In general, install a proxy which has its own certificate, resign every tls session with those keys, add the certificate of the proxy as a trusted certificate on your device.

I’m not familiar with off the shelf solutions for this that have ad blocking built in. Also ads are injected by JS so you need a mechanism to detect that.

More and more ads are now served from the same domain as the site making it harder to distinguish them from real content.