Cisco’s best practice is to only configure PERMIT ACE’s.
The same configuration is used for hosts to originate a connection to the mapped address. If a host on the 126.96.36.199/28 network initiates the connection to 192.168.1.22, that that host becomes the source.
One last thing. If you want to translate /24 networks, the ASA will translate the .0 and .255 addresses. To prevent this, make sure you configure an ACL to deny access.
For example, the following policy static NAT example shows a single REAL address that is translated to two MAPPED addresses depending on the destination address:
The following translates the REAL address 10.1.1.22 to the MAPPED address 188.8.131.52 when 10.1.1.22 sends traffic to the 184.108.40.206/28 network.
The following also translates the REAL address 10.1.1.22 to the MAPPED address 220.127.116.11 when 10.1.1.22 sends traffic to the 18.104.22.168/28 network: