9d3OVG3ZXQIUH0AzfAPilbLCIXVzUstG2MQ0HKKlS43Nb3Y3

# LIU/Gs4m6Ri+kAewQ3+ViCCCcPDMyu/9KTVcH4k4Vfc3iosJocsL6TEa/y4ZXDlx

# 4b6cpwoG1iZnt5LmTl/eeqxJzy6kdJKt2zyknIYf48FWGysj/4+16oh7cGvmoLr9

# Oj9FpsToFpFSi0HASIRLlk2rREDjjfAVKM7t8RhWByovEMQMCGQ8M4+uKIw8y4+I

# Cw2/O/TOHnuO77Xry7fwdxPm5yg/rBKupS8ibEH5glwVZsxsDsrFhsP2JjMMB0ug

# 0wcCampAMEhLNKhRILutG4UI4lkNbcoFUCvqShyepf2gpx8GdOfy1lKQ/a+FSCH5

# Vzu0nAPthkX0tGFuv2jiJmCG6sivqf6UHedjGzqGVnhOMIIGwjCCBKqgAwIBAgIQ

# BUSv85SdCDmmv9s/X+VhFjANBgkqhkiG9w0BAQsFADBjMQswCQYDVQQGEwJVUzEX

# MBUGA1UEChMORGlnaUNlcnQsIEluYy4xOzA5BgNVBAMTMkRpZ2lDZXJ0IFRydXN0

# ZWQgRzQgUlNBNDA5NiBTSEEyNTYgVGltZVN0YW1waW5nIENBMB4XDTIzMDcxNDAw

# MDAwMFoXDTM0MTAxMzIzNTk1OVowSDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDkRp

# Z2lDZXJ0LCBJbmMuMSAwHgYDVQQDExdEaWdpQ2VydCBUaW1lc3RhbXAgMjAyMzCC

# AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKNTRYcdg45brD5UsyPgz5/X

# 5dLnXaEOCdwvSKOXejsqnGfcYhVYwamTEafNqrJq3RApih5iY2nTWJw1cb86l+uU

# UI8cIOrHmjsvlmbjaedp/lvD1isgHMGXlLSlUIHyz8sHpjBoyoNC2vx/CSSUpIIa

# 2mq62DvKXd4ZGIX7ReoNYWyd/nFexAaaPPDFLnkPG2ZS48jWPl/aQ9OE9dDH9kgt

# XkV1lnX+3RChG4PBuOZSlbVH13gpOWvgeFmX40QrStWVzu8IF+qCZE3/I+PKhu60

# pCFkcOvV5aDaY7Mu6QXuqvYk9R28mxyyt1/f8O52fTGZZUdVnUokL6wrl76f5P17

# cz4y7lI0+9S769SgLDSb495uZBkHNwGRDxy1Uc2qTGaDiGhiu7xBG3gZbeTZD+BY

# QfvYsSzhUa+0rRUGFOpiCBPTaR58ZE2dD9/O0V6MqqtQFcmzyrzXxDtoRKOlO0L9

# c33u3Qr/eTQQfqZcClhMAD6FaXXHg2TWdc2PEnZWpST618RrIbroHzSYLzrqawGw

# 9/sqhux7UjipmAmhcbJsca8+uG+W1eEQE/5hRwqM/vC2x9XH3mwk8L9CgsqgcT2c

# kpMEtGlwJw1Pt7U20clfCKRwo+wK8REuZODLIivK8SgTIUlRfgZm0zu++uuRONhR

# B8qUt+JQofM604qDy0B7AgMBAAGjggGLMIIBhzAOBgNVHQ8BAf8EBAMCB4AwDAYD

# VR0TAQH/BAIwADAWBgNVHSUBAf8EDDAKBggrBgEFBQcDCDAgBgNVHSAEGTAXMAgG

# BmeBDAEEAjALBglghkgBhv1sBwEwHwYDVR0jBBgwFoAUuhbZbU2FL3MpdpovdYxq

# II+eyG8wHQYDVR0OBBYEFKW27xPn783QZKHVVqllMaPe1eNJMFoGA1UdHwRTMFEw

# T6BNoEuGSWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRydXN0ZWRH

# NFJTQTQwOTZTSEEyNTZUaW1lU3RhbXBpbmdDQS5jcmwwgZAGCCsGAQUFBwEBBIGD

# MIGAMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wWAYIKwYB

# BQUHMAKGTGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRydXN0

# ZWRHNFJTQTQwOTZTSEEyNTZUaW1lU3RhbXBpbmdDQS5jcnQwDQYJKoZIhvcNAQEL

# BQADggIBAIEa1t6gqbWYF7xwjU+KPGic2CX/yyzkzepdIpLsjCICqbjPgKjZ5+PF

# 7SaCinEvGN1Ott5s1+FgnCvt7T1IjrhrunxdvcJhN2hJd6PrkKoS1yeF844ektrC

# QDifXcigLiV4JZ0qBXqEKZi2V3mP2yZWK7Dzp703DNiYdk9WuVLCtp04qYHnbUFc

# jGnRuSvExnvPnPp44pMadqJpddNQ5EQSviANnqlE0PjlSXcIWiHFtM+YlRpUurm8

# wWkZus8W8oM3NG6wQSbd3lqXTzON1I13fXVFoaVYJmoDRd7ZULVQjK9WvUzF4UbF

# KNOt50MAcN7MmJ4ZiQPq1JE3701S88lgIcRWR+3aEUuMMsOI5ljitts++V+wQtaP

# 4xeR0arAVeOGv6wnLEHQmjNKqDbUuXKWfpd5OEhfysLcPTLfddY2Z1qJ+Panx+VP

# NTwAvb6cKmx5AdzaROY63jg7B145WPR8czFVoIARyxQMfq68/qTreWWqaNYiyjvr

# moI1VygWy2nyMpqy0tg6uLFGhmu6F/3Ed2wVbK6rr3M66ElGt9V/zLY4wNjsHPW2

# obhDLN9OTH0eaHDAdwrUAuBcYLso/zjlUlrWrBciI0707NMX+1Br/wd3H3GXREHJ

# uEbTbDJ8WC9nR2XlG3O2mflrLAZG70Ee8PBf4NvZrZCARK+AEEGKMIIHdDCCBVyg

# AwIBAgIQBPG5oE62GYY8FB/9PX286TANBgkqhkiG9w0BAQsFADBpMQswCQYDVQQG

# EwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xQTA/BgNVBAMTOERpZ2lDZXJ0

# IFRydXN0ZWQgRzQgQ29kZSBTaWduaW5nIFJTQTQwOTYgU0hBMzg0IDIwMjEgQ0Ex

# MB4XDTIzMTAwOTAwMDAwMFoXDTI2MTEyMDIzNTk1OVowfDELMAkGA1UEBhMCQ0gx

# EjAQBgNVBAgTCVNvbG90aHVybjEOMAwGA1UEBxMFT2x0ZW4xFjAUBgNVBAoTDWJh

# c2VWSVNJT04gQUcxGTAXBgNVBAsTEEludGVybmFsIFNjcmlwdHMxFjAUBgNVBAMT

# DWJhc2VWSVNJT04gQUcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC5

# 9opyk0SCGVo7wUn0nEzHJa2NgMzMro0Rz/YTL2Pd4Mqzky1INofqMJnBUijLSCFU

# zupCniYOrtXFPL4sX4S8o5RntwEUAz0EX57SvtbKmrTOWgQEH//tglyeqDDN1ygV

# va2/U15XCATmHNuOmn1ka2n5Y6vQ+INBPu4jtYczPsKPJ5nIF/TrCSe2fCd64rI3

# dcvNadslvAZHSS765ZnLGeL8io7oCJ/6vl90553aCKLMVWsM8lFny272h34OYAns

# HwCbkqLcSfGUTIcveg6iWKCeStmW35PIUMA4bIDZ/XBX7cyFgKeAYMiX6yNxAgED

# w5sBQsxTbuIWB21aY9zk1qeJsdGRR1eBedZzMwWalMGdvAlXkIkYwPAG1JTxOdt5

# 06akXqIiH6cpvEsQ5UX3RY+sbzqunqi7gGMfP52O5r0Y79bdHceYYKykyXnf6vzv

# jPH4HTVBEDvwkMp0Q1prpb1U4gIe1nyzUIhKuPDt28jjlybCikgGK9XB4Kjk5eav

# V4FwoVuwfbC0Z2g7mHXZpbvJcSbSypgxYdGw38NeAJtbkCrujW/sJI2lxJlb7AE1

# x/2y6t0wvPBPq9ujcbCptLGuN4tsc6Kef1xX17ZE4DgTs8xAuXI+999xef1BYC+R

# Nib+Axuld6lABNy6l8TNOdKYcwnARsCo/Reptx+1yQIDAQABo4ICAzCCAf8wHwYD

# VR0jBBgwFoAUaDfg67Y7+F8Rhvv+YXsIiGX0TkIwHQYDVR0OBBYEFGbzURuqIENg

# he4I9LYToJoHVFfKMD4GA1UdIAQ3MDUwMwYGZ4EMAQQBMCkwJwYIKwYBBQUHAgEW

# G2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAOBgNVHQ8BAf8EBAMCB4AwEwYD

# VR0lBAwwCgYIKwYBBQUHAwMwgbUGA1UdHwSBrTCBqjBToFGgT4ZNaHR0cDovL2Ny

# bDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VHJ1c3RlZEc0Q29kZVNpZ25pbmdSU0E0

# MDk2U0hBMzg0MjAyMUNBMS5jcmwwU6BRoE+GTWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0

# LmNvbS9EaWdpQ2VydFRydXN0ZWRHNENvZGVTaWduaW5nUlNBNDA5NlNIQTM4NDIw

# MjFDQTEuY3JsMIGUBggrBgEFBQcBAQSBhzCBhDAkBggrBgEFBQcwAYYYaHR0cDov

# L29jc3AuZGlnaWNlcnQuY29tMFwGCCsGAQUFBzAChlBodHRwOi8vY2FjZXJ0cy5k

# aWdpY2VydC5jb20vRGlnaUNlcnRUcnVzdGVkRzRDb2RlU2lnbmluZ1JTQTQwOTZT

# SEEzODQyMDIxQ0ExLmNydDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4ICAQB4

# Nu0DwKMWZISOOreOAzu60c6E3nojAhXIvhG5ULE/JHBnWqD1FHMrot61HBD3r09N

# Jd8kU0/UlYYdGSSYpQf/KTkB1PPy9MUtZ5hBKt1jm1/bjocwXONqywZCdEx05Ssg

# 5/7J4YNHLuS0FkZYIjFFla1P+doiXWWCmUvHc75rmJFXp5MarbSezWZeckfKNDhi

# g9bvtiKAoWp4nRJz/szPE72yiqvfulEeuAKO5liyjoTFGiu/LxxcUg0sX7ZzKiJd

# eKKZZsoDqDFa175nJGAZuCZiBMIOoZIftsLIgnLugeFxJTmY5q5fhvUiABXAkN9+

# tmlCFwOADLfDhRKU7zCZnrXop2+PX8Ubr/taHX/d/LF018MbHyHYcDoLnCNuYw81

# rHBLgK5rswi2BVCAfHcWsotSQZlmg2iBIpfe9cCQXV7MM55zyQ54mAejXjx6wBWn

# L2YxZYFvABs6fHKIL24yzXfnFLESRqLYAWN81hsgqaYQLqXbV013HPdFEsnNuwEx

# xZn8gce8PYvvTaw0OjDg3Xe8Otl9PYb5NtGDMp+raIIDc5dIzDCh/PbhFPGQOh8E

# pvvJIqecToVnB7i7c0ehQ6R+uwzLGma6Cc6kWJF/aUrRDO671bixbT7g8Q+eiQya

# /KaWkOV07kAiq53Sq5B927vRyZPOkdU88zP3AINHcDGCBlMwggZPAgEBMH0waTEL

# MAkGA1UEBhMCVVMxFzAVBgNVBAoTDkRpZ2lDZXJ0LCBJbmMuMUEwPwYDVQQDEzhE

# aWdpQ2VydCBUcnVzdGVkIEc0IENvZGUgU2lnbmluZyBSU0E0MDk2IFNIQTM4NCAy

# MDIxIENBMQIQBPG5oE62GYY8FB/9PX286TANBglghkgBZQMEAgEFAKCBhDAYBgor

# BgEEAYI3AgEMMQowCKACgAChAoAAMBkGCSqGSIb3DQEJAzEMBgorBgEEAYI3AgEE

# MBwGCisGAQQBgjcCAQsxDjAMBgorBgEEAYI3AgEVMC8GCSqGSIb3DQEJBDEiBCC6

# kN+Eyw6X/DBc73h6xyp1iQ5ghDZcMNHyWA/mSqBPATANBgkqhkiG9w0BAQEFAASC

# AgBohJhZKiBgDEpL7vAQNERmOJYULyvIJPvChui7JFgurgy276h8QWlafAECPu3l

# Eg7zIFsI0TpvLUWN2nLTxvq1CLkE91m272CLC5KkrRVudIG9awvSvEWn/DAiXzMf

# K/IDcHal2CgreLOXAhWxAKBiNxNzxNewnnTWBP89v+QZ6KOp+6g9IanEyzOwlozp

# 4L7+5dCtYzyTn4nXwf8aBcMg5HW5/YzM78xl9AQvTfqmGm0DMjnugW+1RKaypx8N

# FpsoV1T6uGY/95ZNPApki/mvzQibVWvqR2K4lcEG2+jnkKjrJGUX4V/gJLs6tITP

# p7tNxfcgDS9Vu499+9nzeQfzkYs0iPEdhv5IB3rYJyVxqEs1xkOFkvZ0sqOUO1+6

# eHnnzA3DnvxX8a3/u362fTGt8jkalPXhdXWQf5XJ2UwgaOvuR0pE1WVhxJBdDAWf

# avzNjSewPvtmn5v0AjaoJ2qx3C6e8bWdPbxyAqcrs+0zxJEA9AbGgjeSDTta8t4a

# SJOmGQKGinbvdwVvhJI9p/Z1rfzcRihc97QD9OeVPba9i5yJu3Zjn9Cmk28jvo4l

# jOuDJ98tGJJDO+0WYcIgz/CAg6Sdvc/8votIzwFsE6yXkwNKpUYdSCyuLZD+g5kW

# EGaIqW2fIQ5P2dKk25J9fNRRg3tAFH6P4ARjV0kmmVJchqGCAyAwggMcBgkqhkiG

# 9w0BCQYxggMNMIIDCQIBATB3MGMxCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5EaWdp

# Q2VydCwgSW5jLjE7MDkGA1UEAxMyRGlnaUNlcnQgVHJ1c3RlZCBHNCBSU0E0MDk2

# IFNIQTI1NiBUaW1lU3RhbXBpbmcgQ0ECEAVEr/OUnQg5pr/bP1/lYRYwDQYJYIZI

# AWUDBAIBBQCgaTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJ

# BTEPFw0yNDAyMTgxNDUyNTVaMC8GCSqGSIb3DQEJBDEiBCCxDfq2+4YLYJ1icKPV

# gCkEyhMNJrZmr9Z808G0c5qkUTANBgkqhkiG9w0BAQEFAASCAgCJIdJ6vQ6hkxo2

# bUE3Ps5BBEsed3mnHH5ZbhO6RIqzpIcC7ubpUvagrWUEtLCnT+yrJ1jX4Vc29oLw

# GBBxn/j2nRoYJHTdZ7ahq+fszJUb7UIptWBFnewpQw3TIIcBMXDrRtM+ifMgb+rU

# JJwyCI+SEi+Oi4aFPKunRWDRfib2zFsDViZpF+avkW8YuPzHUgKeu0Dl4D8oS4oT

# NOKu09AKnyE6TLLjvVY5T6zVE9F9ctTVBW39dzoznJfh1r4ntKzKGbh3ZMfr7uHT

# LjFSj4v7l018Q7U4T8FUF5d7CtA0Mcdx41B/cqzr9a+GF5lJCdTQ09xM4MwaiWbl

# 1WQOt0gIm2DeRUCzQqiUDru4rZaPgJtvxuOv1dHi79PknWU/3jagZOGardUiZuge

# yWfnO/q6Lo6Ap3hvxagS1pYbLXrGuC8+bBIH033FlgqQfHo+enKhd8bUNB3xWx9w

# Vg+tG614zXxGH9pEnypFJTItFIgGREh1CUw6KEFEgIDEG2WWDRUUiGr3+Cy+GnMa

# 3RwngnvRzhEJPRrSpLan+bos72W4hNe0icXp93OMkc2NMNk3RHloaChchYXhHoir

# lp8MnyJMHmA2tGj8AW1rIxS9S2p2K6rg8rtpTe+2tf5wr8Hv0qZPqpIyHUU87vHb

# XBV9+8EDNLfbOe7nm11iDlRQFa7K+g==

# SIG # End signature block