From d0397de84d0aa2e253a66baae88bb144cb5fc274 Mon Sep 17 00:00:00 2001
From: Facundo Tuesca <facundo.tuesca@trailofbits.com>
Date: Tue, 14 Jan 2025 22:51:13 +0100
Subject: [PATCH 1/2] Add new test artifacts

Signed-off-by: Facundo Tuesca <facundo.tuesca@trailofbits.com>
---
 test/assets/pypi_attestations-0.0.19.tar.gz   | Bin 0 -> 29882 bytes
 ...stations-0.0.19.tar.gz.publish.attestation |   1 +
 test/test_cli.py                              |  37 ++++++++----------
 3 files changed, 18 insertions(+), 20 deletions(-)
 create mode 100644 test/assets/pypi_attestations-0.0.19.tar.gz
 create mode 100644 test/assets/pypi_attestations-0.0.19.tar.gz.publish.attestation

diff --git a/test/assets/pypi_attestations-0.0.19.tar.gz b/test/assets/pypi_attestations-0.0.19.tar.gz
new file mode 100644
index 0000000000000000000000000000000000000000..be9a1fb239b1948281546b6281320f8a6c2ed7d6
GIT binary patch
literal 29882
zcmb4}Q*$m1jDTy~=BaJFJ++Nf+qP}nwr$(CZCmetJNpZECKt(Nl9})!jDmu~I#e(N
z0oZ%kTj&`$JDWH;8#r6o**eiN(lgRCanU;)I09Y!d^l~5r`Y?R>IL+t;4n)Ir^R8*
zva;c5<{pfusw7^2C~2XCC(6QDA?X7tpd7vY-t6&w4vHyZjAh7<OYxGdpC7$kt=;+V
zrnbEtWdQD@?!!nvhU^|UPUUy}+S=Y;r}y5y&Ai;q&JbsZ2zv+3QcZn9h5!e9PfcHw
z8O8&mc-P&VTU%Za-d<nYcPG0~H<(^A0@nP1&%6t7oab*^RC~BaqS(dR*0!4)@3xlH
zC&1+h?DySl6(-NK&)G`VcE+B^ujSjv>{QMT-#dP9_vUZV)1g%^z!*a;3TmH`!27!f
z>R906=!f7Oa685Pv$r)5s1pXbMLqkiZSBVY!vFYf@p1EaaO$po_<ekP!2j&+czs-!
z6ac!q?0@xak3RN(GtU5f$-f-gCV4{@0`2ItTlz$WDzugWp+8jl@t|nMH{WH1GvCIy
z*S2;7bv_sDQ>9<p+HY@fx$;Bq4$QkS9_7we0SvkXd3{~>2=cl-;$;+dU1>W@Nw8-#
z7adQ(hwV4ngn2o6y}o|Iaa+rmE^mjA-Cs*y-op6T?z2`*Fopj2TUO&6?T%u#NxPp0
z=Q6>BT-epDs1tu&zRl0!4$a5yxQaL(Oe@TJBGSnp?AiOrY&Ota@gXcy!G5s$-M*Kx
z591BbpU-APu<R*#=KWCSM%!lH<ah%afSaQrn<By+54#VGSsR3Sb0`Mh*_{r(`c)xI
z!5APmwjazkY_h=s`47eds&>Y0zNh{9N5f&5MNDjo_VwgMqrT^O%4;Q((<C}XGrF9=
z{+^0WK#YRg8?tcl$6%ldkMltDv=KwCM-;+7&=!j}I`I5CV*O$Lc1e<W6S>ABXZ+)~
z9fSn)PP@a<Ge+FfrA+$K0hPP<E#kG;BPAupaxCT#RS!K9oAo}>*C=u%;qP~?Nh7oU
zVX|YcjhMd?MDd)c0*_-L9EfAGW<lCq4XsXoH0B@mU#zwAK3nk}h)7xaX{JCd1vip*
zK~%4-Fn@t&DkLD*U7ki>^R!rX;Pwsrt71*D6&TVPu7RzUNt9Mdoi{L%feeuP)lNOz
zPAyu$?H;CGGVkesQ`+gg)(-rjlDhOchk8-QMiDmx-2FEosN}#-`Jfk*k#g^&5rJ)_
zp;zejn}P9!ICYaqN@Y=*P$WU>mg-0Y-^K9^Q4m2jaP%}RgM!SFW}(pRp>il^vl-LD
zIJvKlaN-)hMC+0vf@QHmo>w-CVvRYr^J``Slvr~ppZKk0Xc!-yHvo=&VUJ5+)-$tu
z{HFNXG0F&v`=kBUIQ`X2e;_qcs@7+8;e{jxUwp3Kq5Xo}%@6QNewe9XBNq63!4X!j
zj%g-+kZNFpGYo5G28|1R<vX;mgC-v2p?<f<k7eE0I)}#wQMB6w;+gbwB*RQD5TWAK
z0z{x7IeIIQz_6pe525on5tm=O&gH+Bkx-oXWYiy-^puwn`u?Mt-Au*#4ubmNuMl?_
zf$^C&*M-oqNQl42Fr-6Kf}6lIA7a)XoH;O9AHWF8SbJ@7Xu45<+CeFIp&@}2JH_Do
znJNv4)ET@CvC1Rfe$Y4=3X3?0nUKDKz0%bV6q^6JW8B&W4b+Ii={GUAgYFxXAJXU7
zh|)sLk2@Vg`P*lg+s%h;n|`rQ%-*M>Qt878?S%~-#v_1tV?+l*{iV9|$RMEMW}CzZ
zv?_z;1rr!HZS!2}?&3tGzX$N=8D3HZQ$b;Bjf(yu$sXbg=SSK9^rs7_NDx4#Yq<bM
zDl|SuJWn*&b}NRkv`~V=M~<7WB_yUwbMrol#hml!Z(Mc9@qg^E=u(*j<(ayHKDbwK
zB&jS*HxRKKxN}Le(+(pMsU#elFCf{vs77oSK|vgGLvmf1w(xwUoEH=wleP}oH0iv>
z*u`Kk3RKAm75Bb_1v-TiRGjOscHQEs)lH)LI{ea2GI5s-wg*bW3U|PDE4T{_7Jq~8
z#YBE$iu&`6&kN2z9|DXvNF_aEK>S{I6QZ6_`tKF%UVw!nKU^rBA*^3X*lsnYM6<v-
z*VHg^^AFzbc1Ayqv7lSA^}tpf2cZ*9=2~OGZtJ)N0xYdL>9+qE{<Ko(iN!GVg7n1S
zUn#UX9oa)6VB$WtkhuC}XB;@w2ilM!o`<A3iBFUve5zFG;sH*QO~mqWFH!%RVbMQo
zx6u7tZr4qh9VetZ`*kmkE6_TVkLy69pPW>1m)nEJpCI?p8h?e7@yKoBj1UZ{fB8Yb
zp&izR;O<YaaIkf+-kFFuU$XNOY6cDBo*&W8PIRW<9aGx1sHQc>rb{P5Y$eA);)DKx
zoyzFoJ%IP)4N?aTWktdf70n|`=y7%<#;=7RmW%M@4Msj#LAK`_M+YkNz71LLVv~XN
zg7>fQjDY?*F4@wV^yAD=Y~6?FG*TWuLMdT6_U67C>H-oIT(&p|Exe*&H0!lg_9VfE
z)wXTg@Rp5=(4>#iaL7TmIe_16Vn3f2FZ^Pt=aF@nm0{u4FQ-zXMUi1N2`E32@u*q7
z1@1z~+4*z}Z0BVoPAocFfcoHV2NQ)lP6L2PqEKMlMVEpmDyHfXCt$ZQg8|<q;H>1y
ziJ);DL9yrLM>k8$*&uxa_h)TsMS)T(QLsC+?L_ZCmsaF~Idh9cD-e<`gbVKYybjov
z(jf&MNsQwnj}zMe$*d|{i)1JVZwRKb(@y7S@%WgSAii~=S^js%wS#=yml~p!uM)oG
zsobbPt$aVm|0^RZ2XiayWMHw&9kJ9b0yJa-cZmHc|Bdgu>n04~&jH7#XG1gU1p_j)
zd<><aR2UHhi@gQQb*C1yS(@v&p4Fj~z8MSVR6P&XY~UrQPL+f%dMu_C8p>w!IH9VI
zw1ea=Z1;ju|5jnL7I80+mlwhG6yb6hFW&Ds%ZAlvIbN7Y^|PhaPJjW%heNYVDiVin
z=iNjx#x<zNM&cSIJvQI(Yv@gQGGx&^U`wvH5hVr*7pjRs>Ygg%1j`7&a}(=&#nq~{
ze2_Bpw=l|Pkc&HkUta}E4Hum<^=WYq&s!As=_HIy9DZ|-sbu<EO|Nces%D*3r0i=_
zq7Xs@c_0o)lGpH*sX36uu2sPK5?%0-=||d@_dO0^b0lHr)VCSo&?e!Pgk&r_Jgg3Q
z@rNMZbRV3)Sx;Tx`P;~eHqOyPXBw!$$}%Qf8>5PZ{zR3y%zHMvto$OBggZJsKS&oe
zC2Ic|A<gXMK!woTKF>QJO7}<06Hu}rrhSu}t?L>W`;XHb5qkhPE(Z@()7A>_%USbJ
z{$X)4k@S~|ONppF;p;qMVzfoPoJt^iL}Hw$ZWXTNayaw7usQUN>b|9mGW>y5J4&Mv
zVZpsJTA4LnkM~HnntrtYybqhK-poS(rXXdQ>ct?Jw;k#eUgE|Xcb&guU_t?lyGiT}
zyvD77+@=ZTSL9k#vyKvbx&LChy;67p5Oh2TEVoQ3zRt1Eoow(Y7gBmc0}?+}L0TJa
z2=Nbf(8i{nA%RBnsuX`barAv8o|G^5qc!qK=9%-;=jMHw$TyFW$JnSu6(*Ytbb+dz
za8^Oy;NNvC5)YUa+@XT-(547OZ6~ZEDA*}KOP(m!7@+E8ETGWIA<<3h_>6Q!2~)9e
zqyFU$I%*-~Vi-ehNzFMpL7@i|8*o>WH3NBURYzdQ8ZP>_z#xvw9+)I#H=~WnL&Xv6
z&C~U0361QvaFSM6IYP2a#IV+84^t2_E7e<!RUMAY#E6u?ypt6s&BaRbV2-$tfx-9|
z(E6Gy_5l@V-EsREvKC9jpm3~E3g0CJbf6KdcGFQh#U;~?%Ni|}G(#6h;bLM4O`bm5
zU*A{@GL4$7vakm2u%`dQCO^mT@`kZ{i)%QX`<{(3Chyl{CA){Lf=g3p_qioT6zYkg
z;sRR89EncpHH2UkmPr<{jJbusJ9vrzBt$?m)l2Xq>%zy2M*jrgNQrHTY=Y>5P^rL4
zL>ey~7KJe>&PHq6PLTxrr$Mlp>Lp_j<>l|nII)($piJOjKA)(kCk-3eR>!N&wA(bx
zDaptV@0kTO6C8x(4(9Hs$Z5l1`tb@qvCcx|!+DPZVNkXS!{V1$&|R3VSSWpw+XY3^
z_!GZOI_W}EMaY>q<8$?a0HEzNu0-<7HuIW*q!T$JHA3O$=@ah_oAqs)3?8q`Oe<xx
zX{g~NNh)`6R?<3VYzlN?C3?Nw51biv&dP?OZbLwB>vpE}<o5Kq`v`LL2y=B@;~27+
zoVIBFK1aEDKeC?IZYQkt-9TD_1oB;3*=V4{YvJhFD!7D-DPGWXGK1o!^GO0Isgg8+
zPEFn(Zya#*eHSlsySeUizrDY2-;Wz_x_S5oKEX{r-j&~M-X86Oh3z`iD8?|a`Rysc
zIC*%(;JpB^_uE`ve!i}r4%2OP+OQ(cwEf>@jOK!Bkd4#zD(T{w>m7e`$$=Zsn)i|Q
zG1-Z~S<u!N(;8cuWCJJ$PpBR7i$yn<+>y+gG9o&gn-bYq*_%^CG)H^v_}*&;BN=+&
zzkQJsAG)JB>OimMlNWf~5#7-e8&OZ85?f0w6;o*i^QYCYMGf&F`hDO<t7>X?ZnCM>
zt$b4ty^^rOmoLJE^02rwx3ON3H*E_-r{_V5$*$aAKJ+g$y7(2Sidt#m%=Igf^J`ux
zemU!g#@bS({T&b_%0O(cQeUtU&=^~-r34{DT{_L<lX9qGVz@cdIV!7ATQiR6YVRzY
zaWKLE1)j<*rDF>~lXPTY{A*!@m<eHbV58A-#bOzZJ#u#^3~s%>C)JsJaK0=`Me+#5
zmh(P_JfJ<;8b=gw8fWBihE{VA%tr@GSPO+jq*W5c8x}F1kBa2n2vaNl8tU?oE+)O`
z1*Q-L5#r()zx@F7KH~}l?M6j{iF`a94?8VvMHs1T8}B@evs%z-pWiNRpC7QnYr;ro
z&EYcQxzGu)!-X!S5WF-G^<_os4yURTB74a~-Hnh8t|j|RJgN`BvYpdTC`E_%K&LI?
z8vkUX3|kF37nNKW$ZB>A41ARKPC!PCLB`e(m8&*p>T|q+5|YX$`n0`BD=ek+fdySb
zT*Rt(=p2ncqTpOa)i^JB8LVgu^H(PCq5sK)Vm+GGI@A#C5T*|}`=MUg<(2}qP&Be*
zRe^QPBlXXy7CGCPV3H8ExIs!v`Ay?)yFl7>sOCH#vA%v~#)lUyE?ukQTnO^}`!U;Y
zm8z}1)&0^7`-4E%d!Fp~+$f;y9N_c1mX}b#|1<N`mnX32`%;Jmcyh$`-F^4-3z_3d
z_z)3z;#u_Y+S_<>#i1ZFyyFSS#mD8q=|m=#JThb#qVnA13f8X5%NLZ@4L_F&kL<oC
z&}@y;hok*tA0-eF9>9*(ojw;k$6c3e#}iiSchQp0jxZrz9%QR`z+Z_Sh;+A*r=ayC
z%_|mx`7$M7`Yz3TIpl=6K1GO=n6=@S+SMYk+w(KEv#svprhaoBn|u7LyJE0_-&;B3
zxpUM4;YMfs7<Kk#+~%?6`@;G5u^CY_lA}v=vUaLg$8Y6Ow^sEpDyxU-wq{_5AF{)x
zedh`x@7h-{j9K1gj3ae>tm9;D#w^D6)5GX0Y3HS7#5ZHhcV{v8dbAFD6leQ`4s|za
z=hLRLYrCfpf%nS(O+AmT;|I6%#rVzd#lsp)5Wjg910$dR3Kntxk3o(B$Ys;6eL%LX
zkE{V`rd&0PcmFB68Wd^yP$oqf`udZGynDc{1Dyc`&ifS{M}0TiDu!#l|Hs$iJ?M+3
z9+t4J(<*ALzWF8h5Xv=;x$FV-Wm79-NaNDh(jYqPRcC5_NXeh02?MxKtQwl^0q*On
zP&Sns#~cHMQ;oWj0$s1TnxTf?=^1Z__n=oi9d)eWPj3fK(Us9!I^ILTU~MgnwXn}B
z27kg+ppFPu$R{sf_J1~-n!#6eEot}Qc)dJ)(|nm9-vLJJ*(vuRef4iHo^JvF74%Sj
zx3D_wSUHK<70lfD!URQ_g?Xq0{sB(tmkw5|;*c3HTl7)XAlKz-WAA<JSg6PHjJb^g
zp%pwpLmg{eYe*<HEMytjgU^7ZPpEx7bLj6X9)II0V`58KQZ-w(@y`L76+DZkU;BjC
zklZS+Z{sUtGFw<tH5aXkhr1NKfwp#gWbfe`YO7&I?izBhq1)RqBZl@?cdC7Acc-0&
zhV;tcTDIwt^Ql#|TSG}>D`>9@j1EG=-@^a$64cP<h=0JymEbT^pHBU)VU-?DUSkED
z*5KaV5;BA3`Ez`qK^<O8k^Psjr7UzMSp{8>K(}aQyd`+U{MFg#fE{D);kX|6MN|7d
zW_Q6Q<ly|ul<$C3wY|Ib9xrN0M<hLVm9>^iM|`P<E##(r?sL$MR@0WxfHzcKQ<_s=
zZs_^Bo<Mr-=lMRj+iY`b(7U<pI4$@~C8z!+1dts4BM%Ka$#qsuj5nT`u!@3_%+bWp
z$2;E0TuUZ1-WidLM{i8qDvyBMI6j^^7*-wP>w%@XGN6H`R=kx*#&ns^b2qnl3ko9x
zwgmlbB=^?VIxm#1lU}xMTXoHpdv)NV%U9Idu+u)~AKui9IegOF`k3RgP(Z}iGtLq4
zyN<8sERqWqlJQUCZD7oGl@rE5SrItrnrEKW{xJ#qc2-*eXAVeXmY+8dv<>}0&#UA0
zlG&e7j-m711j3tCAJRKb_X2YgQK_RW?@2Y=wSCU#EG&rcu4~llaHx#4WES~pDQD_K
z<vK~p7&au37?10OaL)r&1!43I4N$7QU)AJe7C&8vU2E*g!|)5S^m$(NQSm&qEnk!a
z;9GyyP4&Yek>`3p&|llycx{d9D`V!}XYkscVy`_5X;WV-1tpq1{Iy;lfX!x4;JlfA
z0KHz~rv{Q98fv-=P!8J52?8Apsk6P{+g^C=eyI4N_I0bua)Ef*c`SvtuU)XW;5moY
zsAy;hv7qUu=U|xShbvsXPTDXJ-fFPwi-ngil09AeK!oJkeO*jFrrGS6AwPiKe^s-N
z-6oyp{@1`o?_r_*I2yDBaecbjTEgNL;-{OoM{|(auDy$?uZ*i_m&P5kChc@F7ih0x
zx$LfnY`OG4MaYwb02N;6$KMMC;sWiM2rBPuuJiM7S?;yt&ARi%)oloy(W{8HSEl`L
zbU8zDpteUC8<MsgqkVPL9@4~@mFJSeQ+SaZhBuSQrTpbM7V<&cXXDN)RwyyWE-ecg
zkv?j`o2yL0`i-$&{Di<i=7KEtk3C9<!jydF&X%g~O3i@h;k9JO`k16F*<rwOQy1m0
zi;JuGX}4#u&rUg1@gq(QVRn^(>t0Syu3n&wFT9>4Xh|rXL|!ZoNWq;6S{>8=WMfx+
zn1EDlNa;NOJ((v=?i0NnOR^4%^Gu9czX<UYh6OaD936A$unj~8+SK63+q@#R#@@(!
zBFnK3Y9Cu>fW)}dPzawF1PXIChcV>W-=ovh(z~)Y_+8jC7KhS-WF1z8R9ZqtbNQZb
z`G-t$@MbXSA_rm$5hDVOvm+hiG(XuS_s}gADs_={h8i$C*4-v3NPsY=btc3vg4<dG
z(N(<~PKzJM>hBJvxZiWJ;tmb_pnRh~n1VGcC?fp>ni#qxNjo};ag|F{h6YwVx#(^~
z%8wOAis2c-K$6e~QP$-0oGmc_;usWPn=S5Rnjut$rBTfK-<+HVj0LYtxwk`oPK7%p
z^)xgbA~+RLXxl?af<|GH4xNo>&>ILCI(y?F;A@(JOCk<TM6Yw=_00BC@_!9{r%qsy
zL$0MyJ#uK`g`m7`Zhp9(H5e#1*-|6DNPZdpjNKS>STvb65EhvJRCgv1;+#v6*O*!E
zA7}Flw_bMfe1cWql~4Z`EgCaX+eH_r-Jlow8j~T@CS;n&31hSxuEJWp7}HzqmerH8
zS|_GKX!6MI6SG!%cK;AW)^lXbmi7ST9F)NF5OF@Pf2|y94O%XVI|o$Mc2VX$H*DB0
zF^83Vo`!(%L)|+^0{B>u-#*9J50q~I5D3Y`lsxkEpMwiL5$dW7>)H(j&=g7g;uT@C
z?N-=o+x`Sp)ndfo%-_KV=W`N-1!|q7l00;Is0&)Rup}1qIqi<V<scou%om(&J_y8&
zk|q4%`6E%uzafq|JUJ*EgyutOQzyilV{(i))@;2#zEGY`ELYmE6%b!7BMx(xqgJ-{
zV0|(%O_%=^RM?LGFdD<p=K0@(WYPWzr}g8GRkH1z)GKXfGdw2KGk=uIh&2~yfmCo9
zZjab7`&UY`_9<P4!9jjTc&_FVJH=-iZ^iSR=o)6fTA-Z0*6<F7xdc=VI(H0T3zQ08
z*6W>CtzNNzzwSLq%N-on|5Cb}C!kE+MiEb~QDLy7VLh5;cb8M#u8SK3f^LH`0J^Ii
zgaVW=Jd6s@KpK4z8D*F*LCuy@!Rwe5HVVfU-{;R>ns;HdC8KISsQFV(J+1Muf)7x)
zHm@{gFG<wQ7s*>7Ym$y4+JeMrEeMC}`0Wu@hEc|vIOTpnmO%J-F)!s_@ho~*Ce3DS
z^c>rgKZ=_g_ifH>4OCeS_U&KIRmWQHwzc~?{NJa8O)hSqH-s0pT*#lJpYTq}Wf)@!
za-6!SLiGBt%>z<wR3mZz_)2MX&p7{d7;JHv?d0cNbu+HTN!CNKVk_nmSkw$-lgjLf
zS$uyz%goA;rLrmvW!tUrvQ4`tr>#_fqqNbj_uRK&0@?XB&*{ftcc^)xYNs#;{cdFH
z(i~$9CIQ<Dgs?&ZTpps6e5@Bfs(hwX@F9IBVU(wl;*)jaRj<NVCC+U=E<VJO@i30J
z92@7cTkrUyq@1iW9+Mty{Wwp88FHV5bj`i<ELo>5n6r29|85Tiq)M*h&H0Q3@nv9*
z;{-X>R5Rar#(mSDvj_d6y<*k8sRuF-P@WGIKF-!Ia$R+C_qn)@z)&BSAat2ZNG$PR
zR}@6|FwX}up-`SdWCHbbnT0uJ=_`XmAL}fGlPqUuK4<|!X1_fFz(AfpQF3s^#Je5Z
zC%p82qdb%KU?@4ol#1kUaASIibMl=O0;rTTu$zhjhS97Y583oIANVBo)_=qyD}?@z
z7A1fM$fnYqG(V0oIQT6r@=B&y&(6`l1r<cRRH<qNLH-K?D1|dP@($lBz@YFGa^%Ds
zp4n3R!&w|eOB!P)jOqdzNa!&p(b0|evH&CC-J!1_&VL5i;9vg;-*U~TC>1k`oAM$=
z^%qApr4izeGpfkG_Tc1`Ib1sLLtn`J!p@cJQr3{(QwYo&MQ+@aGN53y4a&97=O>hC
zPnh4|RN3hP<uxDOq`v>zO`iJR#>Xxy&rZFEG<so?KIMr(jzXU!>4Z(>RPrEt{wRF^
z1JU+8y<F8^p)(3kRJ8i<8n-Aky_8@m+J)C}b0d^odp`5{_h$@;et#rV`$4)>^Tcwu
zj@eMq?05COb;yQ$xy>6rKtZh|U3Z^rP~>vg5p}b8Zgbgh@BhU6_vI0gLrB=`>vk<0
z+UN4ym$S2@zBTfB*EMgQ1h}K|W-lF!xo|M@+)gLp_<yQDc1D1$bpU&wAL<w3cRvOM
zBI%>A$k*QM6z0|(>}#KToh$omU)^IzVwd+$Kd;biz)>o_UmH{QP+Y$V9;bS3a?<wI
z=sXzyk(U)6@F}~(&>-q!s(D+1BPTv*9_I%BH*Hb+zcVM1Rf&ENU&m!n$CIJ$*5j&!
zuuoyb`85}#eA1Q*kwnfNbm8uQvo!ns{GGVFqUDA)$jI=F&~XH7u@h>b=Ni^O{)YAc
zjXL(NJ!z-J;(9y+c$|2CHNJ|GJl`RKwOg}#`*CR_d$3GvtW%;REm8=C{gMgi^p24Z
zc%J>)bEWU<my*{Vwv@=YZiuKiRMt}qgmr64H=cakOQC}bacqdb>kUF+KvCFCOtZN4
ziR~Vrat<5y2elFNrFMA1F@C2<)dwcg$18$<p&jM1T!}br#@YUm8|yp)0|P`gvRqFN
zI6QAeY>>zl(UP2GP*7##%~QP+O^_hdR+-&<XT=pl(creiNf|jM-y3KtG1=_{B@Y(L
zZY!($<LtIuu^Thq)~>%5Faxs!BVtt)YJx4^&(VdG$aAQ~$^lKqVDn?%M!=iK1}nZ$
zRbvRiMUaH}(~3efjM^;<lp5FpbPGRnw`!`!Y`!J;msZ>Kk-4G&8tn~JgZ)9MS-?q_
zFUh^y5~jor`noOu!n6%&QeL|eW`qsej8~WH&4=*Y6fqLLeA1$M2=7)|*WT|2N#Auo
zz#Z3}XGM!1Pp~SZ^R-9R)&+Q)0HMzpV4>5;U`dzn&z4N&S5s_U!Vdz8a%{I|Lhx13
zE?pTES+Ow<UtK}`RwaMEw{FG5R5Y7vF4;pkGp2+OKgWIs=4J@Kz}+}R$b6*twT6AN
zsdj<;4sPed4<7B(3TG3%?!T%0FvBVN!Y5S}jgq6T^r`pYMU%27Dn!<sZyR+b{IW%Q
zC70PC8S{yqE!&lsUmsk^c(${B<~-lkUloeCs{YVQ2MVnQJ>4ol5`JLWW|Tu30bOK~
zDc(}~13}^X!*NT^1RvY2cZa!heLc`hF|r|KKt9ebXssPRT3M{f!-4%IZM*!j7xfaO
zKwC(E^)d76N-)qZt~RpSaqcy%#qypZJ)D=Qkb%DeFcog&ewRf7z9RwM0z-a?@^beA
zbq{$(OK!`@hfn|~k7wB5v%?!)%s5ci?TuaHNLjzzL}H_G6PI!<Y*vq+uAZ@#TtTIh
zJZuUeQe^64=b$`Sm8^f0mVY3;8QkYVr}wqpqx*(v{fS3;o0#jkgpurlU5^M*Rhmd5
zYk`^38aCmf*k6NwNx1%dsu~^+fqQp_*jZnUYR{>(&1*v*tV)`y;KaFw<c~?G%?GBS
z_UqSt@8$48^Q3ox5z1uiyOMxuWxZ>0D)WYQaQiRjr%Q5(^=@Mc1KlF;T8~IrBt5Vk
zO8VPqb}DF1W29cEM_x?boZ+)ft~Pybc~JP%AkweN?Gb{grpu0{^Dli-4mXpUtp#il
zmrtEbx}Of<?+CRvkv?FZV`y5n{eGX-2#^x9z~LHZ485776$Qe|o3fS~QXLnL&d_6R
z4ihOjQd+Qj3F;(pnb)k^?O7{-nU%lximdQ;ywSRYw?1@ui#a?ve=YHp`LWfo!MADv
zJ8?kCkn<sdn-y=96>Kc9zl{3<nRLRUEUSvBr+y|k8dg}9Oqg(1Q`dz{GTT{k+Ihgs
z`Ow3;7tqX1Bc)Mju8z1Z4E|m9366%gbD%&^5**Mf1ScQ6Vq_V2wk!g875>`U)l~zw
zHqHUPk-vAUih#G8H^;k=*QlNtl>0p`fH+7u2Ud)q6~OPE*U#eF&x_|A0B|e<d`W!@
zFhLlA*}hrnw~g_kG#qFZF^Kd&x8mX|)i(fsO5Xrak3W4~9e}>cAArrsPv4j0*T}6~
zmNLN32N0CpJo>+YMAYY(pI4VXpwIo`aD^}%GwaJw1i<kOxLN}A*yIEDY|jCGJU<Lp
z6TJxk(GDA4y<G(W0Q<Aw5#VjE2!IRdga6UX`F-;=r=y^mIGP23{Orx%PN{nU`gVHG
z7&t!vE9(yb)JM@Uyrpf&o6iUCVnR<6L)6?yk<>@`y^cHbK@75tjhcq;q7c_X>!07T
z@bRSN8^WOlco&6+)TDVbbMx@TkJHHX4%4exV%Zf|()JIu``(eF1j3=D=_l?!@)%GB
zq{{eB3)A~z#>UQ}hWfngAL%t%nh5)zSl&ZNMzx@%1>m4#7n3b&)HErj=PTa>Ml0Q8
zk(A?L8I|K~$}7xZY%jfl9aoKTT`wB~a($JomB58ww4p;)1t=*KU0g-lIllKo0bBQe
zS#xWrfabL6&3A$KFOLYomRH9CpqB)oZU~^&(>nzYN?5uouwr_o?+2rnvF8f->w<%h
z_^%GlD*Of)zE*`$|2A{xVrv`lUyz*ucKiUhTR+zlpYM;lKEOev-*2Hk;I4OjYiApv
zcO>%WTE~%Tu#48ddGgQ3<9uj^A&<-`eowie*NB?trA=nNsJD^uC-6GvQJNl+l%tIl
ze}xB;p|wvrV$;|-V6ti4qa%4&U(r=OBO%Cz_4A61f>OuqRy^h50U4WG+Or;}CDF*@
z0LSGzwI*_^q(}5O#%-kQduzkt?mX?NsLxg2x3#@Z2+t4=-sSiWexK3FQUI;AAUZL=
zFK_q^jeOZ$;?Mo3FAiKRB~1Cm0R`l3UM4f43apX+LX$mfz?iz<rytg)+f`92jU?iK
zu48JFd`~cZcW-psvU$Fver#8<8zuCVn8}W0T&iLDePW2PW>q@89nV-)EttcBGd2c~
z&C{8tE1TcoPkQT^J(GflqN!zA$64%F;&S{P)Q4%-A?&^zP;13JP7$yxQuSqW`=x9t
z2EcvGnv69PI36a0rZKZ>&6&7X1=&1>m+t5KdFa+evT8YsHkFRV&pQn)YeC)y!U=Yi
zoGUznzA-_sRP$qP`U`W_>t#W3qg09)>_C>Fcboc`_5q>om5-uV)$L3omek0^M6T>k
zJ~BK`43y(RUwJpm{hoch7B}_E;D!sitUm8U{-$O^Pv+kclNrtc6Ur4{Ok}Qz8vo|x
z;k7gK<!Fnxbn?1{Xb#4{s(228dM&c9SpYlT(-P{xdjuB;j8;rILiVj$d+pq}c$F<G
zs9s}~wGFT5MJ|a$_CjG~_-c~HHj?ID5-W4CO;+i&P}z0b#nqf)t-1KGS#1RxGs_`v
z1Io8Kr1F8ZNBvvPMj&q&ct-0|Mk{4`+b<7lvQ>ZnR&HyH&G*}^>$+mVwE`#5I6seD
zd@J8uv`qN;L?<qPFHn;0(Zs0b6+9+LsHSWDxEgM5BAl4$PQ~_y-kM8SNXr$Baea9o
z5AQH!9Ix%EVaw0@t4^;lB1LX&jb%p<n^4gwY*4ScWVAR@*5)h?^qcTNlSFd~DU45N
zCniL+6Q7V1`TTh;bm#k&d`jbG67VN=Vv=WJ;_`)RJdHj5ai-P-QBV5aS<|^iA3W)#
zvx0ga24!6Mk`st!!plQVU$P`AP$w}#${5BuBT&-)Mm8IED@T-ihh|P0^Dk0@D$*2v
z7m4`0v|R~08U|cyR!kl+8JOW=xgBb3X^u6UhGc(w<*avS$jB_<B{aElsy$1H_((H-
zq8#FO>G!Aq2qSJ=zVmF((wE<C*Hyd24Ghme#q&W#=8GkbXvo%m$$#k%eQ}v|@D`W;
z8EjmP`vtOFfa^leE_uQY=K=$Pt-%dk&>I(#3!VbqFr29j^o(aTU2k1o2FyQ06Vg!?
z|BP`lLtA!H?FpAm|K?f=W_A0O&j~@g&Y%Q3b*LN~rh(hUPp<i;-C(YJ)3|*ILd$NV
zhKbWEXB#g+^OVe^H;+rOd$3pF-5hhF|C_^7%x*c7v*^1wxmXq&#KQ!5cA(mRiPt9r
zSWN|ky8cvMy-+aMgc`XX3DuDzrF~pRiB$$ar}FwSG2L=8k<94|j!K8CTtqat$sH@)
zLTJgq=L$1iA;b3s*!^h8y4)DzuFSUY&U>=&bE9Q_bQ1<%ny9xtH)z{gY(a_Kf=Hag
zsTchAz)yo&bQi)~fr`{dRGlfIhG>GKr?drQoPH+icX~;S9!2pZG89*RYFsh4GP>Kg
zN(O(Xp3Z6MWVFrJ3Ode2j2<Jkt-N@_6vLykoSqeB)gXZSsJTTU1o)G_4O!KR0M;tz
zd=^GDv!N|tap+}v>DE@%tGLm1oRzOb3C@4mutig#5=CNUI!dZ}M46)ufu}aR<aE?A
z1wyUA3%tku4VwIBps1}nT9VIn{Z}{mpC3r^(;er>Se^p)DvLGd=vuMzV{%-6Zsggl
z1s=9x-zPN5CBI3?sJWp^u7Xe*QBLSDp6O`j(3bG7-?VUGS`sY{^E3;Go*=6lw-wp5
zm+=SWjDlhV#-_AY-zDN=j;~5L4E1a>Us-90BVGTBp*YvFYJ1?<{B+EIZM}SUaCbXH
z@}!Ae9Mx54)}4BvTnZuQ4XpH!)IJM%!Twl;*=}7HXSRaIqi?|L3hPh*C6oC-O3fg7
zr+#c0G~!S`Ymt><{XPff9>&)&i(3hp3zUnCR)Rj+5NT?&L*4Syua~5sIyfIzgW8e~
z9iJtUjq9wd&62?>OctpG3q*g3yhkI^568aR@0Fg~Ui;_iUz)E!S-L(!D4a4Q76?HN
zf>h(*!}7fyy`SVgFK&9>!KQR=z7zl&9#9PQ8tiPKO3xeRl~YG1IL9Bli^#5q65>Kg
zQ8UR$U8p!%F>cs!6GjoXccWh@{;3T+ypv8#E3cQjo`~-j1+mh`7{1|z{!7(nnIC8U
zTp>4e4$|S<fc?cGJH9HRCP%P2OU1C@)p2&5Qhp`*D<4G4qHxLtOdKoEPb)h#X*%zu
zQ%Z+V#$YbdWM0&}f>oG5HpX(Im#j<|e@aS*Pz}^&1q(ewpl*OKvLEh}DUf4fWwP=>
zYBh{2Fy1<q7C(&ZRA8w8+rPg@W}gVmzARfYNSJnzrq8zi0q>l^mYv1TYcWkhfFC#d
zROGZhxRY_B>jg@afjyMqKr>f4ApRQw*-sbXxvcx479^GlIuObFH-^+m0#ZR;A>J~n
zn5saT?ZJT)32D4xpI>E{56zbl_OH^TU3cU1dIr*mj}8;DtQet^uH!H3UmqGtRa%u7
zqkZ|wZzP?R*41-B>b0@+g_c7E^@fj9c!MeY5kal`*|Ps+gKFjm0(Fg$4+?HV<UK-w
zf3}q7?Q^xRbtv|jw8`u!a=m=Iwe6}rlelfNf#ayu4mL6(GQ2VxWR@-4{C{0Fw}al_
z^OGrE4tAx{oPYL*E^=)W43SP^TkXEeG%$RBEWOyx)E3Bh<f$y(bUpPY*%T^(>}$q~
zWIIU%*bNSi^K-YrP>>2^Ib)2)g~0kC7C9BokBe3=g;^Itx;S9+4P4RUzBAF*zj)a>
zBmPCywzm`HNZsHvN`&F;M%wBh?Ir5Bnr5&D=hayFTa>E^dIH$sgrm2%W;22{pQ^{8
zm>E`Jmru#E2>)1kjK;aRb8>qK5QEFJ2QY)z=Nd1I`7*QfUA>jluj2wg>gHXr6~d~H
z>}b3^KuB7Cll3f(sKm0|0O9^;QKjW6>g)5p>`kDnrqj)Brpu%(Q%y`Drja@DCC^hV
z*C92*PXT7R@9PVpjN#>xhRIdXk%j^{sfDEGAccCh{*=$ct97>-%b)CynzZPpu?GJm
z%~fUZ-Ouj3kK=a_7jUQg)3-42+<>qj_0y+kTQuiJ{A=ZP_Av_hq8agXAzkc@-?OKb
zakZ<Z7^qBk^aMh@qAu*n)*jHKC`;48O__ox$aT4rf^{-5s1q_UiMtoL`>JsN;63w^
zvnxs!>T!ef<Dkw?cH*D2Ig9TS?|C&~wd1h^ZMFve4=KB)I`Ma+j$&-ic|-0nFZzY)
z2xz?H?yA2p@4ajv(_A&#aua%16AeY}<oyJ%_eBqL`%=GK1&j@gC)qGUD@c}p$xG&;
zd=F8p)Gjr6^_OJ{pG+&2j(aDC`y1M5^Y`?j6X92sO^)GN{f8kNi1`JHR`#Q=5c-Mv
z;;BY|)4h=o4&ZKoe#X3|+4c4iy=b&Z1LT`$1PUBmW%YIo=2u<U3%*?#fhrDUi3W+a
zI`##mvXyrMoj_2$uS>brXAyFLsX2*nOOPd6KTdmqKjLdp)aIvzn#ZW^RX(8o3e!ro
z5rr(-=|9Rj`jG0uY^dI$m2V3Tlq;FG<m3UZ`7|l@z(N3=+^V}MUByDwmO2d$RoSoB
zqDD5_@K{dY^g@=B5=`4FGbx@{M&rN`R<J<0+;O(s3J?`OYQYn5CJd_Z1=13@C|x$9
z)Yk%+pXG?(zX7Np;m~1|4DUzKc*m5dBv5K_)~fAM5e@ZmEV+&=wdK=#coBw(8bB3e
zNYf&zAzLii>5J|VU<@YeEkfszNoZ5D$}&LR!Y{Jz<ccPI>TJ8K<`@Wp?p1`NKXhnb
z71U#DcyK(F)Ly99XX+LV$v#W*qm=!y>kqHpX}hs+c)x(dm0RiWyEb#iXIHm|LCG{c
zxP$OnVM4~^(#jv2Grw$Q+R_-MW+w-C$0B+HFIAs`7uDN}RY#ygy0ooC*#^-VR8jo%
zGAG2aMXTrCZa=SOz8m}=zU$tubKqq9>PP(*Q~==#$jW#9R3JqLr`(18lZBv)U1v&N
zSIukSZeP%Dgsudw{cfHcA<wW|RM`3kee8hfRm0G=H3PO8<R}+KDePRGqnYnBBad|G
zMu>rNNR1QINO&q|h9C5{t7}?xvpUxzrm&seg#H{2BoAhhc-*u1gaiY%IP(s_XFsMi
zgtsQw{>2aG;n(aG*-?)c<1T9Ihvh{5-lfxM_6%l?4Rp`?M=j?#X5kS^VS`ops0m8G
z<9!3^H9awASE5e8jXkEc%`GO7wHtKDdJQ=yVIb={q>AE=!dM``r!@(YMsGar9#@W!
zGD|0&O*}7VqXOURw^n{&8qCVjwn+C92pciAG+}%|_BD7vI7;1~V>FZ?TRIN2{T)4)
z)SVd{5%!c~uJX!yCcmc_XdkYOX;LZ+ycy?AlpX?4KODz8Yd|@<m#eAb{Tue`@N$!s
zg_L>!AREqHT__A7{~WlA=2s5Um$v>_7E>=i@|F;~_j+t6J^?FL3{9IIl2`)Mjhr9&
zSKBf6c1E~ap(qJ$T&*w-H8ayq>Ea((Cey&YphzT%pl&=wliO}Ij8&KjOyBhU#B4`{
z_6`<+t8oT7t72vWM!!F6U&6R*Ss?z4nr}3)P4@T!al81g6@Nce90a@}$mUTS{;(VT
z1e+iLi4J9$Oi`Sp%{TI!4%^bJn_*@Z-rfUL(H&blK<b-OCtcY191(W(_8P5P(};dg
z3#BqsX#3H2L}aOPdfWyCii1ik9695Qb05(BY(Y~zZe_@dRRKF4&=fOF+v^v7=mlfN
z``_b}FD4t)jsd~T?5vD1Rvtk<Hr9*K_4+c$BK?zye9uPKMXkH03xBtwsV~RH%k0k2
zbF1gQ<Q`|Gc}Z2;NsGe*P^?S6DpIKP1ln0YpJys2p=x{#SLyK0*xblH84Du`k~I=5
zYj@7N&hSPl;vUK(N~ZaN-8B`X#C$-94GEmvv?;xmV^ht7D-5YqN^Vn1f_I}1J}<x6
zfFExhCK8WBJ1!9+{6Nf6@@D5a29J~}W9+#sC4JQU1Px(wrLPJiy6#uuV7dB70?e7f
zSUtEpY~j086<Xm$Pt7F?4?BVdi*xdY+{9qa-Q@EGXB(nB)oro2CU1i4N_X;|O&CNQ
z87TQA)WvOPZR||;yJn@6YW|B_J>RFOtcwIOks9e=TZwB;$5Q94?D=ved~=t$a@nJC
z;)zWFjwaAMIh)*)^;)pk-0M8EG6UggB_Aawr&-7bW%#<8c4#YZ_#Rc5T17_pW(Pg+
z)*Mg3(5i1zCFV*^6fErBj|a@Q9Kn7Hf#z3=c?zzFn0IHwfjb}k#9=HA#iUP7FI9~K
z+r*bF*4n>q%pJdiFT#M&LFAd!Ou_TFaABnXkl$K7u6=tkbQc=PVHzYF(^TZYUBQ`G
z(CYoWq27uE%=HAEH_$QBFsH`5r8wD~(=`GmNH_wG-5%V<#mw~MuXs@$1t;Ut($)9+
zwg)5A^zAzPkJOPozN~llh-<JKIE}-o9Hd9u#lC_L9PC}f{VnzUbI1KDvqJ8czBZ^v
zBHA1Djy#DL<@=r=`KTQwm{j+uP;w8h9TgBd6WU}m<l}y<(gvhrJ~mCNmWPsn^X6}M
z-&*QCrM++6rq%$2@YU;oUIy9|pcXDpED=Z7`$<zeDP42lL~Wnjm3LLDA5$(y9z610
z`blKPn)-d+Afze_z$t|^f*r@$#cUhsax!?JI)_O>A(@3O<3<(ok#@1I(epVFNv!!K
zJrV1QnIcZ$H*QurPf2AvuGXX;L1#P1faFrm{ij}gVUtG7f6;ua<mwCR?`5gIQuxiu
zuIOCT|JpxgOB7bS{T^1bU~+0)-Xo;tOoZ$rar3oBmCfPyj-+N*z>X9VUPXfm4@?-;
zo%X#yv!5zgah!DYTl{>e0<{6b1%vOp;5w574lYtR*X$8yM_b%E(1FS&Ys6R}MQgyi
zum{>qp~3fW&2wRx6uYrWA4c6+F%I(<wgT3KEu1X<HTe+J)<R91Xhig&c+x#jF<$yL
zdAav}C97}`Re1H?2GLXT{NLvd+bpd!yR^7IG(BGxQ`8=4U#x)<&Y~=Zp!#B6Xgb|`
z29*xKW$9tM9p1O<#l2&5d31BuuBFQpu-E-+yjdI8I57O#lj}YyXJNHZ6l&b#Uq%Aq
zi_y1s&!3|`THXT60l@f?LN2#o&H!m$tgA)H^e+QAxMJU{zqqZ%c|O?u9OHXmvoR2h
zF^67vphz-bgM|hC0MbyDK6p6v=v(=O)B%fW(O6tH-yc(8ff-fiICf?})+)RB%kp^(
zbc(d{fC&6o`;%2qcM;q9OmGfPBoJ_z{jxD;ELBmoK0^vGMIUV$gG^|@_H<BcTBLsj
z7tcU`9n?<GaR0bt-*QL^rTY<$)`!u?{>F^Ps6b-R57|J^<p32URY9)j5S;vjf(SE@
z>-*4^C9JVu(qwI483s?CL-<W-SvQ*xU>m0;*=FuD>^7)&+M;5BXTE@DN}laS5da)s
zd+=<v`t@nXqtDiGTVw`kgRl8o81v1KtzCUs#O1MTi>0mo^&yE?67SGwa|v~-GuPpn
zcXdL2>eDZ;e4AVVctAig)YGbEkAUQP89#cSOE8aJA?d0XNj9-Q$@^R=^;gk1P=cr7
z)GglO`c@fgPr{HNYNM=kr;_i_;aOXZrbCUq=H7dnU+vZH^ot$E=sft#4f#6(JRCd?
zB{_~bo%k2rqyC-T<f|NkDPgw|0snya{=6(97I*dKLWFvwJgLJK4)-&WCQ>(qElyrn
zvu9?FG_U|qD1+CQqD7Vg&u33FHh_7;z6a43KO4~TtSW?d5pbS(=-B9;nNHaPJ>yQu
z(ab6Yi9l>~ClSde5J@YG{O~941ub_S+d!GSMI>id%SNymI%~%l{)HjRaLUZb)4hlD
zR2u7Br#Gl;hT$_kgibFIR1CuGi1=M-{9Dbg5W$CA(Qnf36FlvIY!<ZDT@hs?mUlfM
zaCDyce4n=yh_ykfiHElS9uNk?vP&*Y#?p4}GTAnNp=e5!B)^<lGGNIjs%;XpeIQ&-
zqs_TIFg|q%8*ixUoi1jL{Q!%BDja>O=u}R^b<){-Q>h0hVnhFj&b+ZsYatavUH)(D
zQj={+V3!so&4$R#*+gwmA=3E4(PgX-^)Xwexpz!rt)djZlC9PE(zEHVY|ghys(^gY
z<rrSRXxc<Tu25Gkw9TB*$EY<!H<Odqe^=0GFMLxMu6co$+AX$A0^GYH_ifZg&qknk
zRSfWMY|FX1B2lj(kSTL(wl1aSP79PT0PizQbEsq0d)nf$O+MvP_!?;o5{yfasCTd;
z+%?91xl)zt{+~^<+vplsy~a@~tLbjXf<&cpk#SgIyZ+`5q$4C>$X4`9G*(y<g8l>x
zb&&@_zzY4Leov1c3RwxMS)a0RJA-<?22(ASTEIJHrV5Gii(0W|G5z%9l4cEU4hqjb
zi|v^tIF<AKKcX|+Tl}f9-K(RgO3<oswUKwe#Fuf&j<PKDx0Z4D)QEkM*{1Lyj3ir!
z)YglD^p{SDN?WF90ZJIH<SCD`f5d+1<I6%N_-)l?%(%||ttxeZM=q=N%vSmanU1RS
zeW4b*!gjt-BzL}cr;Olc1p?8;M#1To&_EC_JIwir11|+XrVH4LZu1@<DHO{!JucW?
zb}v{rP+zN+*^TwxmtY#}9<izF1dxQwci@dN*<DDc>-<3Bi5WDeB+XYdBb3(SMltet
zDd~!wJ(S-x$~k7W)lp@@9ZOC`YRlalutHv`%7Gy%L;)D&B%RP{x0jy-m8!>|2WqR6
zomi$c^y$V5$qMDRNRg;JgD2kT`M5h;5$i3gnQ8V(C!9^GoEs$gG;h1J?cV*7HRj|I
zHC=5O3t6?3296&ND(|6YYhvmO6-8<ITHdV?5_~If=~~OtND$opQ!lK};&}Clkd5ff
zBubULj_Brhm~YG^qajr~&LvV;eeTo0$&QiP(8wkeS@9w$#&s3V7mKGE%wQH6GG+y6
zSd8$KM7c!tiBJ9l5We)%Th#nIBo<lIu)gV|a+CbVzMMTTRBdobJ&Y=qn@$#AY;ahg
zC0ymk3fbcDV2@OqnpYP)d!fyo3{R+b--x+lnX?LEc%yG5*g%IZC7Vxw$Fz6GbyeuM
zMC(0CBa32vXF8q&=B?VqQK*Ehn;)b4&t3Tw%s7R)B(DBed2NtFGr_-Y9|{@O;J!M}
z2HJGTD}W>GQ=$XusUuNFFC0flx&9VtUm$r#jmZO<YMui_B}udm7-KXHeoS6H*8)T?
zqIo!Ms#w(4&B`%_V(3&0&S6)^6ndAs7MlG{&(QG+El5wKW!sKg@!QhoGF3nY`CMGx
z>9{%%>zkHynTSX}dv;(m8Ody8GOAtCxUG`ViC9lsg;f3Uh&#3L6@?Az^6l()_u5|B
zDn^|XGQ!&tGZO4>!;y8~lG)u4#gBu8G|XR?U2cESR$fUp=ybU*z}ih|+GdO+tt<Bs
z_w|6ZLd!BoG}||}IsnJk3C877P<k-z;@8N^NgM|pagN}il>2+#(1ha4HT%-P>U^j>
zqI?bLvW!ZIXAb-AxmQ1Kc%rhUaI%@fDXriT<rWc7^*EIVmReUHEsrn^+<f3M{8AL_
zV&blfhtjq0?*%aMuBiFEjsl9}_IBQ>em6RP5NK*NHdP_bPN+S#PO+3(*pW%pGX@(9
zCcT)ZvOB)yS|&=?$5hzy%%yqmBt3p$%5AD*tB=SP@?=(-i6tjd%`Y00ibB~Zky<If
z*g%+zT&|2w(`GBK1E(r|VfmKHdht?R@KDmYX?@${czttH3a^4Drz==3@xU|<_14x{
z_RZq~=q_8d!%GC^oLbP8aYC%kyw4F;OzccG6*SroRolWat5Ye~1Dh#Ml^E$s!Pxc`
z4y&pLw}#{8D(G_+1tTHz3`y9JmpIO^(+dMj*!_2EjHcqNe2J$$3AKiz6Mf0x|5nTH
zh#;d9SXe`uJ{a!pY>$2@i<F_x`)x-i#HShb&JJZN8*@G2+1I?Onw5Nna9_-BKgEfj
zCdXxly0NYQa%T?Ra2jwpw7Uj_1{O;QYq9qrA2)R+^rQ`ur3{1_9O5~WHMY6}4NP4A
zeFsuAYeF`s7M|FpsRpMZrXsBx&K+Xp#Xq@l)Feu^k^hfj;>>><vQ_4}QoeMXOIumw
z<aSL3u^Y=IgG+Xy`J+@NkHE~#^!IMA%RZUr&_)2A<JPI+?5c2e<dNIJSO|Wg7vD(d
z2E?vJu=(XLjNXF>v}6o8?-@ZJWRKLhSnpm83N_gSkO%oOxsSfaEmaK20bDejEPC8c
zns{3$O!&^j9hG<kbskd&7}{+zkmx>xsl)~kH(Dw~*or*mceZlY<D_Niz!-_EZ&1LJ
zc%xVp?^1Oxqg^kWN``}KnbeNBoU&&XmYkzK4FsX~{R?qZoFr{rzd23MOU)X@apnMn
zW^^(90oD(;pnHUwbA0?>7v?Lr^=<RKHVh5VJSE3S`7rL0%uCPDuI)ij=l&Wl@6c-0
zF}yN%w`EN7Y3QaEQ<WI#k7mXFZ*&ujBRN4oLT*3U5+%m}G;$9?mIRENhRf>evR&0>
z+qP}nwr$(CZQEV8ZQE!1zcCXNG50PeA|p4s$yG+?Ip6z;RgY<(&aRE*IS9O@&uS6p
z5b+X*n`5Ml7Xft|{Q~123kc126oWbZx2#0~*@wGAFI9E8kn`i=;N9iq<K@~;JTj3g
zkn4QDJb%~Q?dJJ@9(z1wb5(mi(zDei*{Hxu`m)RqA`EcOpJm3e#thR9xlw?i=rhKR
zv)kj}rYd8bbtD897iTSGlLE=WaCZ>hW5-}68Q=#D7wyR1cG>B@#>&d=IQ!iIbKhI^
zY%tv4dZ8Y!m<LAEl;r8les53SzS#P<DTx|%rWb#w`ACSZ;0oJ>d%iZ;c(8~ozd=jX
zYiIZJ@p0blqv<)*$;|>*ytcpJ-wu%cYC>X<xqyj_(WsB1=|H2uAr{tm4SoD0sAyx&
z>IV<(vr_Heb*n&w_4OdwoIYSI_<+2RzRDsc^(8k1WnJSJ@#VF9LDK)svQiT3ujZ(P
z;8c&pDI<i-d9dC*#^t$FlJJEGF4{jsbIvVNbHS1|zEqWXV63<3!|V~wLTJeHGmR09
zY9t4}Kb6$#k36l2aU?2t4`!c~9dz=xMZ%$bR@zdyxZYowqY++xoh7@K9;;%&rw7gH
zuslAbqcXQPI`=20MWQ&pv!LUqE$>!pYRMXtXTXUz(Pwk{<pt!62^=cM3i3`PVK3OT
z+HwtId(HeMk8S(#6>L;9fQo(>`o8oTUWI6-3H3h~PJM7jNh4;UnDxZ8jeHt!yeZ#f
zvNYYHH~E;nH={fs@4fdQWe1O*R2~fBDNtuM91$?!RCOyw&_3ptXEOVXE;ANV;S+IH
zZMcFyQH2w)|5E<fyED+3itM@f*-xkfol~!FNs1E>Hd3$bt%|GVNdNoF3T7CncDI56
zR!#2gb(QdT(w6n%=2m70{KzS`Q%kI_PlD~>Ms!Q3s=W&Cdt$%qFsf;&=&+{gaS_1H
z+qtzMXbWGpnv1LZqeyd|x-$*k^Kl&W)Ro}Nws3o^_Mwx2x<(n<nu%ML<iMtQohH=+
z(H@6n7hs^S(5)i@OCHsBmx*R~f4dvy9+jQueUASzQkbsb?f{!TsoX33E^X@b4#io4
zoc_2VYf(bnNbZJdxP3&zBjtVleq@24q`@gfM>+QVcI5&Qz?K(Wd;gr|P)U7LkT&~a
zd`{x{xSE(@RkBUO*t7%94Gghru%68JRhfTnfj&FtGUPjU#C4%jC*NxIq=TV<a2p<d
zOPdSR=Ax4l7@jklMog5Ldt6oWX94Z`JCHnah_eSFU5=Z7=v&^Q%HQM+I%L8|61DS*
z{6((OG@WJN5u`ZY5%Z)g_#A$4J$_Z-P*U$iai)|hC#MER@nn^5b`1=>Qz=xj;c$%D
zrtuQ)zLOGYgi9;$*VGGws|j5#rnwUG;qG};1>pZ4hTnPT*)X24tLlKTS?`9Q*_$ev
z?>s;3kG|J#X@J|m;YrmTz%J?u@E_sh<t1v{j;*af^atJdY1mzQS*I1x>qoE0y#ec=
z%|ZA9Pdwn!PyoRG`8QeVV*~)MLjk*UfRZP`RUMyOCz+jW-VA`x4=yc81hD@#q&Mrv
z_61md>qgGtdt&N)6ga1I>&Y2~Hd&%X{kA?6jV6wXS~or@>N%c+4)O)@OH>M*Hd;Vm
z=YfDkZ_KD)zq@*?4mwYr?6_YX-KXw~Ns3K>6KKEHCcVR7di)8_K>P_*kzPxDHwx_=
zF5=}D^V)}xX&V6Y4X&V@j?MYRk^LU1u|LYH>Lv>S^53xK0-TF6X}{1CJS?Qm4|nvn
zxcK?qzB5y&d_Z}eIZO4~xjB1y|J)36aC=<i<m7hW=(@_u(Pp!ioz8ql9kx38db|35
ze0(GF+A3A8ZbwZ$-pJkFOPGXl<vwCPuLYC@(*1kwsSgg1f_S8NCLKJTM#$*rH)#D5
z#aYXnB(M;G^W-csp2vsXofsk4q<sF_>OfdXaTGHH`;NV?`7i0i`{(oGeN@6?Fvy)#
zF7Vz)RJ0B3d2a!6l#IKm{Q0MQPH#EOI4^J_8kriC^3h$KohCgU<Fmj?S}2uN>|HuV
z1=B`nUVWB!P#V&pfJ+u#Tm}S2ql_5lsBnRntD~7h$d+guZbE=M7KUdMJ-GtnBMHuS
z2HQd~dnVB$dcWP1jTr>>buFc*qj`AA0)oZ@weM6B7<xl7f0y8(Z&R3|oZ84$i`#E2
zm>^ldyo>K-$%3I2OL((&dd<_13X0lagt=GFNLk>9m!CRhClh!&x|OBpcj?+8IR@}j
z83_3=(tPiR@3Pd^j5`Qau56QZE?4nbuQs4#<!4x(R}o@*ar{<Zwn&y+&*XP4Zl@g5
zrw~69+o@43KBBd4@FC2X9ClV;R8A!L`b_^s)xl13KN39pLA~Qyu+0vXkaaJaQWOgP
zJ7&Z`3B<03@eu&Tu<T(W8&8?2@IhBj>re<&XEmsXN`@}*(tGkhW1{EA!MW5nGNA2~
z4uq@lEY?(=%JnXE1WwvrHQmh9Sc0?qT4sbfQj@Z*h(TI>dE*7~h8t>7QgX(P$jnNW
zgN|$EIgtDXbs+3>BcYY}=fUexaF`Ll<DC2}3Oh^5kxN$fu^9i!9jAh7&wKAIvb?F`
zXjpv~BEo!#O@9$#iCU%?fQ{v+j^(_kTbv-#*-5%hKaA&<DzSsZdGAOnKS(-D%9;GB
z@+nQEb8V366Z@!#x?Ib*BpqHtYBQ6kx5oPI!*HD&Kz8I)h}g41W*K1d>MgCkcPqnI
ztP;T7cvDYY5$r3phRJcduvC#aL+~(FEe)<HgGOHI56NRmd<fG=58|7*|4`nMEmopP
z3?gh}#8Z<T(2A=>x6rojxPo1Y|3f>{Ed%C9c>l%}_9ag&2l4)WZF3M0L)3*I1^)0z
zb}04kLpi@B7t7s{MeIiEbk{t}U8H|dm5%qLo`()tUqw7bux;*+5U-~-z!1iVuJ`HZ
z9R9bIu}Vw?-DP@!bcSxFatHtYwLpyMNrbm-^cPWABay6fIQ>9lvAD<(4{MLoFXo8m
z>8pNmOLqY?fg&?fi@yp|ePMI1*4Dx1^3DK=`~4+&<dQt+nM{B*BJ*GsO3Ol|axf&f
z_Mz=>lYt0zftBBWjX9I2d)FNE9nLd2kQW$%=FC^k=x>f%-6E~Cq<2D}n*M*)HfWx{
zDuJZt!mH4rSjq!rMvF#qBvP@fp}Lh*Ffj2TLsMhdJa5TAwZkT&bi>H-gOf)LvV`FZ
z>|2IjbU^!WW{C8u1u3b;GODlujXMckI9ogorp;Zc*^TUD^~*^!)wnvGSGA5ndtup9
zw35r>IC9}>q7ER1-2QzM6&^<11B1Lfl%#Y~pFYZr0^wJ@Cm#`oEUcP_u@1Od!=V<~
zzptfyq@o1#PBMm3(e>tjr?jN#!0w`fLfMbW>cZdl#k)y^#?rNP`V-*W-1Qh<-46zG
zBfDn)Vd_sTSi|*v5iih9u^uc2TmSJoWJb<$EbJ*{RZ^xE&GHq=YuHy_Y>51+?5X(`
zU05H+hlj1#nCN$b!1uDth(Mvx=CQ<`{=;>k4;|SC3sCSw^tt*=Nsp2vj5+a5pX4YI
z?P&o;Gp^8u{whz+O85ZE5RWOgpw5Vga%`ei*n4mp#@hyRVTW3r3j;056Gxw9y^$@)
zq|u_SLmGP878sPWfIzi|oo~O0*=}NenI4-u&~sPIV$5PpNl_f;?-YV-SKLW9(7)yk
zmzz7U@gobDqLqz*qGm|FDVdTEHqiR{l}szkxFau<R;*9dVMXLOf~rLD`?@AGgfAx)
z*aY<VX*agG*0HjQKSo=Py0hO*&U#n=xi>NW%U?N=LYP0W(sKzc0{6CU(DF<+9KPg>
z*Gc(&=S57_`woG{Z-Nd5l+KX|Sg9k@j=qhK<j(9XZXIDi0Dm?TOjdBoNHbA8L$qiU
zOH&<Ei&_*;87IUv;|yZiML1xzG`4WFak~dM$#3+J*K_J|1h4{(M-$SV5<i+LCS^1V
zu^x0p{mxBy!V2Y%<WKDMzu8sCmEVWS)yad1X<1`uL{b&W@DIe41GCu%9wk(@Np@_+
z;O(0t+K);jdvG1oh=dJ0;L{e7iB2pOo;Mt)L~6~ErNJ!h%*Ql}V)=^!2j7(EM<BEr
ztw`&37|yH-n2HI9L4Z+`SmHWf1J%;dh1QsHNq?%M3t_0yR0W(sSSl(OsmxBjF*D|G
zG$F8}7=|!vnY?2G{v>@Yc@NKj&k~96Hwxh4vd>!beV;s|Kao!7T22Nb1&Ai{aH2f$
zRLID}3JAA>Q1|gIpcW&|<2U)SNG~y!IStc<{NFUW^Zl6$MD!g^v?rDop6$h#-C)6y
z(B}~t!B$GO3V(5%kIyatXyC&f32mZIr#Yjsktkw7l-61r_`0YG<uaXU@jr_s;f@l^
z>&J@n<tv^`11DB{D^N{TLWPg;<F&@WS$-u3@)pK>IeM=1aJmMta~n77iNhVOk;AZ5
zQWj~NJi<;?vNx3E<onc~DOTWlLn8kq+71x3m2W|0z-TMmWD(B@Pq+s(H@{GR%FpXO
z&nVx364E`P!r+5a6;fKIdoRl)N@iu;R9Spl&Y1oil~Xk^>#&#IUQbbmHLEz2)<GTP
zEF{trUDC7S@OxylTddxO*120qT~eBKz>vpU$`UhZVvxvX{lX<1f}{1VeN9Y41hoQ#
zO}|5~Bq*O$DSqBG*pH|jiAZZw6b+g-OGX=?SCNy;H7P8A%(juzi~6w-_alp~{wbpG
zDr9RRh8|FnRnKyx2>D&5Ni{K1j)n~<!kjIWoE|^KF0!XSqqeChW@YiG`s*kqETy>!
z1rX}3$XGRG1hG}=Iv^R3MKQMoZ75oi?_aYfcqLuCs*8kLCTKxOW}+;vYO?GUB9YeB
zWZiyWZs>abaF3IasIU7+a6{9`$GBowLlepW0hv-G#c3-%HE=Fekm&b;QAwwqR64kX
z&Aw<aL4k_qin^LX`^}Qmju>I-NB>_mc%|vrzzYPd0Y>rECzD5_S6d1d8Wzi%i)QMC
zeb`7CA=8@A*5_j>VcUt`g=U)J!&-G`478r#Z%#;NZ;h>m7mD!Y)@CSx2x8<qp-f7W
zAlVUlh^Bpqsx?UtdMBOgyV+nwn=yi>#evKzWbwpScZ7dvMkFol@B05DJ9<Pi8b(83
z7K8w(rb~*Lj#WoExaBfL2_^+2F^LckrjJ<1igy(wz=f=;#BS!GNqP;%P<e>9)o>x2
z5?$5b$(E5|R(#@Cw2aIa)2J5EB;-Hn+dB5Hz$^Xz=}Wy^or!bdso{y=0y(-ZyAQ5a
z?UR*+ACp5HW5ifROk?BksBb?0yW04yJ;6WOsF=kW0*IZ`sZiMB7%Z9_t?Tv@QHo8$
zq_w~)(k_)SpESy2r}4!j;1oEocZ27;?K5&==-W{Tre7O9U&l}1C6AZ;@9+B)Ca-UU
z96W8?ezLplVPt+zKN~zAzpV}W@d)9y-Se9V{m*vh7(vsKrCfpZ=I1+{X7h=G*(&<5
zfX>pkr`pDB)@qQQLAn2%*5UJiw2sLCt#!0ItDjw7-Qlo)eQypqonC#vub+=FIAL3V
z!-Fq-%9YVa_*c6czZ=`|vutR14E-4Zk25p=Mc~cK7GeUgZ^M!D!cUJ<mqk#5O^LrK
zotE@eM^F`Xt*@YJseJg*hWAz53dH4s{q{{je40h;NRX~faWG7|MaB&y5drTMcYR@;
zIi#Fw!aqE%$|3R}sG|q&AJoxfyupDiDzVu9#LbcsAc(Dw@f5*OIuWaor_u<hpfEl=
zPfm1`d44yt%<F<sI9J=cpx-lGua+QMy8B0U*gX#FCRZgma7vbe_&8B^E0W{KGmj7s
zjj_Tqr%%l+{|)TaSBK2BLwactpe-G)%6}DCm=}=Gv&dvSBoiQJ+bsmBV3nQ-?qae?
zfr()}0%MHbBTyx&opthoFd@m6{iIVW%ak%{$5&VP>#FUWqhX%J(Y}M{TA1?;2^kDU
zkr65Ka}S%<qGYKdpnoiklKQ!$$1e_vcP0!#C-E!JC_AQKAiw0C;=tY63Yk}AftWd)
zW1wEneM@>QJQx?wto6;|)V6>Ahw4zxV}41Q;V@Rpm$nz)^+#EZ<`4s-b)2;Hk;pj>
z9y3HbPE@tPjA$cNwsJi1C2uJhUbP{_6ow9x$*h;<j^mUOD#<_v>(@K*5_k@j$5;U(
zdD8+-cS(ZOMNw79Y^nb9H^#U+J}zMo+fnY3Om<G4Y>F*mUR?8x*oJ`o65>y<T>Kn;
z4&hpiWIc8yVtC3IsW{OPj8bBrbT|>Efv8Z2w5X|sVfFfgA&6V}9*C+nj(OTO@pp%D
z=j5-PKf$n9E%YvS2LJ4d%MKO%=)<JdaWUl%^sE;%iD=G~na{_zPk#{P0cXJyOF>8n
zM}u6)uA0U%_u8;kkLPIGQvD8xDd{l*?HenqUCiS`=}nc1#Tq!OPC~ih!D-s!&pjh9
zD;xt_L`vtrI7|`$q&#VRx1Eo9cZhz+mwgU1k&wO@$LnPiAiiu}=lLmEry$t-t|!Sp
zdEfX+p6~3sgXSThn}1>2mB%iNE;7C>g$t+Hw457l#TgEzNUJ<K#$bZd&wUOXa4NCS
zujrSFk%sdpmgNj=;zx^6s*IhPsJ?Sbvl9FhU##n|+kw{C#;-*LkI4ae$gZ7#Zl=zc
z4#~*JRPJkI%%#Wv^>WKOP<UfIAGXUKNSO?=Y?n~R`HKRuIu>58&uj)Z!+F{-z3m0B
z_M&5tL#0oZuNzgiOW1?1W0?j#Rc7stSjjn{2kn4nRNb^JbTfPi1&fynYv#f0wHCdx
z(2{x5$MdhSAY3~y3#kXx>n+oyJ8*k1Dps)@MAMwwHJr5WW(tqP0Si!9CyUL6jGjTh
zx~ba~dx<TY+h6q+F?DTHIfIua9rCTMibbPMk@8uidOvID&iwq|-;ej;2<1}oNjUBg
zLWdV|YGT`$Cq?JE)v87%5o7pD($6i+uVF^}C2of+o?N#3))m$b&SL*+|M(&eMl(yj
zn|AuV<F?;%rQ#?S>!uawKuPW)_wKSeb9Y+yNrn`%`c!S~ZqGlB8b_QAOclOvQXV>O
zFq;u=bT+1c&^bz?f2A(IB+^$>WrSaJDj<p<vtaSDtNC5^a&htWfn|JQ^(I0{{>F^w
z<&g((csnN4WE9%G5ybl;=RnI8bn8z$qi~<;V*g7{N7H#S%CuJy?-A7;9G1}lk+=!V
zNRb-ycw11UT;ChjKw>uDLF)T!@pYnOe=wH^6dH2{yD`Y8$ic~J@pW-CbXs61gMCq7
zk`{|xDit21xlDJb%v~l4L^H5tzCAvvfB`=0(V;ees;^Xnd&njtxvD_tpkv;BmI&wT
zmrlI}mOIy$P6}`Jkfz1b&$jxfTM^Fpe3Gb3-5L}=lOPBR_TT;>sqCow#Gy6>LaiDt
zMh$oBCc{HgwHG_bMs&_ss9e}dh;?Q9G2DK!4~&A-6&s-+#b_iIn`*?(@+PJgB2PK8
zq3ED}{+=Ps(O<t2ASwgE*c>?EH3|x}Ypo|M0P^Ph#r`o6{}t}XNw)p@Z{a?iDPVZ8
zM?1YGL>RkFv4M`!=QBV%$}Af7ud0v<_KgBKgZXex&zF;Vxm1%G{2XQ9g?E~BX7vde
zZ36S7PM~uf_3?lSBQni{Sdr@INVj8p$eedkZ{}9>^|)aDBABe>qUYFQVZhM3@y6#Z
z3Yo~=dwv3)T2n9FDVD1%SB8t<G0lB-+O}$uuK>47B?PQkLYWrMnvhWMM7S5(zX)29
zJY_e)Q1iPsxO*oMR82JPi(Qn?QZj8fRm(4*X*bY1%vX;9Y~-FDC0lt{H&T+y@BeM|
z<EJ?OKO22TpW|hyiAm>T`yC6HPTX15-03Y4PCoKTEkwJmJ)H13F%FjBYPkYc`0z!^
zS+)yq=hZPUD)&yF0w=b?1Ma@kK~Sh-!Cv7mtcsG3Ib+725nh&Pp0+8o<yS=~<tsvv
z25LZN-vTWTs9tLE6u9-0cicB~SmGAu8$)IdfiWPV(qJ%r<soYIK;^x|T}hTM#t#2!
z^wn=S>oG;TdmLhSTwSPPH5&~;kX=1SqzC!rWli0Ul?ibO1-6hZjzd9O#CRL)%lB92
z#U6Yn$Rw*mRg6YXv<x)H!wWuusu-t{BJ0KtAA85kWKEbRP(=`9jISu|jlzzdyP?2w
zFb*Lr3c>M{?G#TVb^fB-h>f0RTJT43QQ^MIo~i~fj>5VXQCo4S<!oBLox%a$?f?Cx
z*6S7KNi`evbMGs>O>7Cy2#OrD>M<Yb_%0b1XDl6!`_5lUt8&J3Oo7H2i_%VU&Qmwz
zSe)|Dw;WcDRUt~Mkc5q5n(qL;laf(l@%wOIHk`D<&gRKD+3K*7>YuoJQAUJ*`Je0j
z24Sej!_*6V@{gtlP(`>%h210&EF)cdShPRH40_U<vABjkWR`RxL)%G<kMhyp?oPYw
zqHb3+kQ|)r9Uh%ZD_I%B?Xt{SPa=k<K1Ft{e{HC;4<92!77;1B{%Fc$z>h0|Xc))I
zrX-ufh-8V!OidbL&Y;BQqx&tC9b9N%gUJ$M`^VRj&J|LCGk|vV`GSDd@#F89hv&1Y
zKY)H#Q*3xdYS7>$$MO8B=63R35kq8mKiS2`0Lou&I~ztoI>^zIU0!%++EEB4i9aJ2
ziD2w7WB>7V_g&z5&)~PvrN=yG7!^;#o;`0&+$98=5_NQr$1*nN#*#o-Gwx87rPBLC
zdPS%Co1{E(@-^+qhmon?ry0VMmOP&~<VP`#&Vgs>Mh*_07nda~*5Jg3!XMgfKT6yf
zC2mCLPhU)zK9P!Mw3`708T%SpJIol4-0E8Y`m5uVU+sOtbo8(uN?O)RPS@9(U`U>2
z{ngSxb+}?NfUKD5osPT6v!FS)Kkth@j>2>(u3OxA35si7Fi14jmZWH)t*+Mx*n1(i
zP3s`ZU5WP5$;~*r&{1;`KYDqVI^&jDlv<U06Z+6#{=-|r8!1T3)AT}ROPTf%B3|K=
z_9aF^NLne*V3ZS&;o4d#iN;*U5%6R58~x63q~?ueyV{ZERt=LOpUKb4dvl)^_d=^T
zlApXvTbk|;XP?l;t^?X;!OZ3X@V^gUfa^P;U3@ttjmKDS8qn7BZP}I#xLv;4AqDKN
zzM13u9}cbF#`a7gtch4GKg^+Qmd}9JO*VoU$!~%*)lpkBKm~#K6;@RIn5BgGHW=nk
zj$XWVSD(x4vl1ZwKH-_hOsai|buQ4ZutAgaD()^B9X3m1RScZsmPcsJ?Jw<5`X`We
z0N7puCy&@W02SdosawA{)pmg1b$`*{ZvZN9R#9)le_j9C{ZG&cV0i7Lnd4UZ@%w2c
z|5ua#czZbk{9@#0)_2`sH*da30N;{f-<<H@qs#JJI&7&PvTWllSXyJC<}tosF;rjg
zodrDW*c(bc39rI-M?8PAN0Yh@JR;dFxd-NJ1py{<KcNn1cH&{*qC12Dy$EjG8^Hg$
zL!(<jcH%?CE8of&^%j6m*ZRWm$LYn->4oh9u-Xe?d)5PZyaGypE>C{yIsp^q?Y)nH
z@{c+$I$a*WmI^>;!oQvsa5?4Ih5c?P1R(it`;yId|G7Nw(_z0t`-ap&z`MS(z3B5z
zfge$N@hrj&wSMxXOkSXbS}`v-n{dA%tB~I{@s9t%D!ZtAa!my<_+ee;Gd5%_0ZRJ_
zcYGJAG*m%%Eq*K9b2z{A%O-X(d{$X9B#>Mk&R(#q>?0Lnf3`26bV-92EEf0jWk=Jf
zL$KN2i|z*gTCT)}!ELV$)W$9&v+E)o>zO)?n)-Fx?-18Xi`pc`gZb^BAVvGLb(yP;
zmxqt1<I0DFzQKGDUWfrt%*-PVdQ^fRWI=Cf$Q;Kbsa2Z8X@9JhJQx({3q}Hj+gT%8
zH2-=0_N5-;^#TRaqdPS;$*iz)hO4WMvl!j6oqFgP9KLB@PHu-vU%4TeHM0N5R;B%X
z(oRhTdcYb>NFc%RsyKX~g9r0{9Y;F!Q~B_M@^9iL+Gt-ce;7{TMduA2QMTgq@D*z*
z&Myr6&;ZP}lp@FDig<kLOoWPZMR?uQy#bGl0f)}6jrG3J<^Fgqy-XSouEHK>9?Yt-
zkJc07Sl&pEegpfeM0k(evvo{fDrpR_L_~L<$m84V%b+WRj8o?ec;S5#S#2m3VEF_p
zg)>5)HCgGz?P^{Qo3RpuEmzwmv{$9ycT{S<`>r>4das$6t@f?VE??ZSW_;}O&SPFa
zUyGl4_=^rEua#`<Lv|MVrdI#-=sKjU2>fCq8(n#trb9@|*+fIyZM+L{8ub-vcv-cv
z+wog=IxoXYY<Th+*d$<Ba9IoVxkEADA_$pDu(Jg7hw1l`JlP88shVgJ8q&&gjG}09
z8O)Lq3sOh_nZ8Rx-9Ho~WEilx@L7)Ev)OEn-^4SbMht(5{eyLtJQ(dU?Pa6fFWVb+
z!Ztdd-Lt#IH_{U*koilbm&!J4aWv&xr{r)wHN%KHvY?~#22tR&pObe-fb6GRG0BjN
zTTLbOz}{h~2Nv@i=(40E(r=Jy^!(v|YvfQP4CN9X_`_ZJ5DaiE+#tr5HO-T|n|I=o
zHlHR_;E@)ZUWk1Ge=kk<Y|_Ry#oL;{X&-|m92d;;Eds}e;KLkx_-+jC-G!M>HFuTv
zX{y+t9V?;D)v!DAp=$cnb_Y9#842|1#yfgqiQwU-kQgY8B_D%5PB1@`wZuCRlcX9m
za6TK4t|hyX#A(}@K{E_)F)QV_e6ZyYi~XQzEU*oL{*);Q&ba}rxfA<3av11}MmwoH
zs6<-V308)Li|~Q?+(tm^lgx>$n%md(9Z&fFkffjtmboAWjpaX(e<BtT`{4%<%E3bS
z<R2u73x6ZLdfdq8NpJRDVceq4Ht@1&aAR+=TKMaJ-S5TVmkQQc-b-klhb!;fKF9aT
zajT2#pdASM-r_ZUA4{FTdWHN@*<d)*GX7=*7I5Mz>1j&$&baOuCy)x?SM=<>Vy!zA
zI~LaOl7#kxC9b`^i8LIdv{td_<m8xxGde01898H`=UtxVnU2v2+^}2>+a7@x!<F2B
zPCstXw7pS_%Q2H(1Q(NUx%@?|DrU@`2J=_HPca&Si>(`_9O*8Jqx9T{@i(u16-99h
zZ$#zQ8-9qS*0PXbjRj4DP5T4cea@V5PvexTk6q%`Bn$7!U2Ut~F|ZT%GW|%ZdmBnd
z(`lda=8~&?4fRobMqK&Eco}jTj_kq64KkJ3RlmzfkDc#~-q#M%!vF{O&-zkPEcWSo
z&175`>8tpC+9VEMh^PmeDJBygA)lihp!3#Slm8E|+8>qW4n0&oSi#K1Xv(CBl>MWK
zG(D0#^dS!u^*V^#0~?Eh?dhFw{bQMu17yQ?IzW^g#XE#iPB6iSn`r{&2e2c9nP*}K
zN=`ukyFTAwvTR*@$OAFH>uyO?>jfgy;7ntaDyL*z2a0Nc;j=E@Wgow4x3H@4oh7ke
z^qG`L&vDtl0$HKwhzr>tKhDYW_ux;N9V^P1^n|2U-wB=&C>n&^RiT2&wwph}cVgP3
zQEmNbKC2DCrR02;2Y%Ez^@Jl+^NP1(c?0t%HQq8sbXJNid;@%lvex0M+#g^t(ET<X
zq-q|(l6==|eEe2vS|<DSw0Bc@l(}9HT(n9ZPV1^QTMHuL?IXw<stLl$Wy`s&*QVsj
z3b?m>wwy0FdEC%tb$i!not3ryOGq14<>}UIJc-nDRzS*6I2PpI;dtwW1O7=Ixy}CB
zy>xvb@1v)IXpP<eF=R8N0J}p#+dW{@+t=;KkMZx4-7x^NuiIVY39z|2?B|ygcNrL;
z5dpU7i+%y*fJo-7p_uDzuF$&mE$-xUS=NfK=XrVC>)uhkAOs-}sh#`a9d$CQCI_KS
z=M1X+<BXG9TgCVGFEjfh^Dg>Ns>RWLt&iJ1L|A{OPIm~}#8J=vf;jz&1h=SMexnO%
zgz+H=B;_5jyn#r|SAYl8)sgOS9FAJ4K>e!PO^m&5r+i<!1DTi&?~`fUP8&D0+kbpF
z#RJFS@rLe>J&7eC{A>vWex9qvE#B)te$gAz=?~@hNX$2u?Pp}s_3Ol~YBTfKUJ0b}
zJT{<ckL_JLH6?8%-(;W7_VI9A*2sJF5NE3g>kK{Y^1h%zAn&uw@gFoYpZHyl(V~(q
zd5u@Y`p2pc>(G9JXiNa@;~Nj}C0DvsV*5JdI3!L(SG}d%9=ex0OE|~u3WzG1Gwp6X
zH};;CB$r>VHcb4jUnMxJ0!qxrtiTL21(>Z4h2)$42FO**UsK<VyN3Wvm!6Rpq?n~1
zMU4iVn~PMQgGF&;!IIKck0EKW#_;R2_#@S-c^{?T$Zb73Ywd!+ORs(=dp{s0_fD5{
z&#QIaZ3x51(RKtB!2j$`sV4foztY2~<a`sQ7ApJ-J(VefU-ZUXSkw?2GI0YFQe8eg
zSXot+>Dxc*j;I<J2B>N0zC6;<_2Djc?41fAhzKYhI8*YtOV<1Ao7++j1l4t;qLP{v
zxs@29*JBVlC4rx7NWo!)HLb%AR%POHOsT7aI%{mu@~UtVH!R`JY18`F(wg+>Wup$E
zs==qEx^idYL90}jP!&|XLT7-bbp2Zi+{eO#VvP1GC}f`*=y=I%TzPUsDUxQYrpR{2
z$M3GeQqps^>}<6IW70K(UIo)ygHI2_F(&!7A2N1-5K*Xc=;f{Zx!F_w;Ns95!I^l-
znlU45rlM}g7d!|KeqURWZUq0){A0QRTIt>Za>|RKcI(4UJ?>O?5lSq+S-($Q$ZJKg
zA`CPvxnRvs^tlaqD8Qn9uyEI?@$57PWnnp%lgYh)ZUXLpf~s!q?<|;wES`Fe$WeVb
zheshsxtDZ|rUZ=Cm==taJ+Y}z2se@r<#~pCIt2Y@uE{7HL}duEEd_7GdLLE=B@v>h
z3UM?3*uL-b&3r1|PS2qA_CvZleB;wx;qR*Ws}%B9O0Y@IPtJ!P%2*VH0z6Dga~~3<
za!RA&heR^n50-c!BWmJ;FQ%&>1Lm?&>S1(=(aUva;-{lQ;f-aiU+g5n5QxCf><i$m
zROMnmz~i0`CGsiFTe#y-<wHa;^PmaZ!S~53(6C~&d4>xoCzdsJt#w)|YddKwtZGE6
zYdLO&ZMohK=e%IXY(Rd*iEO#yg?ghi+%OGMzCzmJ61t6s>SLvYF;<r2c%l2}<{5S&
z)=@4OwB^3r9r+uf4vc<&J2t9W8~7T#Jwp%mS{K!WX(O5N=zKr*n@fidTWL#}<AQ4H
zRNnqtI40URt`UBtnX@zK^>U_dj;}VG-gNd+p*bMMvoiH6Pi8cX$dIN@7ghE)5*)sl
zwqrHd2%jHM9avlzDM%tFdiF#Y_R1{scL$M?W*<Eu6Y^*7d$oZ^@7ro7cW_(6!Ro3D
zS#p9^e*r$(^75ZKMi3VXy--X$A65FJ<M`8!8RC#XXz(inB`RW+HJ0&#%$)5pkhNsH
zSYXdkjmBzKf~S<s*2nQ3WH+8~vm4I@CD&eHBKi|IuOjH?l6_v4@?+&|y0aVsR1Ol=
zLTHXC(YWoCxVL=Ol+|nH<bgb~-POKZ_<h%Ur*m}cAG;6T0K69_?cO{Wua{|#oPYm?
z`v=7tu0azK!D)M^RAN)9$<$>ss4%Mi+mTB_y5wdrhyn5=zhRB`uG<X#Qnx#;Hl`(m
zHay4K7#)A9#Gx82X*xL`H+r6Miv0~LPa4sPHqmP_EsOL$HOS3#zbOj}>fC>pN@I>W
z(9-i9Xin8-DR$RkrSO-!F`cv!iF%H+TI!UIcc3`(!e^oy27sB^CNwst;`dOTSJzpR
zZ)PurQI`>fy*d~@gsM&Xm*Zy<JYTGKe-isc-?8k9x%p8ST&?_W8Rplz;VWBe3mEhw
zYkzp{#{f4GaS$tjO3@*!zDL{UGNG})COIm-YF2D_dq}0lTiDn*PD4r@!U00tghZ($
zT<zgN?t9MAmyLk!YvHA%!b5pvo+ZYXv82a>cAhTS_dP5cYS(nJM{)F7E)s&c8^g<n
z@vm|A#>jdMD|@K_l3b}#fe+z;#29)ha=)8TmdWf$iR)h-`l8z#ii@^5&syqW=aw*#
z!ygN#GX_L{4x7nYtoE(FP>2oUCb6~z;D_?CLpU%}OKKGGox^|okeT^XRanx5p5%8b
z-Hc5*aec}r*%$qZiDsV-WGGY_KvBhnuI@3s^p7M|nzBJ{U@?>X`Yz0%!lOUYgUtbS
zv-3DC-2^Q`xSRU7*=k=79hLoXM}O}FXoRbnm6i<i_)HG5`z<cvJ`x)j{q}l6Zk}3N
zGVz)xO{0D{^3JpajEBK6tJ#2ci^%HcpD4~IoWSOe=S$BJ=B@Xy(MS9szq;K&O})Ix
zR<{<FG#EfsJ-wyS>lARX%V@7DcBBv3x&G<$X=z=z?Y@5W&U|f}*Qg&?pA(WkH&-`2
zbvKWl3UQ~px*BuEBq*8knIWe81<gnRz)S6On+<lj->V+sn^ev~0?9iem%6|08Zvo&
zKFvyj#ff-hwz-P+P-7P49KgrTTRd5KBKZ)`MiN8<`&=CFcKlFiY<J!_BA>Ha4sSxW
zQ?Kti9x17=@Y%G4QE%hVU;6-roE#V(E3W1#xPTP;IY|s}^Mma`I<sVTny*l+6O7N_
zn<T~;7N!ze2sVPb1B#(=kx3{4LMPe2^uGpq=KCCeDX#M^lFTwtE5vr(^4@=y&3vYC
zq|hjcgsr|vY?hhX<So_CbFVAjb1@nYjU#xpu2_zd%tDY>B_{3^@O!CB2@05Z3|w9n
zlROO&WV7!R!v;1my$p36dfZIEUTLtu1WvT`HD7mdU2)~IWNo_cb*@zNHIO2glcaN{
zZtrOPRcK2+a;h>AwW(^U@l|cj)B~G-$Bw7sDXzks6#V6;Qz~#J(k8Lomd!(){EAl5
zg-jbM!<xKe&=_MN<!gCVqf=&+<>LgV>I%dsw2HakXB6D!6S(Q-p)FpOF@E=h<=IBY
zGpZQ(nNGqpu=#e(nN7wsr?>Dad^>`ELG4IuveYV1FvKt|A<OOvT7@sYmv-${d%an-
zug{AQm;Jt#p*}EeQ<Y+2l#%>;m_@QfB|m)@zM+7cWVrrKH#Y~Is<9HJc|vIFsxyY!
z4q8^1ZqckI7)jEhp19Zs**LlE*}?N;+WCHTx8X)z=`(ndi{yM2BpzR+Q{8qq)w<0~
zeLnhq@6SHAT}u$x6SsuJh!-KJL%@3HG*N)Sr{pB`6$h+jFV?(woG~2jPj`_&Klz7^
z-p|bUg+jZ9N}78aZwbbC(eiaV|1N53fwVw{&B{#elCrle^fkZwZGgXRsG0QRdl~7}
zmWA&|+P$Jl-}5X;kq+j%-YO$oT<X{FR@aO`usu0Cv@T%fo1~Cu--V;D<-WfKEE5J+
z_!4R)9BPxA1vUpHoFdjM@Omj{`fqedAk-+_2ropAzZ}W>yAn}G1{rFz1vctPCt)!T
zvhz8H(q)Dae{go(^9qkQqM!}=8#QW?z^ds}H(98e?gz;#kia}!4m#?{tJU^jSh@=2
zT#Zwv<U_AUU>F$^)nGhEVwraGC4HrEvDX*f+(!rUQmwH$(cg=6a6Kse3{bc|^PJpv
zv~}LQYgVKXvtXD(i1RPRTvxk6v9xS7`a_>-l3&tms%gPyDIHBgy8>)rLrMQ!4+0P?
zeI0O3(|_ZJS{q5k5=CFQ4O+*qh<RT?(Q^d_|K<+-Gkb}C@pT>HA_#3}CP!o7;d<tJ
zI64r87O_79)(!`&gH(veHsvC4M4GF<s?1m8oo6LXV-l435VPMllz~@5X-xEB&}Fka
zG1unC7JzQd+e3VbAX2iBzmKc`ERi5<4lBc%BqbW};|59zxxf5Ufklb=D|{W)DuKAz
zn;<Y7xOGFkzj{9%jv<n2&X9a{1V_~ptPs4Kdh9I$-o@#8Z^_wftQysY_a~xSeetoV
z7qj}qc4XePqLDdB!-1fa4b-7|?ceZytcZfz>h+XVO`622;y~ScOA@?x=<rIVC2`vG
zvsp-iM9Q?ZFLRR%1Z~Axcj9g!QqI^rGj3jzc!bY{n>o)4<z4?VlJdC`vqch{3D0$b
zX7(jX<C;6foKB!S=YCG9IlAhQN<E&0YONj9S6q8N&5AE`0156MZPt&6O?0L{U!L{x
zXoQJ|o5lsy`_?P&A$xH!OY!ELlI3;E<VGi>!|#{JdB#TBL6N4%$)ohh*m9zB^|-a9
z-Hk%PdNs-W%&xPJ65eXBP6e7(owh~k7r~27hb%S8$CT|Q`R1{$(boQb>%t}VSCDO(
zH3by0hFZK>r~+x|ul?I|QuSV<18n>)cgiL2U^Xsr9&xKkBqW^!-<D{!EZPpa3==}M
zn3-~CuB^<CVnQK}43b*ctLeAV>Sp9a|0sIB#%)(AZHHzj+!W#3z|t+-0$^V#t@|$f
zm`Ba3c1ecapQnwl@1A%bpU0nBr-{R_;h&p0HJgb*l4syOCE!ku(uL_Xjh@r-d6_bp
zU=j#-<5TUJ`hImIeS-6g&N+RSjU`s{m8{sy$qh<!Fc3z|s>f5kGT4U_?+vj?7*XvF
zzqY8jg@>j#)ZYYP@l7v0K_`DH<=Gg&oMq@)!8eJ*1dhr6geWPXHYM_99-M)Jm+OyX
zR2OZU2juizD4&0rcD~%)JsN%*HK!L?VSpnPlmT#9LGps?J(tva|Mr>e8O54Lha=>L
zILetj&4A~_03-G$`FR+Znne+mVZ)$+MB_@#ROy?v-J<~)%DI)qla)ACT5+cy$q=Sp
zduS0SciRNZT5Bh$R<IluqxfZ<F(urYA|iYHB(>ado_LPiZGn|^KYSgu%2pD*c~Fns
zQ6IPyd{b+_9s$V_$07Vynsd_nl23F1DBFxFZ?a6rb}8m3H8vi?m>_qEmrFGgW<(Aq
z7^8p@yQYG=B&(m1H=taieu^?3nV33)F<aD=QkSC4OwgT)dlH6V(t!Ljc!q@w9mYf_
zFjbUFAcTncQ?bJ*oFI1wmg0R9Z%>|Ap_0U)Nnd_>Ojh4IcPT5W>jN#ez!O~*e!+$k
z$vL=wP+}JCTG?&5wi<o(WJp#?^u0jt79)vhFI%EhknnIEt8jq6yZCFrZt4autzwFk
z8ikf1$u3r(ef>b>m2E#1hvEP{{TPA<y=<84GzuMi0amGI2(7cIb2L2)d&TQQeDIr+
zqPap56-Dbdc%A=JW*aNZ6}rPtCx9ONq>n(DDMD#c;?D~G@jG$$Z(Lt8L;I}k7=+x%
z@59SGEIBR@F#HFaIjy<P&+g6oaSlGLSPQMv5y##h=#j{1Ct0z%)AaSCfW!(uLHDq?
z9to;#J!;qk*KvYX3*>3E+x-H<`;NV7V*p_`X-~v4X9!(#^%doi7&W%DgFs~=irjZA
zWQEO_etXdZhK=7_z4#D+QX;WzDd$gKETHTVaQ@^o0?-o9qQd~pHh#ovMFLJ?UB3DN
zG(URH5#8z24eU-s&21wXLxOvKigXhrQ>L2<gVEWw&WIN|+Gyk{3oIK-xjvl7=8Ojc
rj{905z!1rH)0ie{*<Kc)rAe}!=f(fiY4J7Z2NXZ-stl+c1n7SOc=rV}

literal 0
HcmV?d00001

diff --git a/test/assets/pypi_attestations-0.0.19.tar.gz.publish.attestation b/test/assets/pypi_attestations-0.0.19.tar.gz.publish.attestation
new file mode 100644
index 0000000..3d7e1e6
--- /dev/null
+++ b/test/assets/pypi_attestations-0.0.19.tar.gz.publish.attestation
@@ -0,0 +1 @@
+{"envelope":{"signature":"MEYCIQC+Yjc/GP2HATHRmlyN85BGBJdDgOWm/GVMDuoU6ESX/gIhAIyakdnRMW84PJVQJxpPp3zxwA9IdP64teBnkeFl71OH","statement":"eyJfdHlwZSI6Imh0dHBzOi8vaW4tdG90by5pby9TdGF0ZW1lbnQvdjEiLCJzdWJqZWN0IjpbeyJuYW1lIjoicHlwaV9hdHRlc3RhdGlvbnMtMC4wLjE5LnRhci5neiIsImRpZ2VzdCI6eyJzaGEyNTYiOiI5YmIxYWRkMDRiMWI0ZTE4MmJlNmIwYjgwOTMxNTkzZjdhMjkxZWI0OWQ2OWI0ZmQ3MjhhNWQ0Y2JjZGM0YmQzIn19XSwicHJlZGljYXRlVHlwZSI6Imh0dHBzOi8vZG9jcy5weXBpLm9yZy9hdHRlc3RhdGlvbnMvcHVibGlzaC92MSIsInByZWRpY2F0ZSI6bnVsbH0="},"verification_material":{"certificate":"MIIG/jCCBoSgAwIBAgIUB9+WbpxQR+oVugVlR2Qp01owfvEwCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjQxMjA0MjMxNDAxWhcNMjQxMjA0MjMyNDAxWjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEga+LYX2vTD7c3fY1t/ppcVWnYsu4dJmLZgGlHTh3gdP10PGSxuOqfbMnW4PgkJNlbujG6D5XnNyVBiihXp/SEaOCBaMwggWfMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUJUX7ijmrEJ4ZgNxWVoJSi2JWKOcwHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4YZD8wbgYDVR0RAQH/BGQwYoZgaHR0cHM6Ly9naXRodWIuY29tL3RyYWlsb2ZiaXRzL3B5cGktYXR0ZXN0YXRpb25zLy5naXRodWIvd29ya2Zsb3dzL3JlbGVhc2UueW1sQHJlZnMvdGFncy92MC4wLjE5MDkGCisGAQQBg78wAQEEK2h0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20wFQYKKwYBBAGDvzABAgQHcmVsZWFzZTA2BgorBgEEAYO/MAEDBCgwODgwMmVmZTFmOGU1ZmVjNGFkODQyZDZiOGNlOTc2NTYwOTJlZTcyMBUGCisGAQQBg78wAQQEB3JlbGVhc2UwKwYKKwYBBAGDvzABBQQddHJhaWxvZmJpdHMvcHlwaS1hdHRlc3RhdGlvbnMwHwYKKwYBBAGDvzABBgQRcmVmcy90YWdzL3YwLjAuMTkwOwYKKwYBBAGDvzABCAQtDCtodHRwczovL3Rva2VuLmFjdGlvbnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tMHAGCisGAQQBg78wAQkEYgxgaHR0cHM6Ly9naXRodWIuY29tL3RyYWlsb2ZiaXRzL3B5cGktYXR0ZXN0YXRpb25zLy5naXRodWIvd29ya2Zsb3dzL3JlbGVhc2UueW1sQHJlZnMvdGFncy92MC4wLjE5MDgGCisGAQQBg78wAQoEKgwoMDg4MDJlZmUxZjhlNWZlYzRhZDg0MmQ2YjhjZTk3NjU2MDkyZWU3MjAdBgorBgEEAYO/MAELBA8MDWdpdGh1Yi1ob3N0ZWQwQAYKKwYBBAGDvzABDAQyDDBodHRwczovL2dpdGh1Yi5jb20vdHJhaWxvZmJpdHMvcHlwaS1hdHRlc3RhdGlvbnMwOAYKKwYBBAGDvzABDQQqDCgwODgwMmVmZTFmOGU1ZmVjNGFkODQyZDZiOGNlOTc2NTYwOTJlZTcyMCEGCisGAQQBg78wAQ4EEwwRcmVmcy90YWdzL3YwLjAuMTkwGQYKKwYBBAGDvzABDwQLDAk3NzIyNDc0MjMwLgYKKwYBBAGDvzABEAQgDB5odHRwczovL2dpdGh1Yi5jb20vdHJhaWxvZmJpdHMwFwYKKwYBBAGDvzABEQQJDAcyMzE0NDIzMHAGCisGAQQBg78wARIEYgxgaHR0cHM6Ly9naXRodWIuY29tL3RyYWlsb2ZiaXRzL3B5cGktYXR0ZXN0YXRpb25zLy5naXRodWIvd29ya2Zsb3dzL3JlbGVhc2UueW1sQHJlZnMvdGFncy92MC4wLjE5MDgGCisGAQQBg78wARMEKgwoMDg4MDJlZmUxZjhlNWZlYzRhZDg0MmQ2YjhjZTk3NjU2MDkyZWU3MjAXBgorBgEEAYO/MAEUBAkMB3JlbGVhc2UwZAYKKwYBBAGDvzABFQRWDFRodHRwczovL2dpdGh1Yi5jb20vdHJhaWxvZmJpdHMvcHlwaS1hdHRlc3RhdGlvbnMvYWN0aW9ucy9ydW5zLzEyMTY5OTg5Nzg3L2F0dGVtcHRzLzEwFgYKKwYBBAGDvzABFgQIDAZwdWJsaWMwgYoGCisGAQQB1nkCBAIEfAR6AHgAdgDdPTBqxscRMmMZHhyZZzcCokpeuN48rf+HinKALynujgAAAZOT87EeAAAEAwBHMEUCIQDT5XCp5Zk2YLgHSwKh7T13nBcpaEkqSA9FENdlc79RWgIgKhBG+Wxyj/J1Y871dOuuGFl++LhPrZPa3SVnOSgWn10wCgYIKoZIzj0EAwMDaAAwZQIxAJKeTgj+ghc3peD01ARd9aIVsEpDGdbOazKA2uaQNvSLOuduyJkLlNUNKN8QaNwpsQIwTpZ64vtjwC2SZAqb21Bn4qV7tLBJmIWx1lUe0QlVyix1180TkCZ0BVcfoD4xICKI","transparency_entries":[{"canonicalizedBody":"eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiZHNzZSIsInNwZWMiOnsiZW52ZWxvcGVIYXNoIjp7ImFsZ29yaXRobSI6InNoYTI1NiIsInZhbHVlIjoiZWFjNTY1OWQ4NDZhMTYxMzdhNDFiMzQxM2E5MTE4ZjFiODYxNDFhNmJiMWIxNTRhYWZhNWZhNGY2NTJjYWM0NCJ9LCJwYXlsb2FkSGFzaCI6eyJhbGdvcml0aG0iOiJzaGEyNTYiLCJ2YWx1ZSI6ImY5NzkwZThhODdkMDE4OThkMDBkMmNlMWNhNmNlNDJiZmM2Y2U1OWZhYWEzMWJhYTBhYjY0MDY0YTY5NjgwMDAifSwic2lnbmF0dXJlcyI6W3sic2lnbmF0dXJlIjoiTUVZQ0lRQytZamMvR1AySEFUSFJtbHlOODVCR0JKZERnT1dtL0dWTUR1b1U2RVNYL2dJaEFJeWFrZG5STVc4NFBKVlFKeHBQcDN6eHdBOUlkUDY0dGVCbmtlRmw3MU9IIiwidmVyaWZpZXIiOiJMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VjdmFrTkRRbTlUWjBGM1NVSkJaMGxWUWprclYySndlRkZTSzI5V2RXZFdiRkl5VVhBd01XOTNablpGZDBObldVbExiMXBKZW1vd1JVRjNUWGNLVG5wRlZrMUNUVWRCTVZWRlEyaE5UV015Ykc1ak0xSjJZMjFWZFZwSFZqSk5ValIzU0VGWlJGWlJVVVJGZUZaNllWZGtlbVJIT1hsYVV6RndZbTVTYkFwamJURnNXa2RzYUdSSFZYZElhR05PVFdwUmVFMXFRVEJOYWsxNFRrUkJlRmRvWTA1TmFsRjRUV3BCTUUxcVRYbE9SRUY0VjJwQlFVMUdhM2RGZDFsSUNrdHZXa2w2YWpCRFFWRlpTVXR2V2tsNmFqQkVRVkZqUkZGblFVVm5ZU3RNV1ZneWRsUkVOMk16WmxreGRDOXdjR05XVjI1WmMzVTBaRXB0VEZwblIyd0tTRlJvTTJka1VERXdVRWRUZUhWUGNXWmlUVzVYTkZCbmEwcE9iR0oxYWtjMlJEVlliazU1VmtKcGFXaFljQzlUUldGUFEwSmhUWGRuWjFkbVRVRTBSd3BCTVZWa1JIZEZRaTkzVVVWQmQwbElaMFJCVkVKblRsWklVMVZGUkVSQlMwSm5aM0pDWjBWR1FsRmpSRUY2UVdSQ1owNVdTRkUwUlVablVWVktWVmczQ21scWJYSkZTalJhWjA1NFYxWnZTbE5wTWtwWFMwOWpkMGgzV1VSV1VqQnFRa0puZDBadlFWVXpPVkJ3ZWpGWmEwVmFZalZ4VG1wd1MwWlhhWGhwTkZrS1drUTRkMkpuV1VSV1VqQlNRVkZJTDBKSFVYZFpiMXBuWVVoU01HTklUVFpNZVRsdVlWaFNiMlJYU1hWWk1qbDBURE5TZVZsWGJITmlNbHBwWVZoU2VncE1NMEkxWTBkcmRGbFlVakJhV0U0d1dWaFNjR0l5TlhwTWVUVnVZVmhTYjJSWFNYWmtNamw1WVRKYWMySXpaSHBNTTBwc1lrZFdhR015VlhWbFZ6RnpDbEZJU214YWJrMTJaRWRHYm1ONU9USk5RelIzVEdwRk5VMUVhMGREYVhOSFFWRlJRbWMzT0hkQlVVVkZTekpvTUdSSVFucFBhVGgyWkVjNWNscFhOSFVLV1ZkT01HRlhPWFZqZVRWdVlWaFNiMlJYU2pGak1sWjVXVEk1ZFdSSFZuVmtRelZxWWpJd2QwWlJXVXRMZDFsQ1FrRkhSSFo2UVVKQloxRklZMjFXY3dwYVYwWjZXbFJCTWtKbmIzSkNaMFZGUVZsUEwwMUJSVVJDUTJkM1QwUm5kMDF0Vm0xYVZFWnRUMGRWTVZwdFZtcE9SMFpyVDBSUmVWcEVXbWxQUjA1c0NrOVVZekpPVkZsM1QxUktiRnBVWTNsTlFsVkhRMmx6UjBGUlVVSm5OemgzUVZGUlJVSXpTbXhpUjFab1l6SlZkMHQzV1V0TGQxbENRa0ZIUkhaNlFVSUtRbEZSWkdSSVNtaGhWM2gyV20xS2NHUklUWFpqU0d4M1lWTXhhR1JJVW14ak0xSm9aRWRzZG1KdVRYZElkMWxMUzNkWlFrSkJSMFIyZWtGQ1FtZFJVZ3BqYlZadFkzazVNRmxYWkhwTU0xbDNUR3BCZFUxVWEzZFBkMWxMUzNkWlFrSkJSMFIyZWtGQ1EwRlJkRVJEZEc5a1NGSjNZM3B2ZGt3elVuWmhNbFoxQ2t4dFJtcGtSMngyWW01TmRWb3liREJoU0ZacFpGaE9iR050VG5aaWJsSnNZbTVSZFZreU9YUk5TRUZIUTJselIwRlJVVUpuTnpoM1FWRnJSVmxuZUdjS1lVaFNNR05JVFRaTWVUbHVZVmhTYjJSWFNYVlpNamwwVEROU2VWbFhiSE5pTWxwcFlWaFNla3d6UWpWalIydDBXVmhTTUZwWVRqQlpXRkp3WWpJMWVncE1lVFZ1WVZoU2IyUlhTWFprTWpsNVlUSmFjMkl6WkhwTU0wcHNZa2RXYUdNeVZYVmxWekZ6VVVoS2JGcHVUWFprUjBadVkzazVNazFETkhkTWFrVTFDazFFWjBkRGFYTkhRVkZSUW1jM09IZEJVVzlGUzJkM2IwMUVaelJOUkVwc1dtMVZlRnBxYUd4T1YxcHNXWHBTYUZwRVp6Qk5iVkV5V1dwb2FscFVhek1LVG1wVk1rMUVhM2xhVjFVelRXcEJaRUpuYjNKQ1owVkZRVmxQTDAxQlJVeENRVGhOUkZka2NHUkhhREZaYVRGdllqTk9NRnBYVVhkUlFWbExTM2RaUWdwQ1FVZEVkbnBCUWtSQlVYbEVSRUp2WkVoU2QyTjZiM1pNTW1Sd1pFZG9NVmxwTldwaU1qQjJaRWhLYUdGWGVIWmFiVXB3WkVoTmRtTkliSGRoVXpGb0NtUklVbXhqTTFKb1pFZHNkbUp1VFhkUFFWbExTM2RaUWtKQlIwUjJla0ZDUkZGUmNVUkRaM2RQUkdkM1RXMVdiVnBVUm0xUFIxVXhXbTFXYWs1SFJtc0tUMFJSZVZwRVdtbFBSMDVzVDFSak1rNVVXWGRQVkVwc1dsUmplVTFEUlVkRGFYTkhRVkZSUW1jM09IZEJVVFJGUlhkM1VtTnRWbTFqZVRrd1dWZGtlZ3BNTTFsM1RHcEJkVTFVYTNkSFVWbExTM2RaUWtKQlIwUjJla0ZDUkhkUlRFUkJhek5PZWtsNVRrUmpNRTFxVFhkTVoxbExTM2RaUWtKQlIwUjJla0ZDQ2tWQlVXZEVRalZ2WkVoU2QyTjZiM1pNTW1Sd1pFZG9NVmxwTldwaU1qQjJaRWhLYUdGWGVIWmFiVXB3WkVoTmQwWjNXVXRMZDFsQ1FrRkhSSFo2UVVJS1JWRlJTa1JCWTNsTmVrVXdUa1JKZWsxSVFVZERhWE5IUVZGUlFtYzNPSGRCVWtsRldXZDRaMkZJVWpCalNFMDJUSGs1Ym1GWVVtOWtWMGwxV1RJNWRBcE1NMUo1V1Zkc2MySXlXbWxoV0ZKNlRETkNOV05IYTNSWldGSXdXbGhPTUZsWVVuQmlNalY2VEhrMWJtRllVbTlrVjBsMlpESTVlV0V5V25OaU0yUjZDa3d6U214aVIxWm9ZekpWZFdWWE1YTlJTRXBzV201TmRtUkhSbTVqZVRreVRVTTBkMHhxUlRWTlJHZEhRMmx6UjBGUlVVSm5OemgzUVZKTlJVdG5kMjhLVFVSbk5FMUVTbXhhYlZWNFdtcG9iRTVYV214WmVsSm9Xa1JuTUUxdFVUSlphbWhxV2xSck0wNXFWVEpOUkd0NVdsZFZNMDFxUVZoQ1oyOXlRbWRGUlFwQldVOHZUVUZGVlVKQmEwMUNNMHBzWWtkV2FHTXlWWGRhUVZsTFMzZFpRa0pCUjBSMmVrRkNSbEZTVjBSR1VtOWtTRkozWTNwdmRrd3laSEJrUjJneENsbHBOV3BpTWpCMlpFaEthR0ZYZUhaYWJVcHdaRWhOZG1OSWJIZGhVekZvWkVoU2JHTXpVbWhrUjJ4MlltNU5kbGxYVGpCaFZ6bDFZM2s1ZVdSWE5Yb0tUSHBGZVUxVVdUVlBWR2MxVG5wbk0wd3lSakJrUjFaMFkwaFNla3g2UlhkR1oxbExTM2RaUWtKQlIwUjJla0ZDUm1kUlNVUkJXbmRrVjBwellWZE5kd3BuV1c5SFEybHpSMEZSVVVJeGJtdERRa0ZKUldaQlVqWkJTR2RCWkdkRVpGQlVRbkY0YzJOU1RXMU5Xa2hvZVZwYWVtTkRiMnR3WlhWT05EaHlaaXRJQ21sdVMwRk1lVzUxYW1kQlFVRmFUMVE0TjBWbFFVRkJSVUYzUWtoTlJWVkRTVkZFVkRWWVEzQTFXbXN5V1V4blNGTjNTMmczVkRFemJrSmpjR0ZGYTNFS1UwRTVSa1ZPWkd4ak56bFNWMmRKWjB0b1FrY3JWM2g1YWk5S01WazROekZrVDNWMVIwWnNLeXRNYUZCeVdsQmhNMU5XYms5VFoxZHVNVEIzUTJkWlNRcExiMXBKZW1vd1JVRjNUVVJoUVVGM1dsRkplRUZLUzJWVVoyb3JaMmhqTTNCbFJEQXhRVkprT1dGSlZuTkZjRVJIWkdKUFlYcExRVEoxWVZGT2RsTk1DazkxWkhWNVNtdE1iRTVWVGt0T09GRmhUbmR3YzFGSmQxUndXalkwZG5ScWQwTXlVMXBCY1dJeU1VSnVOSEZXTjNSTVFrcHRTVmQ0TVd4VlpUQlJiRllLZVdsNE1URTRNRlJyUTFvd1FsWmpabTlFTkhoSlEwdEpDaTB0TFMwdFJVNUVJRU5GVWxSSlJrbERRVlJGTFMwdExTMEsifV19fQ==","inclusionPromise":{"signedEntryTimestamp":"MEQCIBCltBioLJc+JvwwmgQ1BYgIOE5RTG+4e7X3zQRGa6ZHAiA46xAH8obqC29dw2T8gwyllNzqr2tfG8iMWLnFKuIORQ=="},"inclusionProof":{"checkpoint":{"envelope":"rekor.sigstore.dev - 1193050959916656506\n31550402\ny0mvJokg0K9X78/zSkzLfaoYE1EUnA0l4CTQQXV1g4o=\n\n— rekor.sigstore.dev wNI9ajBFAiBegciq2ELY5ENvqNVWFm9cEfG5dKBwBegOEaoDVWLdVwIhAJAOwu2VWIQojdyGzsV/t4MRCOkduH9SVKL8yoK9qMc2\n"},"hashes":["Ys0Xl1UkpNskWt6zZj4IF0V4C0hQnG2rcYT7yITCgxs=","SZr1mNOrcyCB9fdcJOMiVFgh1vv3F1JOn4Iro9CbeI0=","PcaivMMXf/sp7holRDnainZ7CqkhfGbumRzqHBLORyo=","QmGjL5m3QfWxTeS1DSKdcZi1Cb/kXHez6zUQJFM+6No=","RzzP82vxkFlwbK42drRrLKdQO7cU4TutI9RH4GZWqmc=","T180VQg42xooybP3Nj9QuoOWlDWbbaQ4n4S2wWmwsSc=","hABDIJpRLjWOq3nQy0+WmZvudV2qvqHNysU41bEne1Q=","pDqPuFyZgsegAtT2zcnZSet9YAZExTulHeEunQ5/LRg=","Q+viUQ+8PPr3Ck1WOMcjETEmAMGVbNDvGlSy6G/aFAI=","R7hO1X+KgSw8Oojd8i2+G3BzBYztkRBE6LpYSXPg33U=","oOecFfN3YqDOkbijS/ej1WF5Da/Gt/AZNhbwE9uoOE8=","4lUF0YOu9XkIDXKXA0wMSzd6VeDY3TZAgmoOeWmS2+Y=","gf+9m552B3PnkWnO0o4KdVvjcT3WVHLrCbf1DoVYKFw="],"logIndex":"31550401","rootHash":"y0mvJokg0K9X78/zSkzLfaoYE1EUnA0l4CTQQXV1g4o=","treeSize":"31550402"},"integratedTime":"1733354041","kindVersion":{"kind":"dsse","version":"0.0.1"},"logId":{"keyId":"wNI9atQGlz+VWfO6LRygH4QUfY/8W4RFwiT5i5WRgB0="},"logIndex":"153454663"}]},"version":1}
diff --git a/test/test_cli.py b/test/test_cli.py
index d7a84d4..a224fbe 100644
--- a/test/test_cli.py
+++ b/test/test_cli.py
@@ -30,8 +30,9 @@
 _HERE = Path(__file__).parent
 _ASSETS = _HERE / "assets"
 
-artifact_path = _ASSETS / "rfc8785-0.1.2-py3-none-any.whl"
-attestation_path = _ASSETS / "rfc8785-0.1.2-py3-none-any.whl.publish.attestation"
+artifact_path = _ASSETS / "pypi_attestations-0.0.19.tar.gz"
+publish_attestation_identity = "https://github.com/trailofbits/pypi-attestations/.github/workflows/release.yml@refs/tags/v0.0.19"
+publish_attestation_path = _ASSETS / "pypi_attestations-0.0.19.tar.gz.publish.attestation"
 
 pypi_wheel_url = "https://files.pythonhosted.org/packages/70/f5/324edb6a802438e97e289992a41f81bb7a58a1cda2e49439e7e48896649e/sigstore-3.6.1-py3-none-any.whl"
 pypi_sdist_url = "https://files.pythonhosted.org/packages/db/89/b982115aabe1068fd581d83d2a0b26b78e1e7ce6184e75003d173e15c0b3/sigstore-3.6.1.tar.gz"
@@ -83,7 +84,7 @@ def return_invalid_token() -> str:
 @online
 def test_sign_command(tmp_path: Path) -> None:
     # Happy path
-    copied_artifact = tmp_path / artifact_path.with_suffix(".copy.whl").name
+    copied_artifact = tmp_path / artifact_path.name
     shutil.copy(artifact_path, copied_artifact)
 
     run_main_with_command(
@@ -172,7 +173,7 @@ def test_sign_fail_to_sign(
     monkeypatch: pytest.MonkeyPatch, caplog: pytest.LogCaptureFixture, tmp_path: Path
 ) -> None:
     monkeypatch.setattr(pypi_attestations._cli, "Attestation", stub(sign=raiser(AttestationError)))
-    copied_artifact = tmp_path / artifact_path.with_suffix(".copy.whl").name
+    copied_artifact = tmp_path / artifact_path.name
     shutil.copy(artifact_path, copied_artifact)
 
     with pytest.raises(SystemExit):
@@ -183,11 +184,11 @@ def test_sign_fail_to_sign(
 
 def test_inspect_command(caplog: pytest.LogCaptureFixture) -> None:
     # Happy path
-    run_main_with_command(["inspect", attestation_path.as_posix()])
-    assert attestation_path.as_posix() in caplog.text
+    run_main_with_command(["inspect", publish_attestation_path.as_posix()])
+    assert publish_attestation_path.as_posix() in caplog.text
     assert "CN=sigstore-intermediate,O=sigstore.dev" in caplog.text
 
-    run_main_with_command(["inspect", "--dump-bytes", attestation_path.as_posix()])
+    run_main_with_command(["inspect", "--dump-bytes", publish_attestation_path.as_posix()])
     assert "Signature:" in caplog.text
 
     # Failure paths
@@ -217,13 +218,12 @@ def test_verify_attestation_command(caplog: pytest.LogCaptureFixture) -> None:
         [
             "verify",
             "attestation",
-            "--staging",
             "--identity",
-            "william@yossarian.net",
+            publish_attestation_identity,
             artifact_path.as_posix(),
         ]
     )
-    assert f"OK: {attestation_path.as_posix()}" in caplog.text
+    assert f"OK: {publish_attestation_path.as_posix()}" in caplog.text
 
     caplog.clear()
 
@@ -233,8 +233,9 @@ def test_verify_attestation_command(caplog: pytest.LogCaptureFixture) -> None:
             [
                 "verify",
                 "attestation",
+                "--staging",
                 "--identity",
-                "william@yossarian.net",
+                publish_attestation_identity,
                 artifact_path.as_posix(),
             ]
         )
@@ -256,9 +257,8 @@ def test_verify_attestation_invalid_attestation(caplog: pytest.LogCaptureFixture
                 [
                     "verify",
                     "attestation",
-                    "--staging",
                     "--identity",
-                    "william@yossarian.net",
+                    publish_attestation_identity,
                     fake_package_name.as_posix(),
                 ]
             )
@@ -272,9 +272,8 @@ def test_verify_attestation_missing_artifact(caplog: pytest.LogCaptureFixture) -
             [
                 "verify",
                 "attestation",
-                "--staging",
                 "--identity",
-                "william@yossarian.net",
+                publish_attestation_identity,
                 "not_a_file.txt",
             ]
         )
@@ -290,9 +289,8 @@ def test_verify_attestation_missing_attestation(caplog: pytest.LogCaptureFixture
                 [
                     "verify",
                     "attestation",
-                    "--staging",
                     "--identity",
-                    "william@yossarian.net",
+                    publish_attestation_identity,
                     f.name,
                 ]
             )
@@ -306,16 +304,15 @@ def test_verify_attestation_invalid_artifact(
     copied_artifact = tmp_path / artifact_path.with_suffix(".whl2").name
     shutil.copy(artifact_path, copied_artifact)
     copied_attestation = tmp_path / artifact_path.with_suffix(".whl2.publish.attestation").name
-    shutil.copy(attestation_path, copied_attestation)
+    shutil.copy(publish_attestation_path, copied_attestation)
 
     with pytest.raises(SystemExit):
         run_main_with_command(
             [
                 "verify",
                 "attestation",
-                "--staging",
                 "--identity",
-                "william@yossarian.net",
+                publish_attestation_identity,
                 copied_artifact.as_posix(),
             ]
         )

From 5e585e98541587592d09b3711f94b32c00c19484 Mon Sep 17 00:00:00 2001
From: Facundo Tuesca <facundo.tuesca@trailofbits.com>
Date: Tue, 14 Jan 2025 22:53:40 +0100
Subject: [PATCH 2/2] cli: support verifying slsa attestations

Signed-off-by: Facundo Tuesca <facundo.tuesca@trailofbits.com>
---
 CHANGELOG.md                                  |  7 +++
 README.md                                     | 14 ++----
 src/pypi_attestations/_cli.py                 | 50 ++++++++++---------
 ...ttestations-0.0.19.tar.gz.slsa.attestation |  1 +
 test/test_cli.py                              |  4 +-
 5 files changed, 40 insertions(+), 36 deletions(-)
 create mode 100644 test/assets/pypi_attestations-0.0.19.tar.gz.slsa.attestation

diff --git a/CHANGELOG.md b/CHANGELOG.md
index af9600d..a8c194b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+### Added
+
+- The CLI subcommand `verify attestation` now supports `.slsa.attestation`
+  files. When verifying an artifact, both `.publish.attestation` and
+  `.slsa.attestation` files are used (if present).
+
 ## [0.0.21]
 
 ### Changed
@@ -18,6 +24,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
   ([#82](https://github.com/trailofbits/pypi-attestations/pull/82))
 
 ### Added
+
 - The CLI has a new subcommand `verify pypi`, which takes a URL to a
   PyPI distribution (either a wheel or a source distribution) and a
   GitHub/GitLab repository. The command verifies the distribution by
diff --git a/README.md b/README.md
index 84a171f..432137a 100644
--- a/README.md
+++ b/README.md
@@ -134,20 +134,12 @@ pypi-attestations inspect dist/pypi_attestations-*.whl.publish.attestation
 
 ### Verifying a PEP 740 Attestation
 
-> [!NOTE]
-> The example below uses an email with `--identity`, but actual PyPI
-> attestations will be signed with a machine identity corresponding to the
-> workflow that generated the attestation. The format of that identity
-
 ```bash
-pypi-attestations verify attestation --staging \
-  --identity william@yossarian.net \
-  test/assets/rfc8785-0.1.2-py3-none-any.whl
+pypi-attestations verify attestation  \
+  --identity https://github.com/trailofbits/pypi-attestations/.github/workflows/release.yml@refs/tags/v0.0.19 \
+  test/assets/pypi_attestations-0.0.19.tar.gz
 ```
 
-The attestation present in the test has been generated using the staging
-environment of Sigstore and signed by the identity `william@yossarian.net`.
-
 ### Verifying a PyPI package
 > [!NOTE]
 > The URL must be a direct link to the distribution artifact hosted by PyPI.
diff --git a/src/pypi_attestations/_cli.py b/src/pypi_attestations/_cli.py
index ebc389b..dccb4a3 100644
--- a/src/pypi_attestations/_cli.py
+++ b/src/pypi_attestations/_cli.py
@@ -6,6 +6,7 @@
 import json
 import logging
 import typing
+from collections import defaultdict
 from pathlib import Path
 from tempfile import TemporaryDirectory
 
@@ -385,35 +386,36 @@ def _verify_attestation(args: argparse.Namespace) -> None:
     """Verify the files passed as argument."""
     pol = policy.Identity(identity=args.identity)
 
-    # Validate that both the attestations and files exist
+    # Validate that the files exist
     _validate_files(args.files, should_exist=True)
-    _validate_files(
-        (Path(f"{file_path}.publish.attestation") for file_path in args.files),
-        should_exist=True,
-    )
-
-    inputs: list[Path] = []
-    for file_path in args.files:
-        inputs.append(file_path)
 
-    for input in inputs:
-        attestation_path = Path(f"{input}.publish.attestation")
-        try:
-            attestation = Attestation.model_validate_json(attestation_path.read_text())
-        except ValidationError as validation_error:
-            _die(f"Invalid attestation ({attestation_path}): {validation_error}")
+    # artifact -> [attestation1, attestation2, ...]
+    files_with_attestations: dict[Path, list[Path]] = defaultdict(list)
+    for f in args.files:
+        for attestation_file in (Path(f"{f}.publish.attestation"), Path(f"{f}.slsa.attestation")):
+            if attestation_file.exists():
+                files_with_attestations[f].append(attestation_file)
+        if not files_with_attestations[f]:
+            _die(f"Couldn't find attestations for file {f}")
+
+    for file_path, attestations in files_with_attestations.items():
+        for attestation_path in attestations:
+            try:
+                attestation = Attestation.model_validate_json(attestation_path.read_text())
+            except ValidationError as validation_error:
+                _die(f"Invalid attestation ({attestation_path}): {validation_error}")
 
-        try:
-            dist = Distribution.from_file(input)
-        except ValidationError as e:
-            _die(f"Invalid Python package distribution: {e}")
+            try:
+                dist = Distribution.from_file(file_path)
+            except ValidationError as e:
+                _die(f"Invalid Python package distribution: {e}")
 
-        try:
-            attestation.verify(pol, dist, staging=args.staging)
-        except VerificationError as verification_error:
-            _die(f"Verification failed for {input}: {verification_error}")
+            try:
+                attestation.verify(pol, dist, staging=args.staging)
+            except VerificationError as verification_error:
+                _die(f"Verification failed for {file_path}: {verification_error}")
 
-        _logger.info(f"OK: {attestation_path}")
+            _logger.info(f"OK: {attestation_path}")
 
 
 def _verify_pypi(args: argparse.Namespace) -> None:
diff --git a/test/assets/pypi_attestations-0.0.19.tar.gz.slsa.attestation b/test/assets/pypi_attestations-0.0.19.tar.gz.slsa.attestation
new file mode 100644
index 0000000..a4a4b96
--- /dev/null
+++ b/test/assets/pypi_attestations-0.0.19.tar.gz.slsa.attestation
@@ -0,0 +1 @@
+{"version":1,"verification_material":{"certificate":"MIIG/jCCBoWgAwIBAgIUadewWowQ+uzhwatzNyNwu6sfgaEwCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjQxMjA0MjMxMzQ2WhcNMjQxMjA0MjMyMzQ2WjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEBT7zGTbMjn2FoUPtqMpOTTwS2fc5tx7JhxVSImQZ/3V8CgxGXK7UaUZtG9o0YACzwxLKcueE0wgs8VZGx2m5kaOCBaQwggWgMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQU15ujK9pyn+vXWnwD2c6KejdM4l8wHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4YZD8wbgYDVR0RAQH/BGQwYoZgaHR0cHM6Ly9naXRodWIuY29tL3RyYWlsb2ZiaXRzL3B5cGktYXR0ZXN0YXRpb25zLy5naXRodWIvd29ya2Zsb3dzL3JlbGVhc2UueW1sQHJlZnMvdGFncy92MC4wLjE5MDkGCisGAQQBg78wAQEEK2h0dHBzOi8vdG9rZW4uYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20wFQYKKwYBBAGDvzABAgQHcmVsZWFzZTA2BgorBgEEAYO/MAEDBCgwODgwMmVmZTFmOGU1ZmVjNGFkODQyZDZiOGNlOTc2NTYwOTJlZTcyMBUGCisGAQQBg78wAQQEB3JlbGVhc2UwKwYKKwYBBAGDvzABBQQddHJhaWxvZmJpdHMvcHlwaS1hdHRlc3RhdGlvbnMwHwYKKwYBBAGDvzABBgQRcmVmcy90YWdzL3YwLjAuMTkwOwYKKwYBBAGDvzABCAQtDCtodHRwczovL3Rva2VuLmFjdGlvbnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tMHAGCisGAQQBg78wAQkEYgxgaHR0cHM6Ly9naXRodWIuY29tL3RyYWlsb2ZiaXRzL3B5cGktYXR0ZXN0YXRpb25zLy5naXRodWIvd29ya2Zsb3dzL3JlbGVhc2UueW1sQHJlZnMvdGFncy92MC4wLjE5MDgGCisGAQQBg78wAQoEKgwoMDg4MDJlZmUxZjhlNWZlYzRhZDg0MmQ2YjhjZTk3NjU2MDkyZWU3MjAdBgorBgEEAYO/MAELBA8MDWdpdGh1Yi1ob3N0ZWQwQAYKKwYBBAGDvzABDAQyDDBodHRwczovL2dpdGh1Yi5jb20vdHJhaWxvZmJpdHMvcHlwaS1hdHRlc3RhdGlvbnMwOAYKKwYBBAGDvzABDQQqDCgwODgwMmVmZTFmOGU1ZmVjNGFkODQyZDZiOGNlOTc2NTYwOTJlZTcyMCEGCisGAQQBg78wAQ4EEwwRcmVmcy90YWdzL3YwLjAuMTkwGQYKKwYBBAGDvzABDwQLDAk3NzIyNDc0MjMwLgYKKwYBBAGDvzABEAQgDB5odHRwczovL2dpdGh1Yi5jb20vdHJhaWxvZmJpdHMwFwYKKwYBBAGDvzABEQQJDAcyMzE0NDIzMHAGCisGAQQBg78wARIEYgxgaHR0cHM6Ly9naXRodWIuY29tL3RyYWlsb2ZiaXRzL3B5cGktYXR0ZXN0YXRpb25zLy5naXRodWIvd29ya2Zsb3dzL3JlbGVhc2UueW1sQHJlZnMvdGFncy92MC4wLjE5MDgGCisGAQQBg78wARMEKgwoMDg4MDJlZmUxZjhlNWZlYzRhZDg0MmQ2YjhjZTk3NjU2MDkyZWU3MjAXBgorBgEEAYO/MAEUBAkMB3JlbGVhc2UwZAYKKwYBBAGDvzABFQRWDFRodHRwczovL2dpdGh1Yi5jb20vdHJhaWxvZmJpdHMvcHlwaS1hdHRlc3RhdGlvbnMvYWN0aW9ucy9ydW5zLzEyMTY5OTg5Nzg3L2F0dGVtcHRzLzEwFgYKKwYBBAGDvzABFgQIDAZwdWJsaWMwgYsGCisGAQQB1nkCBAIEfQR7AHkAdwDdPTBqxscRMmMZHhyZZzcCokpeuN48rf+HinKALynujgAAAZOT83R+AAAEAwBIMEYCIQC0Kd2TxQr+XARU9xumyXKYhaJKqgGn2Pp4IfiWZJE5zAIhAP9YENWSE3IoLFlnpCYdEts8bRHQyfDbII8/5ZIafXI7MAoGCCqGSM49BAMDA2cAMGQCMG2dTlWaNiDoEyhW9CgBXk9Tw6UoMULill2oG0z7+G6NY0NVYT8sGBxcjt0WN04pJQIwTfLv+Q0uFe5VxGoMmyaIuvCcTk0LZEnOx8rbm9uWx1mAOCpoG3IUo5so+r8CiBvw","transparency_entries":[{"logIndex":"153454647","logId":{"keyId":"wNI9atQGlz+VWfO6LRygH4QUfY/8W4RFwiT5i5WRgB0="},"kindVersion":{"kind":"dsse","version":"0.0.1"},"integratedTime":"1733354026","inclusionPromise":{"signedEntryTimestamp":"MEQCIBZa0QFH2bQdHPVzDuXB3wD9xhD5+bSRkcnKwUJlvSimAiAnVBlHJ6C2kjCxlRaWEnRKFPnfT7bQdPOX4zlvin4qhg=="},"inclusionProof":{"logIndex":"31550385","rootHash":"n8apOsmrZJCWBvMSN7+1QZUx/1bAIyrkU1yA7ALI/OE=","treeSize":"31550386","hashes":["oRU9kC1iRU4CSImgvF5RGA5TrN/6o2RlJmwefuaHUL8=","lfWdMc8jC01GhVso+yFbpu0d/1vRWE7UTNm8eeYlHs8=","ilx1qUMsKu7l7vLXMVVej9m7N5HaZyyvWli0IVr1hfA=","PcaivMMXf/sp7holRDnainZ7CqkhfGbumRzqHBLORyo=","QmGjL5m3QfWxTeS1DSKdcZi1Cb/kXHez6zUQJFM+6No=","RzzP82vxkFlwbK42drRrLKdQO7cU4TutI9RH4GZWqmc=","T180VQg42xooybP3Nj9QuoOWlDWbbaQ4n4S2wWmwsSc=","hABDIJpRLjWOq3nQy0+WmZvudV2qvqHNysU41bEne1Q=","pDqPuFyZgsegAtT2zcnZSet9YAZExTulHeEunQ5/LRg=","Q+viUQ+8PPr3Ck1WOMcjETEmAMGVbNDvGlSy6G/aFAI=","R7hO1X+KgSw8Oojd8i2+G3BzBYztkRBE6LpYSXPg33U=","oOecFfN3YqDOkbijS/ej1WF5Da/Gt/AZNhbwE9uoOE8=","4lUF0YOu9XkIDXKXA0wMSzd6VeDY3TZAgmoOeWmS2+Y=","gf+9m552B3PnkWnO0o4KdVvjcT3WVHLrCbf1DoVYKFw="],"checkpoint":{"envelope":"rekor.sigstore.dev - 1193050959916656506\n31550386\nn8apOsmrZJCWBvMSN7+1QZUx/1bAIyrkU1yA7ALI/OE=\n\n— rekor.sigstore.dev wNI9ajBGAiEAkx5uYofu324HAjvOQPiR2KIJIri6xssROT/uyvTut90CIQCMGpM2mVwa3U5+jYEXGE4uaCqaJ+nbWK4STjZAc//+kQ==\n"}},"canonicalizedBody":"eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiZHNzZSIsInNwZWMiOnsiZW52ZWxvcGVIYXNoIjp7ImFsZ29yaXRobSI6InNoYTI1NiIsInZhbHVlIjoiODJhZThhMDBlNjc1ZjE0ODk1MGNlZGNmODMyM2FiN2MzZjc3ZGU0NDMwNzZlZDdmODA4MDc1NzA3MDFhYWQzNiJ9LCJwYXlsb2FkSGFzaCI6eyJhbGdvcml0aG0iOiJzaGEyNTYiLCJ2YWx1ZSI6Ijg3ZDgyOTQ4N2JjNjlhNzhlZDQxZWY0ZDY0Nzk4Y2U1NzI4YjQ1ZmY4MTI0Mzg0M2Y3ZjY1M2NiYTBmMjRhNWQifSwic2lnbmF0dXJlcyI6W3sic2lnbmF0dXJlIjoiTUVZQ0lRREhSNk1hY3hKY3JXL1NaQ0JqaXY0T1hsSEJDQWNyRG9SNWlqdXVDOXlVMFFJaEFNMFJwTXNDN29rbnd2UDU2MlYrTmtRVEJxQ0hVUjlGc3kwT0FPNSs5WlVpIiwidmVyaWZpZXIiOiJMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VjdmFrTkRRbTlYWjBGM1NVSkJaMGxWWVdSbGQxZHZkMUVyZFhwb2QyRjBlazU1VG5kMU5uTm1aMkZGZDBObldVbExiMXBKZW1vd1JVRjNUWGNLVG5wRlZrMUNUVWRCTVZWRlEyaE5UV015Ykc1ak0xSjJZMjFWZFZwSFZqSk5ValIzU0VGWlJGWlJVVVJGZUZaNllWZGtlbVJIT1hsYVV6RndZbTVTYkFwamJURnNXa2RzYUdSSFZYZElhR05PVFdwUmVFMXFRVEJOYWsxNFRYcFJNbGRvWTA1TmFsRjRUV3BCTUUxcVRYbE5lbEV5VjJwQlFVMUdhM2RGZDFsSUNrdHZXa2w2YWpCRFFWRlpTVXR2V2tsNmFqQkVRVkZqUkZGblFVVkNWRGQ2UjFSaVRXcHVNa1p2VlZCMGNVMXdUMVJVZDFNeVptTTFkSGczU21oNFZsTUtTVzFSV2k4elZqaERaM2hIV0VzM1ZXRlZXblJIT1c4d1dVRkRlbmQ0VEV0amRXVkZNSGRuY3poV1drZDRNbTAxYTJGUFEwSmhVWGRuWjFkblRVRTBSd3BCTVZWa1JIZEZRaTkzVVVWQmQwbElaMFJCVkVKblRsWklVMVZGUkVSQlMwSm5aM0pDWjBWR1FsRmpSRUY2UVdSQ1owNVdTRkUwUlVablVWVXhOWFZxQ2tzNWNIbHVLM1pZVjI1M1JESmpOa3RsYW1STk5HdzRkMGgzV1VSV1VqQnFRa0puZDBadlFWVXpPVkJ3ZWpGWmEwVmFZalZ4VG1wd1MwWlhhWGhwTkZrS1drUTRkMkpuV1VSV1VqQlNRVkZJTDBKSFVYZFpiMXBuWVVoU01HTklUVFpNZVRsdVlWaFNiMlJYU1hWWk1qbDBURE5TZVZsWGJITmlNbHBwWVZoU2VncE1NMEkxWTBkcmRGbFlVakJhV0U0d1dWaFNjR0l5TlhwTWVUVnVZVmhTYjJSWFNYWmtNamw1WVRKYWMySXpaSHBNTTBwc1lrZFdhR015VlhWbFZ6RnpDbEZJU214YWJrMTJaRWRHYm1ONU9USk5RelIzVEdwRk5VMUVhMGREYVhOSFFWRlJRbWMzT0hkQlVVVkZTekpvTUdSSVFucFBhVGgyWkVjNWNscFhOSFVLV1ZkT01HRlhPWFZqZVRWdVlWaFNiMlJYU2pGak1sWjVXVEk1ZFdSSFZuVmtRelZxWWpJd2QwWlJXVXRMZDFsQ1FrRkhSSFo2UVVKQloxRklZMjFXY3dwYVYwWjZXbFJCTWtKbmIzSkNaMFZGUVZsUEwwMUJSVVJDUTJkM1QwUm5kMDF0Vm0xYVZFWnRUMGRWTVZwdFZtcE9SMFpyVDBSUmVWcEVXbWxQUjA1c0NrOVVZekpPVkZsM1QxUktiRnBVWTNsTlFsVkhRMmx6UjBGUlVVSm5OemgzUVZGUlJVSXpTbXhpUjFab1l6SlZkMHQzV1V0TGQxbENRa0ZIUkhaNlFVSUtRbEZSWkdSSVNtaGhWM2gyV20xS2NHUklUWFpqU0d4M1lWTXhhR1JJVW14ak0xSm9aRWRzZG1KdVRYZElkMWxMUzNkWlFrSkJSMFIyZWtGQ1FtZFJVZ3BqYlZadFkzazVNRmxYWkhwTU0xbDNUR3BCZFUxVWEzZFBkMWxMUzNkWlFrSkJSMFIyZWtGQ1EwRlJkRVJEZEc5a1NGSjNZM3B2ZGt3elVuWmhNbFoxQ2t4dFJtcGtSMngyWW01TmRWb3liREJoU0ZacFpGaE9iR050VG5aaWJsSnNZbTVSZFZreU9YUk5TRUZIUTJselIwRlJVVUpuTnpoM1FWRnJSVmxuZUdjS1lVaFNNR05JVFRaTWVUbHVZVmhTYjJSWFNYVlpNamwwVEROU2VWbFhiSE5pTWxwcFlWaFNla3d6UWpWalIydDBXVmhTTUZwWVRqQlpXRkp3WWpJMWVncE1lVFZ1WVZoU2IyUlhTWFprTWpsNVlUSmFjMkl6WkhwTU0wcHNZa2RXYUdNeVZYVmxWekZ6VVVoS2JGcHVUWFprUjBadVkzazVNazFETkhkTWFrVTFDazFFWjBkRGFYTkhRVkZSUW1jM09IZEJVVzlGUzJkM2IwMUVaelJOUkVwc1dtMVZlRnBxYUd4T1YxcHNXWHBTYUZwRVp6Qk5iVkV5V1dwb2FscFVhek1LVG1wVk1rMUVhM2xhVjFVelRXcEJaRUpuYjNKQ1owVkZRVmxQTDAxQlJVeENRVGhOUkZka2NHUkhhREZaYVRGdllqTk9NRnBYVVhkUlFWbExTM2RaUWdwQ1FVZEVkbnBCUWtSQlVYbEVSRUp2WkVoU2QyTjZiM1pNTW1Sd1pFZG9NVmxwTldwaU1qQjJaRWhLYUdGWGVIWmFiVXB3WkVoTmRtTkliSGRoVXpGb0NtUklVbXhqTTFKb1pFZHNkbUp1VFhkUFFWbExTM2RaUWtKQlIwUjJla0ZDUkZGUmNVUkRaM2RQUkdkM1RXMVdiVnBVUm0xUFIxVXhXbTFXYWs1SFJtc0tUMFJSZVZwRVdtbFBSMDVzVDFSak1rNVVXWGRQVkVwc1dsUmplVTFEUlVkRGFYTkhRVkZSUW1jM09IZEJVVFJGUlhkM1VtTnRWbTFqZVRrd1dWZGtlZ3BNTTFsM1RHcEJkVTFVYTNkSFVWbExTM2RaUWtKQlIwUjJla0ZDUkhkUlRFUkJhek5PZWtsNVRrUmpNRTFxVFhkTVoxbExTM2RaUWtKQlIwUjJla0ZDQ2tWQlVXZEVRalZ2WkVoU2QyTjZiM1pNTW1Sd1pFZG9NVmxwTldwaU1qQjJaRWhLYUdGWGVIWmFiVXB3WkVoTmQwWjNXVXRMZDFsQ1FrRkhSSFo2UVVJS1JWRlJTa1JCWTNsTmVrVXdUa1JKZWsxSVFVZERhWE5IUVZGUlFtYzNPSGRCVWtsRldXZDRaMkZJVWpCalNFMDJUSGs1Ym1GWVVtOWtWMGwxV1RJNWRBcE1NMUo1V1Zkc2MySXlXbWxoV0ZKNlRETkNOV05IYTNSWldGSXdXbGhPTUZsWVVuQmlNalY2VEhrMWJtRllVbTlrVjBsMlpESTVlV0V5V25OaU0yUjZDa3d6U214aVIxWm9ZekpWZFdWWE1YTlJTRXBzV201TmRtUkhSbTVqZVRreVRVTTBkMHhxUlRWTlJHZEhRMmx6UjBGUlVVSm5OemgzUVZKTlJVdG5kMjhLVFVSbk5FMUVTbXhhYlZWNFdtcG9iRTVYV214WmVsSm9Xa1JuTUUxdFVUSlphbWhxV2xSck0wNXFWVEpOUkd0NVdsZFZNMDFxUVZoQ1oyOXlRbWRGUlFwQldVOHZUVUZGVlVKQmEwMUNNMHBzWWtkV2FHTXlWWGRhUVZsTFMzZFpRa0pCUjBSMmVrRkNSbEZTVjBSR1VtOWtTRkozWTNwdmRrd3laSEJrUjJneENsbHBOV3BpTWpCMlpFaEthR0ZYZUhaYWJVcHdaRWhOZG1OSWJIZGhVekZvWkVoU2JHTXpVbWhrUjJ4MlltNU5kbGxYVGpCaFZ6bDFZM2s1ZVdSWE5Yb0tUSHBGZVUxVVdUVlBWR2MxVG5wbk0wd3lSakJrUjFaMFkwaFNla3g2UlhkR1oxbExTM2RaUWtKQlIwUjJla0ZDUm1kUlNVUkJXbmRrVjBwellWZE5kd3BuV1hOSFEybHpSMEZSVVVJeGJtdERRa0ZKUldaUlVqZEJTR3RCWkhkRVpGQlVRbkY0YzJOU1RXMU5Xa2hvZVZwYWVtTkRiMnR3WlhWT05EaHlaaXRJQ21sdVMwRk1lVzUxYW1kQlFVRmFUMVE0TTFJclFVRkJSVUYzUWtsTlJWbERTVkZETUV0a01sUjRVWElyV0VGU1ZUbDRkVzE1V0V0WmFHRktTM0ZuUjI0S01sQndORWxtYVZkYVNrVTFla0ZKYUVGUU9WbEZUbGRUUlROSmIweEdiRzV3UTFsa1JYUnpPR0pTU0ZGNVprUmlTVWs0THpWYVNXRm1XRWszVFVGdlJ3cERRM0ZIVTAwME9VSkJUVVJCTW1OQlRVZFJRMDFITW1SVWJGZGhUbWxFYjBWNWFGYzVRMmRDV0dzNVZIYzJWVzlOVlV4cGJHd3liMGN3ZWpjclJ6Wk9DbGt3VGxaWlZEaHpSMEo0WTJwME1GZE9NRFJ3U2xGSmQxUm1USFlyVVRCMVJtVTFWbmhIYjAxdGVXRkpkWFpEWTFSck1FeGFSVzVQZURoeVltMDVkVmNLZURGdFFVOURjRzlITTBsVmJ6VnpieXR5T0VOcFFuWjNDaTB0TFMwdFJVNUVJRU5GVWxSSlJrbERRVlJGTFMwdExTMEsifV19fQ=="}]},"envelope":{"statement":"eyJfdHlwZSI6Imh0dHBzOi8vaW4tdG90by5pby9TdGF0ZW1lbnQvdjEiLCJzdWJqZWN0IjpbeyJuYW1lIjoicHlwaV9hdHRlc3RhdGlvbnMtMC4wLjE5LnRhci5neiIsImRpZ2VzdCI6eyJzaGEyNTYiOiI5YmIxYWRkMDRiMWI0ZTE4MmJlNmIwYjgwOTMxNTkzZjdhMjkxZWI0OWQ2OWI0ZmQ3MjhhNWQ0Y2JjZGM0YmQzIn19XSwicHJlZGljYXRlVHlwZSI6Imh0dHBzOi8vc2xzYS5kZXYvcHJvdmVuYW5jZS92MSIsInByZWRpY2F0ZSI6eyJidWlsZERlZmluaXRpb24iOnsiYnVpbGRUeXBlIjoiaHR0cHM6Ly9hY3Rpb25zLmdpdGh1Yi5pby9idWlsZHR5cGVzL3dvcmtmbG93L3YxIiwiZXh0ZXJuYWxQYXJhbWV0ZXJzIjp7IndvcmtmbG93Ijp7InJlZiI6InJlZnMvdGFncy92MC4wLjE5IiwicmVwb3NpdG9yeSI6Imh0dHBzOi8vZ2l0aHViLmNvbS90cmFpbG9mYml0cy9weXBpLWF0dGVzdGF0aW9ucyIsInBhdGgiOiIuZ2l0aHViL3dvcmtmbG93cy9yZWxlYXNlLnltbCJ9fSwiaW50ZXJuYWxQYXJhbWV0ZXJzIjp7ImdpdGh1YiI6eyJldmVudF9uYW1lIjoicmVsZWFzZSIsInJlcG9zaXRvcnlfaWQiOiI3NzIyNDc0MjMiLCJyZXBvc2l0b3J5X293bmVyX2lkIjoiMjMxNDQyMyIsInJ1bm5lcl9lbnZpcm9ubWVudCI6ImdpdGh1Yi1ob3N0ZWQifX0sInJlc29sdmVkRGVwZW5kZW5jaWVzIjpbeyJ1cmkiOiJnaXQraHR0cHM6Ly9naXRodWIuY29tL3RyYWlsb2ZiaXRzL3B5cGktYXR0ZXN0YXRpb25zQHJlZnMvdGFncy92MC4wLjE5IiwiZGlnZXN0Ijp7ImdpdENvbW1pdCI6IjA4ODAyZWZlMWY4ZTVmZWM0YWQ4NDJkNmI4Y2U5NzY1NjA5MmVlNzIifX1dfSwicnVuRGV0YWlscyI6eyJidWlsZGVyIjp7ImlkIjoiaHR0cHM6Ly9naXRodWIuY29tL3RyYWlsb2ZiaXRzL3B5cGktYXR0ZXN0YXRpb25zLy5naXRodWIvd29ya2Zsb3dzL3JlbGVhc2UueW1sQHJlZnMvdGFncy92MC4wLjE5In0sIm1ldGFkYXRhIjp7Imludm9jYXRpb25JZCI6Imh0dHBzOi8vZ2l0aHViLmNvbS90cmFpbG9mYml0cy9weXBpLWF0dGVzdGF0aW9ucy9hY3Rpb25zL3J1bnMvMTIxNjk5ODk3ODcvYXR0ZW1wdHMvMSJ9fX19","signature":"MEYCIQDHR6MacxJcrW/SZCBjiv4OXlHBCAcrDoR5ijuuC9yU0QIhAM0RpMsC7oknwvP562V+NkQTBqCHUR9Fsy0OAO5+9ZUi"}}
diff --git a/test/test_cli.py b/test/test_cli.py
index a224fbe..1d361ad 100644
--- a/test/test_cli.py
+++ b/test/test_cli.py
@@ -33,6 +33,7 @@
 artifact_path = _ASSETS / "pypi_attestations-0.0.19.tar.gz"
 publish_attestation_identity = "https://github.com/trailofbits/pypi-attestations/.github/workflows/release.yml@refs/tags/v0.0.19"
 publish_attestation_path = _ASSETS / "pypi_attestations-0.0.19.tar.gz.publish.attestation"
+slsa_attestation_path = _ASSETS / "pypi_attestations-0.0.19.tar.gz.slsa.attestation"
 
 pypi_wheel_url = "https://files.pythonhosted.org/packages/70/f5/324edb6a802438e97e289992a41f81bb7a58a1cda2e49439e7e48896649e/sigstore-3.6.1-py3-none-any.whl"
 pypi_sdist_url = "https://files.pythonhosted.org/packages/db/89/b982115aabe1068fd581d83d2a0b26b78e1e7ce6184e75003d173e15c0b3/sigstore-3.6.1.tar.gz"
@@ -224,6 +225,7 @@ def test_verify_attestation_command(caplog: pytest.LogCaptureFixture) -> None:
         ]
     )
     assert f"OK: {publish_attestation_path.as_posix()}" in caplog.text
+    assert f"OK: {slsa_attestation_path.as_posix()}" in caplog.text
 
     caplog.clear()
 
@@ -295,7 +297,7 @@ def test_verify_attestation_missing_attestation(caplog: pytest.LogCaptureFixture
                 ]
             )
 
-    assert "is not a file." in caplog.text
+    assert f"Couldn't find attestations for file {f.name}" in caplog.text
 
 
 def test_verify_attestation_invalid_artifact(