Hi Deepthi,
1. Go to Transaction SU21 and find the authorization object.In your case it is AUTH_OBJ.
2. When you display authorization object you can see the all the Authorization fields under that Authorization object.
: 
3. Go to the SU20 transaction for displaying authorizaiton fields, we can maintain possible values at the Domain level value Range Tab . You can maintain fixed values or at the value table level.
.
4. For the Active_auth field in my example values are taken from the Value table.
At the domain level Activ_auth has value table see the screen shot
SImilarly for the other Authorization field it is also maintained at the Domain level, see the screen shot below,
so when you call Authorization check code, if in turn checks the authorization fields and if the value passed is in the range, it reutrns the sy-subrc value as 0 , which means authroization is accepted if sy-subrc is not equal to 0 means authroization failed.
so, in your code
authority-check object auth_obj
id lc_auth_cat field 'H' "Create
id FM_FIKRS field lv_fikrs
id FM_FICTR field lv_fistl.
chec the authorization fields lc_auth_cat domain level and find out the possible values , similarly for FM_FIKRS and FM_FICTR.
check sy-surc after the above code and implement your logic there.
Hope this helps for you.
Regards,
Ravikiran.K