diff --git a/ROADMAP.md b/ROADMAP.md
index ed3d4b5da..e10bf28b0 100644
--- a/ROADMAP.md
+++ b/ROADMAP.md
@@ -1,49 +1,57 @@
 Roadmap
 =======
 
-These are the themes that we plan to work on for cert-manager. If you wish
-to discuss these topics you can find us in #cert-manager on Kubernetes Slack, or
-at our [community meetings](https://cert-manager.io/docs/contributing/#meetings).
+The roadmap items are categorised into themes based on the larger goals we want to achieve with cert-manager.
 
-The roadmap items are categorized in to themes based on the larger goals we
-want to achieve with cert-manager.
 
-While this is a summary of the direction we want to go, we welcome all PRs,
-even if they don't fall under any of the roadmap items.
+While this is a summary of the direction we want to go, we welcome all PRs, even if they don't fall under any of the roadmap items.
 
-* Beyond Ingress: improve experience of cert-manager for applications beyond just
-  ingress certificates
-  * Service Mesh Integration: Enable service meshes to issue mTLS certificates
-    with cert-manager, getting the integration with external issuers and the
-    audit capabilities of cert-manager in their mesh
-  * Istio agent certificates issued via cert-manager
-  * CSI driver: seamlessly deliver unique certs + keys to workloads. Review the
-    prototype that we have for this and do a proper release.
-* Adoption of upstream APIs: continue to support latest APIs for k8s upstream
-  * k8s APIs: keep up to date with Kubernetes API changes and releases
-  * CSR API: support CSR API as a standard for certificate requests in kubernetes
-* Policy: allowing granular control over certificate issuance
-  * Extensible primitives within cert-manager for defining policy for
-    acceptable CertificateRequests
-* Extensibility: widen the scope of integrations with cert-manager
-  * [EST support](https://tools.ietf.org/html/rfc7030): support a standard for
-    ACME-like issuance within an enterprise
-  * External DNS plugin: enable ACME DNS01 requests to be completed using external-dns
-  * OpenShift Routes support: provide similar capabilities to Ingress for
-    issuing certs
-  * Improve external issuer development experience: documentation and examples
-    for people developing external issuers
-* PKI lifecycle: enable best-practice PKI management with cert-manager
-  * Handle CA cert being renewed: deal with the cases where the CA cert is
-    renewed and allow for all signed certs to be renewed
-  * Trust root distribution: handle distributing all trust roots within a
-    cluster, allowing for certs to be verified within a cluster
-* Improve developer and operator experience: better user experience
-  for installation, operation and use with applications
-  * Easier installation of cert-manager: improve the installation experience
-    through docs and in other ways
-        * Tooling to install and upgrade cert-manager (improved operators? CLI tool?)
-        * Tooling to verify an installation is correct/secure
-  * Easier diagnosis of problems: improve the cert-manager output to make the
-    status clearer, and provide tools to aid debugging
-  * Improve the new contributor experience
+
+### Integration with other projects in the cloud-native landscape
+
+cert-manager should be able to deliver and manage X.509 certificates to popular
+projects in the cloud-native ecosystem.
+
+- Service Mesh Integration: While we have
+good Istio and Open Service Mesh integration, expand to other projects such as
+Linkerd, cilium
+
+### Adoption of upstream APIs
+
+Continue to support latest APIs for upstream K8s and related SIGs.
+
+- Kubernetes APIs: keep up to date with Kubernetes API changes and release cadence
+- CSR API: support the sig-auth CSR API for certificate requests in kubernetes
+- Trust Anchor Sets
+- Gateway API
+
+### Extensibility
+
+Widen the scope of integrations with cert-manager.
+
+- EST support: support a standard for ACME-like issuance within an enterprise
+- External DNS plugin: enable ACME DNS01 requests to be completed using external-dns
+- Improve external issuer development experience: documentation and examples for people developing external issuers
+
+### PKI lifecycle
+
+Enable best-practice PKI management with cert-manager.
+
+- Handle CA cert being renewed: deal with the cases where the CA cert is renewed and allow for all signed certs to be renewed
+- Make cert-manager a viable way to create and manage private PKI deployments at scale
+- Trust root distribution:handle distributing all trust roots within a cluster, allowing for certs to be verified within a cluster
+(See [cert-manager/trust](https://cert-manager.io/docs/projects/trust/))
+
+### End-user experience
+
+- Graduate alpha / beta features in good time:
+  - SIG-Auth CSR API support
+  - SIG-Network Gateway API support
+- Easier diagnosis of problems: improve the cert-manager output to make the status clearer, and provide tools to aid debugging
+- Improve the new contributor experience
+
+### Developer experience
+
+- Better user experience for installation, operation and use with applications
+- Zero test flakiness and increased testing confidence
+- Improve release process by adding more automation