Well, I think I got it: the way of restriction was wrong.
When you turn editing on and get to the roles assigning page in your block, you should look at your administration block. Your see a category with 3 lines: "assign roles", "permissions", "check permissions". You are now in "assign roles" (it is bold). You need to go to "permissions". You will see the list of permissions for this block. Near each permission there are roles, which are allowed to have it in this block. You find the permission "view block" and click X near Guest (and other roles your need) - it (they) will disappear. To return them you click ➕ near the permission and choose the role you want to allow to have this permission in this block.
Now I remember, this is the way I did it some time ago, it MUST work. Sorry, I didn't understand that we should go this way from the beginning - we got some waste of time, so expensive in the beginning of the academic year.
And if it works - you can forget about those "prevent" and "prohibit" and reset them to default. And delete those local role assignments in the block that you made - normally you won't need them, normally you won't even remember about them - only managing the list of roles for each permission (function) in the block/activity/resource, which I described now.