According to 9to5Mac, the violation relates to section 4.2.1:
Apps should use APIs and frameworks for their intended purposes and indicate that integration in their app description. For example, the HomeKit framework should provide home automation services; and HealthKit should be used for health and fitness purposes and integrate with the Health app.
In other words, using VPN or root certificates to remove ads being displayed in apps is not using the "APIs and frameworks for their intended purposes" and are, as such, a no-no.
Apple has been quick to point out though that contrary to earlier reports, is not a change in policy, but instead just a case of Apple enforcing existing policies.
"This is not a new guideline," Apple said in a statement. "We have never allowed apps on the App Store that are designed to interfere with the performance or capabilities of other apps. We have always supported advertising as one of the many ways that developers can make money with apps."
That last part makes a lot of sense for Apple, since many of its developers rely on advertising to monetize apps, and app wants to maintain good relationships with developers (even if that means upsetting those in the adblocker business).
It has also been suggested that part of the reason for Apple suddenly removing these VPN-based adblockers is that they interfere with the ads that Apple itself is displaying in iOS 11's Apple News app.
Apple went on to say that it would be removing any similar apps it comes across that "may have snuck on to the App Store."
This means that the only adblocking feature available to developers is the Safari Content Blocker, which can only block web ads being displayed in the Safari browser.
It's unclear where this leaves apps such as Adblock and Weblock.