If both services are HTTP based, the typical way to do what you want is to simply have a front proxy (like Nginx) that based on “server_name” will proxy_pass to either backends.
However, if you don’t have to have the second port specifically 8090, the Cloudflare forwards other ports besides 8080 and 80: you also have 8880, 2052, 2082, 2086, 2095.
If it’s not HTTP based, Cloudflare cannot proxy it anyway, so you can just have the “orange cloud” turned off, and your real IP will be published and nothing is special, and it will work. No SRV required…
If however what you really want (which was not explicitly said in your opening message) is that port 80 (or https/443) to be accessed by your users and Cloudflare going to another port on the backend, I think that the only solution Cloudflare has to offer is this: Tunnel | Zero Trust App Connector. That one costs money though.
It’s probably cheaper to just switch to an ISP which provides “the whole Internet service”, and not a sub-set thereof (which in some countries may even be illegal due to net neutrality laws). Also, maybe they block 80 but not 443? If they allow 443, it’s also good for you (it’s actually better, because you’ll be able to make your connections secure)