Have you tried looking at the USOBT and USOBX tables?
The USOBT table lists the auth objects which are associated with the Tcode (name field) while the USOBX lists the object which are maintained and have auth checks happen. The ones marked Y in OKFLAG column are those for which by default auth check happens and with X are those object which are maintained through su24 for authority check
Hope this helps you get your report going,
Geoffery